urlscan.io logo urlscan.io
SecurityTrails logo

www2.eskytravel.no Open in urlscan Pro
23.41.178.59  Public Scan

Go To Rescan Add Verdict Report
URL: https://www2.eskytravel.no/userzone/activate
Submission: On May 14 via manual from IN — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 8 domains to perform 72 HTTP transactions. The main IP is 23.41.178.59, located in Brussels, Belgium and belongs to AKAMAI-ASN1, NL. The main domain is www2.eskytravel.no.
TLS certificate: Issued by R3 on May 9th 2024. Valid for: 3 months.
This is the only time www2.eskytravel.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 23.41.178.59 20940 (AKAMAI-ASN1)
2 2a00:1450:401... 15169 (GOOGLE)
2 142.250.186.164 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 23.41.178.112 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2600:1901:0:5... 396982 (GOOGLE-CL...)
13 35.190.14.188 15169 (GOOGLE)
2 2600:1901:0:c... 396982 (GOOGLE-CL...)
5 35.241.3.184 396982 (GOOGLE-CL...)
1 142.250.186.104 15169 (GOOGLE)
2 3.160.150.97 16509 (AMAZON-02)
2 2600:1901:0:2... 396982 (GOOGLE-CL...)
1 142.250.185.98 15169 (GOOGLE)
2 2600:1901:0:1... 15169 (GOOGLE)
1 34.95.108.180 396982 (GOOGLE-CL...)
72 18
23    23.41.178.59 (Brussels, Belgium)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-41-178-59.deploy.static.akamaitechnologies.com
www2.eskytravel.no
etm.eskytravel.no
2    2a00:1450:4013:c16::54 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
accounts.google.com
2    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
7    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    23.41.178.112 (Brussels, Belgium)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-41-178-112.deploy.static.akamaitechnologies.com
www.esky.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2600:1901:0:5987:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
app.usercentrics.eu
13    35.190.14.188 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 188.14.190.35.bc.googleusercontent.com
app.usercentrics.eu
2    2600:1901:0:c07c:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
api.usercentrics.eu
5    35.241.3.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.3.241.35.bc.googleusercontent.com
api.usercentrics.eu
1    142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
www.googletagmanager.com
2    3.160.150.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-97.fra60.r.cloudfront.net
static1.eskypartners.com
2    2600:1901:0:256b:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
aggregator.service.usercentrics.eu
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
pagead2.googlesyndication.com
2    2600:1901:0:1e38:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
consent-api.service.consent.usercentrics.eu
1    34.95.108.180 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.108.95.34.bc.googleusercontent.com
uct.service.usercentrics.eu
Apex Domain
Subdomains		 Transfer
28 usercentrics.eu
app.usercentrics.eu — Cisco Umbrella Rank: 8434
api.usercentrics.eu — Cisco Umbrella Rank: 5983
aggregator.service.usercentrics.eu — Cisco Umbrella Rank: 6858
consent-api.service.consent.usercentrics.eu — Cisco Umbrella Rank: 13796
uct.service.usercentrics.eu — Cisco Umbrella Rank: 15764
271 KB
23 eskytravel.no
www2.eskytravel.no
etm.eskytravel.no
980 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
703 KB
4 google.com
accounts.google.com — Cisco Umbrella Rank: 20
www.google.com — Cisco Umbrella Rank: 2
84 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
254 KB
3 esky.com
www.esky.com — Cisco Umbrella Rank: 354129
52 KB
2 eskypartners.com
static1.eskypartners.com — Cisco Umbrella Rank: 430354
18 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
64 B
72 8
Domain Requested by
16 app.usercentrics.eu www.googletagmanager.com
app.usercentrics.eu
www2.eskytravel.no
15 www2.eskytravel.no www2.eskytravel.no
8 etm.eskytravel.no www2.eskytravel.no
8 www.googletagmanager.com www2.eskytravel.no
www.googletagmanager.com
7 api.usercentrics.eu www2.eskytravel.no
3 www.esky.com www2.eskytravel.no
2 consent-api.service.consent.usercentrics.eu www2.eskytravel.no
2 aggregator.service.usercentrics.eu www2.eskytravel.no
2 static1.eskypartners.com www2.eskytravel.no
2 fonts.gstatic.com www2.eskytravel.no
2 www.google.com www2.eskytravel.no
www.gstatic.com
2 accounts.google.com www2.eskytravel.no
accounts.google.com
1 uct.service.usercentrics.eu
1 pagead2.googlesyndication.com www.googletagmanager.com
1 www.gstatic.com www.google.com
72 15

This site contains no links.

Subject Issuer Validity Valid
www.esky.nl
R3		 2024-05-09 -
2024-08-07		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
esky.com
R3		 2024-04-16 -
2024-07-15		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
app.usercentrics.eu
GTS CA 1D4		 2024-04-05 -
2024-07-04		 3 months crt.sh
api.usercentrics.eu
GTS CA 1D4		 2024-04-03 -
2024-07-02		 3 months crt.sh
static1.eskypartners.com
Certum Domain Validation CA SHA2		 2023-06-29 -
2024-06-28		 a year crt.sh
aggregator.service.usercentrics.eu
WR3		 2024-05-14 -
2024-08-12		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
consent-api.service.consent.usercentrics.eu
GTS CA 1D4		 2024-04-06 -
2024-07-05		 3 months crt.sh
uct.service.usercentrics.eu
GTS CA 1D4		 2024-03-22 -
2024-06-20		 3 months crt.sh
etm.esky.com
R3		 2024-05-03 -
2024-08-01		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www2.eskytravel.no/userzone/activate
Frame ID: 3BFB459F071546AAF459B9875C87C96A
Requests: 67 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_QGcaAAAAALG11yv7RiZ9suas8z0z9vuA3tiM&co=aHR0cHM6Ly93d3cyLmVza3l0cmF2ZWwubm86NDQz&hl=no&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=jabihg2rlww0
Frame ID: E4E63EF58E44175C74B1B408CAA82A83
Requests: 1 HTTP requests in this frame

Frame: https://app.usercentrics.eu/browser-sdk/4.35.1/cross-domain-bridge.html
Frame ID: 636BCD44E48B9F473E99F24488B4A162
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-M8MZVJQ
Frame ID: A0035A2708DDDE8D1E18ED19B5887A64
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

eSkyTravel.no

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

72
Requests

100 %
HTTPS

47 %
IPv6

8
Domains

15
Subdomains

18
IPs

4
Countries

2363 kB
Transfer

8976 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request activate
www2.eskytravel.no/userzone/ 		163 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www2.eskytravel.no/userzone/activate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
esky-edge /
Resource Hash
9dcf28ffe8196884c801abfd7d0caab52a4d84bfe134d2d4fcf2dcdca22eb6e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
no-NO,no;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
41303
content-security-policy-report-only
frame-ancestors 'self' https://skybox.eskypartners.com; report-uri https://secure.esky.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 14 May 2024 12:14:30 GMT
esky-correlation-id
8ffff2cb-fff8-4dbd-9253-6f965e1b3aa7
etag
W/"288dc-umF8a0wUabWHpv51WKZQPnSQJK4"
expires
Tue, 14 May 2024 12:14:30 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
esky-edge
strict-transport-security
max-age=31536000; includeSubDomains; preload;
vary
Accept-Encoding
x-akamai-transformed
9 43322 0 pmb=mTOE,2
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-envoy-upstream-service-time
26
x-generated-by
esky.userzone-app-b223-spin-spin
x-powered-by
x-xss-protection
1; mode=block
client
accounts.google.com/gsi/ 		217 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c16::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
29810752882df5d44a749bf0a91421e047be047140daf8ab97df94b06042bf10
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--jdSHszKSNXIVH85oJJMiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:30 GMT
content-security-policy
script-src 'report-sample' 'nonce--jdSHszKSNXIVH85oJJMiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 14 May 2024 12:14:30 GMT
enterprise.js
www.google.com/recaptcha/ 		2 KB
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6Ld_QGcaAAAAALG11yv7RiZ9suas8z0z9vuA3tiM
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
02b9a4809664f80d1dbb3815e67acf2f2777b6d68df54c0e844d0c446a56e839
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 14 May 2024 12:14:30 GMT
2ffeeb15
www2.eskytravel.no/akam/13/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.eskytravel.no/akam/13/2ffeeb15
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5d35fc40d032e59cdeda34a68cba6789482c2fe18a7dd020653b373704558e2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/userzone/activate
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
last-modified
Thu, 22 Feb 2024 19:42:29 GMT
referrer-policy
strict-origin-when-cross-origin
etag
"9a4b7af444e6d9e56009fd9c32cf7c68a98ad19ef6e5d461b9647e31d07ce4e2"
stored-attribute-sha-checksum
5d35fc40d032e59cdeda34a68cba6789482c2fe18a7dd020653b373704558e2c
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21600
content-length
8766
x-xss-protection
1; mode=block
expires
Tue, 14 May 2024 12:14:30 GMT
gtm.js
www.googletagmanager.com/ 		536 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NH83QL6
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e4884db72dee736a61dcea04bdca92d5e19f7d5ef9970e377a1295ecbbf93122
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
138305
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 12:14:30 GMT
dls.js
www.esky.com/data-layer/ 		151 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.esky.com/data-layer/dls.js
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.112 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-112.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e11f5b09c1a69782909f1cff72581d76ee96d06919209f0fe9652d3a690370b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
last-modified
Tue, 09 Apr 2024 13:17:50 GMT
server
AkamaiNetStorage
referrer-policy
strict-origin-when-cross-origin
etag
"791e23cf1d875855977b245da2a4de4d:1712668670.034352"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
x-xss-protection
1; mode=block
runtime.8e72c6b608faaf7e.js
www2.eskytravel.no/userzone/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.eskytravel.no/userzone/runtime.8e72c6b608faaf7e.js
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
esky-edge /
Resource Hash
7fe6b2a227162fe37a7273ae6c7463e3d723cadfff107700efa488aab21a0d6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/userzone/activate
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-dns-prefetch-control
off
x-envoy-upstream-service-time
1
content-length
1951
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 12 Apr 2024 10:06:33 GMT
server
esky-edge
etag
W/"d79-18ed1c5ec28"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
polyfills.d265125be91db23c.js
www2.eskytravel.no/userzone/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
esky-edge /
Resource Hash
5dfaa333731a1bbd6576f959a801b0a1563307a179c66eff6ae4a674f10ca695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/userzone/activate
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-dns-prefetch-control
off
x-envoy-upstream-service-time
1
content-length
12289
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 18 Dec 2023 07:47:00 GMT
server
esky-edge
etag
W/"841f-18c7be47920"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31445723
main.f6eb54b503d59ea0.js
www2.eskytravel.no/userzone/ 		3 MB
694 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.eskytravel.no/userzone/main.f6eb54b503d59ea0.js
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
esky-edge /
Resource Hash
f4f71d4422b0bc3a4c2b1d8235aea2dce26b99474763bf93f2c4cce677b83529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/userzone/activate
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-dns-prefetch-control
off
x-envoy-upstream-service-time
1
content-length
710130
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 08 May 2024 07:53:03 GMT
server
esky-edge
etag
W/"2f8c4b-18f57310b18"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31032724
recaptcha__no.js
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/ 		504 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__no.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Ld_QGcaAAAAALG11yv7RiZ9suas8z0z9vuA3tiM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9dbba0701d15f823821704ff0af22d7de6569dbd7bb5c464aed43448111dc4b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 01:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
296835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205573
x-xss-protection
0
last-modified
Sun, 05 May 2024 20:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 May 2025 01:47:15 GMT
styles.bd066856e3c62fda.css
www2.eskytravel.no/userzone/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www2.eskytravel.no/userzone/styles.bd066856e3c62fda.css
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
esky-edge /
Resource Hash
ae881f06c8f26beba90159693c54adc7f425f3ad63053039d8c1a2057d2ec6c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/userzone/activate
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-dns-prefetch-control
off
x-envoy-upstream-service-time
1
content-length
6819
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 02 Apr 2024 10:09:43 GMT
server
esky-edge
etag
W/"7152-18e9e493a58"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=30174720
o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7du3mhPy0.woff2
fonts.gstatic.com/s/notosans/v36/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7du3mhPy0.woff2
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e357b02137741b5640a01eb60531cc5b9f1ad6af0797abd26d34249073fb11b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 21:47:48 GMT
x-content-type-options
nosniff
age
52002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39372
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 22:44:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 May 2025 21:47:48 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

Accept-Language
no-NO,no;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Accept-Language
no-NO,no;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
anchor
www.google.com/recaptcha/enterprise/ Frame E4E6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_QGcaAAAAALG11yv7RiZ9suas8z0z9vuA3tiM&co=aHR0cHM6Ly93d3cyLmVza3l0cmF2ZWwubm86NDQz&hl=no&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=jabihg2rlww0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__no.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pOZo4ONkEPMJkkQF8NDNGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
no-NO,no;q=0.9;q=0.9
Referer
https://www2.eskytravel.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-pOZo4ONkEPMJkkQF8NDNGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 May 2024 12:14:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles.bd066856e3c62fda.css
www2.eskytravel.no/userzone/ 		28 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www2.eskytravel.no/userzone/styles.bd066856e3c62fda.css
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
esky-edge /
Resource Hash
ae881f06c8f26beba90159693c54adc7f425f3ad63053039d8c1a2057d2ec6c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/userzone/activate
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 02 Apr 2024 10:09:43 GMT
server
esky-edge
etag
W/"7152-18e9e493a58"
x-download-options
noopen
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/css; charset=UTF-8
cache-control
public, max-age=30174720
x-envoy-upstream-service-time
1
content-length
6819
x-xss-protection
1; mode=block
loader.js
app.usercentrics.eu/browser-ui/latest/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/latest/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NH83QL6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
91e799884d9c8edd92a87c3060eb144023ab1c87035e7cf638e25e253dab182b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 11:41:32 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
1979
x-guploader-uploadid
ABPtcPqbByX12k7_0Oc6DImooj4Lp0maqnT1KgwxvJkL7oQNQmyXYa8Tu4se88sM8O_PfofuqfwvRQPRwQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8125
last-modified
Tue, 07 May 2024 10:37:49 GMT
server
UploadServer
etag
"edbfbad18f9c8692f02e26955575896d"
x-goog-generation
1715078269177590
x-goog-hash
crc32c=dqjilQ==, md5=7b+60Y+chpLwLiaVVXWJbQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type,Content-Length,Transfer-Encoding
cache-control
public, max-age=3600, no-transform
x-goog-stored-content-length
8125
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 14 May 2024 12:41:32 GMT
js
www.googletagmanager.com/gtag/ 		313 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N9CRQD0ZQC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NH83QL6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c851fdf3de3bfcadb64a57cc17ad1a7426f2c4388fc5b269fa591bff7ddd5184
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106005
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 12:14:31 GMT
js
www.googletagmanager.com/gtag/ 		313 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NK69RCRZ1P&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NH83QL6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
090f6af9ae875efd80b2e787b2ae11b49dc540a14d912d032586188d608e1f00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105715
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 12:14:31 GMT
js
www.googletagmanager.com/gtag/ 		306 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6RMQ2VTF3Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NH83QL6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8693a3b107314bfeb2aca4a2c12874ce7103ab1947227a719df6a948dee67e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103434
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 12:14:31 GMT
js
www.googletagmanager.com/gtag/ 		306 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9LZQHJ0BMV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NH83QL6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dfff46c356a944b6656161ffe4282fab01103dc14066e15227c365d69a13caed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103437
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 12:14:31 GMT
destination
www.googletagmanager.com/gtag/ 		260 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-740026713&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NH83QL6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
17c3ba27b0ce92d358e825b7d3058daff251ef55176fc15d574e6a0da1b2daee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91791
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 12:14:31 GMT
[request].8510c908041a0594.js
www2.eskytravel.no/userzone/locales/ 		973 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.eskytravel.no/userzone/locales/[request].8510c908041a0594.js
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/runtime.8e72c6b608faaf7e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
esky-edge /
Resource Hash
883ff0f8de1eb15b58d825a62fe0718a7b7c9d6dfcbe6dcede471130fe8a1a63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/userzone/activate
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
last-modified
Wed, 08 May 2024 07:53:03 GMT
server
esky-edge
referrer-policy
strict-origin-when-cross-origin
etag
W/"f3520-18f57310b18"
x-download-options
noopen
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
default-theme.css
www2.eskytravel.no/userzone/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www2.eskytravel.no/userzone/default-theme.css?v=4671825258
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/main.f6eb54b503d59ea0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
esky-edge /
Resource Hash
e7c6bdd80798b9aeba40b9e140d736304798f694b2fa9582f86b80b50f888540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/userzone/activate
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-dns-prefetch-control
off
x-envoy-upstream-service-time
1
content-length
1108
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 08 May 2024 07:53:03 GMT
server
esky-edge
etag
W/"11aa-18f57310b18"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31535964
pixel_2ffeeb15
www2.eskytravel.no/akam/13/ 		0
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www2.eskytravel.no/akam/13/pixel_2ffeeb15
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www2.eskytravel.no/userzone/activate
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 14 May 2024 12:14:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
frame-ancestors 'self' https://skybox.eskypartners.com; report-uri https://secure.esky.com/csp-report
content-type
text/html
content-length
0
x-xss-protection
1; mode=block
index.module.js
app.usercentrics.eu/browser-ui/3.42.0/ 		359 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/index.module.js
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
89e17b83a2e06b56061234766b5d9f8feef650531e2e4734504ee9f6425bbf73
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:41:34 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
610377
x-guploader-uploadid
ABPtcPrK40nh78C4QgCOr7zFnqcK40r2UmlSU7ONnh1piVo7j3m4y_0abv3lh1QTa-Bkh1p0oFPXShctlw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105966
last-modified
Tue, 07 May 2024 10:37:27 GMT
server
UploadServer
etag
"25979ff0c70cf1e1fd9dc194162265e5"
x-goog-generation
1715078247111643
x-goog-hash
crc32c=cnU9kw==, md5=JZef8McM8eH9ncGUFiJl5Q==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
105966
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:41:34 GMT
messages.schema.json
www.esky.com/data-layer/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.esky.com/data-layer/messages.schema.json
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.112 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-112.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
267d390edd8437afa6e8fb5424bc7d6cd2d31f32139682d6cb19887bc7007f4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
last-modified
Tue, 09 Apr 2024 13:17:52 GMT
server
AkamaiNetStorage
referrer-policy
strict-origin-when-cross-origin
etag
"110d624c3103044abc638aeac3b5d8a8:1712668672.594438"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
content-length
1729
x-xss-protection
1; mode=block
languages.json
api.usercentrics.eu/settings/BOWuRLB1ubvD3X/latest/ 		76 B
598 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/BOWuRLB1ubvD3X/latest/languages.json
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
55dd78459a4c1fbd784998892f70e2990f0647431cd153528feacaaf932a3f9a
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Tue, 14 May 2024 12:14:31 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
0
x-client-geo-location
NO,NO03
x-guploader-uploadid
ABPtcPqebKN5bwfV1pF9d7HFJsetSf6OBP3kZRAnhLLFlBZsdHs4k8oRiclUgjedDHs0tu1PPek
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
last-modified
Wed, 08 May 2024 12:19:08 GMT
server
UploadServer
etag
"da8a177fdbe31a8e9385294de2f463db"
vary
Accept-Encoding
x-goog-generation
1715170748532437
x-goog-hash
crc32c=0/EUgA==, md5=2ooXf9vjGo6ThSlN4vRj2w==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
78
accept-ranges
bytes
content-type
application/json
expires
Tue, 14 May 2024 12:15:31 GMT
languages.json
api.usercentrics.eu/settings/BOWuRLB1ubvD3X/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/BOWuRLB1ubvD3X/latest/languages.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www2.eskytravel.no
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 14 May 2024 12:14:31 GMT
expires
Tue, 14 May 2024 12:14:31 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
NO,NO03
x-guploader-uploadid
ABPtcPrCpsDzpxAoeOpXaIOhb6qZPMwdRu7UliCqBSnDF0ZBprbzHethA0zPZ582hcc5HrpDKpydedSFVA
en.json
api.usercentrics.eu/settings/BOWuRLB1ubvD3X/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/BOWuRLB1ubvD3X/latest/en.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www2.eskytravel.no
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 14 May 2024 12:14:31 GMT
expires
Tue, 14 May 2024 12:14:31 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
NO,NO03
x-guploader-uploadid
ABPtcPo67sam8XpcQy6Z8q8YqLYhwIWc0jKz8rVqty5TnE6cjjDWhWJ7Yoy0pNLC0_J2Cyk_iX0
en.json
api.usercentrics.eu/settings/BOWuRLB1ubvD3X/latest/ 		27 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/BOWuRLB1ubvD3X/latest/en.json
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fe990303dc7987645bb2de1bb7fcfc9444791d21ce8f0982635f3256d3645557
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Tue, 14 May 2024 12:14:31 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
0
x-client-geo-location
NO,NO03
x-guploader-uploadid
ABPtcPrVVSpEjnzmOLgufCxc3zY71AoS4x5FPkdRDtIxJ0TQupNsRnkDq3DRXmicMt3LulPeuOI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7711
last-modified
Wed, 08 May 2024 12:19:08 GMT
server
UploadServer
etag
"2e5a25ccf8cc5844274b4fbdf2ec1b1c"
vary
Accept-Encoding
x-goog-generation
1715170748534960
x-goog-hash
crc32c=peaIsA==, md5=LlolzPjMWEQnS0+98uwbHA==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
7711
accept-ranges
bytes
content-type
application/json
expires
Tue, 14 May 2024 12:15:31 GMT
cross-domain-bridge.html
app.usercentrics.eu/browser-sdk/4.35.1/ Frame 636B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-sdk/4.35.1/cross-domain-bridge.html
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.42.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept-Language
no-NO,no;q=0.9;q=0.9
Referer
https://www2.eskytravel.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
Content-Type Content-Length Transfer-Encoding
age
610379
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=2592000, no-transform
content-encoding
gzip
content-length
1123
content-type
text/html
date
Tue, 07 May 2024 10:41:33 GMT
etag
"3e3bdb421baeb245d5dbb445c7fd6439"
expires
Thu, 06 Jun 2024 10:41:33 GMT
last-modified
Tue, 07 May 2024 10:37:09 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-goog-generation
1715078229683811
x-goog-hash
crc32c=HWpZnA== md5=PjvbQhuuskXV27RFx/1kOQ==
x-goog-metageneration
2
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1123
x-guploader-uploadid
ABPtcPoSkPOyscPqojaI0mEe25UTuzPqb5bMJemp7eknThffh73osrwxcVMJ5i29FQ-6Soe529A
ns.html
www.googletagmanager.com/ Frame A003 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-M8MZVJQ
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/main.f6eb54b503d59ea0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
no-NO,no;q=0.9;q=0.9
Referer
https://www2.eskytravel.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 May 2024 12:14:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
gtm.js
www.googletagmanager.com/ 		208 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M8MZVJQ
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e650ab97f53ff4a5b06b0a7f93c96b63eddc85bcf0a7440a6a094530328d1bb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
70054
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 12:14:32 GMT
eapi
www2.eskytravel.no/ 		173 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www2.eskytravel.no/eapi
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
esky-edge /
Resource Hash
d7d459f7286d1d7b0b79e0412baa9ee1b2e38b4d1bc7dea896a04a020ab2cbcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://www2.eskytravel.no/userzone/activate
partner
ESKYNOWWW2
Esky-eapi-method
GetUser
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-powered-by
x-dns-prefetch-control
off
esky-correlation-id
2EEA429B-7D9D-3BF2-89EC-7AFF731AA801
x-envoy-upstream-service-time
23
content-length
165
x-generated-by
esky_api-b88-spin-spin
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
esky-edge
etag
W/"ad-gA5vCIyU9JwZY9Bk0YWpHePQqAE"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www2.eskytravel.no
esky-eapi-status
missing-token
access-control-allow-credentials
true
style
accounts.google.com/gsi/ 		533 B
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c16::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-C_309esnIF7Jw-HVFP1QMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:32 GMT
content-security-policy
script-src 'report-sample' 'nonce-C_309esnIF7Jw-HVFP1QMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 14 May 2024 12:14:32 GMT
esky-white.svg
static1.eskypartners.com/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.eskypartners.com/logos/esky-white.svg
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-97.fra60.r.cloudfront.net
Software
esky-edge /
Resource Hash
764112f434ac0a5643c6c57ea015ff52269c359f3b1e0882dc44fbf34f28747d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 05:51:59 GMT
via
1.1 7115bbde016dc7107bc64db76ba40c56.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2017 06:07:08 GMT
server
esky-edge
x-amz-cf-pop
FRA60-P7
age
22960
etag
"5915510c-869"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
content-length
2153
x-amz-cf-id
k9rEwzwAUAsMIZiNH9rQN1IXUQYyhn_3vGcuynOMT6qfRT50NlpzpA==
expires
Tue, 21 May 2024 05:51:52 GMT
truncated
/ 		783 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7474a88fd415f13c869035a6609cddf49de815c205fae59eae876618906ef783

Request headers

Accept-Language
no-NO,no;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
eSKY.0a21e0b2ef476c7d.ttf
www2.eskytravel.no/userzone/ 		164 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www2.eskytravel.no/userzone/eSKY.0a21e0b2ef476c7d.ttf?9d02gm
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/styles.bd066856e3c62fda.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
esky-edge /
Resource Hash
5d5d3f9cb8b4669ccaa6e93a26b5cf7fffa0228ffe29c4054a393854e27fe1ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/userzone/styles.bd066856e3c62fda.css
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-dns-prefetch-control
off
x-envoy-upstream-service-time
1
content-length
94337
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 12 Apr 2024 10:06:33 GMT
server
esky-edge
etag
W/"29078-18ed1c5ec28"
x-download-options
noopen
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=31536000
accept-ranges
bytes
4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f333e1585f5495ef86fb36a5ccbc84efbc2ff3c56d95411618688fd2cdd9cbb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 08:27:47 GMT
x-content-type-options
nosniff
age
13605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14244
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:53:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 08:27:47 GMT
TcfData-0bc5ee63-391dc38f.js
app.usercentrics.eu/browser-ui/3.42.0/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/TcfData-0bc5ee63-391dc38f.js
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5025ed76c47198e5ce92c5891a0b2bf7396b819b6d558a5e2ef6ff718c37f488
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/index.module.js
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:41:35 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
610377
x-guploader-uploadid
ABPtcPrTbJixmoqCK2t2BuYWOubU2MULDhL6KTvmyauYNoMFzZrDyzRSX3Xhv79byo-WXFOQrtk
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7102
last-modified
Tue, 07 May 2024 10:37:21 GMT
server
UploadServer
etag
"866a3f365d85f8d9f5a645e0fb36356a"
x-goog-generation
1715078241389096
x-goog-hash
crc32c=xkyh1A==, md5=hmo/Nl2F+Nn1pkXg+zY1ag==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
7102
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:41:35 GMT
1px.png
app.usercentrics.eu/session/ 		489 B
824 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.usercentrics.eu/session/1px.png?settingsId=BOWuRLB1ubvD3X
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 11:59:00 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
932
x-guploader-uploadid
ABPtcPpbp_HIRt7xblyRTAoLTVrfUAOvwJUq9so4d-37pBjqMsAt9OqKkh47y5Xl_GzBY_Td4XY1BitExA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
522
last-modified
Fri, 08 May 2020 09:06:13 GMT
server
UploadServer
etag
"3702ada73b8951017b8451cbd6a96523"
x-goog-generation
1588928773413784
x-goog-hash
crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
content-type
image/png
cache-control
public,max-age=1800,no-transform
x-goog-stored-content-length
522
accept-ranges
bytes
expires
Tue, 14 May 2024 12:29:00 GMT
DefaultData-04a7a533-89fe282a.js
app.usercentrics.eu/browser-ui/3.42.0/ 		2 KB
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/DefaultData-04a7a533-89fe282a.js
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bd7be8509109ef4148d80240a7c824174ba895d747133d4ede1a3c8e15cdf7e4
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/TcfData-0bc5ee63-391dc38f.js
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:41:35 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
610377
x-guploader-uploadid
ABPtcPou1ZWC6RIVV1wIzgUzZ4mSw5w-FC6AGDG7zblpnX94l90Ccd9CVw--7J8l2jtO65pxxsQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
969
last-modified
Tue, 07 May 2024 10:37:18 GMT
server
UploadServer
etag
"47412d5dcd6b0e81696e911c4f364f29"
x-goog-generation
1715078238807528
x-goog-hash
crc32c=9AhYAA==, md5=R0EtXc1rDoFpbpEcTzZPKQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
969
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:41:35 GMT
esky.ico
static1.eskypartners.com/favicons/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static1.eskypartners.com/favicons/esky.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-97.fra60.r.cloudfront.net
Software
esky-edge /
Resource Hash
8e178deff87a66c4e9c8c013f9c9cfb5c20abca2d373f8ba3faf3e049e20b81e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 04:21:15 GMT
via
1.1 7115bbde016dc7107bc64db76ba40c56.cloudfront.net (CloudFront)
last-modified
Tue, 06 Dec 2022 09:12:29 GMT
server
esky-edge
x-amz-cf-pop
FRA60-P7
age
28397
etag
"638f077d-3c2e"
x-cache
Hit from cloudfront
content-type
image/x-icon
accept-ranges
bytes
timing-allow-origin
*
content-length
15406
x-amz-cf-id
iJrcgPKrqXdTOQrptayW7P7sAgMadfl-VcluQlvJnUfF-xftfCaWDQ==
translations-en.json
api.usercentrics.eu/translations/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/translations/translations-en.json
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ca61f2ecdd14c962119c00d8eb5f4912e6b400b4817e41fd27a3765fec580c00
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Tue, 14 May 2024 03:43:00 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
30692
x-client-geo-location
NO,NO03
x-guploader-uploadid
ABPtcPrU6f-TKog1hgqKjPC6bSBjNIIfFBTpqDhTkH9_4Ts_1hJhsojqqv9DXHsZpqO-E5AZUHA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2381
last-modified
Tue, 30 Jan 2024 11:24:22 GMT
server
UploadServer
etag
"0e39091b5f26b176be963400041c98f6"
vary
Accept-Encoding
x-goog-generation
1706613862451010
x-goog-hash
crc32c=VhV9Rg==, md5=DjkJG18msXa+ljQABByY9g==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400, s-maxage=86400
x-goog-stored-content-length
2381
accept-ranges
bytes
content-type
application/json
expires
Wed, 15 May 2024 03:43:00 GMT
translations-en.json
api.usercentrics.eu/translations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/translations/translations-en.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www2.eskytravel.no
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 14 May 2024 12:14:32 GMT
expires
Tue, 14 May 2024 12:14:32 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
NO,NO03
x-guploader-uploadid
ABPtcPrKnUweMB8niio34hy6F3rMe1vT-OY-1N38enqNvf_bIJ8JF1uIHolzMHSv5-BuI6opXdA
v1.2
www2.eskytravel.no/patalyst/ 		0
237 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www2.eskytravel.no/patalyst/v1.2
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/main.f6eb54b503d59ea0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www2.eskytravel.no/userzone/login
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 May 2024 12:14:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
api-supported-versions
1.0, 1.1, 1.2
server
nginx
access-control-allow-origin
*
x-envoy-upstream-service-time
0
content-length
0
x-xss-protection
1; mode=block
en
aggregator.service.usercentrics.eu/aggregate/ 		50 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aggregator.service.usercentrics.eu/aggregate/en?templates=175UByuloFcprN@1.0.22,9V8bg4D63@9.6.8,AX2-Du8kHJnXG8@1.0.22,D1mop7XEih8Xwo@1.0.22,EzjdL9yELy3gjZ@1.0.22,HkPBYFofN@10.3.1,Hko_qNsui-Q@14.5.15,HkocEodjb7@52.11.41,Hm50x8nnOzpE6N@1.0.22,S1_9Vsuj-Q@15.7.21,S1pcEj_jZX@21.10.9,Scywjwe3JutCeG@1.0.21,SkEscVsusbX@6.2.2,SkPc5EjOsWm@6.2.1,W-_3rmLYm8dRsZ@1.0.22,XYQZBUojc@9.6.4,dsS7z9Hv4@1.1.4,hh14TcFxfBFhH7@1.0.22,kPSiO3GBmKyqp4@1.0.22,ko1w5PpFl@23.12.21
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:256b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
127d0c421dd563e562e5de1854c0760410ae145a3242f2d9e2401889a67f342c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sat, 11 May 2024 10:36:42 GMT
content-encoding
br
via
1.1 google
server
Google Frontend
age
265070
etag
"zo7ygs"
vary
Accept-Encoding, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=2592000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5236
en
aggregator.service.usercentrics.eu/aggregate/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aggregator.service.usercentrics.eu/aggregate/en?templates=175UByuloFcprN@1.0.22,9V8bg4D63@9.6.8,AX2-Du8kHJnXG8@1.0.22,D1mop7XEih8Xwo@1.0.22,EzjdL9yELy3gjZ@1.0.22,HkPBYFofN@10.3.1,Hko_qNsui-Q@14.5.15,HkocEodjb7@52.11.41,Hm50x8nnOzpE6N@1.0.22,S1_9Vsuj-Q@15.7.21,S1pcEj_jZX@21.10.9,Scywjwe3JutCeG@1.0.21,SkEscVsusbX@6.2.2,SkPc5EjOsWm@6.2.1,W-_3rmLYm8dRsZ@1.0.22,XYQZBUojc@9.6.4,dsS7z9Hv4@1.1.4,hh14TcFxfBFhH7@1.0.22,kPSiO3GBmKyqp4@1.0.22,ko1w5PpFl@23.12.21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:256b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www2.eskytravel.no
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 14 May 2024 12:14:32 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
2ad7f2ba94c5a79761895827c7989fe3
events.user-zone.login.schema.json
www.esky.com/data-layer/ 		272 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.esky.com/data-layer/events.user-zone.login.schema.json
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.112 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-112.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6af02cb5faff08348606b99118fcfc9390c11819b3c930e2c451d6e9f9c1cfb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 09 Apr 2024 13:17:52 GMT
server
AkamaiNetStorage
etag
"da7da24796ea0c30cc3b6a8963da63b7:1712668672.891823"
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
content-length
272
x-xss-protection
1; mode=block
log
www2.eskytravel.no/_fe/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www2.eskytravel.no/_fe/log
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
esky-edge / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Accept
application/json, text/plain, */*
Referer
https://www2.eskytravel.no/userzone/login
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
esky-edge
x-powered-by
Express
access-control-allow-origin
*
x-envoy-upstream-service-time
0
x-xss-protection
1; mode=block
log
www2.eskytravel.no/_fe/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www2.eskytravel.no/_fe/log
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
esky-edge / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Accept
application/json, text/plain, */*
Referer
https://www2.eskytravel.no/userzone/login
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
esky-edge
x-powered-by
Express
access-control-allow-origin
*
x-envoy-upstream-service-time
0
x-xss-protection
1; mode=block
en.json
api.usercentrics.eu/gvl/v3/ 		602 KB
73 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/gvl/v3/en.json
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b9e8d0d8528060ce8582b8cf175fbc65e5034fd782d8ad14cf324275c2290735
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 11:43:35 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
1857
x-client-geo-location
NO,NO03
x-guploader-uploadid
ABPtcPo9Hjp38oy64GlkrofeRbXxe5BxOEsBIX0cL4nCtAph38CveciLnvMLYHcfcnxV-fsh_0o
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74850
last-modified
Fri, 10 May 2024 01:00:09 GMT
server
UploadServer
etag
"78b15a64394579e4d51887a14b99ff80"
vary
Accept-Encoding
x-goog-generation
1715302809582347
x-goog-hash
crc32c=0WuVlA==, md5=eLFaZDlFeeTVGIehS5n/gA==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=7200, s-maxage=7200
x-goog-stored-content-length
74850
accept-ranges
bytes
content-type
application/json
expires
Tue, 14 May 2024 13:43:35 GMT
TcfUI-22151e10-84059920.js
app.usercentrics.eu/browser-ui/3.42.0/ 		1 KB
687 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/TcfUI-22151e10-84059920.js
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1a77b8597d71032ceb046e62dde7704296c8879b3f02f8d836b94f06f97d745a
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/index.module.js
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:41:36 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
610376
x-guploader-uploadid
ABPtcPrlJcsh43dJPZ2_-EaGSupIaYTgnOpSIx9sPnVK6x_q0qPyqMzM0Z0nQ-XVlktFcYazw-Q
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
656
last-modified
Tue, 07 May 2024 10:37:21 GMT
server
UploadServer
etag
"c8ba3257ef87de3a3e9357801d8537cc"
x-goog-generation
1715078241614035
x-goog-hash
crc32c=uaY1SQ==, md5=yLoyV++H3jo+k1eAHYU3zA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
656
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:41:36 GMT
FirstLayerCustomization-592960c4-b94d83e3.js
app.usercentrics.eu/browser-ui/3.42.0/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/FirstLayerCustomization-592960c4-b94d83e3.js
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
08979d805f74b296598422b81a04d9c28f967fe1119c85a8cda546fbfc8ea681
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/TcfUI-22151e10-84059920.js
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:41:36 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
610376
x-guploader-uploadid
ABPtcPrs_vQDi4Rg9r4hS_VjIFZch2s4uqRCAzbprduY_CL9QPdtwRBbNkZLlq16lucatSuGZ9Y
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1083
last-modified
Tue, 07 May 2024 10:37:19 GMT
server
UploadServer
etag
"27a062ee9b4b80c6ad33415ea2395458"
x-goog-generation
1715078239746449
x-goog-hash
crc32c=dnqOQQ==, md5=J6Bi7ptLgMatM0FeojlUWA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
1083
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:41:36 GMT
ButtonsCustomization-390db6f0-1b2010cf.js
app.usercentrics.eu/browser-ui/3.42.0/ 		473 B
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/ButtonsCustomization-390db6f0-1b2010cf.js
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c59c67e371590615365dad338299f0ee7116a571d4a049c41d0201721e0d266d
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/TcfUI-22151e10-84059920.js
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 05:11:40 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
457372
x-guploader-uploadid
ABPtcPp-RWb-Kj8TGnSbcZjTun2z6Ev8uE-CHSVLFsb2hBpY9YHzuQNpBFNFRTg0L9-Fipks0C3EDcBwZQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
235
last-modified
Tue, 07 May 2024 10:37:18 GMT
server
UploadServer
etag
"d38b45705588c14e90ae6bd4345bed26"
x-goog-generation
1715078238119700
x-goog-hash
crc32c=17oFVQ==, md5=04tFcFWIwU6QrmvUNFvtJg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
235
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 09 May 2025 05:11:40 GMT
landing
pagead2.googlesyndication.com/pagead/ 		42 B
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13q3p3q2q5&rnd=1992766370.1715688873&url=https%3A%2F%2Fwww2.eskytravel.no%2Fuserzone%2Flogin&dma_cps=-&dma=1&npa=1&tcfd=1054b&gdpr_consent=tcempty&gdpr=1&gtm=45He45d0n81NH83QL6v811350067za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NH83QL6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:14:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Taglogger-db62db37-5f84f00b.js
app.usercentrics.eu/browser-ui/3.42.0/ 		1 KB
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/Taglogger-db62db37-5f84f00b.js
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f59973ae8aa50c92dcdbbdcb5710f5058319fede48f02651ec1c675b968827da
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/index.module.js
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:41:36 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
610376
x-guploader-uploadid
ABPtcPo2__c3P_2aFZI3bGJ-WkH0Zk8wlDb7koUXkkBw74Dhln6lJqD--pQcC7rojvLKtW3oF00
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
689
last-modified
Tue, 07 May 2024 10:37:21 GMT
server
UploadServer
etag
"7bcbc624c0ef7c8ef91c0dc8d590c9cc"
x-goog-generation
1715078241159496
x-goog-hash
crc32c=yI+Oag==, md5=e8vGJMDvfI75HA3I1ZDJzA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
689
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:41:36 GMT
3
consent-api.service.consent.usercentrics.eu/consent/uw/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent-api.service.consent.usercentrics.eu/consent/uw/3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method
POST
Origin
https://www2.eskytravel.no
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,content-type,x-request-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 14 May 2024 12:14:33 GMT
server
Google Frontend
strict-transport-security
max-age=7776000
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
28109df80fc73ff79f7399702e4129b6
3
consent-api.service.consent.usercentrics.eu/consent/uw/ 		0
78 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent-api.service.consent.usercentrics.eu/consent/uw/3
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
Access-Control-Allow-Origin
*
Accept
application/json
Referer
https://www2.eskytravel.no/
X-Request-ID
8787aed8-f5be-49e1-af6c-b8e72baabbb6
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:33 GMT
via
1.1 google
strict-transport-security
max-age=7776000
server
Google Frontend
vary
Origin
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
fa89e68fb18442ed63c81e1f45e7bc86
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
PrivacyButton-8cc062dc.js
app.usercentrics.eu/browser-ui/3.42.0/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/PrivacyButton-8cc062dc.js
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d6ed57528e4162443c7b65911a3a9ca969f670d9266d76e64c6898d421072bc9
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/index.module.js
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:41:36 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
610377
x-guploader-uploadid
ABPtcPpbZe6-O9vdafIYcdKxxIF--rcH-p5dMQUvHBosdVRx_y-THI7GMlT-IGHV4rQX_Q6IIyk
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2449
last-modified
Tue, 07 May 2024 10:37:20 GMT
server
UploadServer
etag
"1940a9a290a8f5c63595cdf89caf6768"
x-goog-generation
1715078239987494
x-goog-hash
crc32c=x7PHSw==, md5=GUCpopCo9cY1lc34nK9naA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
2449
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:41:36 GMT
index-7cae7183.js
app.usercentrics.eu/browser-ui/3.42.0/ 		2 KB
847 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/index-7cae7183.js
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
70f3d063ecbf3d40db121b837f9c339a2b9350067aecba287a400b135efa4268
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/index.module.js
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:41:36 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
610377
x-guploader-uploadid
ABPtcPoe_qBdpoD6wzEcLip5uZdrJ0TxjQcg05Zc2521v32V-xAYT8b28IpHxBmDbiV27tPXkQA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
806
last-modified
Tue, 07 May 2024 10:37:25 GMT
server
UploadServer
etag
"cf7c64a0641b9217e9383617d56cf68d"
x-goog-generation
1715078245970709
x-goog-hash
crc32c=GBjXQA==, md5=z3xkoGQbkhfpODYX1Wz2jQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
806
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:41:36 GMT
uct
uct.service.usercentrics.eu/ 		35 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uct.service.usercentrics.eu/uct?v=1&sid=BOWuRLB1ubvD3X&t=1&abv=&r=https%3A%2F%2Fwww2.eskytravel.no%2Fuserzone%2Flogin&cb=1715688872990
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.108.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
180.108.95.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:33 GMT
via
1.1 google
strict-transport-security
max-age=7776000
server
Google Frontend
x-powered-by
Express
content-type
image/gif
x-cloud-trace-context
7bdea4179ea61d187a8ac44a08dd3d9f
cache-control
no-store
function-execution-id
ga1fg8k6rol5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
index-0f7abe60.js
app.usercentrics.eu/browser-ui/3.42.0/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/index-0f7abe60.js
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
571254e7aecc537ab4a4eb7cf24db33201ce9170ec755495bdc72ef22e99efdd
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/index.module.js
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:41:39 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
610374
x-guploader-uploadid
ABPtcPr01FG6KgUxWrMq2YkyaSCZqIKto8q2bkwoI5CJifOpYYK3jRjAt-QAwRZGGyauNKNhx6QlKn2h-A
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7160
last-modified
Tue, 07 May 2024 10:37:25 GMT
server
UploadServer
etag
"e8bb59156a96aa27d2ae43ff9016cf87"
x-goog-generation
1715078245496396
x-goog-hash
crc32c=6oJM3w==, md5=6LtZFWqWqifSrkP/kBbPhw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
7160
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:41:39 GMT
SaveButton-83451636.js
app.usercentrics.eu/browser-ui/3.42.0/ 		1 KB
658 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/SaveButton-83451636.js
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a9943fbabe51e835ec4bb366e825306a06bb3d106f82fcabfa48d5e25222a51b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/index-0f7abe60.js
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 05:00:49 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
458024
x-guploader-uploadid
ABPtcPpuPhOLUNNXr4lRXxSDQxQcnb82rtjSQKGVgkThrnUpAEYUCPbTapwE9n1IFHyWKd2kQJBSmPGZ7w
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
618
last-modified
Tue, 07 May 2024 10:37:20 GMT
server
UploadServer
etag
"f5896bda85ad90b1acecbbe3b06f8fe1"
x-goog-generation
1715078240445790
x-goog-hash
crc32c=leJyLA==, md5=9Ylr2oWtkLGs7LvjsG+P4Q==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
618
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 09 May 2025 05:00:49 GMT
VirtualServiceItem-34936f50.js
app.usercentrics.eu/browser-ui/3.42.0/ 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/VirtualServiceItem-34936f50.js
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
aea803d43dba4d33cfe0cf644beb8fd49fe9c22a8e44cbc780ba8f49dda5df83
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/index-0f7abe60.js
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:41:36 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
610377
x-guploader-uploadid
ABPtcPq7HHuHduhz20RtkLh-zK37_AS-A1MAIJ5N0UOr2WkUzKQyH8E7fux5kn1f1ggRYkwghG0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48641
last-modified
Tue, 07 May 2024 10:37:21 GMT
server
UploadServer
etag
"d2aec8fca614191228cd1de6d3dd9b4e"
x-goog-generation
1715078241939268
x-goog-hash
crc32c=1JccVg==, md5=0q7I/KYUGRIozR3m092bTg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
48641
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:41:36 GMT
sort-c42e380d.js
app.usercentrics.eu/browser-ui/3.42.0/ 		417 B
257 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/sort-c42e380d.js
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/activate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5d763433c13a2217b06bd2bdccd33c84127262dadd91e25562a4d3274117c590
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/index-0f7abe60.js
Origin
https://www2.eskytravel.no
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 05:01:46 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
457967
x-guploader-uploadid
ABPtcPr0aOjtxHz-cLGeqyK1zVvDU9h_s-2HTQJUL23ZC6R9-L1vIGoVwOQUVhZUmRjryEfmFzO7NLzpng
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217
last-modified
Tue, 07 May 2024 10:37:28 GMT
server
UploadServer
etag
"9687ea54cc638e25abaac755111d636a"
x-goog-generation
1715078248031895
x-goog-hash
crc32c=SlkKtA==, md5=lofqVMxjjiWrqsdVER1jag==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
217
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 09 May 2025 05:01:46 GMT
collect
etm.eskytravel.no/g/ 		65 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://etm.eskytravel.no/g/collect?v=2&tid=G-9LZQHJ0BMV&gtm=45je45d0v9127291268z8811350067za200&_p=1715688870164&gcs=G100&gcd=13q3pPq2q5&npa=1&dma_cps=-&dma=1&tcfd=1054r&gdid=dOThhZD&gtm_up=1&cid=796595105.1715688873&ecid=275711132&ul=no-no&sr=1600x1200&_fplc=0&ur=NO-03&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&ec_mode=c&sst.rnd=1992766370.1715688873&sst.ngst=1&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13q3pPq2q5&sst.adr=1&sst.gdpr=1&sst.gdpr_consent=tcempty&sst.tft=1715688870164&sst.ude=0&_s=1&sid=1715688871&sct=1&seg=0&dl=https%3A%2F%2Fwww2.eskytravel.no%2Fuserzone%2Flogin&dt=eSkyTravel.no&en=page_view&_fv=1&_nsi=1&_ss=1&ep.Domain=eskytravel.no&ep.referrer_short=&ep.masterid=default&ep.user_data._tag_mode=MANUAL&tfd=4412&richsstsse
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time
13
content-length
90
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www2.eskytravel.no
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
expires
Tue, 14 May 2024 12:14:34 GMT
collect
etm.eskytravel.no/g/ 		65 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://etm.eskytravel.no/g/collect?v=2&tid=G-6RMQ2VTF3Z&gtm=45je45d0v9127291674z8811350067za200&_p=1715688870164&gcs=G100&gcd=13q3pPq2q5&npa=1&dma_cps=-&dma=1&tcfd=1054r&gdid=dOThhZD&gtm_up=1&cid=796595105.1715688873&ecid=758830884&ul=no-no&sr=1600x1200&_fplc=0&ur=NO-03&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&ec_mode=c&sst.rnd=1992766370.1715688873&sst.ngst=1&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13q3pPq2q5&sst.adr=1&sst.gdpr=1&sst.gdpr_consent=tcempty&sst.tft=1715688870164&sst.ude=0&_s=1&sid=1715688871&sct=1&seg=0&dl=https%3A%2F%2Fwww2.eskytravel.no%2Fuserzone%2Flogin&dt=eSkyTravel.no&en=page_view&_fv=1&_ss=1&ep.Domain=eskytravel.no&ep.referrer_short=&ep.masterid=default&ep.user_data._tag_mode=MANUAL&tfd=4419&richsstsse
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time
13
content-length
90
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www2.eskytravel.no
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
expires
Tue, 14 May 2024 12:14:34 GMT
collect
etm.eskytravel.no/g/ 		65 B
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://etm.eskytravel.no/g/collect?v=2&tid=G-NK69RCRZ1P&gtm=45je45d0v9113934483z8811350067za200&_p=1715688870164&gcs=G100&gcd=13q3pPq2q5&npa=1&dma_cps=-&dma=1&tcfd=1054r&gdid=dOThhZD&gtm_up=1&cid=796595105.1715688873&ecid=1891776154&ul=no-no&sr=1600x1200&_fplc=0&ur=NO-03&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&ec_mode=c&sst.rnd=1992766370.1715688873&sst.gse=1&sst.ngst=1&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13q3pPq2q5&sst.adr=1&sst.gdpr=1&sst.gdpr_consent=tcempty&sst.tft=1715688870164&sst.ude=0&_s=1&sid=1715688871&sct=1&seg=0&dl=https%3A%2F%2Fwww2.eskytravel.no%2Fuserzone%2Flogin&dt=eSkyTravel.no&en=page_view&_fv=1&_ss=1&ep.Domain=eskytravel.no&ep.referrer_short=&ep.masterid=default&ep.user_data._tag_mode=MANUAL&tfd=4425&richsstsse
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time
68
content-length
90
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www2.eskytravel.no
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
expires
Tue, 14 May 2024 12:14:34 GMT
collect
etm.eskytravel.no/g/ 		65 B
755 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://etm.eskytravel.no/g/collect?v=2&tid=G-N9CRQD0ZQC&gtm=45je45d0v9101154298z8811350067za200&_p=1715688870164&gcs=G100&gcd=13q3pPq2q5&npa=1&dma_cps=-&dma=1&tcfd=1054r&gdid=dOThhZD&gtm_up=1&cid=796595105.1715688873&ecid=1973918288&ul=no-no&sr=1600x1200&_fplc=0&ur=NO-03&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&ec_mode=c&sst.rnd=1992766370.1715688873&sst.gse=1&sst.ngst=1&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13q3pPq2q5&sst.adr=1&sst.gdpr=1&sst.gdpr_consent=tcempty&sst.tft=1715688870164&sst.ude=0&_s=1&sid=1715688871&sct=1&seg=0&dl=https%3A%2F%2Fwww2.eskytravel.no%2Fuserzone%2Flogin&dt=eSkyTravel.no&en=page_view&_fv=1&_ss=1&ep.Domain=eskytravel.no&ep.referrer_short=&ep.masterid=default&ep.user_data._tag_mode=MANUAL&tfd=4435&richsstsse
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time
10
content-length
90
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www2.eskytravel.no
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
expires
Tue, 14 May 2024 12:14:34 GMT
collect
etm.eskytravel.no/g/ 		65 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://etm.eskytravel.no/g/collect?v=2&tid=G-9LZQHJ0BMV&gtm=45je45d0v9127291268za200&_p=1715688870164&gcs=G100&gcd=13q3pPq2q5&npa=1&dma_cps=-&dma=1&tcfd=1054r&gdid=dOThhZD&gtm_up=1&cid=796595105.1715688873&ecid=275711132&ul=no-no&sr=1600x1200&_fplc=0&ur=NO-03&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&ec_mode=c&_eu=AEA&sst.rnd=1992766370.1715688873&sst.ngst=1&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13q3pPq2q5&sst.adr=1&sst.gdpr=1&sst.gdpr_consent=tcempty&sst.tft=1715688870164&sst.sp=1&sst.em_event=1&sst.ude=0&_s=2&sid=1715688871&sct=1&seg=0&dl=https%3A%2F%2Fwww2.eskytravel.no%2Fuserzone%2Flogin&dt=eSkyTravel.no&en=scroll&ep.Domain=eskytravel.no&ep.referrer_short=&ep.masterid=default&epn.percent_scrolled=90&_et=26&ep.user_data._tag_mode=MANUAL&tfd=4938&richsstsse
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time
17
content-length
90
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www2.eskytravel.no
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
expires
Tue, 14 May 2024 12:14:34 GMT
collect
etm.eskytravel.no/g/ 		65 B
755 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://etm.eskytravel.no/g/collect?v=2&tid=G-6RMQ2VTF3Z&gtm=45je45d0v9127291674za200&_p=1715688870164&gcs=G100&gcd=13q3pPq2q5&npa=1&dma_cps=-&dma=1&tcfd=1054r&gdid=dOThhZD&gtm_up=1&cid=796595105.1715688873&ecid=758830884&ul=no-no&sr=1600x1200&_fplc=0&ur=NO-03&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&ec_mode=c&_eu=AEA&sst.rnd=1992766370.1715688873&sst.ngst=1&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13q3pPq2q5&sst.adr=1&sst.gdpr=1&sst.gdpr_consent=tcempty&sst.tft=1715688870164&sst.sp=1&sst.em_event=1&sst.ude=0&_s=2&sid=1715688871&sct=1&seg=0&dl=https%3A%2F%2Fwww2.eskytravel.no%2Fuserzone%2Flogin&dt=eSkyTravel.no&en=scroll&ep.Domain=eskytravel.no&ep.referrer_short=&ep.masterid=default&epn.percent_scrolled=90&_et=20&ep.user_data._tag_mode=MANUAL&tfd=4939&richsstsse
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time
15
content-length
90
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www2.eskytravel.no
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
expires
Tue, 14 May 2024 12:14:34 GMT
collect
etm.eskytravel.no/g/ 		65 B
755 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://etm.eskytravel.no/g/collect?v=2&tid=G-NK69RCRZ1P&gtm=45je45d0v9113934483za200&_p=1715688870164&gcs=G100&gcd=13q3pPq2q5&npa=1&dma_cps=-&dma=1&tcfd=1054r&gdid=dOThhZD&gtm_up=1&cid=796595105.1715688873&ecid=1891776154&ul=no-no&sr=1600x1200&_fplc=0&ur=NO-03&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&ec_mode=c&_eu=AEA&sst.rnd=1992766370.1715688873&sst.gse=1&sst.ngst=1&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13q3pPq2q5&sst.adr=1&sst.gdpr=1&sst.gdpr_consent=tcempty&sst.tft=1715688870164&sst.sp=1&sst.em_event=1&sst.ude=0&_s=2&sid=1715688871&sct=1&seg=0&dl=https%3A%2F%2Fwww2.eskytravel.no%2Fuserzone%2Flogin&dt=eSkyTravel.no&en=scroll&ep.Domain=eskytravel.no&ep.referrer_short=&ep.masterid=default&epn.percent_scrolled=90&_et=15&ep.user_data._tag_mode=MANUAL&tfd=4941&richsstsse
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time
54
content-length
90
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www2.eskytravel.no
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
expires
Tue, 14 May 2024 12:14:34 GMT
collect
etm.eskytravel.no/g/ 		65 B
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://etm.eskytravel.no/g/collect?v=2&tid=G-N9CRQD0ZQC&gtm=45je45d0v9101154298za200&_p=1715688870164&gcs=G100&gcd=13q3pPq2q5&npa=1&dma_cps=-&dma=1&tcfd=1054r&gdid=dOThhZD&gtm_up=1&cid=796595105.1715688873&ecid=1973918288&ul=no-no&sr=1600x1200&_fplc=0&ur=NO-03&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&ec_mode=c&_eu=AEA&sst.rnd=1992766370.1715688873&sst.gse=1&sst.ngst=1&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13q3pPq2q5&sst.adr=1&sst.gdpr=1&sst.gdpr_consent=tcempty&sst.tft=1715688870164&sst.sp=1&sst.em_event=1&sst.ude=0&_s=2&sid=1715688871&sct=1&seg=0&dl=https%3A%2F%2Fwww2.eskytravel.no%2Fuserzone%2Flogin&dt=eSkyTravel.no&en=scroll&ep.Domain=eskytravel.no&ep.referrer_short=&ep.masterid=default&epn.percent_scrolled=90&_et=8&ep.user_data._tag_mode=MANUAL&tfd=4942&richsstsse
Requested by
Host: www2.eskytravel.no
URL: https://www2.eskytravel.no/userzone/polyfills.d265125be91db23c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.178.59 Brussels, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-41-178-59.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www2.eskytravel.no/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:14:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-envoy-upstream-service-time
15
content-length
90
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www2.eskytravel.no
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
expires
Tue, 14 May 2024 12:14:34 GMT

Verdicts & Comments Add Verdict or Comment

218 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| dataLayer object| default_gsi object| _F_toggles object| google object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| ECSCoreConfig string| bazadebezolkohpepadr object| agreements object| i18n object| menuLinks object| partnerSettings object| currenciesConfig string| apiUrl string| authUrl object| _eac string| urhehlevkedkilrobacf object| webpackChunkuser_zone function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononpageswappatched boolean| __zone_symbol__ononpagerevealpatched boolean| __zone_symbol__ononscrollendpatched function| __zone_symbol__queueMicrotask object| __zone_symbol__testfalse object| __zone_symbol__ON_PROPERTYtest object| recaptcha object| __zone_symbol__loadfalse object| closure_lm_557035 object| __zone_symbol__messagefalse object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| settingsId undefined| language boolean| tcfEnabled boolean| disableGcmDefaults object| __zone_symbol__hashchangefalse object| __zone_symbol__popstatefalse object| closure_lm_869149 object| __zone_symbol__clickfalse object| __zone_symbol__submitfalse object| __zone_symbol__beforeunloadfalse object| _eas function| hj object| __APOLLO_CLIENT__ object| __zone_symbol__edlsPageViewfalse object| __zone_symbol__pagehidefalse function| onYouTubeIframeAPIReady function| __import__ boolean| UC_UI_IS_RENDERED function| dynamicImportPolyfill function| __tcfapi function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__edlsInitfalse object| __G_ID_CLIENT__ object| _edls object| __zone_symbol__keydownfalse object| __zone_symbol__resizetrue object| UC_UI object| __zone_symbol____react_tooltip_hide_eventfalse object| __zone_symbol____react_tooltip_rebuild_eventfalse object| __zone_symbol____react_tooltip_show_eventfalse object| __zone_symbol__resizefalse object| __zone_symbol__keyupfalse object| __zone_symbol__focusfalse object| __zone_symbol__blurfalse object| __zone_symbol__pageshowfalse object| gaGlobal function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

6 Cookies

Domain/Path Name / Value
.eskytravel.no/ Name: esky_TCSIS
Value: s.oqux.4.lw6cutlc
.eskytravel.no/ Name: esky_TCSI
Value: u.7sve.4.lw6cutld
.eskytravel.no/ Name: MasterId
Value: 840695f0-f2b4-5376-8293-6b6958a48f29
.eskytravel.no/ Name: ak_bmsc
Value: 95CC176713823A4757CC0B59EA6E6BA6~000000000000000000000000000000~YAAQN7IpF1ZQanKPAQAAnZcGdxd81utKVi4D0Z5VfzKYUkHdpnVqgbxLM5MuCL5QHyMM1owqlpmONP6UIHpHzlqIu2OfxmAFoKx87FWrXRngzH+k+EzWw4sSRLsXWNq8yDXOMWmDbAoZ0zmmHAQi5zaRVJJJrmWvvIMiLOzG90KLunBJ7uW9JTFA5FXPq47xZCLyzw01TbcdeEJreIimye37ufhlk+c/Upmz4lgJAee+jivusjSw9Ql0VBqW9b4y1yxDm+DeHqgFAquoph0HR77nQ+JVjZJlnHz487BUPAJ4YrdyhFPT+0bV0RJ4MdyBqP1FTD0NGZoBm1LLJbsnIb0gKjI2a/ezSfQEIPZByeIhTlx5VVd3sZeeeDO5lN67FmmdaJUw3pLI6MaRyr9obeNDspNBy40Xh/TjRWyAquZ+zNtmYjKxJVwaMuvAtX+f55jp5Yc=
www2.eskytravel.no/ Name: firstTimeVisit
Value: 202405141414
.eskytravel.no/ Name: bm_sv
Value: 50D798FD15BE7AED0C7A8240A6747907~YAAQN7IpF7ZQanKPAQAA+KAGdxfn/S7xIdNjCDAe4LvD2LuwW602jpaN29aSJmm6EixbbI8aqhgJFfz42O3Abx7ua0mERKSp/AUo4vMdNA/FtWM+GChnOhMX33k7rzf6VfxBE5UUB/TTcN9QaZR4f3utkrSTZt9EuQOrNzvvc/dMlyV2zcHmOlGMFhCpy5831sEwVHHDo27uzlrHBLwr2nVLPSe7PmmNW9F2S4AcdxERxW1jLXtmztgGds2jhMAe2S/d~1

2 Console Messages

Source Level URL
Text
other error URL: https://www2.eskytravel.no/userzone/login
Message:
Only one navigator.credentials.get request may be outstanding at one time.
other error URL: https://www2.eskytravel.no/userzone/login
Message:
Provider's accounts list is empty.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
aggregator.service.usercentrics.eu
api.usercentrics.eu
app.usercentrics.eu
consent-api.service.consent.usercentrics.eu
etm.eskytravel.no
fonts.gstatic.com
pagead2.googlesyndication.com
static1.eskypartners.com
uct.service.usercentrics.eu
www.esky.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www2.eskytravel.no
142.250.185.98
142.250.186.104
142.250.186.164
23.41.178.112
23.41.178.59
2600:1901:0:1e38::
2600:1901:0:256b::
2600:1901:0:5987::
2600:1901:0:c07c::
2a00:1450:4001:81d::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:4013:c16::54
3.160.150.97
34.95.108.180
35.190.14.188
35.241.3.184
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
02b9a4809664f80d1dbb3815e67acf2f2777b6d68df54c0e844d0c446a56e839
08979d805f74b296598422b81a04d9c28f967fe1119c85a8cda546fbfc8ea681
090f6af9ae875efd80b2e787b2ae11b49dc540a14d912d032586188d608e1f00
127d0c421dd563e562e5de1854c0760410ae145a3242f2d9e2401889a67f342c
17c3ba27b0ce92d358e825b7d3058daff251ef55176fc15d574e6a0da1b2daee
1a77b8597d71032ceb046e62dde7704296c8879b3f02f8d836b94f06f97d745a
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
267d390edd8437afa6e8fb5424bc7d6cd2d31f32139682d6cb19887bc7007f4a
29810752882df5d44a749bf0a91421e047be047140daf8ab97df94b06042bf10
5025ed76c47198e5ce92c5891a0b2bf7396b819b6d558a5e2ef6ff718c37f488
55dd78459a4c1fbd784998892f70e2990f0647431cd153528feacaaf932a3f9a
571254e7aecc537ab4a4eb7cf24db33201ce9170ec755495bdc72ef22e99efdd
5d35fc40d032e59cdeda34a68cba6789482c2fe18a7dd020653b373704558e2c
5d5d3f9cb8b4669ccaa6e93a26b5cf7fffa0228ffe29c4054a393854e27fe1ac
5d763433c13a2217b06bd2bdccd33c84127262dadd91e25562a4d3274117c590
5dfaa333731a1bbd6576f959a801b0a1563307a179c66eff6ae4a674f10ca695
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af02cb5faff08348606b99118fcfc9390c11819b3c930e2c451d6e9f9c1cfb0
70f3d063ecbf3d40db121b837f9c339a2b9350067aecba287a400b135efa4268
7474a88fd415f13c869035a6609cddf49de815c205fae59eae876618906ef783
764112f434ac0a5643c6c57ea015ff52269c359f3b1e0882dc44fbf34f28747d
7fe6b2a227162fe37a7273ae6c7463e3d723cadfff107700efa488aab21a0d6b
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8693a3b107314bfeb2aca4a2c12874ce7103ab1947227a719df6a948dee67e4a
883ff0f8de1eb15b58d825a62fe0718a7b7c9d6dfcbe6dcede471130fe8a1a63
89e17b83a2e06b56061234766b5d9f8feef650531e2e4734504ee9f6425bbf73
8e178deff87a66c4e9c8c013f9c9cfb5c20abca2d373f8ba3faf3e049e20b81e
91e799884d9c8edd92a87c3060eb144023ab1c87035e7cf638e25e253dab182b
9dbba0701d15f823821704ff0af22d7de6569dbd7bb5c464aed43448111dc4b3
9dcf28ffe8196884c801abfd7d0caab52a4d84bfe134d2d4fcf2dcdca22eb6e9
a9943fbabe51e835ec4bb366e825306a06bb3d106f82fcabfa48d5e25222a51b
ae881f06c8f26beba90159693c54adc7f425f3ad63053039d8c1a2057d2ec6c7
aea803d43dba4d33cfe0cf644beb8fd49fe9c22a8e44cbc780ba8f49dda5df83
b9e8d0d8528060ce8582b8cf175fbc65e5034fd782d8ad14cf324275c2290735
bd7be8509109ef4148d80240a7c824174ba895d747133d4ede1a3c8e15cdf7e4
c59c67e371590615365dad338299f0ee7116a571d4a049c41d0201721e0d266d
c851fdf3de3bfcadb64a57cc17ad1a7426f2c4388fc5b269fa591bff7ddd5184
ca61f2ecdd14c962119c00d8eb5f4912e6b400b4817e41fd27a3765fec580c00
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d6ed57528e4162443c7b65911a3a9ca969f670d9266d76e64c6898d421072bc9
d7d459f7286d1d7b0b79e0412baa9ee1b2e38b4d1bc7dea896a04a020ab2cbcb
dfff46c356a944b6656161ffe4282fab01103dc14066e15227c365d69a13caed
e11f5b09c1a69782909f1cff72581d76ee96d06919209f0fe9652d3a690370b6
e357b02137741b5640a01eb60531cc5b9f1ad6af0797abd26d34249073fb11b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4884db72dee736a61dcea04bdca92d5e19f7d5ef9970e377a1295ecbbf93122
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e650ab97f53ff4a5b06b0a7f93c96b63eddc85bcf0a7440a6a094530328d1bb5
e7c6bdd80798b9aeba40b9e140d736304798f694b2fa9582f86b80b50f888540
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f333e1585f5495ef86fb36a5ccbc84efbc2ff3c56d95411618688fd2cdd9cbb7
f4f71d4422b0bc3a4c2b1d8235aea2dce26b99474763bf93f2c4cce677b83529
f59973ae8aa50c92dcdbbdcb5710f5058319fede48f02651ec1c675b968827da
fe990303dc7987645bb2de1bb7fcfc9444791d21ce8f0982635f3256d3645557