URL: https://booking.freska.no/
Submission: On April 03 via automatic, source certstream-suspicious

Summary

This website contacted 42 IPs in 8 countries across 44 domains to perform 100 HTTP transactions. The main IP is 2a03:b0c0:3:e0::26f:c001, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is booking.freska.no.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 3rd 2020. Valid for: 3 months.
This is the only time booking.freska.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2a03:b0c0:3:e... 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
3 23.37.33.211 16625 (AKAMAI-AS)
1 143.204.99.83 16509 (AMAZON-02)
1 34.76.162.43 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 151.101.14.49 54113 (FASTLY)
2 35.190.89.70 15169 (GOOGLE)
3 147.75.100.69 54825 (PACKET)
1 5 95.100.196.159 16625 (AKAMAI-AS)
3 216.58.205.226 15169 (GOOGLE)
5 2a03:2880:f01... 32934 (FACEBOOK)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2a05:f500:11:... 14413 (LINKEDIN)
15 18 54.171.23.184 16509 (AMAZON-02)
2 2606:2800:234... 15133 (EDGECAST)
2 35.201.103.237 15169 (GOOGLE)
12 176.9.141.35 24940 (HETZNER-AS)
1 13.225.73.77 16509 (AMAZON-02)
4 52.39.143.152 16509 (AMAZON-02)
1 5 2a03:2880:f11... 32934 (FACEBOOK)
1 1 2a00:1450:400... 15169 (GOOGLE)
3 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2 52.57.106.47 16509 (AMAZON-02)
1 2 3.126.56.137 16509 (AMAZON-02)
1 2 95.100.197.53 16625 (AKAMAI-AS)
1 69.173.144.138 26667 (RUBICONPR...)
1 2 70.42.32.127 22075 (AS-OUTBRAIN)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 151.101.113.44 54113 (FASTLY)
1 2 3.127.116.150 16509 (AMAZON-02)
1 1 2a00:1288:f03... 10310 (YAHOO-1)
1 2 18.195.193.185 16509 (AMAZON-02)
1 2 185.33.223.221 29990 (ASN-APPNEX)
1 35.190.72.21 15169 (GOOGLE)
1 2 34.95.120.147 15169 (GOOGLE)
1 1 172.217.23.98 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
100 42
Apex Domain
Subdomains
Transfer
22 adroll.com
s.adroll.com
d.adroll.com
24 KB
11 giosg.com
service.giosg.com
192 KB
9 google-analytics.com
www.google-analytics.com
45 KB
7 freska.no
booking.freska.no
491 KB
5 hubspot.com
track.hubspot.com
forms.hubspot.com
2 KB
5 facebook.com
www.facebook.com
896 B
5 facebook.net
connect.facebook.net
269 KB
4 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
2 KB
4 segment.io
api.segment.io
568 B
4 contentful.com
cdn.contentful.com
20 KB
3 yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
2 KB
3 google.de
www.google.de
329 B
3 google.com
www.google.com
1 KB
3 linkedin.com
px.ads.linkedin.com
www.linkedin.com
2 KB
3 googleadservices.com
www.googleadservices.com
13 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
72 KB
3 gstatic.com
fonts.gstatic.com
34 KB
3 typekit.net
use.typekit.net
p.typekit.net
41 KB
2 openx.net
us-u.openx.net
498 B
2 adnxs.com
ib.adnxs.com
2 KB
2 bidswitch.net
x.bidswitch.net
906 B
2 3lift.com
eb2.3lift.com
737 B
2 outbrain.com
sync.outbrain.com
804 B
2 casalemedia.com
dsum-sec.casalemedia.com
2 KB
2 advertising.com
pixel.advertising.com
816 B
2 adservicemedia.dk
online.adservicemedia.dk
1 KB
2 twitter.com
platform.twitter.com
29 KB
2 freska.net
api.freska.net
15 KB
1 hsleadflows.net
js.hsleadflows.net
61 KB
1 hs-scripts.com
js.hs-scripts.com
860 B
1 giosgusercontent.com
5184.clients.giosgusercontent.com
1 rlcdn.com
idsync.rlcdn.com
62 B
1 taboola.com
trc.taboola.com
281 B
1 pubmatic.com
simage2.pubmatic.com
886 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 atdmt.com
cx.atdmt.com
431 B
1 adtr.io
adtr.io
2 KB
1 consensu.org
d.adroll.mgr.consensu.org
137 B
1 hs-analytics.net
js.hs-analytics.net
22 KB
1 licdn.com
snap.licdn.com
2 KB
1 googletagmanager.com
www.googletagmanager.com
22 KB
1 freska.io
api.freska.io
12 KB
1 segment.com
cdn.segment.com
79 KB
1 googleapis.com
fonts.googleapis.com
749 B
100 44
Domain Requested by
17 d.adroll.com 14 redirects booking.freska.no
11 service.giosg.com booking.freska.no
service.giosg.com
9 www.google-analytics.com cdn.segment.com
www.google-analytics.com
booking.freska.no
7 booking.freska.no booking.freska.no
5 www.facebook.com 1 redirects booking.freska.no
5 connect.facebook.net cdn.segment.com
connect.facebook.net
booking.freska.no
5 s.adroll.com 1 redirects cdn.segment.com
booking.freska.no
s.adroll.com
4 track.hubspot.com
4 api.segment.io booking.freska.no
4 cdn.contentful.com booking.freska.no
3 www.google.de booking.freska.no
3 www.google.com 3 redirects
3 www.googleadservices.com cdn.segment.com
www.googleadservices.com
3 fonts.gstatic.com booking.freska.no
2 us-u.openx.net 1 redirects booking.freska.no
2 ib.adnxs.com 1 redirects booking.freska.no
2 x.bidswitch.net 1 redirects booking.freska.no
2 eb2.3lift.com 1 redirects booking.freska.no
2 sync.outbrain.com 1 redirects booking.freska.no
2 dsum-sec.casalemedia.com 1 redirects booking.freska.no
2 ups.analytics.yahoo.com 1 redirects booking.freska.no
2 pixel.advertising.com 2 redirects
2 googleads.g.doubleclick.net 2 redirects
2 online.adservicemedia.dk www.googletagmanager.com
booking.freska.no
2 platform.twitter.com www.googletagmanager.com
platform.twitter.com
2 px.ads.linkedin.com 1 redirects booking.freska.no
2 api.freska.net booking.freska.no
2 use.typekit.net booking.freska.no
1 forms.hubspot.com booking.freska.no
1 js.hsleadflows.net js.hs-scripts.com
1 js.hs-scripts.com js.hs-analytics.net
1 5184.clients.giosgusercontent.com service.giosg.com
1 cm.g.doubleclick.net 1 redirects
1 idsync.rlcdn.com booking.freska.no
1 ads.yahoo.com 1 redirects
1 trc.taboola.com booking.freska.no
1 simage2.pubmatic.com booking.freska.no
1 pixel.rubiconproject.com booking.freska.no
1 vars.hotjar.com static.hotjar.com
1 cx.atdmt.com booking.freska.no
1 stats.g.doubleclick.net 1 redirects
1 script.hotjar.com static.hotjar.com
1 adtr.io www.googletagmanager.com
1 d.adroll.mgr.consensu.org 1 redirects
1 www.linkedin.com 1 redirects
1 js.hs-analytics.net cdn.segment.com
1 snap.licdn.com cdn.segment.com
1 www.googletagmanager.com cdn.segment.com
1 static.hotjar.com cdn.segment.com
1 api.freska.io booking.freska.no
1 cdn.segment.com booking.freska.no
1 p.typekit.net booking.freska.no
1 fonts.googleapis.com booking.freska.no
100 53

This site contains links to these domains. Also see Links.

Domain
www.freska.no
www.giosg.com
Subject Issuer Validity Valid
bestill.freska.no
Let's Encrypt Authority X3
2020-04-03 -
2020-07-02
3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA
2019-12-06 -
2021-12-10
2 years crt.sh
*.segment.com
DigiCert SHA2 Secure Server CA
2019-06-24 -
2020-07-01
a year crt.sh
api.freska.io
Let's Encrypt Authority X3
2020-03-10 -
2020-06-08
3 months crt.sh
*.google.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
n2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-11-29 -
2020-06-13
6 months crt.sh
api.freska.net
Let's Encrypt Authority X3
2020-02-23 -
2020-05-23
3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3
2020-02-03 -
2020-05-03
3 months crt.sh
*.adroll.com
DigiCert SHA2 Secure Server CA
2020-01-29 -
2021-04-29
a year crt.sh
www.googleadservices.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-03-01 -
2020-05-30
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2019-04-01 -
2021-05-07
2 years crt.sh
ssl803670.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-11-06 -
2020-05-14
6 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2020-03-04 -
2020-09-04
6 months crt.sh
adroll.mgr.consensu.org
Amazon
2019-11-06 -
2020-12-06
a year crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA
2019-11-12 -
2020-11-18
a year crt.sh
online.adservicemedia.dk
GTS CA 1D2
2020-02-20 -
2020-05-20
3 months crt.sh
*.giosg.com
Starfield Secure Certificate Authority - G2
2019-06-20 -
2021-08-19
2 years crt.sh
adtr.io
Amazon
2019-07-31 -
2020-08-31
a year crt.sh
script.hotjar.com
Let's Encrypt Authority X3
2020-02-03 -
2020-05-03
3 months crt.sh
www.google.de
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA
2020-03-05 -
2020-06-03
3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3
2020-02-03 -
2020-05-03
3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2020-02-13 -
2020-08-11
6 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2020-03-02 -
2021-04-01
a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA
2019-01-10 -
2021-01-14
2 years crt.sh
*.outbrain.com
Thawte RSA CA 2018
2019-10-29 -
2021-11-23
2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA
2019-02-22 -
2021-02-21
2 years crt.sh
*.taboola.com
DigiCert SHA2 Secure Server CA
2020-02-19 -
2020-09-10
7 months crt.sh
*.3lift.com
Amazon
2019-07-17 -
2020-08-17
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2019-04-17 -
2020-05-04
a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-04-24 -
2020-04-23
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2018-01-04 -
2020-07-09
3 years crt.sh
*.clients.giosgusercontent.com
Starfield Secure Certificate Authority - G2
2019-08-08 -
2021-08-08
2 years crt.sh
ssl817718.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2020-01-21 -
2020-07-29
6 months crt.sh
hubspot.com
CloudFlare Inc ECC CA-2
2019-12-04 -
2020-10-09
10 months crt.sh
ssl817706.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2020-01-21 -
2020-07-29
6 months crt.sh

This page contains 4 frames:

Primary Page: https://booking.freska.no/
Frame ID: 62484B3CB2889F4B7CB99A20AF75905C
Requests: 99 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d0f13be8321eb432fba28cfc1c3351b1.html?origin=https%3A%2F%2Fbooking.freska.no
Frame ID: 0094329EC24EC096F998D754E9984403
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: CE71153C9F6ADF71919AE773779188C0
Requests: 1 HTTP requests in this frame

Frame: https://5184.clients.giosgusercontent.com/cd/5184/zyj1b/?url=https%3A%2F%2Fbooking.freska.no%2Fservice&dialog_id=8219
Frame ID: DB56D7ECD22E88C1CEFA5889CF2D4400
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^Netlify/i

Overall confidence: 100%
Detected patterns
  • script /(?:a|s)\.adroll\.com/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /cdn\.segment\.com\/analytics\.js/i

Page Statistics

100
Requests

100 %
HTTPS

46 %
IPv6

44
Domains

53
Subdomains

42
IPs

8
Countries

1449 kB
Transfer

6004 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300937&url=https%3A%2F%2Fbooking.freska.no%2Fservice&time=1585943211392 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D300937%26url%3Dhttps%253A%252F%252Fbooking.freska.no%252Fservice%26time%3D1585943211392%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300937&url=https%3A%2F%2Fbooking.freska.no%2Fservice&time=1585943211392&liSync=true
Request Chain 32
  • https://s.adroll.com/j/exp/WJHJVO6DUNFDDFCMXACO4C/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 34
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/WJHJVO6DUNFDDFCMXACO4C?_s=38ca69a0666abbdf453478b016b00b52&_b=2 HTTP 302
  • https://d.adroll.com/consent/check/WJHJVO6DUNFDDFCMXACO4C/?_s=38ca69a0666abbdf453478b016b00b52&_b=2
Request Chain 44
  • https://d.adroll.com/pixel/WJHJVO6DUNFDDFCMXACO4C/QTFWYKEHCJDBJONTSU2RB2?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&pv=35119373142.25868&cookie=&adroll_s_ref=&keyw= HTTP 302
  • https://s.adroll.com/pixel/WJHJVO6DUNFDDFCMXACO4C/QTFWYKEHCJDBJONTSU2RB2/AKMGXB7X2BBRLBTOCEYAFT.js
Request Chain 55
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-60179910-9&cid=1158303804.1585943211&jid=159833786&gjid=1199854398&_gid=2077222931.1585943211&_u=aGBAgEAjQ~&z=127688339 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60179910-9&cid=1158303804.1585943211&jid=159833786&_v=j81&z=127688339 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60179910-9&cid=1158303804.1585943211&jid=159833786&_v=j81&z=127688339&slf_rd=1&random=456765461
Request Chain 56
  • https://www.facebook.com/tr/?id=2217906515153654&ev=Lead&dl=https%3A%2F%2Fbooking.freska.no%2Fservice&rl=&if=false&ts=1585943211577&cd[helsinkiCentral]=false&cd[d2d]=false&cd[activeFeaturesJson]=%7B%22pricing.new_price_resolver%22%3Anull%7D&cd[activeFeatures]=%7B%22pricing.new_price_resolver%22%3Anull%7D&cd[checkoutId]=Booking-1604797&cd[language]=nb&cd[norwegianRewardActive]=false&cd[checkoutType]=home_cleaning&cd[serviceName]=home_cleaning&cd[label]=home_cleaning&sw=1600&sh=1200&v=2.9.15&r=stable&a=seg&ec=1&o=30&fbp=fb.1.1585943211563.72625767&it=1585943211422&coo=false&eid=ajs-8f44d6b5980db0810396b1248107bea6&tm=1&rqm=GET HTTP 302
  • https://cx.atdmt.com/?c=1407251068961338909&f=AYwHJDTYkGkqgG7r8Q1TmyhuYduAMZffqLwIt4PyEqFvdpwE0Q9L05qvs-zIHBd9wPs-4CPrrn8_CZIeusg-zGw0&id=2217906515153654&l=3&v=0
Request Chain 63
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/852356452/?random=1882022874&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://booking.freska.no/service&tiba=Freska&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=q5KHXsHGI5jX3gO4rIvoCA&sscte=1&crd=&gtd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/852356452/?random=1882022874&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://booking.freska.no/service&tiba=Freska&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=q5KHXsHGI5jX3gO4rIvoCA&random=2067015702&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/852356452/?random=1882022874&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://booking.freska.no/service&tiba=Freska&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=q5KHXsHGI5jX3gO4rIvoCA&random=2067015702&resp=GooglemKTybQhCsO&ipr=y
Request Chain 64
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/852356452/?random=1443872737&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://booking.freska.no/service&tiba=Freska&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=q5KHXpHtJZCO3wP5x7-YDA&sscte=1&crd=&gtd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/852356452/?random=1443872737&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://booking.freska.no/service&tiba=Freska&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=q5KHXpHtJZCO3wP5x7-YDA&random=2768945919&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/852356452/?random=1443872737&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://booking.freska.no/service&tiba=Freska&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=q5KHXpHtJZCO3wP5x7-YDA&random=2768945919&resp=GooglemKTybQhCsO&ipr=y
Request Chain 67
  • https://d.adroll.com/cm/aol/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPdd55e03e-75e3-11ea-9717-028bff9638be HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPdd55e03e-75e3-11ea-9717-028bff9638be&verify=true
Request Chain 68
  • https://d.adroll.com/cm/index/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&expiration=1617479211 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&expiration=1617479211&C=1
Request Chain 69
  • https://d.adroll.com/cm/n/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&expires=365
Request Chain 70
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&rdrctExp=true
Request Chain 71
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 72
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C HTTP 302
  • https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI
Request Chain 73
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Request Chain 74
  • https://d.adroll.com/cm/r/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C HTTP 302
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 75
  • https://d.adroll.com/cm/b/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI
Request Chain 76
  • https://d.adroll.com/cm/x/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI
Request Chain 77
  • https://d.adroll.com/cm/l/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C HTTP 302
  • https://idsync.rlcdn.com/377928.gif?partner_uid=5873982ef9de529f1c7a938c43aef632
Request Chain 78
  • https://d.adroll.com/cm/o/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=5873982ef9de529f1c7a938c43aef632 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=5873982ef9de529f1c7a938c43aef632
Request Chain 79
  • https://d.adroll.com/cm/g/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C&google_nid=adroll5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=WHOYLvneUp8cepOMQ672Mg HTTP 302
  • https://d.adroll.com/cm/g/in

100 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
booking.freska.no/
3 KB
2 KB
Document
General
Full URL
https://booking.freska.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
b1ae802f22bd8d07b2cb847469d889da4e742a68601a1b3eaf7a4f9a2ada8d7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
booking.freska.no
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
content-type
text/html; charset=UTF-8
date
Wed, 01 Apr 2020 16:13:24 GMT
etag
"a43af11970d60b7eb12335044da307b3-ssl-df"
strict-transport-security
max-age=31536000
content-encoding
gzip
content-length
1555
age
185607
server
Netlify
vary
Accept-Encoding
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-nf-request-id
bc064ad3-f063-4b8d-a534-1947dbc62e9f-7286702
css
fonts.googleapis.com/
7 KB
749 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:200,300,400,600,700,900
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
700047be58b5ebb6adca452143c48b9859e6d8c189863815e985e77607337ab8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://booking.freska.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 19:46:50 GMT
server
ESF
date
Fri, 03 Apr 2020 19:46:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Apr 2020 19:46:50 GMT
lfu1pjc.css
use.typekit.net/
1 KB
790 B
Stylesheet
General
Full URL
https://use.typekit.net/lfu1pjc.css
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.33.211 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-33-211.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
dc0fb7c28f753d72405d3200077072d1635ba9473fc5408ef472f6b45643b13d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://booking.freska.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
access-control-allow-origin
*
date
Fri, 03 Apr 2020 19:46:50 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
status
200
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
590
main.cf31f184.chunk.css
booking.freska.no/static/css/
115 B
288 B
Stylesheet
General
Full URL
https://booking.freska.no/static/css/main.cf31f184.chunk.css
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
69e1e0f4c31c1a6142bad8ad9a35f565dfafbe2f569e73c67841fd3412d90dfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://booking.freska.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

x-nf-request-id
bc064ad3-f063-4b8d-a534-1947dbc62e9f-7286706
date
Wed, 01 Apr 2020 16:13:24 GMT
content-encoding
gzip
server
Netlify
age
185606
etag
"2b7e9045e439cde0f3db44d3fb6c91ac-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
status
200
cache-control
max-age=0,must-revalidate,public
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
126
2.f0a154c9.chunk.js
booking.freska.no/static/js/
2 MB
400 KB
Script
General
Full URL
https://booking.freska.no/static/js/2.f0a154c9.chunk.js
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
d297f5937571d21edd559e9561e338f5e4a4eca53240ec54af57a2480879bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://booking.freska.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-nf-request-id
bc064ad3-f063-4b8d-a534-1947dbc62e9f-7286707
date
Wed, 01 Apr 2020 16:13:24 GMT
content-encoding
gzip
server
Netlify
age
185606
etag
"a2f179a1ea0f33ab1913dc983f4a7104-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=0,must-revalidate,public
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
408919
main.0411969c.chunk.js
booking.freska.no/static/js/
279 KB
67 KB
Script
General
Full URL
https://booking.freska.no/static/js/main.0411969c.chunk.js
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
aacf0030d4c215fd6c18ade04e066bd3dff83f05c0e1d3f4f9b88514b07898d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://booking.freska.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-nf-request-id
bc064ad3-f063-4b8d-a534-1947dbc62e9f-7286708
date
Wed, 01 Apr 2020 16:13:24 GMT
content-encoding
gzip
server
Netlify
age
185606
etag
"c515d4873d14c631cc9381cdb616eef1-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=0,must-revalidate,public
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
68536
p.css
p.typekit.net/
5 B
168 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=lfu1pjc&ht=tk&f=15363&a=23674306&app=typekit&e=css
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.33.211 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-33-211.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://booking.freska.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 03 Apr 2020 19:46:50 GMT
last-modified
Thu, 24 Oct 2019 12:27:07 GMT
server
nginx
access-control-allow-origin
*
etag
"5db1989b-5"
content-type
text/css
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
5
expires
Wed, 12 Feb 2020 04:30:50 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/2zMjIscA5IlbeOxEUR0zn7p8s11BiQxZ/
399 KB
79 KB
Script
General
Full URL
https://cdn.segment.com/analytics.js/v1/2zMjIscA5IlbeOxEUR0zn7p8s11BiQxZ/analytics.min.js
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.99.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-99-83.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30c531897506024eefaaa97af7b0da078998a9bc4cfca2670aa25b3eb5819a86

Request headers

Referer
https://booking.freska.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 18:41:14 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-cache
RefreshHit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
80151
via
1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
last-modified
Fri, 03 Apr 2020 17:14:53 GMT
server
AmazonS3
etag
"1e7c2039c1ebf28bd449e6077f5ae01a"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
OEAOKyeqU07uoucq0mSCWaX3zoofwnKG
access-control-allow-origin
*
cache-control
public, max-age=300
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
x-amz-cf-id
1W-dpqy1wbd0-TMJzXbnGR410QNmBtKWFaNf8khl3CWF591lRlru2Q==
nb.json
booking.freska.no/locales/
28 KB
10 KB
XHR
General
Full URL
https://booking.freska.no/locales/nb.json
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/static/js/2.f0a154c9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
50ea378d87e1b30be51d834a3bae7912090473b53d53693ec8b6056be554adb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://booking.freska.no/
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
bc064ad3-f063-4b8d-a534-1947dbc62e9f-7286924
date
Wed, 01 Apr 2020 16:13:28 GMT
content-encoding
gzip
server
Netlify
age
185602
etag
"03ecdf2e7ba0397eb90fc3ce5aa78529-ssl-df"
vary
Accept-Encoding
content-type
application/json
status
200
cache-control
max-age=0,no-cache,no-store,must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
10550
en.json
booking.freska.no/locales/
28 KB
10 KB
XHR
General
Full URL
https://booking.freska.no/locales/en.json
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/static/js/2.f0a154c9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
c71617bde49f19db5acb49ca95bf8683f60b7715800121c22d23323e43ffa78b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://booking.freska.no/
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
bc064ad3-f063-4b8d-a534-1947dbc62e9f-7286925
date
Wed, 01 Apr 2020 16:13:28 GMT
content-encoding
gzip
server
Netlify
age
185602
etag
"32a146204050ea6915ec513f57feef91-ssl-df"
vary
Accept-Encoding
content-type
application/json
status
200
cache-control
max-age=0,no-cache,no-store,must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
9651
business-configuration
api.freska.io/v3/
11 KB
12 KB
XHR
General
Full URL
https://api.freska.io/v3/business-configuration
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/static/js/2.f0a154c9.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.76.162.43 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
43.162.76.34.bc.googleusercontent.com
Software
/
Resource Hash
1535cfe785f5fc6fe9c39d2f4b091378b7e30d7e3bb18ed5eefe235f9d64c1eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://booking.freska.no/
Origin
https://booking.freska.no
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Via
kong/1.1.3
X-Content-Type-Options
nosniff
X-Kong-Proxy-Latency
1
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
X-Kong-Upstream-Latency
12
Connection
keep-alive
Content-Length
11511
configurations
booking.freska.no/soa/v1/
9 KB
2 KB
XHR
General
Full URL
https://booking.freska.no/soa/v1/configurations
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/static/js/2.f0a154c9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
31adf628666a7f9103f6568986e3406d59d462e4b90daecdb025233732766a54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://booking.freska.no/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
bc064ad3-f063-4b8d-a534-1947dbc62e9f-7286934
date
Fri, 03 Apr 2020 19:46:50 GMT
via
kong/1.1.3
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
0
x-kong-proxy-latency
0
status
200
x-kong-upstream-latency
127
content-encoding
gzip
content-length
2082
x-xss-protection
1; mode=block
x-request-id
497b1041-b5fb-4f7f-a9d9-10ba38c43f67
x-runtime
0.123049
referrer-policy
strict-origin-when-cross-origin
server
Netlify
x-frame-options
SAMEORIGIN
etag
W/"31adf628666a7f9103f6568986e3406d"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=0, private, must-revalidate
pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2
fonts.gstatic.com/s/nunitosans/v5/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunitosans/v5/pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aba72d81572635fcc88d896e075e63d790f10cabc5401cf85b10ef5c9cc9608c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Nunito+Sans:200,300,400,600,700,900
Origin
https://booking.freska.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 31 Jan 2020 00:24:59 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:19:56 GMT
server
sffe
age
5512911
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11488
x-xss-protection
0
expires
Sat, 30 Jan 2021 00:24:59 GMT
pe03MImSLYBIv1o4X1M8cc8-BM5tU1ECVZl_.woff2
fonts.gstatic.com/s/nunitosans/v5/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunitosans/v5/pe03MImSLYBIv1o4X1M8cc8-BM5tU1ECVZl_.woff2
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7aaf946110656abf005e31dae6abb1ae3e6cdd377c046f75a8043abeaaebc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Nunito+Sans:200,300,400,600,700,900
Origin
https://booking.freska.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 21:29:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:20:28 GMT
server
sffe
age
2067454
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11628
x-xss-protection
0
expires
Wed, 10 Mar 2021 21:29:16 GMT
entries
cdn.contentful.com/spaces/vuv4pzcbmxh6/
0
648 B
XHR
General
Full URL
https://cdn.contentful.com/spaces/vuv4pzcbmxh6/entries?content_type=blockAccordionList&locale=nb
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/static/js/2.f0a154c9.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
GET
Origin
https://booking.freska.no
Referer
https://booking.freska.no/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
authorization

Response headers

date
Fri, 03 Apr 2020 19:46:51 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
0
x-cache
MISS
status
204
x-served-by
cache-fra19130-FRA
x-contentful-request-id
e29ae632-b089-4cc3-9171-cd6495003120
server
Contentful
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Etag
accept-ranges
bytes
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature
x-contentful-region
us-east-1
x-cache-hits
0
bookings
api.freska.net/v1/
0
293 B
XHR
General
Full URL
https://api.freska.net/v1/bookings
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/static/js/2.f0a154c9.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.89.70 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.89.190.35.bc.googleusercontent.com
Software
nginx/1.13.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://booking.freska.no
Referer
https://booking.freska.no/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Fri, 03 Apr 2020 19:46:51 GMT
via
1.1 google
alt-svc
clear
server
nginx/1.13.3
access-control-allow-origin
https://booking.freska.no
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
status
204
access-control-max-age
1728000
access-control-allow-headers
Authorization,access-token,client,Cache-Control,Content-Type,expiry,token-type,uid,x-fr-region,x-booking-token,x-giftcardorder-token
bookings
api.freska.net/v1/
14 KB
15 KB
XHR
General
Full URL
https://api.freska.net/v1/bookings
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.89.70 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.89.190.35.bc.googleusercontent.com
Software
nginx/1.13.3 /
Resource Hash
faecafb2b1624c10179be87398e03702c497ff3bee0a66af6a1cdf4b26f546da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
application/json
Referer
https://booking.freska.no/
Origin
https://booking.freska.no
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Fri, 03 Apr 2020 19:46:51 GMT
via
kong/0.11.2, 1.1 google
x-content-type-options
nosniff, nosniff
x-kong-proxy-latency
0
status
201, 201 Created
x-kong-upstream-latency
134
strict-transport-security
max-age=31536000;
alt-svc
clear
x-xss-protection
1; mode=block, 1; mode=block
x-request-id
25c080a7-e5a4-4c22-bca0-394236049586
x-runtime
0.128226
server
nginx/1.13.3
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"faecafb2b1624c10179be87398e03702"
access-control-max-age
7200
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://booking.freska.no
vary
Origin
cache-control
max-age=0, private, must-revalidate
access-control-expose-headers
access-token,client,expiry,token-type,uid,x-fr-region,x-booking-token,x-giftcardorder-token
entries
cdn.contentful.com/spaces/vuv4pzcbmxh6/
73 KB
10 KB
XHR
General
Full URL
https://cdn.contentful.com/spaces/vuv4pzcbmxh6/entries?content_type=blockAccordionList&locale=nb
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
669698b2eeee3eaf4bc9a715b3bedf5c36ad85fda78cf3334079f72dac162ca3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://booking.freska.no/
Origin
https://booking.freska.no
Authorization
Bearer 9ec901435904dd42de6df868aef50b32b7f94432e59c68b9050dcf14416d7cb9
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 03 Apr 2020 19:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
contentful-api
cda_cached
age
0
cf-organization-id
1IfDvdkoCV8cHtHu9YSRQt
cf-environment-uuid
8c86d351-ff6c-481a-a764-18a86c5a8ce0
x-cache
MISS
status
200
access-control-max-age
86400
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature
content-length
9584
x-served-by
cache-fra19130-FRA
x-contentful-request-id
632bd508-2c8b-4789-8390-394a9f073e6b
cf-space-id
vuv4pzcbmxh6
server
Contentful
etag
W/"8786833143825478463"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/vnd.contentful.delivery.v1+json
via
1.1 varnish
access-control-expose-headers
Etag
accept-ranges
bytes
access-control-allow-origin
*
cf-environment-id
master
x-contentful-region
us-east-1
x-cache-hits
0
entries
cdn.contentful.com/spaces/vuv4pzcbmxh6/
0
71 B
XHR
General
Full URL
https://cdn.contentful.com/spaces/vuv4pzcbmxh6/entries?content_type=blockAccordionList&locale=nb
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/static/js/2.f0a154c9.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
GET
Origin
https://booking.freska.no
Referer
https://booking.freska.no/service
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
authorization

Response headers

date
Fri, 03 Apr 2020 19:46:51 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
0
x-cache
HIT
status
204
x-served-by
cache-fra19130-FRA
x-contentful-request-id
58023996-bc2a-4f69-9347-c35ea62e9268
server
Contentful
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Etag
accept-ranges
bytes
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature
x-contentful-region
us-east-1
x-cache-hits
1
pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2
fonts.gstatic.com/s/nunitosans/v5/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunitosans/v5/pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
797d0e1d0a5eba83fe25e52c97a8002dc8d57a592c6840bae7eba17c41d90ee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Nunito+Sans:200,300,400,600,700,900
Origin
https://booking.freska.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Apr 2020 15:55:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:19:39 GMT
server
sffe
age
186686
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11552
x-xss-protection
0
expires
Thu, 01 Apr 2021 15:55:25 GMT
l
use.typekit.net/af/3b8138/00000000000000000001203f/27/
39 KB
40 KB
Font
General
Full URL
https://use.typekit.net/af/3b8138/00000000000000000001203f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.33.211 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-33-211.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f1d6b898b36239d79d429f4d22f567e8825dc598c8c8defcddfe91b40d179a3f

Request headers

Referer
https://use.typekit.net/lfu1pjc.css
Origin
https://booking.freska.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 03 Apr 2020 19:46:51 GMT
server
nginx
access-control-allow-origin
*
etag
"330e40aaf4fafcf98e1c7ed3d3bf0b3d11f3a3db"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
40356
hotjar-103450.js
static.hotjar.com/c/
8 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-103450.js?sv=6
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/2zMjIscA5IlbeOxEUR0zn7p8s11BiQxZ/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.100.69 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress16
Software
/
Resource Hash
f3c256a8009ed53ef8de71c8be843485462a552fe151586e66f0dedc5fe0c365
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 19:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
0
status
200
access-control-max-age
600
section-io-cache
Miss
content-length
2096
x-cache-hit
1
x-frame-options
SAMEORIGIN
etag
W/bd46a7e8fc30ec42c456372afed82734
vary
Accept-Encoding
section-io-origin-status
304
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.080
accept-ranges
bytes
section-io-id
8f1c74cd7dbfda82854e44dd8e93ca24
section-origin-responded
true
entries
cdn.contentful.com/spaces/vuv4pzcbmxh6/
73 KB
9 KB
XHR
General
Full URL
https://cdn.contentful.com/spaces/vuv4pzcbmxh6/entries?content_type=blockAccordionList&locale=nb
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
669698b2eeee3eaf4bc9a715b3bedf5c36ad85fda78cf3334079f72dac162ca3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://booking.freska.no/service
Origin
https://booking.freska.no
Authorization
Bearer 9ec901435904dd42de6df868aef50b32b7f94432e59c68b9050dcf14416d7cb9
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 03 Apr 2020 19:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
contentful-api
cda_cached
age
0
cf-organization-id
1IfDvdkoCV8cHtHu9YSRQt
cf-environment-uuid
8c86d351-ff6c-481a-a764-18a86c5a8ce0
x-cache
HIT
status
200
access-control-max-age
86400
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature
content-length
9584
x-served-by
cache-fra19130-FRA
x-contentful-request-id
495436f8-e98c-429d-a199-6541f67efe17
cf-space-id
vuv4pzcbmxh6
server
Contentful
etag
W/"8786833143825478463"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/vnd.contentful.delivery.v1+json
via
1.1 varnish
access-control-expose-headers
Etag
accept-ranges
bytes
access-control-allow-origin
*
cf-environment-id
master
x-contentful-region
us-east-1
x-cache-hits
1
roundtrip.js
s.adroll.com/j/
34 KB
11 KB
Script
General
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/2zMjIscA5IlbeOxEUR0zn7p8s11BiQxZ/analytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.196.159 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-196-159.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
19c904aaa555d91d75c5b3682e3f358ba5af4c302339d63c9e464f53d8708ff8

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
EEryoP57M4BXSHtGt9JFNoNG_YhGzXxp
Content-Encoding
gzip
x-amz-request-id
EA21926B77EA4001
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Fri, 03 Apr 2020 19:46:51 GMT
Connection
keep-alive
Content-Length
10905
x-amz-id-2
S0dx9YZKi/42P6gHOd6VRj9NtvUJsJiwawSupEKCROb9T2VaCKJ74D6z+oIQPnSrPJL6nDYTZ3E=
Last-Modified
Wed, 01 Apr 2020 18:03:06 GMT
Server
AmazonS3
ETag
"9884704eb3fc99427eb5b90c4bbab62c"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
conversion_async.js
www.googleadservices.com/pagead/
27 KB
10 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/2zMjIscA5IlbeOxEUR0zn7p8s11BiQxZ/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
cafe /
Resource Hash
f97818739ebb98f7e7158da11a697bd9369fcb59d5d2adabb78f406ebb99e48d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 19:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
10549
x-xss-protection
0
server
cafe
etag
3671743730490399190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 03 Apr 2020 19:46:51 GMT
fbevents.js
connect.facebook.net/en_US/
126 KB
30 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/2zMjIscA5IlbeOxEUR0zn7p8s11BiQxZ/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
mLPe7MgGqjAiH47Y2l19G6Y4SK3A29u3s8yA0S7rEkFZE45QgbeUJk6L1vIxqxIrlv9EXXfmlf1hPQCVExDNFQ==
x-fb-trip-id
2000377899
date
Fri, 03 Apr 2020 19:46:51 GMT, Fri, 03 Apr 2020 19:46:51 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/2zMjIscA5IlbeOxEUR0zn7p8s11BiQxZ/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
4096
date
Fri, 03 Apr 2020 18:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Fri, 03 Apr 2020 20:38:35 GMT
gtm.js
www.googletagmanager.com/
63 KB
22 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MMJNF9&l=dataLayer
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/2zMjIscA5IlbeOxEUR0zn7p8s11BiQxZ/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
215987c41d5df495b1c747fabee66f82794d846ceab9e6b912dd762cef9dd1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 19:46:51 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
22548
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 03 Apr 2020 19:46:51 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
3 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/2zMjIscA5IlbeOxEUR0zn7p8s11BiQxZ/analytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 03 Apr 2020 19:46:51 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=39225
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
1738888.js
js.hs-analytics.net/analytics/1585943400000/
81 KB
22 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1585943400000/1738888.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/2zMjIscA5IlbeOxEUR0zn7p8s11BiQxZ/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55939b6406f18716780f8f899bea25e6fdaeb11d4e8552d644bafbbdb0233bb3

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 19:46:51 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
555F12E84C89FF79
x-amz-server-side-encryption
AES256
status
200
content-type
text/javascript
x-amz-id-2
RQM4DBBVpQRnrhtCqhqIh3Y/eXb/mHkrZUFP5BAq+QWwmtgKlUQjaxGzZyAcgc40BoWWOCCs77w=
last-modified
Thu, 02 Apr 2020 14:30:09 GMT
server
cloudflare
etag
W/"5866f397403d133938747c9f7dbc147d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
cf-ray
57e54c4efd930eab-FRA
expires
Fri, 03 Apr 2020 19:51:51 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300937&url=https%3A%2F%2Fbooking.freska.no%2Fservice&time=1585943211392
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D300937%26url%3Dhttps%253A%252F%252Fbooking.freska.no%252Fservice%26time%3D1585943...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300937&url=https%3A%2F%2Fbooking.freska.no%2Fservice&time=1585943211392&liSync=true
0
57 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300937&url=https%3A%2F%2Fbooking.freska.no%2Fservice&time=1585943211392&liSync=true
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 03 Apr 2020 19:46:51 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
status
200
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
0
x-li-uuid
H1s0xvJmAhZQmTQEcysAAA==

Redirect headers

date
Fri, 03 Apr 2020 19:46:51 GMT
x-content-type-options
nosniff
linkedin-action
1
status
302
strict-transport-security
max-age=2592000
content-length
0
x-li-uuid
RDgVwPJmAhZgT6T29SoAAA==
server
Play
pragma
no-cache
x-li-pop
prod-tln1
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300937&url=https%3A%2F%2Fbooking.freska.no%2Fservice&time=1585943211392&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
998 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 19:25:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1308
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Fri, 03 Apr 2020 20:25:03 GMT
js
www.google-analytics.com/gtm/
64 KB
24 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NFZZFC5&cid=1158303804.1585943211
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a859f97174c89e8846f7cf7dc38562cb1e6534b514f0daf898712e31a4a4d633
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 19:46:51 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
24654
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 03 Apr 2020 19:46:51 GMT
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/WJHJVO6DUNFDDFCMXACO4C/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
747 B
Script
General
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.196.159 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-196-159.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
oJIzvk_mmLAXF5iekxvT5NnrQtQSmq7M
Content-Encoding
gzip
x-amz-request-id
8EF58DFF6022E509
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Fri, 03 Apr 2020 19:46:51 GMT
Connection
keep-alive
Content-Length
48
x-amz-id-2
nRbO3sDbLhVuH9XRmliGROi5VMnWM15JYtBlfH96e+tuxiWX3fkjm0yBOHoWdbenF0xXBNy2Yok=
Last-Modified
Thu, 02 Apr 2020 22:43:50 GMT
Server
AmazonS3
ETag
"5816cced8568d223aa09d889f300692b"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Fri, 03 Apr 2020 19:46:51 GMT
Server
AkamaiGHost
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
index.js
s.adroll.com/j/pre/WJHJVO6DUNFDDFCMXACO4C/QTFWYKEHCJDBJONTSU2RB2/
0
773 B
Script
General
Full URL
https://s.adroll.com/j/pre/WJHJVO6DUNFDDFCMXACO4C/QTFWYKEHCJDBJONTSU2RB2/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.196.159 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-196-159.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
3URjM.TUCBF_B77DQMlnQ.qL2qDHXxvG
Content-Encoding
gzip
x-amz-request-id
B628DCB8DA2D438F
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Fri, 03 Apr 2020 19:46:51 GMT
Connection
keep-alive
Content-Length
20
x-amz-id-2
T6B+VytfHx+al5CppGZrQB9Txi7JAv65iz/Wm1npf/Z3aQtyXUJc+Vax/m1KuB//gHCUtrFXQDc=
Last-Modified
Fri, 03 Apr 2020 10:59:02 GMT
Server
AmazonS3
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
d.adroll.com/consent/check/WJHJVO6DUNFDDFCMXACO4C/
Redirect Chain
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/WJHJVO6DUNFDDFCMXACO4C?_s=38ca69a0666abbdf453478b016b00b52&_b=2
  • https://d.adroll.com/consent/check/WJHJVO6DUNFDDFCMXACO4C/?_s=38ca69a0666abbdf453478b016b00b52&_b=2
115 B
583 B
Script
General
Full URL
https://d.adroll.com/consent/check/WJHJVO6DUNFDDFCMXACO4C/?_s=38ca69a0666abbdf453478b016b00b52&_b=2
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.23.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-23-184.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
5cbe54c81e8fe0a34392f80b64a4643b470f16d8a1da6ad0ed674fa393aab1b1

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:51 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
application/javascript
content-length
115

Redirect headers

status
302
date
Fri, 03 Apr 2020 19:46:51 GMT
server
nginx/1.16.1
content-length
105
location
https://d.adroll.com/consent/check/WJHJVO6DUNFDDFCMXACO4C/?_s=38ca69a0666abbdf453478b016b00b52&_b=2
identity.js
connect.facebook.net/signals/plugins/
42 KB
11 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.15
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
10620
x-xss-protection
0
pragma
public
x-fb-debug
nT4+iWRMeCjda4knutQoh0zp6lEPhSgzBF8koZgyssYI64P6Hvn8JLopTlpuvjMUQjCVwFdqOOf7Ym/FAlNolA==
x-fb-trip-id
2000377899
date
Fri, 03 Apr 2020 19:46:51 GMT, Fri, 03 Apr 2020 19:46:51 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
2217906515153654
connect.facebook.net/signals/config/
447 KB
113 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2217906515153654?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dd5e77dcdd18e3e4cc37386eee17327a8cba18e4ea7f6ed1c69c8633fff637a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
ENx+WSIaLGGY+fle2we5FPUBGaYT67GUmL/EGY9IoHMShMu/WoGNKlQgtx+9jxJvKwb1lmi2yFG8Evjbhq6KuQ==
x-fb-trip-id
2000377899
date
Fri, 03 Apr 2020 19:46:51 GMT, Fri, 03 Apr 2020 19:46:51 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/fi_FI/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/fi_FI/sdk.js
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed8c119a5e3c6bb41c464b6a2e0e7ad44ff6e3978a70483e9549a77d476c1a9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
0QFk0pg88AhoMsYYc33XxQ==
status
200
date
Fri, 03 Apr 2020 19:46:51 GMT, Fri, 03 Apr 2020 19:46:51 GMT
expires
Fri, 03 Apr 2020 19:52:12 GMT
alt-svc
h3-27=":443"; ma=3600
content-length
1780
x-fb-debug
EfNI6WcGaxuWXDSCErTfwvxoyGHlktiW91R4XWWLqVg1BVUWxLEpC+Tz1X8UmPLiEBc6ZRGYbu6j+O2qjpyi/Q==
x-fb-trip-id
2000377899
x-fb-content-md5
c77a9aee068107ce8e033d2edb034dda
etag
"24803966b6579b7182bbcbfe090a79f9"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
widgets.js
platform.twitter.com/
96 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MMJNF9&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E5) /
Resource Hash
198c88313d65f4d2b30b218566c00f96002f78ae125643d5a73a669b46cab112

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 03 Apr 2020 19:46:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Mar 2020 21:21:21 GMT
Server
ECS (fcn/40E5)
Age
509
Etag
"3ce571864e8afdda3bc0a81ffbebe447+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
29105
js
online.adservicemedia.dk/cgi-bin/Services/RoutedLastClick/
2 KB
1 KB
Script
General
Full URL
https://online.adservicemedia.dk/cgi-bin/Services/RoutedLastClick/js?cid=9311
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MMJNF9&l=dataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.103.237 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
237.103.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7a3ebaf0e7fbd405cc732c8d1afba3443e859d4115955cdd4c02fa978b2029d0

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 19:46:51 GMT
content-encoding
gzip
server
nginx
vary
X-Forwarded-Proto,Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-store, no-cache
alt-svc
clear
content-length
955
via
1.1 google
/
service.giosg.com/live/
286 KB
89 KB
Script
General
Full URL
https://service.giosg.com/live/
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.9.141.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
7483a3152e107a03be798e6fa1c8f63a749a362ae87f8bfdf92683e131711cf2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 19:46:51 GMT
content-encoding
gzip
last-modified
Wed, 01 Apr 2020 18:51:25 GMT
server
nginx
etag
"5e84e2ad-16252"
vary
Accept-Encoding
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
status
200
cache-control
max-age=86400, public
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
content-length
90706
expires
Sat, 04 Apr 2020 19:46:51 GMT
jsTag
adtr.io/
5 KB
2 KB
Script
General
Full URL
https://adtr.io/jsTag?ap=1316300292
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MMJNF9&l=dataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.77 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-77.fra2.r.cloudfront.net
Software
/
Resource Hash
0698922779df955dbc8c0cbf65f2578fbadb8b435fe35d92831ad8738a50118f

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 16:07:24 GMT
content-encoding
gzip
age
13166
x-cache
Hit from cloudfront
status
200
content-length
1652
via
1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
etag
"410BD41D1168CA8D302037519DBBA803"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
8peyPsb4b4iIGbyFm_67_mhL51683TgK7VX0JyqgKOV6G6iaUE4N1g==
x-cache-hits
0
sdk.js
connect.facebook.net/fi_FI/
388 KB
113 KB
Script
General
Full URL
https://connect.facebook.net/fi_FI/sdk.js?hash=d5ad6fff969911dd8784bce353e8ea74&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fi_FI/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb2422194d3eaba758340b18da683f292cdd2480b523591396a0902b5f34cb86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://booking.freska.no/service
Origin
https://booking.freska.no
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
9wMeACMdewom5jJid360rQ==
status
200
date
Fri, 03 Apr 2020 19:46:51 GMT, Fri, 03 Apr 2020 19:46:51 GMT
expires
Sat, 03 Apr 2021 19:32:12 GMT
alt-svc
h3-27=":443"; ma=3600
content-length
115834
x-fb-debug
aPRHIauZ8ybvUQ5vz3HC8ksrJr1g0YyQGNSM/L/+LDzPuDT/mHqk3pNCuTT2/mbkaMKawWd6yu2ezMFF0NOnww==
x-fb-trip-id
420120009
x-fb-content-md5
47d538c952ed8a70b1647cb87c2f7b51
etag
"83452d3fed8eeec781642c8a0d46ce78"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
widget_iframe.d0f13be8321eb432fba28cfc1c3351b1.html
platform.twitter.com/widgets/ Frame 0094
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.d0f13be8321eb432fba28cfc1c3351b1.html?origin=https%3A%2F%2Fbooking.freska.no
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4197) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://booking.freska.no/service
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://booking.freska.no/service

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1288120
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 03 Apr 2020 19:46:51 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Thu, 19 Mar 2020 21:12:59 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/4197)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5825
AKMGXB7X2BBRLBTOCEYAFT.js
s.adroll.com/pixel/WJHJVO6DUNFDDFCMXACO4C/QTFWYKEHCJDBJONTSU2RB2/
Redirect Chain
  • https://d.adroll.com/pixel/WJHJVO6DUNFDDFCMXACO4C/QTFWYKEHCJDBJONTSU2RB2?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&pv=35119...
  • https://s.adroll.com/pixel/WJHJVO6DUNFDDFCMXACO4C/QTFWYKEHCJDBJONTSU2RB2/AKMGXB7X2BBRLBTOCEYAFT.js
3 KB
2 KB
Script
General
Full URL
https://s.adroll.com/pixel/WJHJVO6DUNFDDFCMXACO4C/QTFWYKEHCJDBJONTSU2RB2/AKMGXB7X2BBRLBTOCEYAFT.js
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.196.159 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-196-159.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d3410c0ae65a9c9b89dd4be04f5b112658c7a6c3765a5dd48d7c057e8b45dcac

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
PezJvQ8IRQyEr0YZiFWPDK1hMjGAmX4i
Content-Encoding
gzip
x-amz-request-id
3D8B26682B75EC60
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Fri, 03 Apr 2020 19:46:51 GMT
Connection
keep-alive
Content-Length
1249
x-amz-id-2
4H9eO2dQh4JCMaR88gx3WFLQ1DKYBe/ko6TjRVQOumgS6tGAVY3+BdLE91hGuMk9GVSWWlUTU/g=
Last-Modified
Tue, 04 Feb 2020 02:09:58 GMT
Server
AmazonS3
ETag
"915936ceab64b6214b6cd4a3d430d8b8"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

date
Fri, 03 Apr 2020 19:46:51 GMT
x-segment-display-name
Visitors to Unsegmented Pages
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
content-length
0
pragma
no-cache
x-conversion-value
0.00
server
nginx/1.16.1
x-rule
*
x-segment-eid
AKMGXB7X2BBRLBTOCEYAFT
location
https://s.adroll.com/pixel/WJHJVO6DUNFDDFCMXACO4C/QTFWYKEHCJDBJONTSU2RB2/AKMGXB7X2BBRLBTOCEYAFT.js
cache-control
no-store, no-cache, must-revalidate
x-pixel-eid
QTFWYKEHCJDBJONTSU2RB2
x-segment-name
*
x-advertisable-eid
WJHJVO6DUNFDDFCMXACO4C
x-conversion-currency
EUR
modules.ab7d31210390a6834c38.js
script.hotjar.com/
366 KB
69 KB
Script
General
Full URL
https://script.hotjar.com/modules.ab7d31210390a6834c38.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-103450.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.100.69 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress16
Software
/
Resource Hash
018ef9639120778f9d6c1dfd1370f6effc3d75bbbf878dcf4953080c52aeb3e0

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 19:46:49 GMT
content-encoding
br
content-type
application/javascript
age
33074
status
200
section-io-cache
Hit
content-length
70634
last-modified
Fri, 03 Apr 2020 10:32:43 GMT
etag
"db70e9f1a12afd3e883119f549687e07"
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.035
accept-ranges
bytes
section-io-id
702c04f5518a21b92f7a27c6658e6083
section-origin-responded
true
p
api.segment.io/v1/
21 B
142 B
XHR
General
Full URL
https://api.segment.io/v1/p
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/static/js/2.f0a154c9.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.39.143.152 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-39-143-152.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://booking.freska.no/service
Origin
https://booking.freska.no
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Fri, 03 Apr 2020 19:46:51 GMT
access-control-allow-origin
https://booking.freska.no
content-length
21
vary
Origin
content-type
application/json
/
www.googleadservices.com/pagead/conversion/852356452/
2 KB
1 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/852356452/?random=1585943211558&cv=9&fst=1585943211558&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbooking.freska.no%2Fservice&tiba=Freska&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
cafe /
Resource Hash
65c2e760172450095ed61494344a611a7d9f8a7235e1e7a575f5d7ae1f31d605
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1018
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
api.segment.io/v1/
21 B
142 B
XHR
General
Full URL
https://api.segment.io/v1/t
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/static/js/2.f0a154c9.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.39.143.152 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-39-143-152.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://booking.freska.no/service
Origin
https://booking.freska.no
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Fri, 03 Apr 2020 19:46:51 GMT
access-control-allow-origin
https://booking.freska.no
content-length
21
vary
Origin
content-type
application/json
t
api.segment.io/v1/
21 B
142 B
XHR
General
Full URL
https://api.segment.io/v1/t
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/static/js/2.f0a154c9.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.39.143.152 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-39-143-152.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://booking.freska.no/service
Origin
https://booking.freska.no
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Fri, 03 Apr 2020 19:46:51 GMT
access-control-allow-origin
https://booking.freska.no
content-length
21
vary
Origin
content-type
application/json
ec.js
www.google-analytics.com/plugins/ua/
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 19:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1069
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1306
x-xss-protection
0
expires
Fri, 03 Apr 2020 20:29:02 GMT
p
api.segment.io/v1/
21 B
142 B
XHR
General
Full URL
https://api.segment.io/v1/p
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/static/js/2.f0a154c9.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.39.143.152 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-39-143-152.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://booking.freska.no/service
Origin
https://booking.freska.no
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Fri, 03 Apr 2020 19:46:51 GMT
access-control-allow-origin
https://booking.freska.no
content-length
21
vary
Origin
content-type
application/json
/
www.googleadservices.com/pagead/conversion/852356452/
2 KB
1 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/852356452/?random=1585943211596&cv=9&fst=1585943211596&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbooking.freska.no%2Fservice&tiba=Freska&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
cafe /
Resource Hash
634f76417d866b18c559aa74c1614075d1a3a14e685b6bfbcc1464422ce48a8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1019
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
248 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2217906515153654&ev=PageView&dl=https%3A%2F%2Fbooking.freska.no%2Fservice&rl=&if=false&ts=1585943211564&sw=1600&sh=1200&v=2.9.15&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1585943211563.72625767&it=1585943211422&coo=false&rqm=GET
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 03 Apr 2020 19:46:51 GMT, Fri, 03 Apr 2020 19:46:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Fri, 03 Apr 2020 19:46:51 GMT
collect
www.google-analytics.com/
35 B
122 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=444992328&t=pageview&_s=1&dl=https%3A%2F%2Fbooking.freska.no%2Fservice&dp=%2Fservice&ul=en-us&de=UTF-8&dt=Freska&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAgEAjQ~&jid=159833786&gjid=1199854398&cid=1158303804.1585943211&tid=UA-60179910-9&_gid=2077222931.1585943211&z=1967381606
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 10 Mar 2020 20:43:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2070208
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-60179910-9&cid=1158303804.1585943211&jid=159833786&gjid=1199854398&_gid=2077222931.1585943211&_u=aGBAgEAjQ~&z=127688339
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60179910-9&cid=1158303804.1585943211&jid=159833786&_v=j81&z=127688339
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60179910-9&cid=1158303804.1585943211&jid=159833786&_v=j81&z=127688339&slf_rd=1&random=456765461
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60179910-9&cid=1158303804.1585943211&jid=159833786&_v=j81&z=127688339&slf_rd=1&random=456765461
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:51 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60179910-9&cid=1158303804.1585943211&jid=159833786&_v=j81&z=127688339&slf_rd=1&random=456765461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cx.atdmt.com/
Redirect Chain
  • https://www.facebook.com/tr/?id=2217906515153654&ev=Lead&dl=https%3A%2F%2Fbooking.freska.no%2Fservice&rl=&if=false&ts=1585943211577&cd[helsinkiCentral]=false&cd[d2d]=false&cd[activeFeaturesJson]=%7...
  • https://cx.atdmt.com/?c=1407251068961338909&f=AYwHJDTYkGkqgG7r8Q1TmyhuYduAMZffqLwIt4PyEqFvdpwE0Q9L05qvs-zIHBd9wPs-4CPrrn8_CZIeusg-zGw0&id=2217906515153654&l=3&v=0
42 B
431 B
Image
General
Full URL
https://cx.atdmt.com/?c=1407251068961338909&f=AYwHJDTYkGkqgG7r8Q1TmyhuYduAMZffqLwIt4PyEqFvdpwE0Q9L05qvs-zIHBd9wPs-4CPrrn8_CZIeusg-zGw0&id=2217906515153654&l=3&v=0
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 03 Apr 2020 19:46:51 GMT, Fri, 03 Apr 2020 19:46:51 GMT, Fri, 03 Apr 2020 19:46:51 GMT
p3p
CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
alt-svc
h3-27=":443"; ma=3600
content-length
42
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:51 GMT, Fri, 03 Apr 2020 19:46:51 GMT
server
proxygen-bolt
location
https://cx.atdmt.com/?c=1407251068961338909&f=AYwHJDTYkGkqgG7r8Q1TmyhuYduAMZffqLwIt4PyEqFvdpwE0Q9L05qvs-zIHBd9wPs-4CPrrn8_CZIeusg-zGw0&id=2217906515153654&l=3&v=0
content-type
text/plain
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=3600
content-length
0
expires
0
collect
www.google-analytics.com/
35 B
94 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=444992328&t=event&ni=0&_s=2&dl=https%3A%2F%2Fbooking.freska.no%2Fservice&dp=%2Fservice&ul=en-us&de=UTF-8&dt=Freska&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=All&ea=New%20Booking%20Started&el=home_cleaning&ev=0&_u=aGBAgEAjQ~&jid=&gjid=&cid=1158303804.1585943211&tid=UA-60179910-9&_gid=2077222931.1585943211&cd10=false&z=1304756594
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 10 Mar 2020 20:43:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2070208
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2217906515153654&ev=Checkout%20Step%20Viewed&dl=https%3A%2F%2Fbooking.freska.no%2Fservice&rl=&if=false&ts=1585943211588&cd[step]=1&cd[activeFeaturesJson]=%7B%22pricing.new_price_resolver%22%3Anull%7D&cd[activeFeatures]=%7B%22pricing.new_price_resolver%22%3Anull%7D&cd[checkoutId]=Booking-1604797&cd[language]=nb&cd[norwegianRewardActive]=false&cd[checkoutType]=home_cleaning&cd[serviceName]=home_cleaning&cd[label]=home_cleaning&sw=1600&sh=1200&v=2.9.15&r=stable&a=seg&ec=2&o=30&fbp=fb.1.1585943211563.72625767&it=1585943211422&coo=false&eid=ajs-0eeec60a06dfbc00dc85775b79fb5a67&tm=2&rqm=GET
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 03 Apr 2020 19:46:51 GMT, Fri, 03 Apr 2020 19:46:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Fri, 03 Apr 2020 19:46:51 GMT
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2217906515153654&ev=PageView&dl=https%3A%2F%2Fbooking.freska.no%2Fservice&rl=&if=false&ts=1585943211598&sw=1600&sh=1200&v=2.9.15&r=stable&a=seg&ec=3&o=30&fbp=fb.1.1585943211563.72625767&it=1585943211422&coo=false&rqm=GET
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 03 Apr 2020 19:46:51 GMT, Fri, 03 Apr 2020 19:46:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Fri, 03 Apr 2020 19:46:51 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame CE71
0
0
Document
General
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-103450.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.100.69 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress16
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://booking.freska.no/service
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://booking.freska.no/service

Response headers

status
200
date
Fri, 03 Apr 2020 19:46:49 GMT
content-type
text/html
content-length
851
last-modified
Wed, 25 Mar 2020 15:18:29 GMT
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control
max-age=31536000
content-encoding
br
section-io-origin-status
200
section-io-origin-time-seconds
0.087
section-origin-responded
true
age
743939
vary
Accept-Encoding
section-io-cache
Hit
accept-ranges
bytes
section-io-id
5e19c3bbc1b1361efaa48b3bd3eb2c5b
collect
www.google-analytics.com/
35 B
94 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=444992328&t=event&ni=1&cu=USD&_s=3&dl=https%3A%2F%2Fbooking.freska.no%2Fservice&dp=%2Fservice&ul=en-us&de=UTF-8&dt=Freska&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=EnhancedEcommerce&ea=Checkout%20Step%20Viewed&el=home_cleaning&_u=aGBAgEIrQ~&jid=&gjid=&cid=1158303804.1585943211&tid=UA-60179910-9&_gid=2077222931.1585943211&cd10=false&cos=1&pa=checkout&z=665646021
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 10 Mar 2020 20:43:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2070208
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
94 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=444992328&t=pageview&cu=USD&_s=4&dl=https%3A%2F%2Fbooking.freska.no%2Fservice&dp=%2Fservice&ul=en-us&de=UTF-8&dt=Freska&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAgEIrQ~&jid=&gjid=&cid=1158303804.1585943211&tid=UA-60179910-9&_gid=2077222931.1585943211&cd10=false&z=1121292822
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 10 Mar 2020 20:43:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2070208
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/852356452/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/852356452/?random=1882022874&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_...
  • https://www.google.com/pagead/1p-conversion/852356452/?random=1882022874&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u...
  • https://www.google.de/pagead/1p-conversion/852356452/?random=1882022874&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_...
42 B
110 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/852356452/?random=1882022874&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://booking.freska.no/service&tiba=Freska&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=q5KHXsHGI5jX3gO4rIvoCA&random=2067015702&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:51 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/pagead/1p-conversion/852356452/?random=1882022874&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://booking.freska.no/service&tiba=Freska&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=q5KHXsHGI5jX3gO4rIvoCA&random=2067015702&resp=GooglemKTybQhCsO&ipr=y
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/852356452/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/852356452/?random=1443872737&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_...
  • https://www.google.com/pagead/1p-conversion/852356452/?random=1443872737&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u...
  • https://www.google.de/pagead/1p-conversion/852356452/?random=1443872737&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_...
42 B
110 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/852356452/?random=1443872737&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://booking.freska.no/service&tiba=Freska&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=q5KHXpHtJZCO3wP5x7-YDA&random=2768945919&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:51 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/pagead/1p-conversion/852356452/?random=1443872737&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://booking.freska.no/service&tiba=Freska&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=q5KHXpHtJZCO3wP5x7-YDA&random=2768945919&resp=GooglemKTybQhCsO&ipr=y
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
service.giosg.com/api/v2/visitor/settings/5184/
0
473 B
XHR
General
Full URL
https://service.giosg.com/api/v2/visitor/settings/5184/?url=https%3A%2F%2Fbooking.freska.no%2Fservice
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/static/js/2.f0a154c9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.9.141.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Access-Control-Request-Method
GET
Origin
https://booking.freska.no
Referer
https://booking.freska.no/service
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
x-client-origin

Response headers

date
Fri, 03 Apr 2020 19:46:51 GMT
server
nginx
access-control-allow-origin
*
access-control-max-age
3600
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
status
200
strict-transport-security
max-age=63072000
content-type
text/html; charset=utf-8
access-control-allow-headers
x-requested-with, content-type, accept, origin, authorization, x-giosg-clientversion, x-client-origin
content-length
0
p
online.adservicemedia.dk/cgi-bin/Services/RoutedLastClick/
43 B
131 B
Image
General
Full URL
https://online.adservicemedia.dk/cgi-bin/Services/RoutedLastClick/p?sid=3&cid=9311&r=&url=https%3A%2F%2Fbooking.freska.no%2Fservice&src=&coid=487201191&alt=1
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.103.237 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
237.103.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 03 Apr 2020 19:46:51 GMT
via
1.1 google
server
nginx
vary
X-Forwarded-Proto
content-type
image/gif
status
200
cache-control
no-store, no-cache
alt-svc
clear
content-length
43
sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/aol/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C
  • https://pixel.advertising.com/ups/55980/sync?uid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://pixel.advertising.com/ups/55980/sync?uid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPdd55e03e-75e3-11ea-9717-02...
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPdd55e03e-75e3-11ea-9717-02...
0
977 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55980/sync?uid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPdd55e03e-75e3-11ea-9717-028bff9638be&verify=true
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.106 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 03 Apr 2020 19:46:52 GMT
Server
ATS/7.1.2.106
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date
Fri, 03 Apr 2020 19:46:52 GMT
Server
ATS/7.1.2.106
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://ups.analytics.yahoo.com/ups/55980/sync?uid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPdd55e03e-75e3-11ea-9717-028bff9638be&verify=true
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&expiration=1617479211
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&expiration=1617479211&C=1
43 B
1002 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&expiration=1617479211&C=1
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.197.53 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-197-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Apr 2020 19:46:51 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 03 Apr 2020 19:46:51 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 03 Apr 2020 19:46:51 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&expiration=1617479211&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
333
Expires
Fri, 03 Apr 2020 19:46:51 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&expires=365
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&expires=365
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:51 GMT
server
nginx/1.16.1
location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&expires=365
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
cache-control
no-store, no-cache, must-revalidate
content-length
124
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&rdrctExp=true
0
450 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&rdrctExp=true
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-TraceId
ce2d1bda86b98c3a74afdf1271cb6952
Date
Fri, 03 Apr 2020 19:46:52 GMT
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&rdrctExp=true
Date
Fri, 03 Apr 2020 19:46:52 GMT
X-TraceId
7f0507e7872629e1743bb071a62bc8d9
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...
1 B
886 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Apr 2020 19:46:51 GMT
X-lat
Pug22031:0:747
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Cache-Control
no-store, no-cache, private
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection
close
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:51 GMT
server
nginx/1.16.1
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
cache-control
no-store, no-cache, must-revalidate
content-length
220
/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C
  • https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI
0
281 B
Image
General
Full URL
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Fri, 03 Apr 2020 19:46:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1585943212.924227,VS0,VE9
x-served-by
cache-hhn4033-HHN
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:51 GMT
server
nginx/1.16.1
location
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
cache-control
no-store, no-cache, must-revalidate
content-length
111
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C
  • https://eb2.3lift.com/xuid?mid=4714&xuid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.116.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-116-150.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 03 Apr 2020 19:46:52 GMT
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
37
content-type
image/gif

Redirect headers

status
302
date
Fri, 03 Apr 2020 19:46:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
/xuid?ld=1&mid=4714&xuid=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
in
d.adroll.com/cm/r/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
42 B
500 B
Image
General
Full URL
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.23.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-23-184.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:52 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42

Redirect headers

date
Fri, 03 Apr 2020 19:46:52 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
location
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
status
302
x-content-type-options
nosniff
content-length
0
x-xss-protection
1; mode=block
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI
43 B
378 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.193.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-193-185.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 03 Apr 2020 19:46:52 GMT
cache-control
no-cache, no-store, must-revalidate
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
43
content-type
image/gif

Redirect headers

status
302
date
Fri, 03 Apr 2020 19:46:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
bounce
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C
  • https://ib.adnxs.com/setuid?entity=172&code=NTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Apr 2020 19:46:54 GMT
AN-X-Request-Uuid
588a175f-7d5f-4c25-9c29-e505559f7483
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.146.82.229; 217.146.82.229; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.154:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 03 Apr 2020 19:46:54 GMT
AN-X-Request-Uuid
cce1f2bd-8ab8-4c62-871a-d2965f9032fc
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTg3Mzk4MmVmOWRlNTI5ZjFjN2E5MzhjNDNhZWY2MzI
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.146.82.229; 217.146.82.229; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.108:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
377928.gif
idsync.rlcdn.com/
Redirect Chain
  • https://d.adroll.com/cm/l/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C
  • https://idsync.rlcdn.com/377928.gif?partner_uid=5873982ef9de529f1c7a938c43aef632
0
62 B
Image
General
Full URL
https://idsync.rlcdn.com/377928.gif?partner_uid=5873982ef9de529f1c7a938c43aef632
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Fri, 03 Apr 2020 19:46:52 GMT
via
1.1 google
alt-svc
clear

Redirect headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:52 GMT
server
nginx/1.16.1
location
https://idsync.rlcdn.com/377928.gif?partner_uid=5873982ef9de529f1c7a938c43aef632
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
cache-control
no-store, no-cache, must-revalidate
content-length
86
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=5873982ef9de529f1c7a938c43aef632
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=5873982ef9de529f1c7a938c43aef632
43 B
183 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=5873982ef9de529f1c7a938c43aef632
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.182.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:52 GMT
via
1.1 google
server
OXGW/16.182.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 03 Apr 2020 19:46:52 GMT
via
1.1 google
server
OXGW/16.182.1
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=5873982ef9de529f1c7a938c43aef632
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
alt-svc
clear
content-length
0
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=63e98251fd4467efd66e949111d014f1-1585943211499&arrfrr=https%3A%2F%2Fbooking.freska.no%2Fservice&xid_ch=f&advertisable=WJHJVO6DUNFDDFCMXACO4C&google_nid=adroll5
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=WHOYLvneUp8cepOMQ672Mg
  • https://d.adroll.com/cm/g/in
42 B
537 B
Image
General
Full URL
https://d.adroll.com/cm/g/in
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.23.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-23-184.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:52 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42
x-result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:52 GMT
server
HTTP server (unknown)
location
https://d.adroll.com/cm/g/in
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
service.giosg.com/api/v2/visitor/settings/5184/
73 KB
22 KB
XHR
General
Full URL
https://service.giosg.com/api/v2/visitor/settings/5184/?url=https%3A%2F%2Fbooking.freska.no%2Fservice
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.9.141.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
7d02f7098fbd3cc0dfecfedb297314536b220bf5b4ca329ed51e3e943c674d8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://booking.freska.no/service
Origin
https://booking.freska.no
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Client-Origin
https://booking.freska.no

Response headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:51 GMT
content-encoding
gzip
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
108
status
200
vary
Accept, Accept-Language, Accept-Encoding
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=63072000
content-type
application/json
content-length
21643
giosgClient.58ff4ad278906b2c4ff9.js
service.giosg.com/static/
205 KB
55 KB
Script
General
Full URL
https://service.giosg.com/static/giosgClient.58ff4ad278906b2c4ff9.js
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.9.141.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
e0ec559ab6a10725aa483c2796ac74337711a8bb060a8e575e86b7e7106ea63c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 19:46:52 GMT
content-encoding
gzip
last-modified
Wed, 01 Apr 2020 18:51:25 GMT
server
nginx
access-control-allow-origin
*
etag
"5e84e2ad-db4b"
vary
Accept-Encoding
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
status
200
cache-control
max-age=315360000, public
strict-transport-security
max-age=63072000
content-type
application/javascript
content-length
56139
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
service.giosg.com/api/v2/visitor/dialog/8219/
0
473 B
XHR
General
Full URL
https://service.giosg.com/api/v2/visitor/dialog/8219/
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/static/js/2.f0a154c9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.9.141.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Access-Control-Request-Method
GET
Origin
https://booking.freska.no
Referer
https://booking.freska.no/service
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,x-giosg-clientversion

Response headers

date
Fri, 03 Apr 2020 19:46:52 GMT
server
nginx
access-control-allow-origin
*
access-control-max-age
3600
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
status
200
strict-transport-security
max-age=63072000
content-type
text/html; charset=utf-8
access-control-allow-headers
x-requested-with, content-type, accept, origin, authorization, x-giosg-clientversion, x-client-origin
content-length
0
/
service.giosg.com/api/v2/visitor/dialog/8219/
42 KB
15 KB
XHR
General
Full URL
https://service.giosg.com/api/v2/visitor/dialog/8219/
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/service
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.9.141.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
7ff8e7c06878f708f6fe800f4d252105c096d738a29d64e6c73700d998e92c59
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://booking.freska.no/service
Origin
https://booking.freska.no
Sec-Fetch-Dest
empty
X-GIOSG-ClientVersion
9bbefe8cbcb714b1d7ad4eb183dfaefb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 03 Apr 2020 19:46:52 GMT
content-encoding
gzip
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
7
status
200
vary
Accept, Accept-Language, Accept-Encoding
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=63072000
content-type
application/json
content-length
14674
giosgClient.bc383fda34cb1d81.css
service.giosg.com/static/stylesheets/
24 KB
8 KB
Stylesheet
General
Full URL
https://service.giosg.com/static/stylesheets/giosgClient.bc383fda34cb1d81.css
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.9.141.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
7376cacb0727e1110678ac93a1f3a01d79f79cec298caab37449fb12bb55e9e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 03 Apr 2020 19:46:52 GMT
content-encoding
gzip
last-modified
Wed, 01 Apr 2020 18:51:25 GMT
server
nginx
access-control-allow-origin
*
etag
"5e84e2ad-1f84"
vary
Accept-Encoding
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
status
200
cache-control
max-age=315360000, public
strict-transport-security
max-age=63072000
content-type
text/css
content-length
8068
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
5184.clients.giosgusercontent.com/cd/5184/zyj1b/ Frame DB56
0
0
Document
General
Full URL
https://5184.clients.giosgusercontent.com/cd/5184/zyj1b/?url=https%3A%2F%2Fbooking.freska.no%2Fservice&dialog_id=8219
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.9.141.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

:method
GET
:authority
5184.clients.giosgusercontent.com
:scheme
https
:path
/cd/5184/zyj1b/?url=https%3A%2F%2Fbooking.freska.no%2Fservice&dialog_id=8219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://booking.freska.no/service
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://booking.freska.no/service

Response headers

status
200
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-language
en
content-length
22784
content-type
text/html; charset=utf-8
date
Fri, 03 Apr 2020 19:46:52 GMT
pragma
no-cache
server
nginx
set-cookie
csrftoken=LWZWnV7KBpGYjam6Ry8fKfdFGkldzAsxkM8fy3kNSY1IGM153VkY556TE3pAnhSH; expires=Fri, 02 Apr 2021 19:46:52 GMT; Max-Age=31449600; Path=/; SameSite=none; Secure
vary
Cookie, Accept-Language, Accept-Encoding
x-response-duration
37
strict-transport-security
max-age=63072000
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a2c68c039860ecb16d04dee83c8088ae0b04b42aead582c52fd092c2081f1d1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
1738888.js
js.hs-scripts.com/
877 B
860 B
Script
General
Full URL
https://js.hs-scripts.com/1738888.js
Requested by
Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1585943400000/1738888.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5359dded9cdf1b7dfa8063a34220f0820f96c73c2eabe6b32a6c3c5e91e18476

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 19:46:52 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
access-control-allow-origin
https://booking.freska.no
x-trace
2B4479DCC42D7C7E67549FAB5D79DD7CFE4141CD1D000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
access-control-max-age
3600
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
57e54c56ea6996a4-FRA
expires
Fri, 03 Apr 2020 19:47:52 GMT
__ptq.gif
track.hubspot.com/
45 B
494 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=818329955&v=1.1&a=1738888&pu=https%3A%2F%2Fbooking.freska.no%2Fservice&t=Freska&cts=1585943212607&vi=205db2f1070b969c095388ba681cfdd6&nc=true&u=214692232.205db2f1070b969c095388ba681cfdd6.1585943212604.1585943212604.1585943212604.1&b=214692232.1.1585943212605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 03 Apr 2020 19:46:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
57e54c56ecb9c277-FRA
content-type
image/gif
content-length
45
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
104 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?id=New+Booking+Started&helsinkiCentral=false&d2d=false&activeFeaturesJson=%7B%22pricing.new_price_resolver%22%3Anull%7D&activeFeatures=%5Bobject+Object%5D&activeFeature1=null&activeFeature2=null&checkoutId=Booking-1604797&language=nb&norwegianRewardActive=false&checkoutType=home_cleaning&serviceName=home_cleaning&label=home_cleaning&k=3&n=New+Booking+Started&m=&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=818329955&v=1.1&a=1738888&pu=https%3A%2F%2Fbooking.freska.no%2Fservice&t=Freska&cts=1585943212611&vi=205db2f1070b969c095388ba681cfdd6&nc=true&u=214692232.205db2f1070b969c095388ba681cfdd6.1585943212604.1585943212604.1585943212604.1&b=214692232.1.1585943212605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 03 Apr 2020 19:46:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
57e54c56ecc1c277-FRA
content-type
image/gif
content-length
45
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
104 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?id=Checkout+Step+Viewed&step=1&activeFeaturesJson=%7B%22pricing.new_price_resolver%22%3Anull%7D&activeFeatures=%5Bobject+Object%5D&activeFeature1=null&activeFeature2=null&checkoutId=Booking-1604797&language=nb&norwegianRewardActive=false&checkoutType=home_cleaning&serviceName=home_cleaning&label=home_cleaning&k=3&n=Checkout+Step+Viewed&m=&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=818329955&v=1.1&a=1738888&pu=https%3A%2F%2Fbooking.freska.no%2Fservice&t=Freska&cts=1585943212612&vi=205db2f1070b969c095388ba681cfdd6&nc=true&u=214692232.205db2f1070b969c095388ba681cfdd6.1585943212604.1585943212604.1585943212604.1&b=214692232.1.1585943212605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 03 Apr 2020 19:46:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
57e54c56ecbcc277-FRA
content-type
image/gif
content-length
45
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
104 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=818329955&v=1.1&a=1738888&pu=https%3A%2F%2Fbooking.freska.no%2Fservice&t=Freska&cts=1585943212613&vi=205db2f1070b969c095388ba681cfdd6&nc=true&u=214692232.205db2f1070b969c095388ba681cfdd6.1585943212604.1585943212604.1585943212604.1&b=214692232.1.1585943212605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 03 Apr 2020 19:46:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
57e54c56ecc3c277-FRA
content-type
image/gif
content-length
45
x-robots-tag
none
collect
www.google-analytics.com/
35 B
100 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=444992328&t=timing&cu=USD&_s=5&dl=https%3A%2F%2Fbooking.freska.no%2Fservice&dp=%2Fservice&ul=en-us&de=UTF-8&dt=Freska&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&plt=2752&pdt=0&dns=55&rrt=0&srt=7&tcp=169&dit=569&clt=569&_gst=1493&_gbt=1563&_u=aGBAgEIrQ~&jid=&gjid=&cid=1158303804.1585943211&tid=UA-60179910-9&_gid=2077222931.1585943211&cd10=false&z=1324565416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 10 Mar 2020 20:43:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2070209
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
leadflows.js
js.hsleadflows.net/
378 KB
61 KB
Script
General
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1738888.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:e7cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1c1214e59c44f5e5c8df55e450b79c53173ec6d1be075d5586d42aca95cd1c5

Request headers

Referer
https://booking.freska.no/service
Origin
https://booking.freska.no
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 03 Apr 2020 19:46:53 GMT
via
1.1 4c3936cc7f5f36d3966cb34ebcbf91a7.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
IAD79-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
status
200
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
content-type
application/javascript; charset=utf-8
last-modified
Mon, 09 Mar 2020 04:08:40 GMT
server
cloudflare
etag
W/"2e38cc0a0ac0df26db1ee131533ec1c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
x-amz-version-id
g.iTr1QYUHTKmLRDHUCic9UdeJCTzz0A
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
cf-ray
57e54c57dc5dd6ed-FRA
x-amz-cf-id
uKD8QYiujbiBd1A9DBQ3C-c41KFzMcvIyCKoMQiMgKTWlnAxbe55_A==
/
service.giosg.com/api/v5/public/trace/
17 B
374 B
XHR
General
Full URL
https://service.giosg.com/api/v5/public/trace/
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/static/js/2.f0a154c9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.9.141.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
d1abbfca260b182822c2b7fa6278cd3d86489d76950983b942fe9a2c9d5444fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://booking.freska.no/service
Origin
https://booking.freska.no
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 03 Apr 2020 19:46:53 GMT
allow
GET, POST, HEAD, OPTIONS
server
nginx
x-response-duration
197
status
201
vary
Accept, Accept-Language
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
strict-transport-security
max-age=63072000
content-type
application/json
content-length
17
truncated
/
751 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9ff4042c1fac82f9f8dae2dfd22e716ea9a21caa38d2d46f47a7a5fad60842a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/
44 B
147 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2217906515153654&ev=Microdata&dl=https%3A%2F%2Fbooking.freska.no%2Fservice&rl=&if=false&ts=1585943213066&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Freska%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&a=seg&ec=4&o=30&fbp=fb.1.1585943211563.72625767&it=1585943211422&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://booking.freska.no/service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 03 Apr 2020 19:46:53 GMT, Fri, 03 Apr 2020 19:46:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Fri, 03 Apr 2020 19:46:53 GMT
json
forms.hubspot.com/lead-flows-config/v1/config/
167 B
762 B
XHR
General
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=1738888&utk=205db2f1070b969c095388ba681cfdd6&__hstc=214692232.205db2f1070b969c095388ba681cfdd6.1585943212604.1585943212604.1585943212604.1&__hssc=214692232.1.1585943212605&currentUrl=https%3A%2F%2Fbooking.freska.no%2Fservice
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/static/js/2.f0a154c9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f905 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b570710bf5d99e2739ca151acf60563e78290645fa9b64337dea6132f914576b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://booking.freska.no/service
Origin
https://booking.freska.no
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 03 Apr 2020 19:46:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-ray
57e54c5a9c1ed6e9-FRA
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://booking.freska.no
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
/
service.giosg.com/api/visitor-data/ie36rkt3gv6el7cpzmaaobh2pqvzr3alm2zfhqdnlcseaaam/10151/
0
473 B
XHR
General
Full URL
https://service.giosg.com/api/visitor-data/ie36rkt3gv6el7cpzmaaobh2pqvzr3alm2zfhqdnlcseaaam/10151/
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/static/js/2.f0a154c9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.9.141.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Access-Control-Request-Method
GET
Origin
https://booking.freska.no
Referer
https://booking.freska.no/service
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,x-giosg-clientversion

Response headers

date
Fri, 03 Apr 2020 19:46:53 GMT
server
nginx
access-control-allow-origin
*
access-control-max-age
3600
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
status
200
strict-transport-security
max-age=63072000
content-type
text/html; charset=utf-8
access-control-allow-headers
x-requested-with, content-type, accept, origin, authorization, x-giosg-clientversion, x-client-origin
content-length
0
/
service.giosg.com/api/v5/public/trace/
17 B
373 B
XHR
General
Full URL
https://service.giosg.com/api/v5/public/trace/
Requested by
Host: booking.freska.no
URL: https://booking.freska.no/static/js/2.f0a154c9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.9.141.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
e24fc62cf418adbaaf6b3314c5e50180ceaf3773666c13ea73a1e6545cf90658
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://booking.freska.no/service
Origin
https://booking.freska.no
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 03 Apr 2020 19:46:53 GMT
allow
GET, POST, HEAD, OPTIONS
server
nginx
x-response-duration
77
status
201
vary
Accept, Accept-Language
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
strict-transport-security
max-age=63072000
content-type
application/json
content-length
17
/
service.giosg.com/api/visitor-data/ie36rkt3gv6el7cpzmaaobh2pqvzr3alm2zfhqdnlcseaaam/10151/
151 B
516 B
XHR
General
Full URL
https://service.giosg.com/api/visitor-data/ie36rkt3gv6el7cpzmaaobh2pqvzr3alm2zfhqdnlcseaaam/10151/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.9.141.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
48812c79ef58de41a3b12da27faedf05a5fd6b188b70d494a0df366b25b02d4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://booking.freska.no/service
Origin
https://booking.freska.no
Sec-Fetch-Dest
empty
X-GIOSG-ClientVersion
9bbefe8cbcb714b1d7ad4eb183dfaefb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 03 Apr 2020 19:46:53 GMT
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
17
status
200
vary
Accept, Accept-Language, Cookie
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
no-cache
strict-transport-security
max-age=63072000
content-type
application/json
content-length
151

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| analytics object| webpackJsonpfreska-checkout function| setImmediate function| clearImmediate object| regeneratorRuntime object| scCGSHMRCache number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad number| 2f1acc6c3a606b082e5eef5e54414ffb function| _rollbarURH object| Rollbar string| FRESKA_SERVICE string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded function| _fbq function| fbq string| GoogleAnalyticsObject function| ga function| normalize object| dataLayer string| _linkedin_data_partner_id object| _hsq object| _hjSelf function| hj object| _hjSettings function| lintrk boolean| _already_called_lintrk object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback object| google_tag_manager function| fbAsyncInit function| _giosg function| GooglemKTybQhCsO function| google_trackConversion object| FB object| google_optimize object| __twttrll object| twttr object| __twttr boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| _paq object| _hsp boolean| _hspb_loaded boolean| _hstc_loaded object| GooglebQhCsO object| adroll_exp_list object| giosgWebpackJsonp undefined| _ object| giosg function| jGiosg object| ADT undefined| JSON3 object| GiosgClient boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| e function| bindToWindowOnError function| defineProperties object| globalRoot undefined| hns object| leadflows function| hmerge object| hubspot function| OutpostErrorReporter boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| hubspot_mailcheck undefined| Pikaday undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN boolean| LEAD_FLOW_DOCUMENT_READY_RAN

21 Cookies

Domain/Path Name / Value
.freska.no/ Name: __hssc
Value: 214692232.1.1585943212605
.freska.no/ Name: __hssrc
Value: 1
.freska.no/ Name: coid
Value: 487201191
.freska.no/ Name: _gat
Value: 1
.freska.no/ Name: _fbp
Value: fb.1.1585943211563.72625767
.booking.freska.no/ Name: __adroll_fpc
Value: 63e98251fd4467efd66e949111d014f1-1585943211499
.freska.no/ Name: _gcl_au
Value: 1.1.2114388106.1585943211
.freska.no/ Name: _hjid
Value: fe3d535f-8ad3-4b1f-bc72-41dac42d032c
.freska.no/ Name: _gid
Value: GA1.2.2077222931.1585943211
.freska.no/ Name: ajs_group_id
Value: null
booking.freska.no/ Name: freska_home_cleaning_token
Value: QAbtsBea2WUX4gDbKe4D7oTY2Fwdo4Lf
5184.clients.giosgusercontent.com/ Name: csrftoken
Value: LWZWnV7KBpGYjam6Ry8fKfdFGkldzAsxkM8fy3kNSY1IGM153VkY556TE3pAnhSH
.freska.no/ Name: __hstc
Value: 214692232.205db2f1070b969c095388ba681cfdd6.1585943212604.1585943212604.1585943212604.1
.freska.no/ Name: _ga
Value: GA1.2.1158303804.1585943211
.freska.no/ Name: ajs_user_id
Value: null
booking.freska.no/ Name: freska_home_cleaning_id
Value: 1604797
.freska.no/ Name: hubspotutk
Value: 205db2f1070b969c095388ba681cfdd6
.booking.freska.no/ Name: __ar_v4
Value: %7CWJHJVO6DUNFDDFCMXACO4C%3A20200403%3A1%7CQTFWYKEHCJDBJONTSU2RB2%3A20200403%3A1%7CAKMGXB7X2BBRLBTOCEYAFT%3A20200403%3A1
.freska.no/ Name: freska_features
Value: {%22pricing.new_price_resolver%22:null}
.freska.no/ Name: ajs_anonymous_id
Value: %223bcca204-e03a-481b-8875-c13c1dfc15ae%22
booking.freska.no/ Name: i18next
Value: nb

1 Console Messages

Source Level URL
Text
console-api log URL: https://booking.freska.no/static/js/2.f0a154c9.chunk.js(Line 1)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5184.clients.giosgusercontent.com
ads.yahoo.com
adtr.io
api.freska.io
api.freska.net
api.segment.io
booking.freska.no
cdn.contentful.com
cdn.segment.com
cm.g.doubleclick.net
connect.facebook.net
cx.atdmt.com
d.adroll.com
d.adroll.mgr.consensu.org
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
js.hs-analytics.net
js.hs-scripts.com
js.hsleadflows.net
online.adservicemedia.dk
p.typekit.net
pixel.advertising.com
pixel.rubiconproject.com
platform.twitter.com
px.ads.linkedin.com
s.adroll.com
script.hotjar.com
service.giosg.com
simage2.pubmatic.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
sync.outbrain.com
track.hubspot.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
13.225.73.77
143.204.99.83
147.75.100.69
151.101.113.44
151.101.14.49
172.217.23.98
176.9.141.35
18.195.193.185
185.33.223.221
185.64.189.110
216.58.205.226
23.37.33.211
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:f905
2606:4700::6810:fa05
2606:4700::6811:45b0
2606:4700::6811:d3cc
2606:4700::6811:e7cc
2a00:1288:f03d:1fa::4000
2a00:1450:4001:800::2002
2a00:1450:4001:800::2008
2a00:1450:4001:808::2003
2a00:1450:4001:817::200e
2a00:1450:4001:818::200a
2a00:1450:4001:81e::2004
2a00:1450:4001:820::2003
2a00:1450:400c:c0b::9c
2a02:26f0:10c:382::25ea
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:b0c0:3:e0::26f:c001
2a05:f500:11:101::b93f:9001
2a05:f500:11:101::b93f:9005
3.126.56.137
3.127.116.150
34.76.162.43
34.95.120.147
35.190.72.21
35.190.89.70
35.201.103.237
52.39.143.152
52.57.106.47
54.171.23.184
69.173.144.138
70.42.32.127
95.100.196.159
95.100.197.53
018ef9639120778f9d6c1dfd1370f6effc3d75bbbf878dcf4953080c52aeb3e0
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0698922779df955dbc8c0cbf65f2578fbadb8b435fe35d92831ad8738a50118f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1535cfe785f5fc6fe9c39d2f4b091378b7e30d7e3bb18ed5eefe235f9d64c1eb
198c88313d65f4d2b30b218566c00f96002f78ae125643d5a73a669b46cab112
19c904aaa555d91d75c5b3682e3f358ba5af4c302339d63c9e464f53d8708ff8
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
215987c41d5df495b1c747fabee66f82794d846ceab9e6b912dd762cef9dd1e3
2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8
30c531897506024eefaaa97af7b0da078998a9bc4cfca2670aa25b3eb5819a86
31adf628666a7f9103f6568986e3406d59d462e4b90daecdb025233732766a54
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
48812c79ef58de41a3b12da27faedf05a5fd6b188b70d494a0df366b25b02d4e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50ea378d87e1b30be51d834a3bae7912090473b53d53693ec8b6056be554adb0
5359dded9cdf1b7dfa8063a34220f0820f96c73c2eabe6b32a6c3c5e91e18476
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55939b6406f18716780f8f899bea25e6fdaeb11d4e8552d644bafbbdb0233bb3
5a2c68c039860ecb16d04dee83c8088ae0b04b42aead582c52fd092c2081f1d1
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5cbe54c81e8fe0a34392f80b64a4643b470f16d8a1da6ad0ed674fa393aab1b1
634f76417d866b18c559aa74c1614075d1a3a14e685b6bfbcc1464422ce48a8d
65c2e760172450095ed61494344a611a7d9f8a7235e1e7a575f5d7ae1f31d605
669698b2eeee3eaf4bc9a715b3bedf5c36ad85fda78cf3334079f72dac162ca3
69e1e0f4c31c1a6142bad8ad9a35f565dfafbe2f569e73c67841fd3412d90dfa
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
700047be58b5ebb6adca452143c48b9859e6d8c189863815e985e77607337ab8
7376cacb0727e1110678ac93a1f3a01d79f79cec298caab37449fb12bb55e9e0
7483a3152e107a03be798e6fa1c8f63a749a362ae87f8bfdf92683e131711cf2
797d0e1d0a5eba83fe25e52c97a8002dc8d57a592c6840bae7eba17c41d90ee6
7a3ebaf0e7fbd405cc732c8d1afba3443e859d4115955cdd4c02fa978b2029d0
7d02f7098fbd3cc0dfecfedb297314536b220bf5b4ca329ed51e3e943c674d8a
7ff8e7c06878f708f6fe800f4d252105c096d738a29d64e6c73700d998e92c59
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8dd5e77dcdd18e3e4cc37386eee17327a8cba18e4ea7f6ed1c69c8633fff637a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
a859f97174c89e8846f7cf7dc38562cb1e6534b514f0daf898712e31a4a4d633
aacf0030d4c215fd6c18ade04e066bd3dff83f05c0e1d3f4f9b88514b07898d7
aba72d81572635fcc88d896e075e63d790f10cabc5401cf85b10ef5c9cc9608c
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ae802f22bd8d07b2cb847469d889da4e742a68601a1b3eaf7a4f9a2ada8d7d
b1c1214e59c44f5e5c8df55e450b79c53173ec6d1be075d5586d42aca95cd1c5
b570710bf5d99e2739ca151acf60563e78290645fa9b64337dea6132f914576b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c71617bde49f19db5acb49ca95bf8683f60b7715800121c22d23323e43ffa78b
cb2422194d3eaba758340b18da683f292cdd2480b523591396a0902b5f34cb86
d1abbfca260b182822c2b7fa6278cd3d86489d76950983b942fe9a2c9d5444fd
d297f5937571d21edd559e9561e338f5e4a4eca53240ec54af57a2480879bcd9
d3410c0ae65a9c9b89dd4be04f5b112658c7a6c3765a5dd48d7c057e8b45dcac
d7aaf946110656abf005e31dae6abb1ae3e6cdd377c046f75a8043abeaaebc89
dc0fb7c28f753d72405d3200077072d1635ba9473fc5408ef472f6b45643b13d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e0ec559ab6a10725aa483c2796ac74337711a8bb060a8e575e86b7e7106ea63c
e24fc62cf418adbaaf6b3314c5e50180ceaf3773666c13ea73a1e6545cf90658
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ff4042c1fac82f9f8dae2dfd22e716ea9a21caa38d2d46f47a7a5fad60842a
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ed8c119a5e3c6bb41c464b6a2e0e7ad44ff6e3978a70483e9549a77d476c1a9f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d6b898b36239d79d429f4d22f567e8825dc598c8c8defcddfe91b40d179a3f
f3c256a8009ed53ef8de71c8be843485462a552fe151586e66f0dedc5fe0c365
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f97818739ebb98f7e7158da11a697bd9369fcb59d5d2adabb78f406ebb99e48d
faecafb2b1624c10179be87398e03702c497ff3bee0a66af6a1cdf4b26f546da