www.tu.no Open in urlscan Pro
87.238.41.59 Public Scan

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tu.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 88090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 08:01:51 GMT

GET
H2 200 fontawesome-webfont.c8ddf1e5e5bf.woff
www.tu.no/assets/ 88 KB
89 KB 42ms
41ms Font
application/font-woff 87.238.41.59
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tu.no/assets/fontawesome-webfont.c8ddf1e5e5bf.woff
Requested by: Host: www.tu.no
URL: https://www.tu.no/assets/main.283571fa3bae916e6337.css?1657181663
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.238.41.59 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: adbc4f95eb6d7f2738959cf0ecbc374672fce47e856050a8e9791f457623ac2c

Request headers

Referer: https://www.tu.no/assets/main.283571fa3bae916e6337.css?1657181663
Origin: https://www.tu.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 00:22:10 GMT
via: 1.1 varnish (Varnish/6.0)
last-modified: Fri, 17 Jun 2022 11:51:31 GMT
server: nginx
age: 3226071
etag: "62ac6ac3-1612c"
x-cache: HIT #202835
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-src-webcache: fe02
accept-ranges: bytes
content-length: 90412
expires: Thu, 29 Jun 2023 00:22:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 538ms
85ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700|Roboto+Slab:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tu.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:49 GMT
x-content-type-options: nosniff
age: 171912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Aug 2023 08:44:49 GMT

GET
H2 200 main.283571fa3bae916e6337.js Show response
www.tu.no/assets/ 119 KB
47 KB 55ms
54ms Script
application/javascript 87.238.41.59
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tu.no/assets/main.283571fa3bae916e6337.js?1657181663&_=1657181663
Requested by: Host: www.tu.no
URL: https://www.tu.no/personvern
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.238.41.59 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 0107186198d047675f841fd03c4131d971734a69c21a3c4546aacbcf24b018d7

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/personvern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 08:21:16 GMT
content-encoding: gzip
age: 2506124
x-cache: HIT #189517
content-length: 47997
access-control-allow-origin: *
last-modified: Wed, 06 Jul 2022 12:19:25 GMT
server: nginx
x-src-webcache: fe02
etag: W/"62c57dcd-1da03"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish (Varnish/6.0)
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 07 Jul 2023 08:21:16 GMT

GET
H2 200 raven.min.js Show response
static.gfx.no/thirdparty/raven-3.17.0/ 25 KB
11 KB 66ms
52ms Script
application/javascript 87.238.41.59
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gfx.no/thirdparty/raven-3.17.0/raven.min.js?_=1657181663
Requested by: Host: www.tu.no
URL: https://www.tu.no/personvern
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.238.41.59 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: ef4abddf3acfe19af417aab12d98a8c96f7568d68a7cd1b04106afa1bf780176

Request headers

Referer: https://www.tu.no/
Origin: https://www.tu.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 08:20:30 GMT
content-encoding: gzip
age: 2506171
x-cache: HIT #193720
content-length: 10669
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 08:20:19 GMT
server: nginx
x-src-webcache: fe02
etag: W/"628de6c3-6252"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish (Varnish/6.0)
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 07 Jul 2023 08:20:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 526ms
73ms Script
text/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js?_=1657181663

Requested by

Host: www.tu.no
URL: https://www.tu.no/personvern

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2979
date: Fri, 05 Aug 2022 07:40:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 05 Aug 2022 09:40:22 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 580ms
148ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700|Roboto+Slab:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tu.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 130776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Aug 2023 20:10:25 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v24/ 32 KB
32 KB 583ms
171ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700|Roboto+Slab:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tu.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:06:46 GMT
x-content-type-options: nosniff
age: 256995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32860
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Aug 2023 09:06:46 GMT

GET
H2 200 / Show response
advert.single.no/ Frame C1E9 25 B
172 B 322ms
55ms Script
application/javascript 178.79.136.45
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://advert.single.no/
Requested by: Host: www.tu.no
URL: https://www.tu.no/personvern
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.79.136.45 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: ish.tumedia.no
Software: nginx/1.13.12 /
Resource Hash: b612053816e6b11a58a9cec3ec3130c621d701c5179326a4ce152e499be9011c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 08:30:01 GMT
cache-control: max-age=86400
content-type: application/javascript
server: nginx/1.13.12
x-robots-tag: noindex
content-length: 25
expires: Sat, 06 Aug 2022 08:30:01 GMT

GET
H2 200 jquery-3.2.0.min.js Show response
static.gfx.no/thirdparty/jquery-3.2.0/ 85 KB
35 KB 67ms
53ms Script
application/javascript 87.238.41.59
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gfx.no/thirdparty/jquery-3.2.0/jquery-3.2.0.min.js?_=1657181663
Requested by: Host: www.tu.no
URL: https://www.tu.no/personvern
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.238.41.59 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2

Request headers

Referer: https://www.tu.no/
Origin: https://www.tu.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 08:20:31 GMT
content-encoding: gzip
age: 2506170
x-cache: HIT #198676
content-length: 35082
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 08:20:19 GMT
server: nginx
x-src-webcache: fe02
etag: W/"628de6c3-15244"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish (Varnish/6.0)
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 07 Jul 2023 08:20:31 GMT

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 5AFB 684 B
768 B 187ms
187ms Document
text/html 96.16.143.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.143.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-143-74.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer: https://www.tu.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 379
Content-Type: text/html
Date: Fri, 05 Aug 2022 08:30:01 GMT
Expires: Mon, 15 Aug 2022 08:30:01 GMT
Last-Modified: Tue, 11 Jan 2022 07:21:04 GMT
Server: AkamaiNetStorage
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 5AFB 83 KB
27 KB 142ms
142ms Script
application/x-javascript 96.16.143.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.143.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-143-74.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b6864bdada069d9e3cee16d090651eb942cd22f5bca55d5a37802a092cdbf97c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 08:30:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Aug 2022 12:28:01 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26873
Expires: Fri, 05 Aug 2022 09:30:01 GMT

GET
H2 200 abtest.js Show response
static.gfx.no/js/neosites/ 5 KB
2 KB 54ms
54ms Script
application/javascript 87.238.41.59
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gfx.no/js/neosites/abtest.js?_=1657181663
Requested by: Host: www.tu.no
URL: https://www.tu.no/personvern
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.238.41.59 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 370a3dd781e9000f8dd605ab45c3e25601eafde2a9dfe4f178d648172449f1c0

Request headers

Referer: https://www.tu.no/
Origin: https://www.tu.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 08:20:30 GMT
content-encoding: gzip
age: 2506171
x-cache: HIT #154908
content-length: 1671
access-control-allow-origin: *
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: nginx
x-src-webcache: fe02
etag: W/"1dc09d84-15f2"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish (Varnish/6.0)
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 07 Jul 2023 08:20:30 GMT

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 5AFB 47 B
637 B 196ms
62ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 5ad3c1f362136d46285739fe8af37ff9ae24f8019b9b8f7614aebfff9da833b2

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 08:30:01 GMT
last-modified: Sat, 05 Feb 2022 08:30:01 GMT
server: Jetty(9.4.28.v20200408)
etag: 24r8w81djovws35xds8kha5aj5
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: private, proxy-revalidate
content-type: text/javascript;charset=utf-8
content-length: 47
expires: Sat, 05 Aug 2023 08:30:01 GMT

GET
H2 200 tinypass.min.js Show response
code.piano.io/api/ 304 KB
90 KB 446ms
52ms Script
application/javascript 104.16.240.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://code.piano.io/api/tinypass.min.js

Requested by

Host: www.tu.no
URL: https://www.tu.no/assets/main.283571fa3bae916e6337.js?1657181663&_=1657181663

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.240.21 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f24efb6fd73babf6bb134d6d93dee2e43cf609e4fa3d55cd51f18095480863f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 08:30:02 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 10596
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: K1ENSZC929RDCYQ7
x-amz-id-2: Kflgm8zmP+NVMeiYXK8ZqdzliR8xeSJMjWu9iDOrt93+hyaapYP74OITGslUPTm/cPD7Exth1n8=
last-modified: Wed, 27 Jul 2022 14:28:44 GMT
server: cloudflare
etag: W/"b2abf213adb145cc61c1658cae472509"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 735e2b1faddb0b51-OSL
expires: Fri, 05 Aug 2022 12:30:02 GMT

GET
H2 200 article.js Show response
static.gfx.no/js/neosites/ 17 KB
5 KB 49ms
49ms Script
application/javascript 87.238.41.59
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gfx.no/js/neosites/article.js?_=1657181663
Requested by: Host: www.tu.no
URL: https://www.tu.no/personvern
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.238.41.59 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: e6a178c5c725bb1350a241e0bf5f26f21afecb77ba93b5bbdcd0109e541d2a6d

Request headers

Referer: https://www.tu.no/
Origin: https://www.tu.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 08:20:30 GMT
content-encoding: gzip
age: 2506171
x-cache: HIT #154349
content-length: 5234
access-control-allow-origin: *
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: nginx
x-src-webcache: fe02
etag: W/"1dc09d84-436f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish (Varnish/6.0)
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 07 Jul 2023 08:20:30 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
143 B 80ms
79ms XHR
text/plain 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=853775765&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tu.no%2Fpersonvern&ul=en-us&de=UTF-8&dt=Personvern%20-%20Tu.no&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABCAAAAC~&jid=1638823702&gjid=192503984&cid=672482921.1659688202&tid=UA-54426-1&_gid=1344508087.1659688202&_r=1&_slc=1&cd1=not%20loggedin&z=1098723454

Requested by

Host: static.gfx.no
URL: https://static.gfx.no/thirdparty/raven-3.17.0/raven.min.js?_=1657181663

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tu.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 08:30:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tu.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 71ms
71ms Image
image/gif 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=853775765&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.tu.no%2Fpersonvern&ul=en-us&de=UTF-8&dt=Personvern%20-%20Tu.no&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=adblockcheck&ea=impression&el=adblocker&ev=0&_u=YEBAAEABCAAAAC~&jid=&gjid=&cid=672482921.1659688202&tid=UA-54426-1&_gid=1344508087.1659688202&cd1=not%20loggedin&cd2=false&z=170720193

Requested by

Host: www.tu.no
URL: https://www.tu.no/personvern

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 16:52:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56243
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ArticleFeed.js Show response
static.gfx.no/js/ 7 KB
2 KB 42ms
41ms Script
application/javascript 87.238.41.59
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gfx.no/js/ArticleFeed.js?_=1657181663
Requested by: Host: www.tu.no
URL: https://www.tu.no/personvern
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.238.41.59 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: cc427407f0d495890f07657c8d6a1349dd8e7251d626986694c366c009b1c027

Request headers

Referer: https://www.tu.no/
Origin: https://www.tu.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 08:20:33 GMT
content-encoding: gzip
age: 2506168
x-cache: HIT #153911
content-length: 1877
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 08:20:18 GMT
server: nginx
x-src-webcache: fe02
etag: W/"628de6c2-1ab4"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish (Varnish/6.0)
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 07 Jul 2023 08:20:33 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 510ms
64ms Script
application/x-javascript 2.21.20.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6ZGBVD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-160.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 08:30:02 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 23:25:22 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=79512
accept-ranges: bytes
content-length: 3085

GET
H2 200 s.js Show response
cdn.spinnaker-js.com/rc/36161/scripts/ 69 KB
21 KB 509ms
77ms Script
application/javascript 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.spinnaker-js.com/rc/36161/scripts/s.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6ZGBVD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0cf91f9f6b835a7d7f2aa8fa1ab6c9edba8ac90ae627a6bc693ee8c36e1e1d5

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 11:12:29 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 11:10:12 GMT
server: AmazonS3
age: 76775
etag: W/"a0334058fa6d8cb4d562f23a402429f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-meta-version: 6.19.19-0.4.0
x-amz-meta-previous: rc/36161/scripts/s-1659438610.js
x-amz-cf-pop: FRA56-P5
x-amz-meta-deployeddate: 2022-08-02 11:10:11
x-amz-cf-id: pKX-e72WOLBEMosTcBToewZKVfwldD_1iJELzp9OQ7Vtn7KU4bc3OQ==

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 70ms
69ms Image
image/gif 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=853775765&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.tu.no%2Fpersonvern&ul=en-us&de=UTF-8&dt=Personvern%20-%20Tu.no&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Consent&ea=Display&_u=aEBAAEABCAAAAC~&jid=&gjid=&cid=672482921.1659688202&tid=UA-54426-1&_gid=1344508087.1659688202&cd1=not%20loggedin&cd2=false&z=1269325738

Requested by

Host: www.tu.no
URL: https://www.tu.no/personvern

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 16:52:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56243
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 507ms
65ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.tu.no
URL: https://www.tu.no/personvern

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e04996bce115cd63369e3d421e8e6eedf08bac25392d0d30203a9ff1069b7785

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26463
x-xss-protection: 0
pragma: public
x-fb-debug: /Qu5KcVhSzugSxFSraMzMBHTELTH9US+2qFdUgblzLxNbA0EPVnfq4ZdJnaWlk8/IsUFwoQS5duhPsevAFHPFw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 05 Aug 2022 08:30:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
438 B 507ms
67ms XHR
text/plain 74.125.206.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54426-1&cid=672482921.1659688202&jid=1638823702&gjid=192503984&_gid=1344508087.1659688202&_u=YEBAAEAACAAAAC~&z=343303165

Requested by

Host: static.gfx.no
URL: https://static.gfx.no/thirdparty/raven-3.17.0/raven.min.js?_=1657181663

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tu.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Aug 2022 08:30:02 GMT
content-type: text/plain
access-control-allow-origin: https://www.tu.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 5AFB 43 B
467 B 193ms
66ms Image
image/gif 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.6.0&typ=pgv&rnd=l6g7i44v34wm83xs&sid=1128453474585288938&loc=https%3A%2F%2Fwww.tu.no%2Fpersonvern&new=1&arf=0&ltm=1659688201328&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=l6g7i45qhuvgg4vy&ckp=l6g7i44vbjgud217&glb=&cp_isSubscriber=false&cp_ver=2.47&cp_testGroup=79&cst=24r8w81djovws35xds8kha5aj5
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 08:30:02 GMT
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 117 B
689 B 191ms
65ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22l6g7i44vbjgud217%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%2224r8w81djovws35xds8kha5aj5%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%2224r8w81djovws35xds8kha5aj5%22%7D%5D%2C%22siteId%22%3A%221128453474585288938%22%2C%22location%22%3A%22https%3A%2F%2Fwww.tu.no%2Fpersonvern%22%7D&callback=cXJsonpCBl6g7i4liea1gmgez

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

eb8f8c57a406c1e4b4ae3d97814cd4f41bd78fe536131f51d0e430aae941e6b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 08:30:02 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 117
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 get.js Show response
buy-eu.piano.io/api/v3/anon/captcha/ 153 B
342 B 52ms
51ms Script
application/javascript 104.16.240.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-eu.piano.io/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=LrKbCTeXpe

Requested by

Host: code.piano.io
URL: https://code.piano.io/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.240.21 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be1341c982bf008445a84172845088f86af71fd75627ea83a6c378ca9ede9bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 08:30:02 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 150
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Xwgv4grLour
pragma
wn: prod-euc1-dash-10-4-144-16
last-modified: Fri, 05 Aug 2022 08:26:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.003
cache-control: public, max-age=14400
cf-ray: 735e2b206e750b51-OSL
expires: Fri, 05 Aug 2022 12:30:02 GMT

GET
H2 200 verify Show response
id-eu.piano.io/id/api/v1/identity/token/ 192 B
745 B 117ms
116ms Script
application/javascript 104.16.240.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id-eu.piano.io/id/api/v1/identity/token/verify?callback=jsonp9670&client_id=LrKbCTeXpe&site=https%3A%2F%2Fwww.tu.no

Requested by

Host: code.piano.io
URL: https://code.piano.io/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.240.21 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e5f471cab7deface7ab2a020ebeb9050fb2dc2c199dc8e4651b1d783f35c502

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 08:30:02 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: X2mv4gr82x5
pragma: no-cache
wn: prod-euc1-dash-10-4-144-16
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-time: 0.001
cf-ray: 735e2b20beca0b51-OSL
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1359994&time=1659688202394&url=https%3A%2F%2Fwww.tu.no%2Fpersonvern
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1359994%26time%3D1659688202394%26url%3Dhttps%253A%252F%252Fwww.tu.no%252Fpersonve...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1359994&time=1659688202394&url=https%3A%2F%2Fwww.tu.no%2Fpersonvern&liSync=true

0
162 B

239ms
239ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1359994&time=1659688202394&url=https%3A%2F%2Fwww.tu.no%2Fpersonvern&liSync=true
Requested by: Host: www.tu.no
URL: https://www.tu.no/personvern
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 08:30:02 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: C884B56858EC40DD98D141FE8AAB1428 Ref B: OSL30EDGE0521 Ref C: 2022-08-05T08:30:03Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXlekXNAxlSXH6FFWb8tw==
x-li-fabric: prod-lor1

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=t
x-content-type-options: nosniff
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXlekXJa06Q7G0tMp+whg==
pragma: no-cache
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 84D1B923EFF648ABB569148E67476962 Ref B: OSL30EDGE0521 Ref C: 2022-08-05T08:30:03Z
x-frame-options: sameorigin
date: Fri, 05 Aug 2022 08:30:02 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=31536000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1359994&time=1659688202394&url=https%3A%2F%2Fwww.tu.no%2Fpersonvern&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 552ms
95ms Image
image/gif 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54426-1&cid=672482921.1659688202&jid=1638823702&_u=YEBAAEAACAAAAC~&z=1855117794

Requested by

Host: www.tu.no
URL: https://www.tu.no/personvern

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 08:30:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.no/ads/ 42 B
501 B 556ms
100ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54426-1&cid=672482921.1659688202&jid=1638823702&_u=YEBAAEAACAAAAC~&z=1855117794

Requested by

Host: www.tu.no
URL: https://www.tu.no/personvern

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 08:30:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 191079518139197 Show response
connect.facebook.net/signals/config/ 293 KB
85 KB 307ms
307ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/191079518139197?v=2.9.71&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

36baeb609a7d4004873282886d17ad18bd66bb6e9ebf76a8a8ebc2d3f9dacda7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: otUeYpf8BUQVGdjOzrXHXDTsMyJjbGS6fmf/lw7POjliWN9nwMz2XWnIL1DyrfLpwUd0owfs/O+JEBhsX2aMxA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 05 Aug 2022 08:30:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1659688202690
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 execute Show response
c2-eu.piano.io/xbuilder/experience/ 3 KB
1 KB 85ms
84ms XHR
application/json 104.16.240.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2-eu.piano.io/xbuilder/experience/execute?aid=LrKbCTeXpe

Requested by

Host: static.gfx.no
URL: https://static.gfx.no/thirdparty/raven-3.17.0/raven.min.js?_=1657181663

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.240.21 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1d8adee139e7eb8a945ec11e34cde52418bed8b2ec1b34e073bd5b83cf85b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.tu.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 05 Aug 2022 08:30:02 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: t7whnsc2k7
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.tu.no
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 735e2b218f880b51-OSL

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 502ms
64ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=191079518139197&ev=PageView&dl=https%3A%2F%2Fwww.tu.no%2Fpersonvern&rl=&if=false&ts=1659688202827&sw=1600&sh=1200&v=2.9.71&r=stable&ec=0&o=30&fbp=fb.1.1659688202826.1084880550&it=1659688202421&coo=false&rqm=GET

Requested by

Host: www.tu.no
URL: https://www.tu.no/personvern

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 08:30:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 05 Aug 2022 08:30:03 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 63ms
63ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=191079518139197&ev=Microdata&dl=https%3A%2F%2Fwww.tu.no%2Fpersonvern&rl=&if=false&ts=1659688203331&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Personvern%20-%20Tu.no%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Personvern%22%2C%22og%3Asite_name%22%3A%22Tu.no%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.71&r=stable&ec=1&o=30&fbp=fb.1.1659688202826.1084880550&it=1659688202421&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.tu.no
URL: https://www.tu.no/personvern

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 08:30:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 05 Aug 2022 08:30:03 GMT

GET
H2 200 kindly-chat.js Show response
chat.kindlycdn.com/ 249 KB
82 KB 440ms
51ms Script
application/javascript 104.26.6.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.kindlycdn.com/kindly-chat.js
Requested by: Host: cdn.spinnaker-js.com
URL: https://cdn.spinnaker-js.com/rc/36161/scripts/s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e565e27d686a7ca71abad9c8725c93e5b16f5c764b2a998b4b618cea844fe7ca

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-goog-hash: crc32c=mK81gQ==, md5=tkx8XqRV18HIuj6HFTfIRA==
date: Fri, 05 Aug 2022 08:30:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1656592029
age: 1401
x-guploader-uploadid: ADPycdtvRsRccowbtYYHaUByX0Tuq2pmS3WdcguiwQUa_YuL0-Rh9e4N22bPtUtLmr3J-gegnovD7Y7gd245byb3yMosTbLiD8zi
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Thu, 30 Jun 2022 12:27:15 GMT
server: cloudflare
etag: W/"b64c7c5ea455d7c1c8ba3e871537c844"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3EQWeWkZhtAjLKqWwELaoH84ipd%2FxQUquyMGmkcjZdvZzgWoBE%2B2MDhEg8GT0CAiTJNTuNLMJqVoj1kSWIjI7nJYjHR0CpCz%2Bjg95VCHxOHJK4oGJMcQQxL1wYrv033a6WAu2g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1656592035036015
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=1800
x-goog-meta-kindly-chat-version: v2.36.1
x-goog-stored-content-length: 255260
cf-ray: 735e2b29e8ddb515-OSL
expires: Fri, 05 Aug 2022 08:33:00 GMT

POST
H2 200 /
apil1.spinnaker-js.com/ 0
265 B 235ms
70ms Ping
text/plain 3.248.100.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apil1.spinnaker-js.com/
Requested by: Host: cdn.spinnaker-js.com
URL: https://cdn.spinnaker-js.com/rc/36161/scripts/s.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.100.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-100-250.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tu.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 05 Aug 2022 08:30:03 GMT
server: nginx/1.20.0
access-control-max-age: 31536000
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://www.tu.no
access-control-allow-credentials: false
access-control-allow-headers: content-type, accept, X-Requested-With, X-HTTP-Method-Override, data, X-UA-Compatible
content-length: 0

GET
H2 200 KindlyChat-ea0cd2fc962df985642b.js Show response
chat.kindlycdn.com/ 455 KB
103 KB 57ms
57ms Script
application/javascript 104.26.6.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.kindlycdn.com/KindlyChat-ea0cd2fc962df985642b.js
Requested by: Host: chat.kindlycdn.com
URL: https://chat.kindlycdn.com/kindly-chat.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 615fe220dd30afe39c3753278b825b36044d1e15fb2553ce449bfbe6347a5939

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-goog-hash: crc32c=Nca5VA==, md5=f063phWkL6/TOHNTmisw2Q==
date: Fri, 05 Aug 2022 08:30:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1656592029
age: 1747
x-guploader-uploadid: ADPycdt3yF5aAGilkszUmVXnaN-cZ8h-v6jLD4THmRkA_9su8EGvJfH4wbbLmAnYdG0ElwP8yAYBOJ9CCvyHN_KG3ClAVG-u8hxf
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Thu, 30 Jun 2022 12:27:15 GMT
server: cloudflare
etag: W/"7f4eb7a615a42fafd33873539a2b30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MesK3aFrtLnw6hredkEfBYTulOxMcNirc2pyrMBsB2Et11T9Jq1vG1tws6gofmt2DboQm1CYSzcKYdTFER91WP8qV0dBXNdpctu8IE1PUcK%2BCG7daZMfr4stiPeDrcCHYtzag%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1656592035004191
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=1800
x-goog-meta-kindly-chat-version: v2.36.1
x-goog-stored-content-length: 465780
cf-ray: 735e2b2aa9c6b515-OSL
expires: Fri, 05 Aug 2022 08:22:53 GMT

GET
H2 200 da01dd86-75e2-4762-a7e7-206add4d2a33.json Show response
chat.kindlycdn.com/settings/ 9 KB
4 KB 466ms
80ms XHR
application/json 104.26.6.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.kindlycdn.com/settings/da01dd86-75e2-4762-a7e7-206add4d2a33.json?version=2.36.1&kindly-chat-browser-id=531b4b6b-47fd-4965-b77d-ae88e2719ddf
Requested by: Host: static.gfx.no
URL: https://static.gfx.no/thirdparty/raven-3.17.0/raven.min.js?_=1657181663
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 370a76874fe940d35d9f28c6f80f3fe8ccd16327f9a2a6a26c9426a77c671152

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.tu.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-goog-hash: crc32c=xxYsTw==, md5=2o8WIBfwGI/TKZoh0IrQSQ==
date: Fri, 05 Aug 2022 08:30:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdtU-PoMsc5oouxRF7set5GODFSKc0DYizXv9Aj1nbkU2JvDSoXeQNREZnKlJykhH3VPp7Eqj8wCqeuOI-vC1tlqVQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/json
last-modified: Mon, 01 Aug 2022 04:32:49 GMT
server: cloudflare
etag: W/"da8f162017f0188fd3299a21d08ad049"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXSrIH87XZBXlHpJ3uVo1yAeM4NR%2FbZBGlaJdX%2BV3uVG9n2%2FwXQ5gWIXn%2Fw%2BQewCog1saKnbqxfG%2F2jOLQ%2FuDeCn%2BM7Z4hmby1yx4El%2BBC%2BENedbhwCgYrjr5q5CEGTeZCsFEw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1659328369854276
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=0
x-goog-stored-content-length: 8751
cf-ray: 735e2b2dae8ab509-OSL
expires: Fri, 05 Aug 2022 08:30:04 GMT

GET
H2 200 dfp.js Show response
static.gfx.no/js/ 14 KB
4 KB 47ms
47ms Script
application/javascript 87.238.41.59
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gfx.no/js/dfp.js?_=1657181663
Requested by: Host: www.tu.no
URL: https://www.tu.no/personvern
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.238.41.59 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: d30a2603cfba8f4feee625e789427aa4220d111a582acbe75010d9abad119af3

Request headers

Referer: https://www.tu.no/
Origin: https://www.tu.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 08:20:31 GMT
content-encoding: gzip
age: 2506172
x-cache: HIT #122253
content-length: 4066
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 08:20:18 GMT
server: nginx
x-src-webcache: fe02
etag: W/"628de6c2-391f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish (Varnish/6.0)
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 07 Jul 2023 08:20:31 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 533ms
83ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: static.gfx.no
URL: https://static.gfx.no/js/dfp.js?_=1657181663

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7026a116f333c45322d901662379c8de42d5f151c910852fce18ba4e7e294266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 08:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28612
x-xss-protection: 0
server: sffe
etag: "1294 / 828 of 1000 / last-modified: 1659651030"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 Aug 2022 08:30:04 GMT

GET
H2 200 pubads_impl_2022080101.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
130 KB 84ms
70ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5910455615630589802ca15818aa163322871e6468f06a3660c53d6ab2936bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 08:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132749
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 16:11:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 05 Aug 2023 08:15:06 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 58 B
702 B 243ms
81ms XHR
application/json 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.tu.no

Requested by

Host: static.gfx.no
URL: https://static.gfx.no/thirdparty/raven-3.17.0/raven.min.js?_=1657181663

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

c107f77c18308a156b23b852b45332fc4bd5043300d01eb6f5fa4ae79f34dc05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 08:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66
x-xss-protection: 0
expires: Fri, 05 Aug 2022 08:30:04 GMT

GET
H2 200 integrator.js Show response
adservice.google.no/adsid/ 107 B
792 B 609ms
84ms Script
application/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.no/adsid/integrator.js?domain=www.tu.no

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 08:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 532ms
79ms Script
application/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tu.no

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 08:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
19 KB 310ms
309ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1215520148698666&correlator=928488999382849&eid=31068501%2C42531605&output=ldjh&gdfp_req=1&vrg=2022080101&ptt=17&impl=fif&iu_parts=33423651%2Ctu_f_toppbanner&enc_prev_ius=%2F0%2F1&prev_iu_szs=1000x400%7C1000x300%7C1000x150%7C1000x120%7C980x300%7C980x150%7C480x150&ifi=1&adks=3456592328&sfv=1-0-38&fsapi=false&cust_params=env%3Dproduction%26site%3DTu.no%26section%3Dsite%26keywords%3D%26Userrole%3Dguest&sc=1&cookie_enabled=1&abxe=1&dt=1659688204959&lmt=1659688204&dlt=1659688200615&idt=4304&adxs=300&adys=140&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.tu.no%2Fpersonvern&frm=20&vis=1&psz=1600x303&msz=1000x300&fws=4&ohw=1600&ga_vid=672482921.1659688202&ga_sid=1659688205&ga_hid=853775765&ga_fc=true

Requested by

Host: static.gfx.no
URL: https://static.gfx.no/thirdparty/raven-3.17.0/raven.min.js?_=1657181663

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4385a752a7898a4a6a73592abf1369a1a77b88445754bbf004a9fad400a0beaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 08:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19143
x-xss-protection: 0
google-lineitem-id: 6049241882
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138397468796
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tu.no
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 418 B
400 B 639ms
638ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1215520148698666&correlator=928488999382849&eid=31068501%2C42531605&output=ldjh&gdfp_req=1&vrg=2022080101&ptt=17&impl=fif&iu_parts=33423651%2Ctu_skyskraper&enc_prev_ius=%2F0%2F1&prev_iu_szs=180x500%7C160x600%7C180x501&ifi=2&adks=1802943835&sfv=1-0-38&fsapi=false&cust_params=env%3Dproduction%26site%3DTu.no%26section%3Dsite%26keywords%3D%26Userrole%3Dguest&sc=1&cookie_enabled=1&abxe=1&dt=1659688204962&lmt=1659688204&dlt=1659688200615&idt=4304&adxs=1310&adys=484&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.tu.no%2Fpersonvern&frm=20&vis=1&psz=180x14&msz=180x1&fws=4&ohw=1600&ga_vid=672482921.1659688202&ga_sid=1659688205&ga_hid=853775765&ga_fc=true

Requested by

Host: static.gfx.no
URL: https://static.gfx.no/thirdparty/raven-3.17.0/raven.min.js?_=1657181663

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

621aef4a3bc94a6c12acd021e007ede69ee76bf995e3bab5ba6c938bbfd864cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 08:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 223
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tu.no
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 426 B
736 B 302ms
302ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1215520148698666&correlator=928488999382849&eid=31068501%2C42531605&output=ldjh&gdfp_req=1&vrg=2022080101&ptt=17&impl=fif&iu_parts=33423651%2Ctu_skyskraper_venstre&enc_prev_ius=%2F0%2F1&prev_iu_szs=180x500%7C160x600%7C180x501&ifi=3&adks=3332914972&sfv=1-0-38&fsapi=false&cust_params=env%3Dproduction%26site%3DTu.no%26section%3Dsite%26keywords%3D%26Userrole%3Dguest&sc=1&cookie_enabled=1&abxe=1&dt=1659688204964&lmt=1659688204&dlt=1659688200615&idt=4304&adxs=110&adys=484&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.tu.no%2Fpersonvern&frm=20&vis=1&psz=180x14&msz=180x1&fws=4&ohw=1600&ga_vid=672482921.1659688202&ga_sid=1659688205&ga_hid=853775765&ga_fc=true

Requested by

Host: static.gfx.no
URL: https://static.gfx.no/thirdparty/raven-3.17.0/raven.min.js?_=1657181663

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c64926b6a8f030b918372ebb695d976ee96293aa985200a1df08ebb4198ad8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 08:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tu.no
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 561ms
100ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080101&st=env

Requested by

Host: static.gfx.no
URL: https://static.gfx.no/thirdparty/raven-3.17.0/raven.min.js?_=1657181663

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

13028553828f3b3fee180199bfe08c28bde16b5e0edf48b2b9a8d44224029054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 08:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10775
x-xss-protection: 0

GET container.html
c7c9b9be72bd0a61840f24dc1691dcfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5D9B 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 133ms
132ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8ca5U3i3FcV3Ptp7Apca7koPjKTgHDPKJTWDG9LREYw2MrM1m1vtkdvdOnJKA9SxKAjCD0jFJtLy2c2X-mOMVuivoKRcyPoL3coMDUO0Mrds7e1bhnmCPUnluE3UGF60rRGmWGWHLO1Qv95x7nna_2xRpK7ii3IapZloq3bFMSS4pXhmJqRSP6N2qSDPjUzAGhpmYkmF8UDZpRAd4dDEVw4WIwm-0bPH8X92idCKU00KT2tP7vtAlIzQkE1TM44fNKvNjG6rcJVS3qaeJ_QdZkXciLXNnyI2lFfri6BnJ7tfSVZMpcckq0MSaGXg&sai=AMfl-YQz5qJrl2Es-rpR4IvGkOiE9oZxbzRiE4i0t5h1r9XSntSwqxfDCYvtxoWM1NBM4dGWefQj2JjPOT-JaUcZ9v3l8kV_k58ws5cF-AZAygP1&sig=Cg0ArKJSzC29Dww3rUQzEAE&uach_m=[UACH]&adurl=

Requested by

Host: static.gfx.no
URL: https://static.gfx.no/thirdparty/raven-3.17.0/raven.min.js?_=1657181663

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 08:30:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 05 Aug 2022 08:30:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/ 23 KB
10 KB 534ms
71ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7ab9890a6f19a23e54ec4cbdcd914544912ae2860f5eb4beddc625009ebe85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tu.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 05 Aug 2022 08:20:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 549
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9503
x-xss-protection: 0
server: cafe
etag: 7252816286414963076
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Aug 2022 08:20:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ 3 KB
1 KB 541ms
78ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 07:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Aug 2022 07:40:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 139 KB
43 KB 79ms
79ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tu.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 05 Aug 2022 08:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43822
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659527892023609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Aug 2022 08:30:05 GMT

GET
H2 200 11623684674591531240
tpc.googlesyndication.com/simgad/ 93 KB
93 KB 546ms
83ms Image
image/png 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11623684674591531240

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e74ef0c53cf42e0bc3bc0672fcd7fab09f86a570324b66e69ff3978a896607b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 13:55:31 GMT
x-content-type-options: nosniff
age: 412474
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94851
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 10:25:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 31 Jul 2023 13:55:31 GMT

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 711be50f8792f310010bcaf03d776d1a274b6af0383f8f8318fa5e0aa76c80ba

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 265ms
111ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstt9_k7jAj7BqEN3mdBInR43lrBTf0VrGyF_we_mtGkByMvp7azHFvLdgWJsvZPI5yWoOb8S0d_aFaVsv_K73IQQn8UH8_sxXAcYhJ_DIBi4aNuMOk33lvy3HsLdhrQ8oooHgw1SpsQhE4ujCWeXQLq_gkfNWSa7I6TYfz9VTCpGiPPlF6IUsPMBdmiHHNssjbgI61Ad_XrNmu5ziLJqEeuPMzQX_loqsENFvRUBAfzkD69TjY7RT8P1ZytOx_cv6yo2kxipben7vJz6Rf443tbpAyOF780g5E8jxAnr0nDZO8e5qb6yucN1IaCgTrtlA&sai=AMfl-YSCTsnRiLXNJ76ld8qhf5dB_4Q2ZzuXSjwJBTPTmS7TU1J--55BJdy9-azgK_NhMC2ZbmdQPa-jD7QTh4ywNsNOFcC-jmSv8Sg3KhDZ9rdO&sig=Cg0ArKJSzC6LPQMNDerwEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: static.gfx.no
URL: https://static.gfx.no/thirdparty/raven-3.17.0/raven.min.js?_=1657181663

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 08:30:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 05 Aug 2022 08:30:06 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 543ms
242ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.tu.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 08:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Aug 2022 08:30:06 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B2CC 13 KB
5 KB 374ms
73ms Document
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS