www.obos.no Open in urlscan Pro
2620:1ec:bdf::64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://openbanking.obos.no/
Effective URL:
https://www.obos.no/bank
Submission Tags: hades
Submission: On October 23 via api (October 23rd 2024, 6:24:32 am UTC) from ES — Scanned from NO

Summary HTTP 82 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 82 HTTP transactions. The main IP is 2620:1ec:bdf::64, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.obos.no.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on August 6th 2024. Valid for: 6 months.

This is the only time www.obos.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	139.112.170.117 139.112.170.117	5619 (NO-TTSN-A...) (NO-TTSN-ASN1 TietoEVRY Norway)
1 55	2620:1ec:bdf::64 2620:1ec:bdf::64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2a02:26f0:350... 2a02:26f0:3500:880::523	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.120.62.213 34.120.62.213	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
11	2606:4700::68... 2606:4700::6812:572a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	195.154.197.238 195.154.197.238	12876 (Online SAS) (Online SAS)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
82	9

1 139.112.170.117 (Fredrikstad, Norway) 1 redirects

ASN5619 (NO-TTSN-ASN1 TietoEVRY Norway, NO)
PTR: tietoevry-owned-address-139-112-170-x.hidden-host.tietoevry.com

openbanking.obos.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 2620:1ec:bdf::64 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bank.obos.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.obos.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:3500:880::523 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.62.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.62.120.34.bc.googleusercontent.com

o4507446359097344.ingest.de.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)

stm.obos.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.154.197.238 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 195-154-197-238.lb.fr-par.scw.cloud

survey.skyra.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ingest.staging.skyra.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	obos.no 2 redirects openbanking.obos.no bank.obos.no www.obos.no stm.obos.no	1 MB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	186 KB
10	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2653	499 KB
2	skyra.no survey.skyra.no — Cisco Umbrella Rank: 826565 ingest.staging.skyra.no — Cisco Umbrella Rank: 668072	84 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116	64 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 498	309 B
1	sentry.io o4507446359097344.ingest.de.sentry.io	300 B
0	amplitude.com Failed cdn.eu.amplitude.com Failed
82	8

	Domain	Requested by
54	www.obos.no	www.obos.no
11	cdn.cookielaw.org	stm.obos.no www.obos.no cdn.cookielaw.org
10	res.cloudinary.com	www.obos.no
1	pagead2.googlesyndication.com	stm.obos.no
1	geolocation.onetrust.com	www.obos.no
1	ingest.staging.skyra.no	www.obos.no
1	survey.skyra.no	www.obos.no
1	stm.obos.no	www.obos.no
1	o4507446359097344.ingest.de.sentry.io	www.obos.no
1	bank.obos.no	1 redirects
1	openbanking.obos.no	1 redirects
0	cdn.eu.amplitude.com Failed	stm.obos.no
82	12

This site contains links to these domains. Also see Links.

Domain
www.finansportalen.no
www.facebook.com
www.instagram.com
www.linkedin.com
www.tiktok.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.obos.no GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-08-06` - `2025-02-06`	6 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-12-18` - `2025-01-13`	a year	crt.sh
ingest.de.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-03` - `2025-08-03`	a year	crt.sh
stm.obos.no WR3	`2024-09-29` - `2024-12-28`	3 months	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
skyra.no R11	`2024-09-08` - `2024-12-07`	3 months	crt.sh
geolocation.onetrust.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.obos.no/bank
Frame ID: 7747820200D9E4EEF9B58BC632D7A212
Requests: 82 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OBOS-banken – Banken for hele familien

Page URL History Show full URLs

http://openbanking.obos.no/ HTTP 307
https://openbanking.obos.no/ HTTP 302
https://bank.obos.no/om-obos-banken/open-banking/ HTTP 308
https://www.obos.no/bank Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

82
Requests

99 %
HTTPS

56 %
IPv6

8
Domains

12
Subdomains

9
IPs

4
Countries

1949 kB
Transfer

4410 kB
Size

5
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.finansportalen.no/bank/
Title: Sammenlign prisene våre med andre selskaper på Finansportalen.no

Search URL Search Domain Scan URL

URL: https://www.facebook.com/obosmedlem/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/obos/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/obos/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@obosnorge
Title: TikTok

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://openbanking.obos.no/ HTTP 307
https://openbanking.obos.no/ HTTP 302
https://bank.obos.no/om-obos-banken/open-banking/ HTTP 308
https://www.obos.no/bank Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

82 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request bank Show response
www.obos.no/
Redirect Chain

http://openbanking.obos.no/
https://openbanking.obos.no/
https://bank.obos.no/om-obos-banken/open-banking/
https://www.obos.no/bank

94 KB
22 KB

364ms
191ms

Document
text/html

2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Next.js

Resource Hash

a58bffb604a00cb1639bf47332f6eacb902ef92011211cf68ceecb9705edb687

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
content-type: text/html; charset=utf-8
date: Wed, 23 Oct 2024 06:24:25 GMT
link: </bank/_next/static/media/4030f62974b1a45d-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </bank/_next/static/media/add714ee36427fcd-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </bank/_next/static/media/e2b12f79e25fe62e-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </bank/_next/static/media/e63f44471ed1cd49-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2"
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-azure-ref: 20241023T062425Z-r198b4d675bv4s45ybks0svksw0000000820000000007byd
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-powered-by: Next.js

Redirect headers

content-length: 0
date: Wed, 23 Oct 2024 06:24:25 GMT
location: https://www.obos.no/bank
x-azure-ref: 20241023T062425Z-17fcd6b6466prqbq3u2c4q4dcg00000007cg00000000fvsq
x-cache: CONFIG_NOCACHE

GET
H2 200 4030f62974b1a45d-s.p.woff2
www.obos.no/bank/_next/static/media/ 31 KB
33 KB 197ms
196ms Font
font/woff2 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/media/4030f62974b1a45d-s.p.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1260f44da47fae5391cd69b690b263e419740090eda5dd4ebb0241e6c8a1df6e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.obos.no
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
etag: W/"7b4c-1929028dc90"
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
x-cache: TCP_HIT
content-length: 31564
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: font/woff2
last-modified: Tue, 15 Oct 2024 12:30:50 GMT
x-azure-ref: 20241023T062425Z-r198b4d675bv4s45ybks0svksw0000000820000000007byr

GET
H2 200 add714ee36427fcd-s.p.woff2
www.obos.no/bank/_next/static/media/ 30 KB
32 KB 200ms
199ms Font
font/woff2 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/media/add714ee36427fcd-s.p.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ed7fa8bd71c14748529620de417943a862a92464706ab7ad2d4b19e1bb68295b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.obos.no
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
etag: W/"7780-1929028dc90"
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
x-cache: TCP_HIT
content-length: 30592
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: font/woff2
last-modified: Tue, 15 Oct 2024 12:30:50 GMT
x-azure-ref: 20241023T062425Z-r198b4d675bv4s45ybks0svksw0000000820000000007bys

GET
H2 200 e2b12f79e25fe62e-s.p.woff2
www.obos.no/bank/_next/static/media/ 32 KB
34 KB 200ms
200ms Font
font/woff2 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/media/e2b12f79e25fe62e-s.p.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

746936b90b6cb862bf76c42cace40bff6a5b5310b5a902703208abcec00069cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.obos.no
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
etag: W/"7e88-1929028dc90"
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
x-cache: TCP_HIT
content-length: 32392
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: font/woff2
last-modified: Tue, 15 Oct 2024 12:30:50 GMT
x-azure-ref: 20241023T062425Z-r198b4d675bv4s45ybks0svksw0000000820000000007byt

GET
H2 200 e63f44471ed1cd49-s.p.woff2
www.obos.no/bank/_next/static/media/ 31 KB
33 KB 200ms
200ms Font
font/woff2 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/media/e63f44471ed1cd49-s.p.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

300d794e6180829d85025f325bcad8702e044b7a9f18d92f75340b839cf01384

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.obos.no
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
etag: W/"7be4-1929028dc90"
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
x-cache: TCP_HIT
content-length: 31716
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: font/woff2
last-modified: Tue, 15 Oct 2024 12:30:50 GMT
x-azure-ref: 20241023T062425Z-r198b4d675bv4s45ybks0svksw0000000820000000007byu

GET
H2 200 obos_apple_pay_005.jpg
res.cloudinary.com/obosit-prd-ch-clry/image/upload/ar_1.234,w_1440,f_auto,q_auto,g_auto,c_fill/v1708509602/OBOS-banken/Tips%20og%20r%C3%A5d/ 109 KB
110 KB 246ms
62ms Image
image/webp 2a02:26f0:3500:880::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/obosit-prd-ch-clry/image/upload/ar_1.234,w_1440,f_auto,q_auto,g_auto,c_fill/v1708509602/OBOS-banken/Tips%20og%20r%C3%A5d/obos_apple_pay_005.jpg

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:880::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

7be6a05c22bec6156886d0c030924043acf7b503464c98215b66201acb49b619

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag: "992af5ee878cf181f5a085435c8d8160"
x-content-type-options: nosniff
server-timing: cld-akam;dur=12;start=2024-10-23T06:24:26.179Z;desc=hit-near,rtt;dur=47,content-info;desc="width=1440,height=1167,bytes=112116,owidth=4182,oheight=2793,obytes=5405346,ef=(1,11,13,17,23)"
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: image/webp
content-disposition: inline; filename="obos_apple_pay_005.webp"
vary: Accept,User-Agent,Save-Data
last-modified: Wed, 21 Feb 2024 10:05:13 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 112116
server: Cloudinary

GET
H2 200 Forbrukerfrue_hovedbilde2.jpg
res.cloudinary.com/obosit-prd-ch-clry/image/upload/ar_1.234,w_1440,f_auto,q_auto,g_auto,c_fill/v1692704773/OBOS-banken/Tips%20og%20r%C3%A5d/ 69 KB
70 KB 229ms
62ms Image
image/webp 2a02:26f0:3500:880::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/obosit-prd-ch-clry/image/upload/ar_1.234,w_1440,f_auto,q_auto,g_auto,c_fill/v1692704773/OBOS-banken/Tips%20og%20r%C3%A5d/Forbrukerfrue_hovedbilde2.jpg

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:880::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

aabe32e9a8c63b1f93c2c3eea88a7486ad652035b0d7fa52d5d22bd1fdf0e127

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag: "09a79a53a65ab62bc7bad5ec4ba7bfbf"
x-content-type-options: nosniff
server-timing: cld-akam;dur=11;start=2024-10-23T06:24:26.179Z;desc=hit-near,rtt;dur=47,content-info;desc="width=1440,height=1167,bytes=70978,owidth=1166,oheight=779,obytes=106854"
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: image/webp
content-disposition: inline; filename="Forbrukerfrue_hovedbilde2.webp"
vary: Accept,User-Agent,Save-Data
last-modified: Fri, 13 Oct 2023 10:47:10 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 70978
server: Cloudinary

GET
H2 200 91450fdd9c449ada.css
www.obos.no/bank/_next/static/css/ 85 KB
21 KB 198ms
198ms Stylesheet
text/css 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/css/91450fdd9c449ada.css

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

56d121500915927141bac9e9cc3ceded7099485463644cf76a69fdb0d52c94aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"15278-1929028dc90"
x-azure-ref: 20241023T062425Z-r198b4d675bv4s45ybks0svksw0000000820000000007byv
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 cdbb375340ccdbaf.css
www.obos.no/bank/_next/static/css/ 1 KB
2 KB 198ms
198ms Stylesheet
text/css 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/css/cdbb375340ccdbaf.css

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

848ce6c4eb54e6dc1f6f1f9ef9ac4204a5eb050874a3daf03637395dca644092

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"414-1929028dc90"
x-azure-ref: 20241023T062425Z-r198b4d675bv4s45ybks0svksw0000000820000000007byw
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 webpack-1594b5a393aa1e05.js Show response
www.obos.no/bank/_next/static/chunks/ 4 KB
4 KB 220ms
212ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/webpack-1594b5a393aa1e05.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bccc48f54660fb5875ca9d39b687279152d42824cd771218da7eb9ffdd5c5f2e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"111f-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007byz
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 618f8807-70c57ae899b10c04.js Show response
www.obos.no/bank/_next/static/chunks/ 169 KB
67 KB 221ms
214ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/618f8807-70c57ae899b10c04.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

051d67456a308688ded113bb1899b2188b1e9ac1dd96f7e6a9bf70807e36bfd3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"2a479-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bz0
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 3829-43cd16ff80d87787.js Show response
www.obos.no/bank/_next/static/chunks/ 306 KB
114 KB 222ms
214ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7fce5fbe79ffe6e4c39a5080567f3b8e4dc3d2493c8d6041b92669b3b6ebb007

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"4c662-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bz1
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 main-app-d22c49bb1fe0dfd0.js Show response
www.obos.no/bank/_next/static/chunks/ 1 KB
3 KB 222ms
215ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/main-app-d22c49bb1fe0dfd0.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

59c75e8b810e3c18eacea045a66c7b080ae1a727b1784cb41e6a0402848b570b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"4e8-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bz2
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 7818-f28e5a341e830244.js Show response
www.obos.no/bank/_next/static/chunks/ 60 KB
28 KB 223ms
216ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/7818-f28e5a341e830244.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e657b67f10c919edb48c010fc4a0165808b494cef6bbb74e323db2b02da23703

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"ee86-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bz3
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 4542-ad20e76e6fc66c9d.js Show response
www.obos.no/bank/_next/static/chunks/ 6 KB
4 KB 223ms
216ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/4542-ad20e76e6fc66c9d.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7a2e9f6497b926fdded509d14384237a63c3408d6db325e29e3b87ce9531202d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"16d1-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bz4
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 8322-55d487eaf60768c9.js Show response
www.obos.no/bank/_next/static/chunks/ 7 KB
5 KB 224ms
217ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/8322-55d487eaf60768c9.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8230e9924b030f607a38ac7b3a14509feed327432ce6e6964885307d5e512b82

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"1afb-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bz5
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 5690-1b3e628fd47bbdcd.js Show response
www.obos.no/bank/_next/static/chunks/ 23 KB
10 KB 222ms
215ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/5690-1b3e628fd47bbdcd.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c3d8a75c9d5fef9437872fe9e85f04dd67f150c5b8d1cf73bd52cb3c3342a9a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"5a7c-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bz6
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 2444-51bdf157cdf58d79.js Show response
www.obos.no/bank/_next/static/chunks/ 22 KB
10 KB 227ms
220ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/2444-51bdf157cdf58d79.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f28b2cc504d8ca395db0e8e0c24d4c408184947051c91845daf3008e544b8a35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"58c8-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bz7
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 6705-3a15bfc8a1349f48.js Show response
www.obos.no/bank/_next/static/chunks/ 11 KB
7 KB 227ms
220ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/6705-3a15bfc8a1349f48.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

20ed68ede3751850aab0a59643f1c9f76843df3532028455e64cb2756f26292f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"2c3f-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bz8
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 5452-0a55df0cfd3df9b7.js Show response
www.obos.no/bank/_next/static/chunks/ 54 KB
22 KB 227ms
221ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/5452-0a55df0cfd3df9b7.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9e83394eddc69453112d889f195e5607f6f37bec5a38af20df9efd22523b485e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"d999-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bz9
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 global-error-fde06b3ee60f93a0.js Show response
www.obos.no/bank/_next/static/chunks/app/ 869 B
3 KB 227ms
221ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/app/global-error-fde06b3ee60f93a0.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7759279910ea1af50dcdf06994c44cba58afb9c02f1c7228bcc7a152a6093027

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
etag: W/"365-1929028dc90"
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
x-cache: TCP_HIT
content-length: 869
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 15 Oct 2024 12:30:50 GMT
vary: Accept-Encoding
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bza

GET
H2 200 3388-210667f2d40b198f.js Show response
www.obos.no/bank/_next/static/chunks/ 276 KB
101 KB 225ms
218ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/3388-210667f2d40b198f.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

40df682c3b1b7cb9b3cb07f6b4eeae8eade091b3a6bd9e17cf6f0d0a63ff5094

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"44fe8-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bzb
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 4089-6a214df99c438704.js Show response
www.obos.no/bank/_next/static/chunks/ 25 KB
13 KB 224ms
219ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/4089-6a214df99c438704.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

52ae49f199ab8ba126373ee840ebb2eca50204e25636981d6be0358296fd0559

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"650d-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bzc
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 964-c91e9df0d211b08f.js Show response
www.obos.no/bank/_next/static/chunks/ 12 KB
7 KB 225ms
219ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/964-c91e9df0d211b08f.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2de7cc043a3a632da5f998cd5f191652e017824ca8730460725018266e1fcceb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"30ad-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bzd
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 1273-bd151b7b15038aeb.js Show response
www.obos.no/bank/_next/static/chunks/ 26 KB
11 KB 225ms
219ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/1273-bd151b7b15038aeb.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

62b8bcb141adcda39e276eb1623d0e6f3568c2be4489af4e86d81c681ad9aa1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"6884-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bze
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 layout-d9033027bac54ffe.js Show response
www.obos.no/bank/_next/static/chunks/app/ 2 KB
3 KB 234ms
229ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/app/layout-d9033027bac54ffe.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0ee90d13405c86ff0a55a20b6f2655925a856685c77055cd3081ca5df5d7b21d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"808-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bzf
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 5118-2174fa816c3b4992.js Show response
www.obos.no/bank/_next/static/chunks/ 13 KB
8 KB 235ms
230ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/5118-2174fa816c3b4992.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0f977165c1bf88fff3a66b33e1ce0f7070e046dce152b267baab69f76eee29e6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"348c-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bzg
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 8966-46a169780f7ebab0.js Show response
www.obos.no/bank/_next/static/chunks/ 19 KB
9 KB 235ms
231ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/8966-46a169780f7ebab0.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

91730fd28161a1f9aa33e9661e47ef067733f3dbd52ea3ef73b81587ac7c00f5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"4bff-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bzh
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 9023-735c221e875f8a9b.js Show response
www.obos.no/bank/_next/static/chunks/ 67 KB
29 KB 236ms
232ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/9023-735c221e875f8a9b.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

04b4883138d966298a0659f79ff9efe6295f21cfc98275aaa456f8566735af70

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"10d84-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bzk
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 6545-00dda4d6e6127338.js Show response
www.obos.no/bank/_next/static/chunks/ 398 KB
137 KB 236ms
232ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/6545-00dda4d6e6127338.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9bb7ef3748218f65ebe886dc825577b94ebf31b5eb9ffecd519684be21da2f14

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"6396b-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bzm
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 4654-7c94907795163b7c.js Show response
www.obos.no/bank/_next/static/chunks/ 17 KB
8 KB 236ms
232ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/4654-7c94907795163b7c.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4dcb0f3794eca1d79e36e3d3a5922d272991345a751dbccac61b932577b1d955

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"445e-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bzn
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 3557-eaf5c69cf8cfb704.js Show response
www.obos.no/bank/_next/static/chunks/ 9 KB
5 KB 237ms
234ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/3557-eaf5c69cf8cfb704.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cfb8d3df406daca63e758901aaad7d30186684a69105544d6a60fc7041566323

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"2421-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bzp
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 9264-1a2043c831ccf051.js Show response
www.obos.no/bank/_next/static/chunks/ 28 KB
11 KB 237ms
233ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/9264-1a2043c831ccf051.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e7141f6b6465d948d08c54ceb4d2edcb097a4824784cc1ef0322546d86bd9147

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"6f8a-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bzq
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 2128-0df327dec1fc401b.js Show response
www.obos.no/bank/_next/static/chunks/ 19 KB
8 KB 238ms
236ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/2128-0df327dec1fc401b.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

da6274712a177bd00625a2c0764cb847e0c988853ebee8208d04eedc43703297

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"4cf3-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bzr
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 page-d8fbe26f3a0d11c5.js Show response
www.obos.no/bank/_next/static/chunks/app/ 3 KB
3 KB 238ms
235ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/app/page-d8fbe26f3a0d11c5.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f3a91e43e905c45e0fc5123cbc9232e634a4a07c57958dba24449f8ce18e686a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache-info: L1_T2
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"dee-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bzs
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 error-0c45aa11188cb6d3.js Show response
www.obos.no/bank/_next/static/chunks/app/ 777 B
3 KB 238ms
236ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/app/error-0c45aa11188cb6d3.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

09f267a31c92eedc0c59f351170cd543590e0181cc12ee14b59c2ccbc6068c8b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
etag: W/"309-1929028dc90"
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
x-cache: TCP_HIT
content-length: 777
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 15 Oct 2024 12:30:50 GMT
vary: Accept-Encoding
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bzt

GET
H2 200 not-found-36ad33171fe31638.js Show response
www.obos.no/bank/_next/static/chunks/app/ 2 KB
3 KB 239ms
236ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/app/not-found-36ad33171fe31638.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b92df7b4520c69324d3dfefdd8bc584c9c2386aad96a348db956883ecf0a7ff5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"6b9-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007bzu
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 collector.js Show response
www.obos.no/ 74 KB
26 KB 239ms
238ms Script
text/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.obos.no/collector.js
Requested by: Host: www.obos.no
URL: https://www.obos.no/bank
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6bd40d1e3749628c457f1f88b6b125e92d3a8167d462a7da36f6c3f5573dd0f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

cache-control: public, max-age=3600
content-encoding: br
x-fd-int-roxy-purgeid: 5
access-control-allow-origin: *
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007byx

GET
H2 200 obos-menu.js Show response
www.obos.no/ 54 KB
18 KB 279ms
279ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/obos-menu.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b8b2ed963f3859fa27ed0434eac5e80ec622b17eac3662f22ca1cfeb765d8ca2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com https://unpkg.com/@gobistories/gobi-web-integration .itxuc.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://ff3ec978a09f495ab4ee8aa400e16e94.svc.dynamics.com/ https://www.youtube-nocookie.com/embed/ .itxuc.com; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no blob: .gobistories.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com .itxuc.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net https://i.ytimg.com/; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr .linkedin.com https://res.cloudinary.com .itxuc.com .gobistories.com; frame-ancestors 'self' https://.obos.no http://localhost:3333; worker-src 'self' blob:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

content-encoding: gzip
etag: W/"d7dc-192b3b737b0"
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
x-middleware-rewrite: /no/obos-menu.js
vary: Accept-Encoding
last-modified: Tue, 22 Oct 2024 10:13:02 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com https://unpkg.com/@gobistories/gobi-web-integration *.itxuc.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://ff3ec978a09f495ab4ee8aa400e16e94.svc.dynamics.com/ https://www.youtube-nocookie.com/embed/ *.itxuc.com; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no blob: *.gobistories.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com *.itxuc.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net https://i.ytimg.com/; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com *.itxuc.com *.gobistories.com; frame-ancestors 'self' https://*.obos.no http://localhost:3333; worker-src 'self' blob:;
cache-control: public, max-age=0
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007byy

GET
H2 200 obos-ung-kvinne-hjemme-mobil.jpg
res.cloudinary.com/obosit-prd-ch-clry/image/upload/ar_1,w_1440,f_auto,q_auto,g_auto,c_fill/v1616680570/OBOS-banken/ 100 KB
100 KB 344ms
160ms Image
image/webp 2a02:26f0:3500:880::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/obosit-prd-ch-clry/image/upload/ar_1,w_1440,f_auto,q_auto,g_auto,c_fill/v1616680570/OBOS-banken/obos-ung-kvinne-hjemme-mobil.jpg

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:880::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

31cdb2dd987b3708fce16814a28de435ddda7cde46e881a3af72db18418c7304

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag: "f2e3b8c23b07ffde8fc7befdc749279d"
x-content-type-options: nosniff
server-timing: cld-akam;dur=12;start=2024-10-23T06:24:26.179Z;desc=hit-near,rtt;dur=47,content-info;desc="width=1440,height=1440,bytes=101948,owidth=1280,oheight=700,obytes=369343,ef=(1,11,13,17,23)"
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: image/webp
content-disposition: inline; filename="obos-ung-kvinne-hjemme-mobil.webp"
vary: Accept,User-Agent,Save-Data
last-modified: Fri, 26 Apr 2024 12:45:26 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 101948
server: Cloudinary

GET
H2 200 OBOSText-Regular.woff2
www.obos.no/fonts/ 30 KB
32 KB 69ms
63ms Font
font/woff2 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/fonts/OBOSText-Regular.woff2

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/css/91450fdd9c449ada.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ed7fa8bd71c14748529620de417943a862a92464706ab7ad2d4b19e1bb68295b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com https://unpkg.com/@gobistories/gobi-web-integration .itxuc.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://ff3ec978a09f495ab4ee8aa400e16e94.svc.dynamics.com/ https://www.youtube-nocookie.com/embed/ .itxuc.com; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no blob: .gobistories.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com .itxuc.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net https://i.ytimg.com/; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr .linkedin.com https://res.cloudinary.com .itxuc.com .gobistories.com; frame-ancestors 'self' https://.obos.no http://localhost:3333; worker-src 'self' blob:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.obos.no
Referer: https://www.obos.no/bank/_next/static/css/91450fdd9c449ada.css

Response headers

etag: W/"7780-192b3b737b0"
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: font/woff2
x-middleware-rewrite: /no/fonts/OBOSText-Regular.woff2
last-modified: Tue, 22 Oct 2024 10:13:02 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com https://unpkg.com/@gobistories/gobi-web-integration *.itxuc.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://ff3ec978a09f495ab4ee8aa400e16e94.svc.dynamics.com/ https://www.youtube-nocookie.com/embed/ *.itxuc.com; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no blob: *.gobistories.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com *.itxuc.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net https://i.ytimg.com/; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com *.itxuc.com *.gobistories.com; frame-ancestors 'self' https://*.obos.no http://localhost:3333; worker-src 'self' blob:;
cache-control: public, max-age=2592000
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30592
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007c0s

GET
H2 200 OBOSDisplay-SemiBold.woff2
www.obos.no/fonts/ 33 KB
36 KB 133ms
127ms Font
font/woff2 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/fonts/OBOSDisplay-SemiBold.woff2

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/css/91450fdd9c449ada.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

070004a8b40b5bddeb450890f2e7c6aac171568ac865d3cf989e1f43ff5b412c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com https://unpkg.com/@gobistories/gobi-web-integration .itxuc.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://ff3ec978a09f495ab4ee8aa400e16e94.svc.dynamics.com/ https://www.youtube-nocookie.com/embed/ .itxuc.com; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no blob: .gobistories.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com .itxuc.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net https://i.ytimg.com/; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr .linkedin.com https://res.cloudinary.com .itxuc.com .gobistories.com; frame-ancestors 'self' https://.obos.no http://localhost:3333; worker-src 'self' blob:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.obos.no
Referer: https://www.obos.no/bank/_next/static/css/91450fdd9c449ada.css

Response headers

etag: W/"8510-192b3b737b0"
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: font/woff2
x-middleware-rewrite: /no/fonts/OBOSDisplay-SemiBold.woff2
last-modified: Tue, 22 Oct 2024 10:13:02 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com https://unpkg.com/@gobistories/gobi-web-integration *.itxuc.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://ff3ec978a09f495ab4ee8aa400e16e94.svc.dynamics.com/ https://www.youtube-nocookie.com/embed/ *.itxuc.com; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no blob: *.gobistories.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com *.itxuc.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net https://i.ytimg.com/; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com *.itxuc.com *.gobistories.com; frame-ancestors 'self' https://*.obos.no http://localhost:3333; worker-src 'self' blob:;
cache-control: public, max-age=2592000
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34064
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007c0t

GET
H2 200 OBOSText-Medium.woff2
www.obos.no/fonts/ 31 KB
33 KB 136ms
131ms Font
font/woff2 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/fonts/OBOSText-Medium.woff2

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/css/91450fdd9c449ada.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1260f44da47fae5391cd69b690b263e419740090eda5dd4ebb0241e6c8a1df6e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com https://unpkg.com/@gobistories/gobi-web-integration .itxuc.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://ff3ec978a09f495ab4ee8aa400e16e94.svc.dynamics.com/ https://www.youtube-nocookie.com/embed/ .itxuc.com; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no blob: .gobistories.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com .itxuc.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net https://i.ytimg.com/; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr .linkedin.com https://res.cloudinary.com .itxuc.com .gobistories.com; frame-ancestors 'self' https://.obos.no http://localhost:3333; worker-src 'self' blob:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.obos.no
Referer: https://www.obos.no/bank/_next/static/css/91450fdd9c449ada.css

Response headers

etag: W/"7b4c-192b3b737b0"
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: font/woff2
x-middleware-rewrite: /no/fonts/OBOSText-Medium.woff2
last-modified: Tue, 22 Oct 2024 10:13:02 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com https://unpkg.com/@gobistories/gobi-web-integration *.itxuc.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://ff3ec978a09f495ab4ee8aa400e16e94.svc.dynamics.com/ https://www.youtube-nocookie.com/embed/ *.itxuc.com; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no blob: *.gobistories.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com *.itxuc.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net https://i.ytimg.com/; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com *.itxuc.com *.gobistories.com; frame-ancestors 'self' https://*.obos.no http://localhost:3333; worker-src 'self' blob:;
cache-control: public, max-age=2592000
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31564
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007c0u

GET
H2 200 OBOS-icons_Daglig-bruk-green
res.cloudinary.com/obosit-prd-ch-clry/f_auto,c_fill,w_256,g_auto,q_auto,ar_1.0/v1651061531/Ikoner/Niv%C3%A5%202%20ikoner%20PNG/ 952 B
1 KB 152ms
145ms Image
image/webp 2a02:26f0:3500:880::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/obosit-prd-ch-clry/f_auto,c_fill,w_256,g_auto,q_auto,ar_1.0/v1651061531/Ikoner/Niv%C3%A5%202%20ikoner%20PNG/OBOS-icons_Daglig-bruk-green

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:880::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

74ccedf65778b607c1b6695246b939760d9255dc5835b17841cd835b97195c45

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag: "1736dc0e21c59144dee5050beadf9496"
x-content-type-options: nosniff
server-timing: cld-akam;dur=19;start=2024-10-23T06:24:26.363Z;desc=hit-near,rtt;dur=50,content-info;desc="width=256,height=256,owidth=501,oheight=501,obytes=5354"
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: image/webp
content-disposition: inline; filename="OBOS-icons_Daglig-bruk-green.webp"
vary: Accept,User-Agent,Save-Data
last-modified: Wed, 15 Mar 2023 11:39:28 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 952
server: Cloudinary

GET
H2 200 OBOS-icons_Sparing-green
res.cloudinary.com/obosit-prd-ch-clry/f_auto,c_fill,w_256,g_auto,q_auto,ar_1.0/v1651061534/Ikoner/Niv%C3%A5%202%20ikoner%20PNG/ 1 KB
2 KB 149ms
143ms Image
image/webp 2a02:26f0:3500:880::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/obosit-prd-ch-clry/f_auto,c_fill,w_256,g_auto,q_auto,ar_1.0/v1651061534/Ikoner/Niv%C3%A5%202%20ikoner%20PNG/OBOS-icons_Sparing-green

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:880::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

9046d903c0bd39471149c09a779b350a737b1a459ddf74eff145cb5289d62c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag: "9fe68282eb2adfa3e47d0d172116200c"
x-content-type-options: nosniff
server-timing: cld-akam;dur=11;start=2024-10-23T06:24:26.363Z;desc=miss,rtt;dur=50,content-info;desc="width=256,height=256,owidth=501,oheight=501,obytes=7567",cloudinary;dur=69;start=2024-10-18T06:43:18.353Z
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: image/webp
content-disposition: inline; filename="OBOS-icons_Sparing-green.webp"
vary: Accept,User-Agent,Save-Data
last-modified: Wed, 01 Mar 2023 09:31:07 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1442
server: Cloudinary

GET
H2 200 OBOS-icons_Tre-veier-til-boligdrommen-green
res.cloudinary.com/obosit-prd-ch-clry/f_auto,c_fill,w_256,g_auto,q_auto,ar_1.0/v1651061535/Ikoner/Niv%C3%A5%202%20ikoner%20PNG/ 2 KB
2 KB 147ms
140ms Image
image/webp 2a02:26f0:3500:880::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/obosit-prd-ch-clry/f_auto,c_fill,w_256,g_auto,q_auto,ar_1.0/v1651061535/Ikoner/Niv%C3%A5%202%20ikoner%20PNG/OBOS-icons_Tre-veier-til-boligdrommen-green

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:880::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

857d0e9c7b0554f4ff78c9bb0bb785b44c6b4e7f42b93ec885377975f480c8d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag: "9493b24cd3694010125ac2b722dd0142"
x-content-type-options: nosniff
server-timing: cld-akam;dur=10;start=2024-10-23T06:24:26.363Z;desc=miss,rtt;dur=50,content-info;desc="width=256,height=256,owidth=501,oheight=501,obytes=10086",cloudinary;dur=84;start=2024-10-09T13:40:09.077Z
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: image/webp
content-disposition: inline; filename="OBOS-icons_Tre-veier-til-boligdrommen-green.webp"
vary: Accept,User-Agent,Save-Data
last-modified: Wed, 15 Mar 2023 11:39:27 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1874
server: Cloudinary

GET
H2 200 Dine_Penger_Aa_syne_bloeffen.jpg
res.cloudinary.com/obosit-prd-ch-clry/image/upload/ar_1.4,w_1440,f_auto,q_auto,g_auto,c_fill/v1717759900/OBOS-banken/ 49 KB
49 KB 155ms
148ms Image
image/webp 2a02:26f0:3500:880::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/obosit-prd-ch-clry/image/upload/ar_1.4,w_1440,f_auto,q_auto,g_auto,c_fill/v1717759900/OBOS-banken/Dine_Penger_Aa_syne_bloeffen.jpg

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:880::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

f6e6313fe58277ef30c65f43b19785ee9bc1771328fe39f58faf8b5a52d1ff77

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag: "b406b49dfd560f587dce49297ba74ce3"
x-content-type-options: nosniff
server-timing: cld-akam;dur=10;start=2024-10-23T06:24:26.370Z;desc=hit-near,rtt;dur=51,content-info;desc="width=1440,height=1029,bytes=49746,owidth=1200,oheight=630,obytes=113187,ef=(1,11,13,17,23)"
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: image/webp
content-disposition: inline; filename="Dine_Penger_Aa_syne_bloeffen.webp"
vary: Accept,User-Agent,Save-Data
last-modified: Fri, 07 Jun 2024 11:35:42 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 49746
server: Cloudinary

GET
H2 200 iStock-1187202065.jpg
res.cloudinary.com/obosit-prd-ch-clry/image/upload/ar_1.4,w_1440,f_auto,q_auto,g_auto,c_fill/v1716890237/OBOS-banken/Kampanjer%20og%20aktiviteter/ 70 KB
70 KB 80ms
73ms Image
image/webp 2a02:26f0:3500:880::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/obosit-prd-ch-clry/image/upload/ar_1.4,w_1440,f_auto,q_auto,g_auto,c_fill/v1716890237/OBOS-banken/Kampanjer%20og%20aktiviteter/iStock-1187202065.jpg

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:880::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

f9631f8d8457a7507aae239c2678d1c6c35b38b1ca12b68c9a39535acd4583d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag: "d9c1f542dcdbefcaec5a22ca439e6ffd"
x-content-type-options: nosniff
server-timing: cld-akam;dur=10;start=2024-10-23T06:24:26.363Z;desc=hit-near,rtt;dur=50,content-info;desc="width=1440,height=1029,bytes=71206,owidth=3864,oheight=2576,obytes=4050224,ef=(1,11,13,17,23)"
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: image/webp
content-disposition: inline; filename="iStock-1187202065.webp"
vary: Accept,User-Agent,Save-Data
last-modified: Thu, 13 Jun 2024 12:53:10 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 71206
server: Cloudinary

GET
H2 200 rikke_tiller_002.jpg
res.cloudinary.com/obosit-prd-ch-clry/image/upload/ar_1.4,w_1440,f_auto,q_auto,g_auto,c_fill/v1713361703/OBOS-banken/artikler/ 92 KB
92 KB 153ms
147ms Image
image/webp 2a02:26f0:3500:880::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/obosit-prd-ch-clry/image/upload/ar_1.4,w_1440,f_auto,q_auto,g_auto,c_fill/v1713361703/OBOS-banken/artikler/rikke_tiller_002.jpg

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:880::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

be974a40f288f98e642b98ab12eb497fbb8c821ef3cce83e9c230356514b70e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag: "eaedb6632599c22e80d83e8e7853138a"
x-content-type-options: nosniff
server-timing: cld-akam;dur=34;start=2024-10-23T06:24:26.363Z;desc=hit-near,rtt;dur=50,content-info;desc="width=1440,height=1029,bytes=93724,owidth=1920,oheight=1282,obytes=276991,ef=(1,11,13,17,23)"
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: image/webp
content-disposition: inline; filename="rikke_tiller_002.webp"
vary: Accept,User-Agent,Save-Data
last-modified: Wed, 17 Apr 2024 14:00:32 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 93724
server: Cloudinary

POST
H2 200 / Show response
o4507446359097344.ingest.de.sentry.io/api/4507451722104912/envelope/ 2 B
300 B 513ms
59ms Fetch
application/json 34.120.62.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4507446359097344.ingest.de.sentry.io/api/4507451722104912/envelope/?sentry_key=7edcc34a817100b8252761c7fcb11626&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F8.34.0

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.62.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

213.62.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.obos.no/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: nginx

GET
H2 200 favicon.svg
www.obos.no/ 2 KB
1 KB 148ms
147ms Other
image/svg+xml 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/favicon.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7e389db70a3e74314f78b33b8164b59eca4db89196312aae0d65165cb1ade38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
etag: W/"600-192ae04d020"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
request-context: appId=cid-v1:143de35c-67e2-423e-82af-f1de88d8d1ed
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: image/svg+xml
last-modified: Mon, 21 Oct 2024 07:40:04 GMT
vary: Accept-Encoding
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007c1g
x-frame-options: SAMEORIGIN

GET
H2 200 collector.js Show response
www.obos.no/ 74 KB
0 1ms
0ms Script
text/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.obos.no/collector.js
Requested by: Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6bd40d1e3749628c457f1f88b6b125e92d3a8167d462a7da36f6c3f5573dd0f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.obos.no
Referer: https://www.obos.no/bank

Response headers

cache-control: public, max-age=3600
content-encoding: br
x-fd-int-roxy-purgeid: 5
access-control-allow-origin: *
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007byx

GET
H2 200 obos-menu.js Show response
www.obos.no/ 54 KB
381 B 76ms
72ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/obos-menu.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b8b2ed963f3859fa27ed0434eac5e80ec622b17eac3662f22ca1cfeb765d8ca2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com https://unpkg.com/@gobistories/gobi-web-integration .itxuc.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://ff3ec978a09f495ab4ee8aa400e16e94.svc.dynamics.com/ https://www.youtube-nocookie.com/embed/ .itxuc.com; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no blob: .gobistories.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com .itxuc.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net https://i.ytimg.com/; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr .linkedin.com https://res.cloudinary.com .itxuc.com .gobistories.com; frame-ancestors 'self' https://.obos.no http://localhost:3333; worker-src 'self' blob:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.obos.no
Referer: https://www.obos.no/bank

Response headers

content-encoding: gzip
etag: W/"d7dc-192b3b737b0"
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
x-middleware-rewrite: /no/obos-menu.js
vary: Accept-Encoding
last-modified: Tue, 22 Oct 2024 10:13:02 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com https://unpkg.com/@gobistories/gobi-web-integration *.itxuc.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://ff3ec978a09f495ab4ee8aa400e16e94.svc.dynamics.com/ https://www.youtube-nocookie.com/embed/ *.itxuc.com; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no blob: *.gobistories.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com *.itxuc.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net https://i.ytimg.com/; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com *.itxuc.com *.gobistories.com; frame-ancestors 'self' https://*.obos.no http://localhost:3333; worker-src 'self' blob:;
cache-control: public, max-age=0
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007c1h

GET
H2 200 gtm.js Show response
stm.obos.no/ 585 KB
172 KB 182ms
90ms Script
application/javascript 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stm.obos.no/gtm.js?id=GTM-P4W9NTL
Requested by: Host: www.obos.no
URL: https://www.obos.no/bank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: dd74d6c295f4b05b2ae84a63548a688c2537644d4ffa14fbcf46ff06eff1fcb1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

cache-control: private, max-age=900
content-encoding: gzip
via: 1.1 google
expires: Wed, 23 Oct 2024 06:39:19 GMT
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 06:00:00 GMT

GET
H2 200 registrer-deg Show response
www.obos.no/bank/ 116 B
2 KB 61ms
60ms Fetch
text/x-component 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/registrer-deg?_rsc=dgwbj

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e66b6912b99d938c2b5e48f677592f0df0ddc3045843036206613727f9bf244f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://www.obos.no/bank
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2C%22%2Fbank%22%2C%22refresh%22%5D%7D%2Cnull%2Cnull%2Ctrue%5D
baggage: sentry-environment=prod,sentry-release=GvGKXky_e_IjXogmK5L5u,sentry-public_key=7edcc34a817100b8252761c7fcb11626,sentry-trace_id=5c02a8b18f1d47999921903ecb206d80,sentry-sample_rate=0.05,sentry-sampled=false
sentry-trace: 5c02a8b18f1d47999921903ecb206d80-b46ec255061fefbe-0
Next-Router-Prefetch: 1
Next-Url: /
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007c1p

GET
H2 200 derfor-bor-du-velge-obos-banken Show response
www.obos.no/bank/registrer-deg/ 178 B
2 KB 122ms
121ms Fetch
text/x-component 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/registrer-deg/derfor-bor-du-velge-obos-banken?_rsc=dgwbj

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

56a2d5adf6e910c9a8ebcf059e1ffb390997e8b7de70bcb8cb59ccd23994cfbe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://www.obos.no/bank
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2C%22%2Fbank%22%2C%22refresh%22%5D%7D%2Cnull%2Cnull%2Ctrue%5D
baggage: sentry-environment=prod,sentry-release=GvGKXky_e_IjXogmK5L5u,sentry-public_key=7edcc34a817100b8252761c7fcb11626,sentry-trace_id=5c02a8b18f1d47999921903ecb206d80,sentry-sample_rate=0.05,sentry-sampled=false
sentry-trace: 5c02a8b18f1d47999921903ecb206d80-93f7ca1f6b2d05f0-0
Next-Router-Prefetch: 1
Next-Url: /
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007c1q

GET
H2 200 dagligbank Show response
www.obos.no/bank/ 21 KB
8 KB 150ms
146ms Fetch
text/x-component 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/dagligbank?_rsc=aq400

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aa379b371c755f97d67722f93961e9f3474c64d6fb8274fb3c6bec7b30cef4d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sentry-trace: 5c02a8b18f1d47999921903ecb206d80-95f93bb573cf6d28-0
RSC: 1
Referer: https://www.obos.no/bank
Next-Url: /
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2C%22%2Fbank%22%2C%22refresh%22%5D%7D%2Cnull%2Cnull%2Ctrue%5D
baggage: sentry-environment=prod,sentry-release=GvGKXky_e_IjXogmK5L5u,sentry-public_key=7edcc34a817100b8252761c7fcb11626,sentry-trace_id=5c02a8b18f1d47999921903ecb206d80,sentry-sample_rate=0.05,sentry-sampled=false

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007c1r

GET
H2 200 sparing Show response
www.obos.no/bank/ 24 KB
8 KB 125ms
125ms Fetch
text/x-component 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/sparing?_rsc=aq400

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6fd60992af5340eb67dfb1d68561000bf1cb4bbcfe05b8de1ccd776056a7ac07

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sentry-trace: 5c02a8b18f1d47999921903ecb206d80-864a6e4a33047217-0
RSC: 1
Referer: https://www.obos.no/bank
Next-Url: /
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2C%22%2Fbank%22%2C%22refresh%22%5D%7D%2Cnull%2Cnull%2Ctrue%5D
baggage: sentry-environment=prod,sentry-release=GvGKXky_e_IjXogmK5L5u,sentry-public_key=7edcc34a817100b8252761c7fcb11626,sentry-trace_id=5c02a8b18f1d47999921903ecb206d80,sentry-sample_rate=0.05,sentry-sampled=false

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007c1s

GET
H2 200 lan Show response
www.obos.no/bank/ 29 KB
9 KB 353ms
353ms Fetch
text/x-component 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/lan?_rsc=aq400

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c02f7a881d4d265d93537bd7cb549302981bf3dca1920841c34d8c2ca4c451f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sentry-trace: 5c02a8b18f1d47999921903ecb206d80-b3e9f1b52d1168e3-0
RSC: 1
Referer: https://www.obos.no/bank
Next-Url: /
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2C%22%2Fbank%22%2C%22refresh%22%5D%7D%2Cnull%2Cnull%2Ctrue%5D
baggage: sentry-environment=prod,sentry-release=GvGKXky_e_IjXogmK5L5u,sentry-public_key=7edcc34a817100b8252761c7fcb11626,sentry-trace_id=5c02a8b18f1d47999921903ecb206d80,sentry-sample_rate=0.05,sentry-sampled=false

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007c1t

GET
H2 200 ad-info.js Show response
www.obos.no/ 3 KB
4 KB 64ms
64ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/ad-info.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5120a0ee99a7dc09535a806d51eb3351ace7969ff6faba274f60eee7f148fe9b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com https://unpkg.com/@gobistories/gobi-web-integration .itxuc.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://ff3ec978a09f495ab4ee8aa400e16e94.svc.dynamics.com/ https://www.youtube-nocookie.com/embed/ .itxuc.com; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no blob: .gobistories.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com .itxuc.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net https://i.ytimg.com/; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr .linkedin.com https://res.cloudinary.com .itxuc.com .gobistories.com; frame-ancestors 'self' https://.obos.no http://localhost:3333; worker-src 'self' blob:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.obos.no
Referer: https://www.obos.no/bank

Response headers

content-encoding: gzip
etag: W/"b65-192b3b737b0"
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/javascript; charset=UTF-8
x-middleware-rewrite: /no/ad-info.js
vary: Accept-Encoding
last-modified: Tue, 22 Oct 2024 10:13:02 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com https://unpkg.com/@gobistories/gobi-web-integration *.itxuc.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://ff3ec978a09f495ab4ee8aa400e16e94.svc.dynamics.com/ https://www.youtube-nocookie.com/embed/ *.itxuc.com; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no blob: *.gobistories.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com *.itxuc.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net https://i.ytimg.com/; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com *.itxuc.com *.gobistories.com; frame-ancestors 'self' https://*.obos.no http://localhost:3333; worker-src 'self' blob:;
cache-control: public, max-age=0
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007c1v

GET
H2 200 session Show response
www.obos.no/auth/api/ 4 B
499 B 168ms
164ms Fetch
application/json 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.obos.no/auth/api/session
Requested by: Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

sentry-trace: 5c02a8b18f1d47999921903ecb206d80-a817d6dfdcb183e2-0
Referer: https://www.obos.no/bank
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
baggage: sentry-environment=prod,sentry-release=GvGKXky_e_IjXogmK5L5u,sentry-public_key=7edcc34a817100b8252761c7fcb11626,sentry-trace_id=5c02a8b18f1d47999921903ecb206d80,sentry-sample_rate=0.05,sentry-sampled=false

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: application/json
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007c25

GET
H2 200 obos_liggende_hus_hvit.svg
res.cloudinary.com/obosit-prd-ch-clry/image/upload/q_auto/v1619689575/OBOS%20Merkevare/OBOS/Liggende/ 3 KB
2 KB 54ms
53ms Image
image/svg+xml 2a02:26f0:3500:880::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/obosit-prd-ch-clry/image/upload/q_auto/v1619689575/OBOS%20Merkevare/OBOS/Liggende/obos_liggende_hus_hvit.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:880::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

c57004aa040d11ba3978bd263d64f77d7dcf215b6b7028f0f08507b40c087e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
content-encoding: br
etag: W/"8e4f7ae1122097fcdf65ee8cc53263c5"
x-content-type-options: nosniff
server-timing: cld-akam;dur=3;start=2024-10-23T06:24:26.714Z;desc=hit,rtt;dur=49,content-info;desc="width=484,height=115"
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: image/svg+xml
content-disposition: attachment; filename="obos_liggende_hus_hvit.svg"
vary: Accept-Encoding,,Save-Data
last-modified: Thu, 29 Apr 2021 09:46:19 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1276
server: Cloudinary

GET
H2 200 favicon.ico
www.obos.no/ 15 KB
4 KB 70ms
70ms Other
image/x-icon 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5762bf41afefcf6c6324a0e3a709c1beabacebf4113630eb6e222f3c1e44f2da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
etag: W/"3aee-192ae04d020"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
request-context: appId=cid-v1:143de35c-67e2-423e-82af-f1de88d8d1ed
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 06:24:26 GMT
content-type: image/x-icon
last-modified: Mon, 21 Oct 2024 07:40:04 GMT
vary: Accept-Encoding
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007c2a
x-frame-options: SAMEORIGIN

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 167ms
65ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js?did=ea448f9e-5a74-4f6e-9260-c61b81f67013

Requested by

Host: stm.obos.no
URL: https://stm.obos.no/gtm.js?id=GTM-P4W9NTL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

content-md5: qVqAwzZMp5y69q24H0KNhg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCF241BEBAA205
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 16506
x-content-type-options: nosniff
date: Wed, 23 Oct 2024 06:24:27 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 02:32:16 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 770029e5-e01e-0024-4c68-240ac4000000
cf-ray: 8d6fa4e91adf56c3-OSL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7212
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 skyra-survey.js Show response
survey.skyra.no/ 279 KB
84 KB 175ms
57ms Script
text/javascript 195.154.197.238
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.skyra.no/skyra-survey.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.154.197.238 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

195-154-197-238.lb.fr-par.scw.cloud

Software

Resource Hash

999db42747f9f974ddb86d6e0be0f7fdf2f38c1bb7dc73fb8f8a8799c39a37e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 1728000
cache-control: public, max-age=36000
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET
accept-ranges: bytes
access-control-allow-origin: *
date: Wed, 23 Oct 2024 06:24:27 GMT
content-type: text/javascript
vary: accept-encoding
last-modified: Tue, 22 Oct 2024 09:45:40 GMT
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET 4426822b50f2893bb0bc6cd74521848c.experiment.js
cdn.eu.amplitude.com/script/ 0
0

GET
H2 200 page-7a892e96af8cfa5a.js Show response
www.obos.no/bank/_next/static/chunks/app/dagligbank/%5B...slug%5D/ 4 KB
4 KB 47ms
47ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/app/dagligbank/%5B...slug%5D/page-7a892e96af8cfa5a.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/webpack-1594b5a393aa1e05.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3c6eb114fe27def48d870da16cca306642308d641186f1239f4a7ca833654cbf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache-info: L1_T2
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"11e6-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007c2m
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:27 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 page-3a762c2b3b08eadd.js Show response
www.obos.no/bank/_next/static/chunks/app/sparing/ 3 KB
3 KB 45ms
45ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/app/sparing/page-3a762c2b3b08eadd.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/webpack-1594b5a393aa1e05.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c56a2c56dcedd2108eecbab5f5abb7c5faeee87dcfbc1873ae311952f8473d70

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache-info: L1_T2
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"aa4-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007c2n
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:27 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 page-e5186374cb0ce0b9.js Show response
www.obos.no/bank/_next/static/chunks/app/lan/ 3 KB
3 KB 47ms
46ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obos.no/bank/_next/static/chunks/app/lan/page-e5186374cb0ce0b9.js

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/webpack-1594b5a393aa1e05.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

85f0c5ce81e19ad9f2d79bc96bd31c250310c66435d35606884a89e7639322bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/bank

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache-info: L1_T2
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.obos.no *.doubleclick.net *.youtube.com *.googletagmanager.com *.gstatic.com static.hotjar.com *.analytics.google.com https://*.google-analytics.com https://*.clarity.ms https://*.episerver.net https://*.adnxs.com https://*.snapchat.com https://*.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://*.snapchat.com *.doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com *.obos.no; media-src 'self' res.cloudinary.com *.obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: *.obos.no *.doubleclick.net *.google-analytics.com *.hotjar.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://*.clarity.ms https://*.siteimproveanalytics.io https://*.adnxs.com https://*.mookie1.com https://*.facebook.com https://*.linkedin.com https://*.snapchat.com https://*.episerver.net https://*.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' *.obos.no *.snapchat.com *.apicdn.sanity.io *.api.sanity.io *.doubleclick.net *.hotjar.com *.hotjar.io *.google-analytics.com *.youtube.com *.google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://*.hotjar.com https://*.googlesyndication.com https://*.clarity.ms https://*.sentry.io https://*.google.no https://*.bing.com https://*.skyra.no https://*.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"aa4-1929028dc90"
x-azure-ref: 20241023T062426Z-r198b4d675bv4s45ybks0svksw0000000820000000007c2p
x-fd-int-roxy-purgeid: 5
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 06:24:27 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 15 Oct 2024 12:30:50 GMT

GET
H2 200 ea448f9e-5a74-4f6e-9260-c61b81f67013.json Show response
cdn.cookielaw.org/consent/ea448f9e-5a74-4f6e-9260-c61b81f67013/ 4 KB
2 KB 179ms
79ms XHR
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/ea448f9e-5a74-4f6e-9260-c61b81f67013/ea448f9e-5a74-4f6e-9260-c61b81f67013.json

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65bbe620654bbc03acd2060bacc9e81de0c5ae8711c59b6b35695e80dcd8eb89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

content-md5: vzCewgj1dIWorCsglRba1w==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCD877A516D057
age: 11355
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Thu, 24 Oct 2024 06:24:27 GMT
date: Wed, 23 Oct 2024 06:24:27 GMT
content-type: application/json
last-modified: Thu, 19 Sep 2024 06:52:36 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: cb524869-701e-0008-2860-0a88f9000000
cf-ray: 8d6fa4ea3e3cb50c-OSL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1550
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 obos Show response
ingest.staging.skyra.no/survey/ 2 B
581 B 174ms
55ms Fetch
application/json 195.154.197.238
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://ingest.staging.skyra.no/survey/obos?

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.154.197.238 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

195-154-197-238.lb.fr-par.scw.cloud

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 1728000
access-control-expose-headers: host, user-agent, accept, origin, sec-fetch-mode, sec-fetch-dest, referer, accept-encoding, accept-language, x-request-id, x-real-ip, x-forwarded-for, x-forwarded-host, x-forwarded-port, x-forwarded-proto, x-forwarded-scheme, x-scheme, sec-fetch-site, priority
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
content-length: 2
date: Wed, 23 Oct 2024 06:24:27 GMT
content-type: application/json;charset=utf-8
vary: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 72 B
309 B 171ms
67ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8ed6ce42e1e11bbbae707014c7ec376a2a55f132b839f8af85353087adc58cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://www.obos.no/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d6fa4eb5834712e-OSL
access-control-allow-origin: *
date: Wed, 23 Oct 2024 06:24:27 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 192ms
79ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5l1&tag_exp=101533421~101686685~101823847&rnd=2095943517.1729664667&url=https%3A%2F%2Fwww.obos.no%2Fbank&dma_cps=-&dma=1&npa=1&gtm=45Fe4ah0n81P4W9NTLv811871690za200

Requested by

Host: stm.obos.no
URL: https://stm.obos.no/gtm.js?id=GTM-P4W9NTL

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 06:24:27 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/ 457 KB
111 KB 62ms
61ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js?did=ea448f9e-5a74-4f6e-9260-c61b81f67013

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81a50b09cb85e4ff68788f763b8dcdc549414cecf42ca228a55ab77c971f1286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

content-md5: Mq8sWt7aN99kE/VZ97+T8Q==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCED8C88D357E6
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 28025
x-content-type-options: nosniff
date: Wed, 23 Oct 2024 06:24:27 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 02:45:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: db5e4048-101e-0057-1500-247a07000000
cf-ray: 8d6fa4ebdf1d56c3-OSL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 113760
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 no.json Show response
cdn.cookielaw.org/consent/ea448f9e-5a74-4f6e-9260-c61b81f67013/7b32532e-e6d0-434c-8ed4-5379521b2353/ 104 KB
23 KB 77ms
70ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/ea448f9e-5a74-4f6e-9260-c61b81f67013/7b32532e-e6d0-434c-8ed4-5379521b2353/no.json

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

197063ff5365cae4d0eb9c76c7b5f643d3639f57fcdd042837036a7578e56a8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

content-md5: 4uzyToeu/BeXZOV+6Tvu6w==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCD877A3F8BEC0
age: 44067
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Thu, 24 Oct 2024 06:24:27 GMT
date: Wed, 23 Oct 2024 06:24:27 GMT
content-type: application/json
last-modified: Thu, 19 Sep 2024 06:52:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: d7cc53c8-e01e-002f-5b60-0a12b0000000
cf-ray: 8d6fa4ecfb00b50c-OSL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23165
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/assets/ 13 KB
3 KB 61ms
61ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/assets/otFlat.json

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

content-md5: RGlYb2KBTfdkPpxIxwwu0g==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCED8C8519203B
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 70578
x-content-type-options: nosniff
date: Wed, 23 Oct 2024 06:24:27 GMT
content-type: application/json
last-modified: Wed, 16 Oct 2024 02:44:56 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: cc225fd2-801e-00bc-239c-1f84fb000000
cf-ray: 8d6fa4edabcab50c-OSL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3003
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/assets/v2/ 62 KB
13 KB 67ms
66ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/assets/v2/otPcCenter.json

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

content-md5: vNMewq08o3u2s0ZPUoZf8g==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCED8C86774DF1
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 36696
x-content-type-options: nosniff
date: Wed, 23 Oct 2024 06:24:27 GMT
content-type: application/json
last-modified: Wed, 16 Oct 2024 02:44:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: d3a2734c-801e-007b-3a9c-1ff83a000000
cf-ray: 8d6fa4edabcbb50c-OSL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12723
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/assets/ 5 KB
2 KB 67ms
67ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/assets/otCookieSettingsButton.json

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

content-md5: fyGpUoUy0eZkGUgUg6MkZA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCED8C86295E6C
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 30275
x-content-type-options: nosniff
date: Wed, 23 Oct 2024 06:24:27 GMT
content-type: application/json
last-modified: Wed, 16 Oct 2024 02:44:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 3608b5c9-101e-00b2-399c-1f68f0000000
cf-ray: 8d6fa4edabcfb50c-OSL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1738
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/assets/ 24 KB
4 KB 63ms
63ms Fetch
text/css 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/assets/otCommonStyles.css

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

content-md5: HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 30165
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Oct 2024 06:24:27 GMT
content-type: text/css
last-modified: Wed, 16 Oct 2024 02:45:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: db7db6af-b01e-0037-439c-1f3f25000000
cf-ray: 8d6fa4edabd0b50c-OSL
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
539 B 65ms
65ms Fetch
image/svg+xml 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: www.obos.no
URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

content-md5: tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 43344
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Oct 2024 06:24:27 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Oct 2024 02:32:22 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 1ecf1cf7-c01e-0099-414b-241c48000000
cf-ray: 8d6fa4ee4c97b50c-OSL
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 obos_liggende.png
cdn.cookielaw.org/logos/fe8f8cc4-cbb6-487b-b58c-a74c3d5d73eb/aad6c8f0-ecde-4b6f-9286-ee84b50b5b4f/629a8064-2c1e-45b9-aa56-b058aa5066e9/ 17 KB
18 KB 67ms
66ms Image
mage/png 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/fe8f8cc4-cbb6-487b-b58c-a74c3d5d73eb/aad6c8f0-ecde-4b6f-9286-ee84b50b5b4f/629a8064-2c1e-45b9-aa56-b058aa5066e9/obos_liggende.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2974a4cc02175c4ad79f4b2fd57259d9f31bd56543570fb7c97e76296f3a00d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

content-md5: NOOyaHGbiJCoSPgFHB4Xyg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8D9E2365D27F685
age: 70578
cf-cache-status: HIT
x-content-type-options: nosniff
date: Wed, 23 Oct 2024 06:24:27 GMT
content-type: mage/png
last-modified: Fri, 28 Jan 2022 08:15:36 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 6d2b4206-301e-00a9-0a2c-b69481000000
cf-ray: 8d6fa4ee5a6b56c3-OSL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17828
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 61ms
61ms Image
image/svg+xml 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.obos.no/

Response headers

content-md5: Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 31253
content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 21:43:34 GMT
date: Wed, 23 Oct 2024 06:24:27 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Oct 2024 02:32:23 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 2c722801-701e-00ed-55c9-249a0e000000
cf-ray: 8d6fa4ee6a6f56c3-OSL
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.eu.amplitude.com
URL: https://cdn.eu.amplitude.com/script/4426822b50f2893bb0bc6cd74521848c.experiment.js

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
openbanking.obos.no/	1969-12-31 23:59:59	Name: BIGipServerpool_openbanking_wht_web_80 Value: !AG3i7v6Ml8/WHHUpstKOJrUAZqC0dKn1qpXsr5fkQfx3GrZZfTYeeTQiRRFEl5HcO/hyf84XqxKQ9A==
www.obos.no/	1969-12-31 23:59:59	Name: __Host-next-auth.csrf-token Value: 856fed42666392c539ec1f05e535b20dd6d702d72ddfcfc2789e0adc1d842d4a%7Cee4b5e1e2a9239f9aaea6c0dee24488257163850668041f542589efa7a12d4b9
www.obos.no/	1969-12-31 23:59:59	Name: __Secure-next-auth.callback-url Value: https%3A%2F%2Fdkt-auth-p_feb4676bef%3A8080
.obos.no/	1970-01-21 09:13:20	Name: skyra.state Value: %7B%22_id%22%3A%2201JAW0RKMEWXW9KS3XVSWG9FGD%22%7D
.obos.no/	1970-01-21 09:13:20	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Oct+23+2024+08%3A24%3A27+GMT%2B0200+(sentraleuropeisk+sommertid)&version=202409.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=26bc56cc-2d2a-4cba-913a-d7684386372b&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.obos.no%2Fbank&groups=C0002%3A0%2CC0004%3A0%2CC0003%3A0%2CC0001%3A1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js Message: A preload for 'https://www.obos.no/collector.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.obos.no/bank/_next/static/chunks/3829-43cd16ff80d87787.js Message: A preload for 'https://www.obos.no/obos-menu.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
security	error	URL: https://stm.obos.no/gtm.js?id=GTM-P4W9NTL(Line 254) Message: Refused to load the script 'https://cdn.eu.amplitude.com/script/4426822b50f2893bb0bc6cd74521848c.experiment.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://*.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
javascript	warning	URL: https://www.obos.no/bank Message: The resource https://www.obos.no/collector.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.obos.no/bank Message: The resource https://www.obos.no/obos-menu.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .obos.no .doubleclick.net .youtube.com .googletagmanager.com .gstatic.com static.hotjar.com .analytics.google.com https://.google-analytics.com https://.clarity.ms https://.episerver.net https://.adnxs.com https://.snapchat.com https://.googlesyndication.com https://.skyra.no https://www.googleadservices.com https://adservice.google.com https://cdn.cookielaw.org https://script.hotjar.com https://cdn.mookie1.com https://connect.facebook.net https://siteimproveanalytics.com https://snap.licdn.com https://sc-static.net https://bat.bing.com; frame-src 'self' www.youtube.com https://vars.hotjar.com https://.snapchat.com .doubleclick.net; font-src 'self' script.hotjar.com https://fonts.gstatic.com .obos.no; media-src 'self' res.cloudinary.com .obos.no; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' 'unsafe-inline' data: blob: .obos.no .doubleclick.net .google-analytics.com .hotjar.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org res.cloudinary.com www.googletagmanager.com https://.clarity.ms https://.siteimproveanalytics.io https://.adnxs.com https://.mookie1.com https://.facebook.com https://.linkedin.com https://.snapchat.com https://.episerver.net https://.bing.com https://www.google.no https://optanon.blob.core.windows.net; connect-src 'self' .obos.no .snapchat.com .apicdn.sanity.io .api.sanity.io .doubleclick.net .hotjar.com .hotjar.io .google-analytics.com .youtube.com .google.com cdn.sanity.io cdn.cookielaw.org dc.services.visualstudio.com wss://.hotjar.com https://.googlesyndication.com https://.clarity.ms https://.sentry.io https://.google.no https://.bing.com https://.skyra.no https://.adnxs.com https://youtube.com https://www.googleadservices.com https://cdn.linkedin.oribi.io https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://privacyportal-eu.onetrust.com https://surveystats.hotjar.io https://cookies-data.onetrust.io/bannersdk https://www.facebook.com/tr *.linkedin.com https://res.cloudinary.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bank.obos.no
cdn.cookielaw.org
cdn.eu.amplitude.com
geolocation.onetrust.com
ingest.staging.skyra.no
o4507446359097344.ingest.de.sentry.io
openbanking.obos.no
pagead2.googlesyndication.com
res.cloudinary.com
stm.obos.no
survey.skyra.no
www.obos.no
cdn.eu.amplitude.com
139.112.170.117
195.154.197.238
2001:4860:4802:38::15
216.58.212.162
2606:4700:4400::ac40:9b77
2606:4700::6812:572a
2620:1ec:bdf::64
2a02:26f0:3500:880::523
34.120.62.213
04b4883138d966298a0659f79ff9efe6295f21cfc98275aaa456f8566735af70
051d67456a308688ded113bb1899b2188b1e9ac1dd96f7e6a9bf70807e36bfd3
070004a8b40b5bddeb450890f2e7c6aac171568ac865d3cf989e1f43ff5b412c
09f267a31c92eedc0c59f351170cd543590e0181cc12ee14b59c2ccbc6068c8b
0ee90d13405c86ff0a55a20b6f2655925a856685c77055cd3081ca5df5d7b21d
0f977165c1bf88fff3a66b33e1ce0f7070e046dce152b267baab69f76eee29e6
1260f44da47fae5391cd69b690b263e419740090eda5dd4ebb0241e6c8a1df6e
197063ff5365cae4d0eb9c76c7b5f643d3639f57fcdd042837036a7578e56a8c
20ed68ede3751850aab0a59643f1c9f76843df3532028455e64cb2756f26292f
2de7cc043a3a632da5f998cd5f191652e017824ca8730460725018266e1fcceb
300d794e6180829d85025f325bcad8702e044b7a9f18d92f75340b839cf01384
31cdb2dd987b3708fce16814a28de435ddda7cde46e881a3af72db18418c7304
3c6eb114fe27def48d870da16cca306642308d641186f1239f4a7ca833654cbf
40df682c3b1b7cb9b3cb07f6b4eeae8eade091b3a6bd9e17cf6f0d0a63ff5094
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4dcb0f3794eca1d79e36e3d3a5922d272991345a751dbccac61b932577b1d955
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5120a0ee99a7dc09535a806d51eb3351ace7969ff6faba274f60eee7f148fe9b
52ae49f199ab8ba126373ee840ebb2eca50204e25636981d6be0358296fd0559
56a2d5adf6e910c9a8ebcf059e1ffb390997e8b7de70bcb8cb59ccd23994cfbe
56d121500915927141bac9e9cc3ceded7099485463644cf76a69fdb0d52c94aa
5762bf41afefcf6c6324a0e3a709c1beabacebf4113630eb6e222f3c1e44f2da
59c75e8b810e3c18eacea045a66c7b080ae1a727b1784cb41e6a0402848b570b
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640
62b8bcb141adcda39e276eb1623d0e6f3568c2be4489af4e86d81c681ad9aa1f
65bbe620654bbc03acd2060bacc9e81de0c5ae8711c59b6b35695e80dcd8eb89
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6bd40d1e3749628c457f1f88b6b125e92d3a8167d462a7da36f6c3f5573dd0f1
6fd60992af5340eb67dfb1d68561000bf1cb4bbcfe05b8de1ccd776056a7ac07
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
746936b90b6cb862bf76c42cace40bff6a5b5310b5a902703208abcec00069cf
74ccedf65778b607c1b6695246b939760d9255dc5835b17841cd835b97195c45
7759279910ea1af50dcdf06994c44cba58afb9c02f1c7228bcc7a152a6093027
7a2e9f6497b926fdded509d14384237a63c3408d6db325e29e3b87ce9531202d
7be6a05c22bec6156886d0c030924043acf7b503464c98215b66201acb49b619
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
7e389db70a3e74314f78b33b8164b59eca4db89196312aae0d65165cb1ade38a
7fce5fbe79ffe6e4c39a5080567f3b8e4dc3d2493c8d6041b92669b3b6ebb007
81a50b09cb85e4ff68788f763b8dcdc549414cecf42ca228a55ab77c971f1286
8230e9924b030f607a38ac7b3a14509feed327432ce6e6964885307d5e512b82
848ce6c4eb54e6dc1f6f1f9ef9ac4204a5eb050874a3daf03637395dca644092
857d0e9c7b0554f4ff78c9bb0bb785b44c6b4e7f42b93ec885377975f480c8d3
85f0c5ce81e19ad9f2d79bc96bd31c250310c66435d35606884a89e7639322bd
9046d903c0bd39471149c09a779b350a737b1a459ddf74eff145cb5289d62c7d
91730fd28161a1f9aa33e9661e47ef067733f3dbd52ea3ef73b81587ac7c00f5
999db42747f9f974ddb86d6e0be0f7fdf2f38c1bb7dc73fb8f8a8799c39a37e7
9bb7ef3748218f65ebe886dc825577b94ebf31b5eb9ffecd519684be21da2f14
9e83394eddc69453112d889f195e5607f6f37bec5a38af20df9efd22523b485e
a2974a4cc02175c4ad79f4b2fd57259d9f31bd56543570fb7c97e76296f3a00d
a58bffb604a00cb1639bf47332f6eacb902ef92011211cf68ceecb9705edb687
aa379b371c755f97d67722f93961e9f3474c64d6fb8274fb3c6bec7b30cef4d9
aabe32e9a8c63b1f93c2c3eea88a7486ad652035b0d7fa52d5d22bd1fdf0e127
b8b2ed963f3859fa27ed0434eac5e80ec622b17eac3662f22ca1cfeb765d8ca2
b92df7b4520c69324d3dfefdd8bc584c9c2386aad96a348db956883ecf0a7ff5
bccc48f54660fb5875ca9d39b687279152d42824cd771218da7eb9ffdd5c5f2e
be974a40f288f98e642b98ab12eb497fbb8c821ef3cce83e9c230356514b70e0
c02f7a881d4d265d93537bd7cb549302981bf3dca1920841c34d8c2ca4c451f1
c3d8a75c9d5fef9437872fe9e85f04dd67f150c5b8d1cf73bd52cb3c3342a9a1
c56a2c56dcedd2108eecbab5f5abb7c5faeee87dcfbc1873ae311952f8473d70
c57004aa040d11ba3978bd263d64f77d7dcf215b6b7028f0f08507b40c087e44
cfb8d3df406daca63e758901aaad7d30186684a69105544d6a60fc7041566323
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
da6274712a177bd00625a2c0764cb847e0c988853ebee8208d04eedc43703297
dd74d6c295f4b05b2ae84a63548a688c2537644d4ffa14fbcf46ff06eff1fcb1
e657b67f10c919edb48c010fc4a0165808b494cef6bbb74e323db2b02da23703
e66b6912b99d938c2b5e48f677592f0df0ddc3045843036206613727f9bf244f
e7141f6b6465d948d08c54ceb4d2edcb097a4824784cc1ef0322546d86bd9147
e8ed6ce42e1e11bbbae707014c7ec376a2a55f132b839f8af85353087adc58cd
ed7fa8bd71c14748529620de417943a862a92464706ab7ad2d4b19e1bb68295b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28b2cc504d8ca395db0e8e0c24d4c408184947051c91845daf3008e544b8a35
f3a91e43e905c45e0fc5123cbc9232e634a4a07c57958dba24449f8ce18e686a
f6e6313fe58277ef30c65f43b19785ee9bc1771328fe39f58faf8b5a52d1ff77
f9631f8d8457a7507aae239c2678d1c6c35b38b1ca12b68c9a39535acd4583d8

www.obos.no Open in urlscan Pro 2620:1ec:bdf::64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

82 Requests

99 %HTTPS

56 %IPv6

8 Domains

12 Subdomains

9 IPs

4 Countries

1949 kBTransfer

4410 kBSize

5 Cookies

6 Outgoing links

Page URL History

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.obos.no Open in urlscan Pro
2620:1ec:bdf::64 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

99 %
HTTPS

56 %
IPv6

8
Domains

12
Subdomains

9
IPs

4
Countries

1949 kB
Transfer

4410 kB
Size

5
Cookies

82 HTTP transactions
0 data transactions