booking.finnlines.com Open in urlscan Pro
2600:9000:20ab:9800:3:27af:5980:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://booking.finnlines.com/
Effective URL:
https://booking.finnlines.com/
Submission: On September 12 via manual (September 12th 2023, 5:58:41 pm UTC) from FI — Scanned from FI

Summary HTTP 52 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 15 domains to perform 52 HTTP transactions. The main IP is 2600:9000:20ab:9800:3:27af:5980:93a1, located in United States and belongs to AMAZON-02, US. The main domain is booking.finnlines.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 12th 2023. Valid for: a year.

This is the only time booking.finnlines.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:20a... 2600:9000:20ab:4a00:3:27af:5980:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:20a... 2600:9000:20ab:9800:3:27af:5980:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2606:4700:440... 2606:4700:4400::6812:2894	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	65.9.86.27 65.9.86.27	16509 (AMAZON-02) (AMAZON-02)
1	108.156.60.58 108.156.60.58	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3 7	18.159.191.207 18.159.191.207	16509 (AMAZON-02) (AMAZON-02)
4	18.238.243.36 18.238.243.36	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	13.227.219.120 13.227.219.120	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1 2	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
52	19

1 2600:9000:20ab:4a00:3:27af:5980:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

booking.finnlines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:20ab:9800:3:27af:5980:93a1 (United States)

ASN16509 (AMAZON-02, US)

booking.finnlines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:4400::6812:2894 (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.86.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-27.ams1.r.cloudfront.net

dm3xyy44wbeivgqmeymvmw22be.appsync-api.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-58.ams1.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.159.191.207 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-191-207.eu-central-1.compute.amazonaws.com

app.readpeak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.238.243.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-36.ams58.r.cloudfront.net

a.storyblok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-120.ams54.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.141 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	cookiepro.com cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 7789	152 KB
9	finnlines.com 1 redirects booking.finnlines.com	901 KB
7	readpeak.com 3 redirects app.readpeak.com — Cisco Umbrella Rank: 56245	3 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	290 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 98 googleads.g.doubleclick.net — Cisco Umbrella Rank: 47 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	3 KB
4	storyblok.com a.storyblok.com — Cisco Umbrella Rank: 32706	7 KB
3	google.no www.google.no — Cisco Umbrella Rank: 25416	669 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2787 www.google.com — Cisco Umbrella Rank: 2	820 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 44 region1.google-analytics.com — Cisco Umbrella Rank: 2288	21 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 268	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 905 script.hotjar.com — Cisco Umbrella Rank: 1125	59 KB
2	amazonaws.com dm3xyy44wbeivgqmeymvmw22be.appsync-api.eu-central-1.amazonaws.com	1 KB
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 1165	90 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 151	18 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 678	307 B
52	15

	Domain	Requested by
11	cookie-cdn.cookiepro.com	booking.finnlines.com cookie-cdn.cookiepro.com
9	booking.finnlines.com	1 redirects booking.finnlines.com
7	app.readpeak.com	3 redirects booking.finnlines.com
5	www.googletagmanager.com	booking.finnlines.com www.googletagmanager.com
4	a.storyblok.com	booking.finnlines.com
3	www.google.no	booking.finnlines.com
2	ib.adnxs.com	1 redirects
2	www.google.com	booking.finnlines.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	dm3xyy44wbeivgqmeymvmw22be.appsync-api.eu-central-1.amazonaws.com	booking.finnlines.com
1	cm.g.doubleclick.net	1 redirects
1	sync.taboola.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	script.hotjar.com	static.hotjar.com
1	region1.analytics.google.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	geolocation.onetrust.com	cookie-cdn.cookiepro.com
52	20

This site contains links to these domains. Also see Links.

Domain
www.finnlines.com
www.cookiepro.com

Subject Issuer	Validity	Valid
*.booking.finnlines.com Amazon RSA 2048 M02	`2023-07-12` - `2024-08-09`	a year	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2023-03-20` - `2024-03-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.appsync-api.eu-central-1.amazonaws.com Amazon RSA 2048 M01	`2023-03-01` - `2024-01-05`	10 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.readpeak.com Amazon RSA 2048 M01	`2023-04-05` - `2023-11-15`	7 months	crt.sh
*.storyblok.com Amazon RSA 2048 M02	`2023-08-17` - `2024-09-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.no GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://booking.finnlines.com/
Frame ID: 2DF8E5B593073DAD66B58F4A326827A2
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Finnlines BookingFinnlinesBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://booking.finnlines.com/ HTTP 301
https://booking.finnlines.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Page Statistics

52
Requests

94 %
HTTPS

55 %
IPv6

15
Domains

20
Subdomains

19
IPs

4
Countries

1456 kB
Transfer

4506 kB
Size

16
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.finnlines.com/
Title: Finnlines

Search URL Search Domain Scan URL

URL: https://www.finnlines.com/ferry-trips
Title: Finnlines Plc

Search URL Search Domain Scan URL

URL: https://www.finnlines.com/dataprivacy
Title: Data Privacy

Search URL Search Domain Scan URL

URL: https://www.finnlines.com/ferry-trips/contact/call-centers
Title: booked via call center

Search URL Search Domain Scan URL

URL: https://www.finnlines.com/freight/freight-inquiry
Title: booked via freight department

Search URL Search Domain Scan URL

URL: https://www.finnlines.com/company/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.cookiepro.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://booking.finnlines.com/ HTTP 301
https://booking.finnlines.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://app.readpeak.com/cs/apnxs HTTP 302
https://ib.adnxs.com/setuid?entity=435&code=4gfbA75ZgVi7SVIy HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D435%26code%3D4gfbA75ZgVi7SVIy

Request Chain 49

https://app.readpeak.com/cs/tbl HTTP 302
https://sync.taboola.com/sg/readpeak-network/1/rtb-h/?taboola_hm=4gfbA75ZgVi7SVIy

Request Chain 50

https://app.readpeak.com/cs/adx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=read_peak_oy&google_hm=4gfbA75ZgVi7SVIy HTTP 302
https://app.readpeak.com/cs/adx?id=

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
booking.finnlines.com/
Redirect Chain

http://booking.finnlines.com/
https://booking.finnlines.com/

2 KB
1 KB

289ms
128ms

Document
text/html

2600:9000:20ab:9800:3:27af:5980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.finnlines.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:9800:3:27af:5980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63be0f68f6af1a68e2d3312d7a3bf1b3af73c1d9ccc573f22af7042c8a3f8ab6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 12 Sep 2023 17:58:35 GMT
etag: W/"014cc18ee8f4b0e95711b1bb3c2e6028"
last-modified: Mon, 11 Sep 2023 08:57:21 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 ecbb6ac82f8f6ff46460b69097d121ec.cloudfront.net (CloudFront)
x-amz-cf-id: tpFP9ds7BVw7C1cjw8bdbuHl4AvX9plJIV3u2ZCH6dJZhIYfWiSHwg==
x-amz-cf-pop: AMS58-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Tue, 12 Sep 2023 17:58:34 GMT
Location: https://booking.finnlines.com/
Server: CloudFront
Via: 1.1 8be6e843d0ee8ff03a0a07d811ce5bf8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 6ovl3YJJ33b6mJq5IQCwFtiU_NIqFDU-_za_uw9Iv2bJfEJeB50yxg==
X-Amz-Cf-Pop: AMS58-P3
X-Cache: Redirect from cloudfront

GET
H2 200 OtAutoBlock.js Show response
cookie-cdn.cookiepro.com/consent/8217c2b4-651f-4233-9cc2-ad9893e6c6c6/ 8 KB
3 KB 213ms
78ms Script
application/x-javascript 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/8217c2b4-651f-4233-9cc2-ad9893e6c6c6/OtAutoBlock.js

Requested by

Host: booking.finnlines.com
URL: https://booking.finnlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e37305c505e0a55cc1e7d7482c80ffecf0a86a2f6641b3db0e71a2d920924974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Sep 2023 17:58:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: p24Tgd7aOc5R60Kr4C+LPw==
age: 6119
x-ms-lease-status: unlocked
last-modified: Wed, 30 Aug 2023 08:38:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8bf4f208-e01e-0057-371d-db967e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 805a0a149dd41c16-OSL

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 21 KB
7 KB 211ms
77ms Script
application/javascript 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: booking.finnlines.com
URL: https://booking.finnlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e181730c1a666b38b299b81ead525f7fec078ff980360b4c032e75b9802ebf0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Sep 2023 17:58:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: 7EncTFplbWDUpOxlbB9/Qg==
age: 20003
x-ms-lease-status: unlocked
last-modified: Thu, 31 Aug 2023 01:28:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 069ae1bd-901e-0010-2535-dcfd25000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 805a0a149dd51c16-OSL
expires: Wed, 13 Sep 2023 17:58:34 GMT

GET
H2 200 main.d2c9603d.js Show response
booking.finnlines.com/static/js/ 2 MB
561 KB 100ms
99ms Script
application/javascript 2600:9000:20ab:9800:3:27af:5980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.finnlines.com/static/js/main.d2c9603d.js
Requested by: Host: booking.finnlines.com
URL: https://booking.finnlines.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:9800:3:27af:5980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54170df5901cc02b7a1b874e837e334e27655a3d0ccd910c418ec2dd947cee12

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:58:35 GMT
content-encoding: gzip
via: 1.1 ecbb6ac82f8f6ff46460b69097d121ec.cloudfront.net (CloudFront)
last-modified: Mon, 11 Sep 2023 08:50:17 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 1
x-amz-server-side-encryption: AES256
etag: W/"9896d000c0a3b4f12d6e1084a9fd5d91"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: goUwvNq2Sc_WbH8659Uxedce86-6ADf-wMxvtVNBuHsKMJtJIfTcWw==

GET
H2 200 main.e6c13ad2.css
booking.finnlines.com/static/css/ 337 B
706 B 137ms
136ms Stylesheet
text/css 2600:9000:20ab:9800:3:27af:5980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.finnlines.com/static/css/main.e6c13ad2.css
Requested by: Host: booking.finnlines.com
URL: https://booking.finnlines.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:9800:3:27af:5980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 439b3301299d2f3614d9ede61bceaeb7d023f5975147e08f33d6e4ca82cfed56

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:58:35 GMT
via: 1.1 ecbb6ac82f8f6ff46460b69097d121ec.cloudfront.net (CloudFront)
last-modified: Fri, 11 Aug 2023 06:43:23 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
x-amz-server-side-encryption: AES256
etag: "9f6fd7b89af737fe9ff6849a58501b1b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 337
x-amz-cf-id: 0vL9Ok3ZlVT5Oukw1Q4ZjJETkKQ9NSFIjFkBL7QcD0scHDI5G5CNAQ==

GET
H2 200 8217c2b4-651f-4233-9cc2-ad9893e6c6c6.json Show response
cookie-cdn.cookiepro.com/consent/8217c2b4-651f-4233-9cc2-ad9893e6c6c6/ 5 KB
2 KB 207ms
85ms XHR
application/x-javascript 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/8217c2b4-651f-4233-9cc2-ad9893e6c6c6/8217c2b4-651f-4233-9cc2-ad9893e6c6c6.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fb56136469f547e6702281e3e75f03720edaafe01986100145e9681b7fca8c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Sep 2023 17:58:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: czWiH+NmPATudXz9ni2ZkQ==
age: 10
x-ms-lease-status: unlocked
last-modified: Wed, 30 Aug 2023 08:38:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bd3c5943-401e-002c-5bd0-dbd4e2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 805a0a160f82b524-OSL

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 349 KB
109 KB 285ms
116ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P37G4N&gtm_auth=wqPFzUlb6rm8XAWLPP5AAQ&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: booking.finnlines.com
URL: https://booking.finnlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1bdb6bb2c82d1aace52a77afac78b2b0580c3df9da6cd4cd9c4072067b72991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:58:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111366
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
307 B 201ms
75ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ffe7c7eed20900652605eab522ac9cf7fbd5040686e2ed6f1bc6b22008f1b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://booking.finnlines.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:58:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 805a0a17599c5697-OSL
access-control-allow-headers: Content-Type

OPTIONS
H2 200 graphql
dm3xyy44wbeivgqmeymvmw22be.appsync-api.eu-central-1.amazonaws.com/ 0
0 272ms
100ms Preflight 65.9.86.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dm3xyy44wbeivgqmeymvmw22be.appsync-api.eu-central-1.amazonaws.com/graphql
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-27.ams1.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-amz-user-agent,x-api-key
Access-Control-Request-Method: POST
Origin: https://booking.finnlines.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-amz-user-agent,x-api-key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
access-control-max-age: 172800
content-length: 0
date: Tue, 12 Sep 2023 17:58:35 GMT
via: 1.1 682270ef163d219cc7a50d1af232b97e.cloudfront.net (CloudFront)
x-amz-cf-id: mmCmwiUq1pGa6URSJe3D8tHziHtrjzOPGWWAU5wDeVf90n6AWJnFNA==
x-amz-cf-pop: AMS1-C1
x-amzn-requestid: 5c9fe2f1-7340-4c2a-91e7-ba3da211ea69
x-cache: Miss from cloudfront

GET
DATA 200
OK truncated
/ 615 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52a98255bab9298212f8de0a4458afbb682fdcf374f695c07ebb4f15f91d1073

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 RobotoSlab-Bold.089d000685d42bf60362.woff2
booking.finnlines.com/static/media/ 51 KB
52 KB 124ms
124ms Font
font/woff2 2600:9000:20ab:9800:3:27af:5980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.finnlines.com/static/media/RobotoSlab-Bold.089d000685d42bf60362.woff2
Requested by: Host: booking.finnlines.com
URL: https://booking.finnlines.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:9800:3:27af:5980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c4019b50989160946cafdbbac91cb10408080bb153a3d6f202a730126840999

Request headers

Referer: https://booking.finnlines.com/en
Origin: https://booking.finnlines.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:58:36 GMT
via: 1.1 ecbb6ac82f8f6ff46460b69097d121ec.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 13:07:49 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
x-amz-server-side-encryption: AES256
etag: "371721915b6bc8175fd0bab50b002b03"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: font/woff2
accept-ranges: bytes
content-length: 52556
x-amz-cf-id: xOhOiaBTumO0XlH5Fwll4kAzbZqtSKhvS-Bdnxf5pJ_FnJ2K4P4iLg==

GET
H2 200 SourceSansPro-Regular.f3856e90a1237cd7f03a.woff2
booking.finnlines.com/static/media/ 75 KB
76 KB 148ms
148ms Font
font/woff2 2600:9000:20ab:9800:3:27af:5980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.finnlines.com/static/media/SourceSansPro-Regular.f3856e90a1237cd7f03a.woff2
Requested by: Host: booking.finnlines.com
URL: https://booking.finnlines.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:9800:3:27af:5980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a577ef6bc32e9fb5981b5f75f712fbe2ab208ed841905b06fc41dc943c7ef1dd

Request headers

Referer: https://booking.finnlines.com/en
Origin: https://booking.finnlines.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:58:36 GMT
via: 1.1 ecbb6ac82f8f6ff46460b69097d121ec.cloudfront.net (CloudFront)
last-modified: Fri, 11 Aug 2023 06:43:23 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
x-amz-server-side-encryption: AES256
etag: "2dcbd94d72a987eaab471ff35cae014d"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: font/woff2
accept-ranges: bytes
content-length: 77280
x-amz-cf-id: 2TMM28iTsvaompRGL_Xp2jid6tNb34OZFMYuDGvzkE6rajTCeS4WnQ==

GET
H2 200 SourceSansPro-SemiBold.f7665dd823b3a8d2b739.woff2
booking.finnlines.com/static/media/ 74 KB
75 KB 129ms
128ms Font
font/woff2 2600:9000:20ab:9800:3:27af:5980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.finnlines.com/static/media/SourceSansPro-SemiBold.f7665dd823b3a8d2b739.woff2
Requested by: Host: booking.finnlines.com
URL: https://booking.finnlines.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:9800:3:27af:5980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c48671613b1a7f4fadb2d10a293aeeab096cd07c3b88361f5de6c79e7cbe3296

Request headers

Referer: https://booking.finnlines.com/en
Origin: https://booking.finnlines.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:58:36 GMT
via: 1.1 ecbb6ac82f8f6ff46460b69097d121ec.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 13:07:49 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
x-amz-server-side-encryption: AES256
etag: "e79e67e216c738dfb71dcd582108bbf7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: font/woff2
accept-ranges: bytes
content-length: 76252
x-amz-cf-id: TaNirINYAo1WO4EsZiRjw9JcWGYFz-dtBzHoVlTrPVgszXIqKdThFA==

GET
H2 200 SourceSansPro-Bold.57eccb071b3ed4a7fd1e.woff2
booking.finnlines.com/static/media/ 74 KB
75 KB 134ms
133ms Font
font/woff2 2600:9000:20ab:9800:3:27af:5980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.finnlines.com/static/media/SourceSansPro-Bold.57eccb071b3ed4a7fd1e.woff2
Requested by: Host: booking.finnlines.com
URL: https://booking.finnlines.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:9800:3:27af:5980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 930c6947e838cb06c9b524e6ee87b7ef8fde41122b8fe07af5d973696227b5ba

Request headers

Referer: https://booking.finnlines.com/en
Origin: https://booking.finnlines.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:58:36 GMT
via: 1.1 ecbb6ac82f8f6ff46460b69097d121ec.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 13:07:49 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
x-amz-server-side-encryption: AES256
etag: "5df8a17352b50de2a86e59e84eb0e079"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: font/woff2
accept-ranges: bytes
content-length: 75876
x-amz-cf-id: 2dj7NJn-jGttoc0p5_M2eevavJvPky68D42_jfbmCZzWgfMItr9E9g==

GET
H2 200 651.f5ce4f72.chunk.js Show response
booking.finnlines.com/static/js/ 328 KB
60 KB 138ms
138ms Script
application/javascript 2600:9000:20ab:9800:3:27af:5980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.finnlines.com/static/js/651.f5ce4f72.chunk.js
Requested by: Host: booking.finnlines.com
URL: https://booking.finnlines.com/static/js/main.d2c9603d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:9800:3:27af:5980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f33c9973c9de1b83e210b16d7f5619a21ce623fdb405514d56d00e9b52b1460f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/en/search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:58:36 GMT
content-encoding: gzip
via: 1.1 ecbb6ac82f8f6ff46460b69097d121ec.cloudfront.net (CloudFront)
last-modified: Mon, 11 Sep 2023 08:50:17 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
x-amz-server-side-encryption: AES256
etag: W/"14c10151d271e6008e0c09053efa5c10"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-cf-id: X3xrRBqCXW-IqCxFcRNoYGJ8gCcVqvh-iIIpNUy6BcoEq2rvoYwUkQ==

POST
H2 200 graphql Show response
dm3xyy44wbeivgqmeymvmw22be.appsync-api.eu-central-1.amazonaws.com/ 9 KB
1 KB 295ms
294ms XHR
application/json 65.9.86.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dm3xyy44wbeivgqmeymvmw22be.appsync-api.eu-central-1.amazonaws.com/graphql
Requested by: Host: booking.finnlines.com
URL: https://booking.finnlines.com/static/js/main.d2c9603d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-27.ams1.r.cloudfront.net
Software: /
Resource Hash: 67da7c7e4fff0348569becec63822c40a114bee127d412e17c0989a29d5398ee

Request headers

Accept: application/json, text/plain, */*
Referer: https://booking.finnlines.com/
accept-language: fi-FI,fi;q=0.9
x-amz-user-agent: aws-amplify/5.1.1 js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
X-Api-Key: da2-zvuktusyubbstlw7khps4vyeie
Content-Type: application/json; charset=UTF-8

Response headers

x-amzn-appsync-tokensconsumed: 1
date: Tue, 12 Sep 2023 17:58:36 GMT
content-encoding: gzip
via: 1.1 682270ef163d219cc7a50d1af232b97e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amzn-requestid: 2cb8e623-2673-4587-b984-d4b6e336e2e2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
x-amz-cf-id: A7Xzq5dAu42HGKQKZFDsbSmiWTCVhrwugi0_hX_1O2cBXi5zyEM2OA==

GET
H2 200 otBannerSdk.js Show response
cookie-cdn.cookiepro.com/scripttemplates/202308.1.0/ 411 KB
96 KB 84ms
83ms Script
application/javascript 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202308.1.0/otBannerSdk.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27ff6f8b30f633a9e1954d6cc94756127292aa99560255e414bbb75b37416594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Sep 2023 17:58:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: 2+I2Cj649lHjQKiedh8F2Q==
age: 6039
x-ms-lease-status: unlocked
last-modified: Thu, 10 Aug 2023 01:24:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8137bd12-901e-005d-7243-cb32c9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 805a0a1989721c16-OSL
expires: Wed, 13 Sep 2023 17:58:35 GMT

GET
H2 200 hotjar-537573.js Show response
static.hotjar.com/c/ 10 KB
4 KB 242ms
82ms Script
application/javascript 108.156.60.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-537573.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P37G4N&gtm_auth=wqPFzUlb6rm8XAWLPP5AAQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.60.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-60-58.ams1.r.cloudfront.net

Software

Resource Hash

88171802784cdc517e6858e4644ff5b61d4b44aebdae45d37610d552ba44c62e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 12 Sep 2023 17:58:35 GMT
via: 1.1 c38563a65534cacc21516bd5450b0818.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
age: 46
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/d2554390b117de64e0fd248c3cf130cd
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: XaCq4CZk3H_bfEvxw-fS7rovyhFtKjnmypn51X6iCrgR8TSiB7UvXg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 268ms
86ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P37G4N&gtm_auth=wqPFzUlb6rm8XAWLPP5AAQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Sep 2023 17:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 532
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 12 Sep 2023 19:49:43 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 49 KB
18 KB 332ms
136ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P37G4N&gtm_auth=wqPFzUlb6rm8XAWLPP5AAQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e79508a44168446bbd6e0196cf4203b09afad0267cb80da5958172c1ff85c50f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:58:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18494
x-xss-protection: 0
server: cafe
etag: 5879359867132392387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 17:58:36 GMT

GET
H2 200 rpa.js Show response
app.readpeak.com/js/ 3 KB
2 KB 575ms
85ms Script
application/javascript 18.159.191.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.readpeak.com/js/rpa.js
Requested by: Host: booking.finnlines.com
URL: https://booking.finnlines.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.191.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-191-207.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6ba7df34c01be99b17ad2b3a75904e55b6e63a6326e18d881fd9a3aeea2b1713

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:58:36 GMT
content-encoding: gzip
last-modified: Mon, 11 Sep 2023 13:09:31 GMT
server: nginx
etag: "64ff118b-5ab"
content-length: 1451
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
93 KB 122ms
121ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1VVLDJMVT2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P37G4N&gtm_auth=wqPFzUlb6rm8XAWLPP5AAQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d1b0872a44ab4256c8d99cc8f42e0fa6b8bc99d433ca2650fe772dd292e9913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:58:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94736
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Sep 2023 17:58:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
88 KB 99ms
99ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5KND49N2RX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P37G4N&gtm_auth=wqPFzUlb6rm8XAWLPP5AAQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6060a1fa418635fc00a9fc4217b13a641d801a87018b643bb9aedfc119186eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:58:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89886
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Sep 2023 17:58:35 GMT

GET
H2 200 visa.svg
a.storyblok.com/f/82487/x/28e4319300/ 1 KB
1 KB 265ms
80ms Image
image/svg+xml 18.238.243.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/82487/x/28e4319300/visa.svg
Requested by: Host: booking.finnlines.com
URL: https://booking.finnlines.com/en/search
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-36.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c202c7fdbec1b89b265df1a03a9e92de0c83a901b078ad564a43004f1225fa40

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:54:10 GMT
x-amz-version-id: lZsJRubagS143SSMY4724vq_tL6OtHZA
content-encoding: gzip
via: 1.1 e6ef76f348359a0bc64c007ab009ebd2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
age: 324267
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 Jun 2020 09:36:14 GMT
server: AmazonS3
etag: W/"12770e0ce53e2a400c9b375e8baf640b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
x-amz-cf-id: 9VPWs9gi_hSAtUGJ17UCvKKfr4UFtQ49sxAv_wHJ3N6_jOU5qLxqXQ==
expires: Tue, 08 Jun 2021 09:36:12 GMT

GET
H2 200 mastercard.svg
a.storyblok.com/f/82487/x/2ab4484828/ 3 KB
2 KB 265ms
81ms Image
image/svg+xml 18.238.243.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/82487/x/2ab4484828/mastercard.svg
Requested by: Host: booking.finnlines.com
URL: https://booking.finnlines.com/en/search
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-36.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f81ce2e056a5ab2e0c34ea202c49e135e91347459ec9b4145a2e013bf06bf5cb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:54:10 GMT
x-amz-version-id: JEiGL2j4TB78nO8It024unz8CW2HoT.Q
content-encoding: gzip
via: 1.1 e6ef76f348359a0bc64c007ab009ebd2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
age: 324267
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 Jun 2020 09:36:14 GMT
server: AmazonS3
etag: W/"ff6536945be4c623b23a3ef5ae18f848"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
x-amz-cf-id: DpCUabdkUvYjUpT9JwRn3WgGZZUxxSq25j5LwFPLfug3Yg473xlgzg==
expires: Tue, 08 Jun 2021 09:36:12 GMT

GET
H2 200 maestro.svg
a.storyblok.com/f/82487/x/42e1f25563/ 4 KB
2 KB 268ms
84ms Image
image/svg+xml 18.238.243.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/82487/x/42e1f25563/maestro.svg
Requested by: Host: booking.finnlines.com
URL: https://booking.finnlines.com/en/search
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-36.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7cfc6d453eac44c9ac8c0378c72494e48fba28917edb7aeeba6b42ccedbeec94

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:54:10 GMT
x-amz-version-id: jddjNHNTUOgc13mJ4x_1SUe4w3VvE92L
content-encoding: gzip
via: 1.1 e6ef76f348359a0bc64c007ab009ebd2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
age: 324267
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 31 Aug 2020 14:17:32 GMT
server: AmazonS3
etag: W/"4190496ec94081216ed9f54e0dcc3a84"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
x-amz-cf-id: pysMRHuKjkimAhCO6KM-VFRTvQ89dvu0NZfrIkLvk0G6O7n1okkwcg==
expires: Tue, 31 Aug 2021 14:17:30 GMT

GET
H2 200 paypal.svg
a.storyblok.com/f/82487/x/4f9cadda66/ 3 KB
1 KB 269ms
84ms Image
image/svg+xml 18.238.243.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/82487/x/4f9cadda66/paypal.svg
Requested by: Host: booking.finnlines.com
URL: https://booking.finnlines.com/en/search
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-36.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e77a464b564aa572848ffec189ca17d68ecba50dd29cf0ab3818f17ea84c543a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:54:10 GMT
x-amz-version-id: 73047aMxb_5Cc32ZfTxxAS7tPYxKWhkw
content-encoding: gzip
via: 1.1 e6ef76f348359a0bc64c007ab009ebd2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
age: 324267
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 Jun 2020 09:36:14 GMT
server: AmazonS3
etag: W/"a81241fd64b214ee94e468763024a35c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
x-amz-cf-id: ji8dqunbCsakDdVOXsazPFuYdXqlqKnH9_hFTLSNLMvCcGf70ELOkQ==
expires: Tue, 08 Jun 2021 09:36:12 GMT

GET
H2 200 en.json Show response
cookie-cdn.cookiepro.com/consent/8217c2b4-651f-4233-9cc2-ad9893e6c6c6/a4217d41-9cc8-4b3a-ae79-bbc131d9982c/ 65 KB
15 KB 78ms
78ms Fetch
application/x-javascript 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/8217c2b4-651f-4233-9cc2-ad9893e6c6c6/a4217d41-9cc8-4b3a-ae79-bbc131d9982c/en.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202308.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd5fbba80607eea596f5eed99272712a2964ab53e2af25ba16b9e6b1c843bed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Sep 2023 17:58:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: LsZvAqEof+3nlOD7PW14dw==
age: 50956
x-ms-lease-status: unlocked
last-modified: Wed, 30 Aug 2023 08:38:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 53c8e84e-801e-008a-04a8-db63fc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 805a0a1aecf4b524-OSL

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 204ms
70ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5KND49N2RX&gtm=45je3960&_p=1693290785&cid=719158965.1694541516&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694541516&sct=1&seg=0&dl=https%3A%2F%2Fbooking.finnlines.com%2Fen%2Fsearch&dt=Finnlines%20Booking&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5KND49N2RX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 17:58:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://booking.finnlines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 185ms
65ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1VVLDJMVT2&_ono=1&gtm=45je3960&_p=1693290785&_gaz=1&cid=719158965.1694541516&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1694541516&sct=1&seg=0&dl=https%3A%2F%2Fbooking.finnlines.com%2Fen%2Fsearch&dt=Finnlines%20Booking&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1VVLDJMVT2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 17:58:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://booking.finnlines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 286ms
87ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-1VVLDJMVT2&cid=719158965.1694541516&gtm=45je3960&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1VVLDJMVT2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 17:58:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://booking.finnlines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.no/ads/ 42 B
408 B 310ms
124ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-1VVLDJMVT2&cid=719158965.1694541516&gtm=45je3960&aip=1&z=1689274321

Requested by

Host: booking.finnlines.com
URL: https://booking.finnlines.com/en/search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 17:58:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.70a1f565e966e4ccde7b.js Show response
script.hotjar.com/ 223 KB
55 KB 247ms
83ms Script
application/javascript 13.227.219.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.70a1f565e966e4ccde7b.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-537573.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-120.ams54.r.cloudfront.net

Software

Resource Hash

10d9e1dd012de2c2c5c30146e448a06f9e77699da9e8595b600cdba3f9657400

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 10:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2e0227ef3f0af98f7b4e1f8452f59f84.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 25350
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55617
last-modified: Tue, 12 Sep 2023 10:55:36 GMT
etag: "a5843cdad72919b8ba784ef01d7c3adc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: SAr_rab20HrGlNJeuBiKOLLcMTUxAQvtx6h33tBHcd4F9ITpOWKqxw==

GET
H2 200 otCenterRounded.json Show response
cookie-cdn.cookiepro.com/scripttemplates/202308.1.0/assets/ 9 KB
3 KB 72ms
71ms Fetch
application/json 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202308.1.0/assets/otCenterRounded.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202308.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Sep 2023 17:58:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: weEWylC0+dJXoHSdhYGqqw==
age: 26031
x-ms-lease-status: unlocked
last-modified: Thu, 10 Aug 2023 01:24:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: bc0ff1bc-b01e-0065-791d-db9609000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 805a0a1cbe8cb524-OSL
expires: Wed, 13 Sep 2023 17:58:36 GMT

GET
H2 200 otPcCenter.json Show response
cookie-cdn.cookiepro.com/scripttemplates/202308.1.0/assets/v2/ 61 KB
13 KB 72ms
72ms Fetch
application/json 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202308.1.0/assets/v2/otPcCenter.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202308.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a0721d78278f9a6c3dd3f639bad1b3105d2df9e97e3d4a74dbec66d6b92c7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Sep 2023 17:58:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: jih879mbIcNSFioYCdj3Tg==
age: 26031
x-ms-lease-status: unlocked
last-modified: Thu, 10 Aug 2023 01:24:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f97ead6d-c01e-00a4-581d-db31eb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 805a0a1cbe8eb524-OSL
expires: Wed, 13 Sep 2023 17:58:36 GMT

GET
H2 200 otCommonStyles.css Show response
cookie-cdn.cookiepro.com/scripttemplates/202308.1.0/assets/ 21 KB
4 KB 71ms
71ms Fetch
text/css 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202308.1.0/assets/otCommonStyles.css

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202308.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Sep 2023 17:58:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 26031
x-ms-lease-status: unlocked
last-modified: Thu, 10 Aug 2023 01:24:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 90893be2-e01e-009c-28d0-db952b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 805a0a1cbe8fb524-OSL
expires: Wed, 13 Sep 2023 17:58:36 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
212 B 91ms
91ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1693290785&t=pageview&_s=1&dl=https%3A%2F%2Fbooking.finnlines.com%2Fen%2Fsearch&ul=en-us&de=UTF-8&dt=Finnlines%20Booking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAAI~&jid=537635150&gjid=473527008&cid=719158965.1694541516&tid=UA-2333545-14&_gid=551638450.1694541516&_slc=1&gtm=45He3960n71P37G4N&z=2147221714

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://booking.finnlines.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 17:58:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://booking.finnlines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 143ms
86ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2333545-14&cid=719158965.1694541516&jid=537635150&gjid=473527008&_gid=551638450.1694541516&_u=YCDAiEABBAAAAGAAI~&z=1349509080

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://booking.finnlines.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 12 Sep 2023 17:58:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://booking.finnlines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1035632648/ 3 KB
2 KB 289ms
119ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1035632648/?random=1694541516285&cv=9&fst=1694541516285&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbooking.finnlines.com%2Fen%2Fsearch&tiba=Finnlines%20Booking&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40fcc4d7fe2659edb7b7e7fe9abb38c4b0c63bf7719ecd4c4427f6c453b1838e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 17:58:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1385
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ot_guard_logo.svg Show response
cookie-cdn.cookiepro.com/logos/static/ 497 B
469 B 78ms
77ms Fetch
image/svg+xml 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/logos/static/ot_guard_logo.svg

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202308.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Sep 2023 17:58:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 10
x-ms-lease-status: unlocked
last-modified: Thu, 31 Aug 2023 01:28:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 2568a583-f01e-0090-0cd0-db0223000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 805a0a1d7f2bb524-OSL
expires: Wed, 13 Sep 2023 17:58:36 GMT

GET
H2 200 finnlines-logo.png
cookie-cdn.cookiepro.com/logos/dee4d0ee-3057-47b8-90db-4f7483888c56/94425ed5-0393-4f3e-a8e7-4d38ae8d9eab/4eb45752-d4a4-45c5-9deb-962888be42a7/ 5 KB
6 KB 71ms
70ms Image
image/png 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookie-cdn.cookiepro.com/logos/dee4d0ee-3057-47b8-90db-4f7483888c56/94425ed5-0393-4f3e-a8e7-4d38ae8d9eab/4eb45752-d4a4-45c5-9deb-962888be42a7/finnlines-logo.png

Requested by

Host: booking.finnlines.com
URL: https://booking.finnlines.com/en/search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e0671302bf14e706c23c56e20257b27937f9ad21be47725b1ea1e84f666c83b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Sep 2023 17:58:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-md5: wrHYjBuo0J5Gib+1eCAWVg==
age: 8248
cf-polished: origSize=11681
content-length: 5464
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri
last-modified: Wed, 25 May 2022 12:03:38 GMT
server: cloudflare
etag: 0x8DA3E469A4FE101
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: bef539a2-e01e-00a3-09e5-da5d88000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 805a0a1d7bb91c16-OSL
expires: Wed, 13 Sep 2023 17:58:36 GMT

GET
H2 200 poweredBy_cp_logo.svg
cookie-cdn.cookiepro.com/logos/static/ 5 KB
2 KB 71ms
71ms Image
image/svg+xml 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookie-cdn.cookiepro.com/logos/static/poweredBy_cp_logo.svg

Requested by

Host: booking.finnlines.com
URL: https://booking.finnlines.com/en/search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Sep 2023 17:58:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: uInNdQwuuw8s7lYl3cE7eQ==
age: 6109
x-ms-lease-status: unlocked
last-modified: Thu, 31 Aug 2023 01:28:22 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 4846dde7-a01e-0034-46ab-db0b85000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 805a0a1d7bba1c16-OSL
expires: Wed, 13 Sep 2023 17:58:36 GMT

GET
H2 204 ht
app.readpeak.com/url/ 0
278 B 85ms
85ms Image
text/plain 18.159.191.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.readpeak.com/url/ht?rpid=401847321864628&l=https%3A%2F%2Fbooking.finnlines.com%2Fen%2Fsearch&t=0&cid=&cb=1694541516383&i=1694541516383
Requested by: Host: booking.finnlines.com
URL: https://booking.finnlines.com/en/search
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.191.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-191-207.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-origin: undefined
date: Tue, 12 Sep 2023 17:58:36 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Oct 2015 07:28:00 GMT
expires: Wed, 21 Oct 2015 07:28:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 289ms
120ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2333545-14&cid=719158965.1694541516&jid=537635150&_u=YCDAiEABBAAAAGAAI~&z=292132282

Requested by

Host: booking.finnlines.com
URL: https://booking.finnlines.com/en/search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 17:58:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.no/ads/ 42 B
107 B 123ms
123ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2333545-14&cid=719158965.1694541516&jid=537635150&_u=YCDAiEABBAAAAGAAI~&z=292132282

Requested by

Host: booking.finnlines.com
URL: https://booking.finnlines.com/en/search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 17:58:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1035632648/ 42 B
455 B 109ms
96ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1035632648/?random=1694541516285&cv=9&fst=1694538000000&num=1&guid=ON&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fbooking.finnlines.com%2Fen%2Fsearch&tiba=Finnlines%20Booking&fmt=3&is_vtc=1&random=2202170566&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: booking.finnlines.com
URL: https://booking.finnlines.com/en/search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 17:58:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.no/pagead/1p-user-list/1035632648/ 42 B
154 B 97ms
96ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/pagead/1p-user-list/1035632648/?random=1694541516285&cv=9&fst=1694538000000&num=1&guid=ON&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fbooking.finnlines.com%2Fen%2Fsearch&tiba=Finnlines%20Booking&fmt=3&is_vtc=1&random=2202170566&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: booking.finnlines.com
URL: https://booking.finnlines.com/en/search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 17:58:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 90ms
89ms Image
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1190458637&rv=3960&u=AAAAAAAIAAAAACA&ut=AgCA&h=Ag&cid=83805978&l=83805978.EC2.TC0.HTC0~*~*~GA973.992

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:58:36 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 98ms
97ms Image
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1639911570&rv=3960&u=AAAAAAAIAAAAACA&ut=AgCA&h=Ag&cid=G-5KND49N2RX&l=G-5KND49N2RX.L740.S52.E733.EC10.TC15.HTC0~gtm.init.S0.V0.E151.TS5ogtreferralexclusion.TI106.TE2.TS5ogtipmark.TI108.TE0.TS5ogt1pdatav2.TI109.TE0.TS5ccdgalast.TI110.TE0.TS5ccdconversionmarking.TI111.TE0.TS5ccdemvideo.TI112.TE1.TS5ccdemsitesearch.TI113.TE1.TS5ccdemscroll.TI114.TE0.TS5ccdempageview.TI115.TE1.TS5ccdemoutboundclick.TI116.TE4.TS5ccdemdownload.TI117.TE1.TS5ogtgooglesignals.TI118.TE0.TS5setproductsettings.TI119.TE0.TS5ccdgafirst.TI120.TE0~gtm.js.S0.V0.E133.TS5gct.TI103.TE1~gtm.dom.S0.V0.E20~gtm.scrollDepth.S0.V0.E104~gtm.scrollDepth.S0.V0.E38~*.S0.V0.E46~*.S0.V0.E45~*.S0.V0.E43~gtm.load.S0.V0.E0~gtm.init_consent.S3.V2.E45

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:58:36 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://app.readpeak.com/cs/apnxs
https://ib.adnxs.com/setuid?entity=435&code=4gfbA75ZgVi7SVIy
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D435%26code%3D4gfbA75ZgVi7SVIy

43 B
878 B

74ms
73ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D435%26code%3D4gfbA75ZgVi7SVIy

Protocol

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 17:58:38 GMT
an-x-request-uuid: dfbd6ffc-90fc-493f-b040-f7beb6bd8b1e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.138.7.220; 193.138.7.220; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Sep 2023 17:58:38 GMT
an-x-request-uuid: 8369c930-fe60-4847-b96a-56873458a6e4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D435%26code%3D4gfbA75ZgVi7SVIy
cache-control: no-store, no-cache, private
x-proxy-origin: 193.138.7.220; 193.138.7.220; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

/
sync.taboola.com/sg/readpeak-network/1/rtb-h/
Redirect Chain

https://app.readpeak.com/cs/tbl
https://sync.taboola.com/sg/readpeak-network/1/rtb-h/?taboola_hm=4gfbA75ZgVi7SVIy

0
90 B

242ms
73ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/readpeak-network/1/rtb-h/?taboola_hm=4gfbA75ZgVi7SVIy
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:58:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 72520

Redirect headers

location: https://sync.taboola.com/sg/readpeak-network/1/rtb-h/?taboola_hm=4gfbA75ZgVi7SVIy
access-control-allow-origin: undefined
date: Tue, 12 Sep 2023 17:58:37 GMT
referrer-policy: no-referrer
content-length: 103
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2

204

adx
app.readpeak.com/cs/
Redirect Chain

https://app.readpeak.com/cs/adx
https://cm.g.doubleclick.net/pixel?google_nid=read_peak_oy&google_hm=4gfbA75ZgVi7SVIy
https://app.readpeak.com/cs/adx?id=

0
63 B

90ms
90ms

Image
text/plain

18.159.191.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.readpeak.com/cs/adx?id=
Protocol: H2
Server: 18.159.191.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-191-207.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-origin: undefined
date: Tue, 12 Sep 2023 17:58:38 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Sep 2023 17:58:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://app.readpeak.com/cs/adx?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ht
app.readpeak.com/url/ 43 B
387 B 86ms
86ms Image
image/gif 18.159.191.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.readpeak.com/url/ht?rpid=401847321864628&l=https%3A%2F%2Fbooking.finnlines.com%2Fen%2Fsearch&t=3&cid=&cb=1694541519384
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.191.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-191-207.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://booking.finnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:58:39 GMT
last-modified: Wed, 21 Oct 2015 07:28:00 GMT
etag: W/"2b-6n31g5gxM7YnErXnO/+81FzFNzY"
content-type: image/gif
access-control-allow-origin: undefined
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: Wed, 21 Oct 2015 07:28:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.finnlines.com/	1970-01-20 16:51:57	Name: _gcl_au Value: 1.1.1509912876.1694541516
.finnlines.com/	1970-01-21 00:18:21	Name: _ga_5KND49N2RX Value: GS1.1.1694541516.1.0.1694541516.0.0.0
.finnlines.com/	1970-01-21 00:18:21	Name: _ga_1VVLDJMVT2 Value: GS1.1.1694541516.1.0.1694541516.60.0.0
.finnlines.com/	1970-01-21 00:18:21	Name: _ga Value: GA1.2.719158965.1694541516
.finnlines.com/	1970-01-20 14:43:47	Name: _gid Value: GA1.2.551638450.1694541516
.finnlines.com/	1970-01-20 14:42:21	Name: _dc_gtm_UA-2333545-14 Value: 1
.finnlines.com/	1970-01-20 23:27:57	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Sep+12+2023+20%3A58%3A36+GMT%2B0300+(Eastern+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=517c1cea-d56f-4b69-9363-3fe790da476b&interactionCount=0&landingPath=https%3A%2F%2Fbooking.finnlines.com%2Fen%2Fsearch&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.readpeak.com/	1970-01-20 16:51:57	Name: READPEAKBID Value: 4gfbA75ZgVi7SVIy
.finnlines.com/	1970-01-20 23:27:57	Name: _hjSessionUser_537573 Value: eyJpZCI6ImZiY2NmODE5LWE3MWItNTczNi1hZmQwLWY5MTE1ZThkYmIzYiIsImNyZWF0ZWQiOjE2OTQ1NDE1MTY1NjksImV4aXN0aW5nIjpmYWxzZX0=
.finnlines.com/	1970-01-20 14:42:23	Name: _hjFirstSeen Value: 1
.finnlines.com/	1970-01-20 14:42:21	Name: _hjIncludedInSessionSample_537573 Value: 1
.finnlines.com/	1970-01-20 14:42:23	Name: _hjSession_537573 Value: eyJpZCI6IjY0ZDQzYmQyLThiMmItNDA0Yy1iMDgyLTIxOTEzMDcwYTc5OCIsImNyZWF0ZWQiOjE2OTQ1NDE1MTY1NjksImluU2FtcGxlIjp0cnVlfQ==
.finnlines.com/	1970-01-20 14:42:23	Name: _hjAbsoluteSessionInProgress Value: 0
.adnxs.com/	1970-01-20 16:51:57	Name: uuid2 Value: 4259302050297608232
.doubleclick.net/	1970-01-21 00:03:57	Name: IDE Value: AHWqTUn7Gzxfrhrux8NXW8ChFOtrCN8FV1e2IO04O4EV5DaPNeZB0hp6QLQt5qUie-I
.adnxs.com/	1970-01-20 16:51:57	Name: anj Value: dTM7k!M4/YE:2jUF']wIg2C$MK6b?U!@wnfH)iRzRqu'=BHk=2bqHv4g]BiqbZ9_Zte>kvtP$(j#iP(Md+>)fy)u?E%dJ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.storyblok.com
app.readpeak.com
booking.finnlines.com
cm.g.doubleclick.net
cookie-cdn.cookiepro.com
dm3xyy44wbeivgqmeymvmw22be.appsync-api.eu-central-1.amazonaws.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ib.adnxs.com
region1.analytics.google.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
sync.taboola.com
www.google-analytics.com
www.google.com
www.google.no
www.googleadservices.com
www.googletagmanager.com
108.156.60.58
13.227.219.120
141.226.228.48
142.250.184.226
142.250.185.98
18.159.191.207
18.238.243.36
185.89.210.141
2001:4860:4802:34::36
2600:9000:20ab:4a00:3:27af:5980:93a1
2600:9000:20ab:9800:3:27af:5980:93a1
2606:4700:4400::6812:2894
2606:4700:4400::ac40:9b77
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:828::200e
2a00:1450:400c:c00::9c
65.9.86.27
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
0a0721d78278f9a6c3dd3f639bad1b3105d2df9e97e3d4a74dbec66d6b92c7ec
10d9e1dd012de2c2c5c30146e448a06f9e77699da9e8595b600cdba3f9657400
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
27ff6f8b30f633a9e1954d6cc94756127292aa99560255e414bbb75b37416594
40fcc4d7fe2659edb7b7e7fe9abb38c4b0c63bf7719ecd4c4427f6c453b1838e
439b3301299d2f3614d9ede61bceaeb7d023f5975147e08f33d6e4ca82cfed56
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
52a98255bab9298212f8de0a4458afbb682fdcf374f695c07ebb4f15f91d1073
54170df5901cc02b7a1b874e837e334e27655a3d0ccd910c418ec2dd947cee12
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
6060a1fa418635fc00a9fc4217b13a641d801a87018b643bb9aedfc119186eb9
63be0f68f6af1a68e2d3312d7a3bf1b3af73c1d9ccc573f22af7042c8a3f8ab6
67da7c7e4fff0348569becec63822c40a114bee127d412e17c0989a29d5398ee
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6ba7df34c01be99b17ad2b3a75904e55b6e63a6326e18d881fd9a3aeea2b1713
6fb56136469f547e6702281e3e75f03720edaafe01986100145e9681b7fca8c2
7c4019b50989160946cafdbbac91cb10408080bb153a3d6f202a730126840999
7cfc6d453eac44c9ac8c0378c72494e48fba28917edb7aeeba6b42ccedbeec94
7ffe7c7eed20900652605eab522ac9cf7fbd5040686e2ed6f1bc6b22008f1b98
88171802784cdc517e6858e4644ff5b61d4b44aebdae45d37610d552ba44c62e
8d1b0872a44ab4256c8d99cc8f42e0fa6b8bc99d433ca2650fe772dd292e9913
8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447
8e0671302bf14e706c23c56e20257b27937f9ad21be47725b1ea1e84f666c83b
930c6947e838cb06c9b524e6ee87b7ef8fde41122b8fe07af5d973696227b5ba
a577ef6bc32e9fb5981b5f75f712fbe2ab208ed841905b06fc41dc943c7ef1dd
b1bdb6bb2c82d1aace52a77afac78b2b0580c3df9da6cd4cd9c4072067b72991
bd5fbba80607eea596f5eed99272712a2964ab53e2af25ba16b9e6b1c843bed3
c202c7fdbec1b89b265df1a03a9e92de0c83a901b078ad564a43004f1225fa40
c48671613b1a7f4fadb2d10a293aeeab096cd07c3b88361f5de6c79e7cbe3296
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e181730c1a666b38b299b81ead525f7fec078ff980360b4c032e75b9802ebf0d
e37305c505e0a55cc1e7d7482c80ffecf0a86a2f6641b3db0e71a2d920924974
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77a464b564aa572848ffec189ca17d68ecba50dd29cf0ab3818f17ea84c543a
e79508a44168446bbd6e0196cf4203b09afad0267cb80da5958172c1ff85c50f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f33c9973c9de1b83e210b16d7f5619a21ce623fdb405514d56d00e9b52b1460f
f81ce2e056a5ab2e0c34ea202c49e135e91347459ec9b4145a2e013bf06bf5cb

booking.finnlines.com Open in urlscan Pro 2600:9000:20ab:9800:3:27af:5980:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

94 %HTTPS

55 %IPv6

15 Domains

20 Subdomains

19 IPs

4 Countries

1456 kBTransfer

4506 kBSize

16 Cookies

7 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

booking.finnlines.com Open in urlscan Pro
2600:9000:20ab:9800:3:27af:5980:93a1 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

94 %
HTTPS

55 %
IPv6

15
Domains

20
Subdomains

19
IPs

4
Countries

1456 kB
Transfer

4506 kB
Size

16
Cookies

52 HTTP transactions
1 data transactions