minside.flytoget.no Open in urlscan Pro
81.93.160.208 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://minside.flytoget.no/no/ActivateDeal
Submission: On May 13 via manual (May 13th 2020, 7:25:38 am UTC) from NO

Summary HTTP 62 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 22 IPs in 7 countries across 15 domains to perform 62 HTTP transactions. The main IP is 81.93.160.208, located in Norway and belongs to BASEFARM-ASN Oslo - Norway, NO. The main domain is minside.flytoget.no.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on March 26th 2020. Valid for: a year.

This is the only time minside.flytoget.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	81.93.160.208 81.93.160.208	25148 (BASEFARM-...) (BASEFARM-ASN Oslo - Norway)
6	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff0a	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
1	2a02:26f0:64:... 2a02:26f0:64:48a::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	212.89.52.50 212.89.52.50	2116 (ASN-CATCHCOM) (ASN-CATCHCOM)
2 5	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2 4	216.58.207.38 216.58.207.38	15169 (GOOGLE) (GOOGLE)
1	147.75.84.91 147.75.84.91	54825 (PACKET) (PACKET)
3 6	216.58.206.6 216.58.206.6	15169 (GOOGLE) (GOOGLE)
1	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 4	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.210.249.83 23.210.249.83	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	147.75.33.233 147.75.33.233	54825 (PACKET) (PACKET)
2	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
62	22

19 81.93.160.208 (Norway)

ASN25148 (BASEFARM-ASN Oslo - Norway, NO)

minside.flytoget.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a01:4a0:1338:28::c38a:ff0a (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64:48a::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.89.52.50 (Norway)

ASN2116 (ASN-CATCHCOM, NO)

chat.puzzel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.207.38 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f6.1e100.net

6073614.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8407662.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.91 (Parsippany, United States)

ASN54825 (PACKET, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.206.6 (Mountain View, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f6.1e100.net

9835261.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.37 (Ascension Island) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.83 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-83.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.33.233 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress14

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.145 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.36 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	flytoget.no minside.flytoget.no	1 MB
13	doubleclick.net 7 redirects 6073614.fls.doubleclick.net 8407662.fls.doubleclick.net 9835261.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	4 KB
8	adnxs.com 2 redirects secure.adnxs.com acdn.adnxs.com ib.adnxs.com	8 KB
7	typekit.net use.typekit.net p.typekit.net	97 KB
5	facebook.com www.facebook.com	1 KB
5	google-analytics.com 2 redirects www.google-analytics.com	20 KB
3	google.de www.google.de	319 B
3	google.com 2 redirects www.google.com	503 B
2	facebook.net connect.facebook.net	142 KB
2	hotjar.com static.hotjar.com script.hotjar.com	72 KB
1	googleadservices.com www.googleadservices.com	11 KB
1	puzzel.com chat.puzzel.com	510 B
1	googletagmanager.com www.googletagmanager.com	48 KB
1	googleapis.com fonts.googleapis.com	1 KB
0	adform.net Failed track.adform.net Failed s2.adform.net Failed
62	15

	Domain	Requested by
19	minside.flytoget.no	minside.flytoget.no
6	9835261.fls.doubleclick.net	3 redirects www.googletagmanager.com
6	use.typekit.net	minside.flytoget.no use.typekit.net
5	www.facebook.com
5	www.google-analytics.com	2 redirects www.googletagmanager.com www.google-analytics.com
4	secure.adnxs.com	2 redirects
3	ib.adnxs.com
3	www.google.de
3	www.google.com	2 redirects
2	stats.g.doubleclick.net	2 redirects
2	connect.facebook.net	minside.flytoget.no connect.facebook.net
2	8407662.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	6073614.fls.doubleclick.net	1 redirects www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	script.hotjar.com	static.hotjar.com
1	acdn.adnxs.com	minside.flytoget.no
1	www.googleadservices.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	chat.puzzel.com	minside.flytoget.no
1	www.googletagmanager.com	minside.flytoget.no
1	fonts.googleapis.com	minside.flytoget.no
1	p.typekit.net	minside.flytoget.no
0	s2.adform.net Failed
0	track.adform.net Failed	minside.flytoget.no
62	24

This site contains links to these domains. Also see Links.

Domain
www.flytoget.no
flytoget.no

Subject Issuer	Validity	Valid
*.flytoget.no DigiCert SHA2 High Assurance Server CA	`2020-03-26` - `2021-03-31`	a year	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.puzzel.com DigiCert SHA2 Secure Server CA	`2020-03-05` - `2022-05-20`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-04-15` - `2020-07-14`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://minside.flytoget.no/no/ActivateDeal
Frame ID: C7DBCBFD323ED977E78E8BEF37D1FB28
Requests: 55 HTTP requests in this frame

Frame: https://6073614.fls.doubleclick.net/activityi;dc_pre=CM2v3NinsOkCFQ2Mdwod3H0LIw;src=6073614;type=invmedia;cat=3okb8erg;ord=3130929045939;gtm=2wg4t0;auiddc=907395539.1589354713;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal
Frame ID: 5BCAB424BF4C8CE120CA5BE33133A3A5
Requests: 1 HTTP requests in this frame

Frame: https://8407662.fls.doubleclick.net/activityi;dc_pre=CJbE3NinsOkCFc6KdwodS84Gew;src=8407662;type=invmedia;cat=flyto0;ord=1;num=3046094479543;gtm=2wg4t0;auiddc=907395539.1589354713;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal
Frame ID: A035660E47C201F55EA612A31FDC425B
Requests: 1 HTTP requests in this frame

Frame: https://9835261.fls.doubleclick.net/activityi;dc_pre=CLHH3NinsOkCFQ32dwod7pIAIA;src=9835261;type=m-track;cat=m-ph;ord=1;num=5059426702454;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=;u7=%2Fno%2FActivateDeal;u8=minside.flytoget.no;u11=1;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal
Frame ID: 82F9E843D1BB10CF1E7D4A2E05E18C8D
Requests: 1 HTTP requests in this frame

Frame: https://9835261.fls.doubleclick.net/activityi;dc_pre=CJay6d-nsOkCFQ2Mdwod3H0LIw;src=9835261;type=m-track;cat=m-pv15;ord=1;num=7640318631991;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=;u7=%2Fno%2FActivateDeal;u8=minside.flytoget.no;u11=1;u12=90;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal
Frame ID: 2F97A2C12DB2EEBA23606E7F823E90FB
Requests: 1 HTTP requests in this frame

Frame: https://9835261.fls.doubleclick.net/activityi;dc_pre=CNnNmuKnsOkCFRkEiwodmqMAQw;src=9835261;type=m-track;cat=m-tos10;ord=1;num=5404815224126;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=;u7=%2Fno%2FActivateDeal;u8=minside.flytoget.no;u11=1;u12=90;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal
Frame ID: BB69111626B5F38E05515F1D225C5787
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /adnxs\.(?:net|com)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

62
Requests

94 %
HTTPS

50 %
IPv6

15
Domains

24
Subdomains

22
IPs

7
Countries

1637 kB
Transfer

2552 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.flytoget.no/
Title:

Search URL Search Domain Scan URL

URL: https://flytoget.no/no/informasjonskapsler/
Title: Les om vår bruk av informasjonskapsler

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://6073614.fls.doubleclick.net/activityi;src=6073614;type=invmedia;cat=3okb8erg;ord=3130929045939;gtm=2wg4t0;auiddc=907395539.1589354713;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal HTTP 302
https://6073614.fls.doubleclick.net/activityi;dc_pre=CM2v3NinsOkCFQ2Mdwod3H0LIw;src=6073614;type=invmedia;cat=3okb8erg;ord=3130929045939;gtm=2wg4t0;auiddc=907395539.1589354713;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal

Request Chain 30

https://8407662.fls.doubleclick.net/activityi;src=8407662;type=invmedia;cat=flyto0;ord=1;num=3046094479543;gtm=2wg4t0;auiddc=907395539.1589354713;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal HTTP 302
https://8407662.fls.doubleclick.net/activityi;dc_pre=CJbE3NinsOkCFc6KdwodS84Gew;src=8407662;type=invmedia;cat=flyto0;ord=1;num=3046094479543;gtm=2wg4t0;auiddc=907395539.1589354713;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal

Request Chain 31

https://9835261.fls.doubleclick.net/activityi;src=9835261;type=m-track;cat=m-ph;ord=1;num=5059426702454;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=;u7=%2Fno%2FActivateDeal;u8=minside.flytoget.no;u11=1;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal HTTP 302
https://9835261.fls.doubleclick.net/activityi;dc_pre=CLHH3NinsOkCFQ32dwod7pIAIA;src=9835261;type=m-track;cat=m-ph;ord=1;num=5059426702454;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=;u7=%2Fno%2FActivateDeal;u8=minside.flytoget.no;u11=1;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal

Request Chain 34

https://secure.adnxs.com/px?id=618088&seg=3584880&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D618088%26seg%3D3584880%26t%3D1

Request Chain 36

https://secure.adnxs.com/px?id=1060449&seg=16060806&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1060449%26seg%3D16060806%26t%3D1

Request Chain 40

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1284528601&t=pageview&_s=1&dl=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal&ul=en-us&de=UTF-8&dt=Aktiver%20avtale%20-%20Flytoget&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAL~&jid=928124678&gjid=1898987900&cid=1614924944.1589354713&tid=UA-2929009-1&_gid=1075610699.1589354713&_r=1&gtm=2wg4t0MBTQ7G&z=1635826558 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2929009-1&cid=1614924944.1589354713&jid=928124678&_gid=1075610699.1589354713&gjid=1898987900&_v=j82&z=1635826558 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2929009-1&cid=1614924944.1589354713&jid=928124678&_v=j82&z=1635826558 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2929009-1&cid=1614924944.1589354713&jid=928124678&_v=j82&z=1635826558&slf_rd=1&random=3801965468

Request Chain 52

https://9835261.fls.doubleclick.net/activityi;src=9835261;type=m-track;cat=m-pv15;ord=1;num=7640318631991;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=;u7=%2Fno%2FActivateDeal;u8=minside.flytoget.no;u11=1;u12=90;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal HTTP 302
https://9835261.fls.doubleclick.net/activityi;dc_pre=CJay6d-nsOkCFQ2Mdwod3H0LIw;src=9835261;type=m-track;cat=m-pv15;ord=1;num=7640318631991;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=;u7=%2Fno%2FActivateDeal;u8=minside.flytoget.no;u11=1;u12=90;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal

Request Chain 55

https://9835261.fls.doubleclick.net/activityi;src=9835261;type=m-track;cat=m-tos10;ord=1;num=5404815224126;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=;u7=%2Fno%2FActivateDeal;u8=minside.flytoget.no;u11=1;u12=90;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal HTTP 302
https://9835261.fls.doubleclick.net/activityi;dc_pre=CNnNmuKnsOkCFRkEiwodmqMAQw;src=9835261;type=m-track;cat=m-tos10;ord=1;num=5404815224126;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=;u7=%2Fno%2FActivateDeal;u8=minside.flytoget.no;u11=1;u12=90;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal

Request Chain 56

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1284528601&t=event&ni=1&_s=1&dl=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal&ul=en-us&de=UTF-8&dt=Aktiver%20avtale%20-%20Flytoget&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Kundereise&ea=20%20sec&el=%2Fno%2FActivateDeal&_u=aGhAAEAL~&jid=31824299&gjid=365277448&cid=1614924944.1589354713&tid=UA-2929009-1&_gid=512229087.1589354733&_r=1&gtm=2wg4t0MBTQ7G&z=1236870926 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2929009-1&cid=1614924944.1589354713&jid=31824299&_gid=512229087.1589354733&gjid=365277448&_v=j82&z=1236870926 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2929009-1&cid=1614924944.1589354713&jid=31824299&_v=j82&z=1236870926 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2929009-1&cid=1614924944.1589354713&jid=31824299&_v=j82&z=1236870926&slf_rd=1&random=3629941311

62 HTTP transactions
-2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set ActivateDeal Show response
minside.flytoget.no/no/ 19 KB
21 KB 171ms
53ms Document
text/html 81.93.160.208
Norway

General

Check archive.org

Show headers Download Go to

Full URL

https://minside.flytoget.no/no/ActivateDeal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.93.160.208 , Norway, ASN25148 (BASEFARM-ASN Oslo - Norway, NO),

Reverse DNS

Software

Resource Hash

3e649ec5973a669dcdbb930d5439e154e82f174e3f8b1e061ac08d006c2e0a61

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN deny
X-Xss-Protection	1; mode=block

Request headers

Host: minside.flytoget.no
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Set-Cookie: language=no; expires=Mon, 13-May-2030 07:25:12 GMT; path=/; secure; HttpOnly; SameSite=strict language=no; expires=Mon, 13-May-2030 07:25:12 GMT; path=/; secure; HttpOnly; SameSite=strict __RequestVerificationToken=jMKUeg_Y4DcU_s30aO9LVYqQG4iJ7zaj1BYUIwfIPoNKL9CQHuzOKkF1XmvDTGXSdK2kjBfWq188uRkFQn0AdteKssg1; path=/; secure; HttpOnly; SameSite=strict BIGipServer~fly~fly-p-fdkweb-8088=rd2o00000000000000000000ffff0a1f930ao8088; path=/; Httponly; Secure TS017fdd08=01b50bf2b10a8ce8989d0d60299dc3733f0d075a2f61241ff6169d96f1cc9a2dea32ff98c6c6144237beaffa1f1fc5ea205e588f8c6e878bd83996012fdbe3acbf644d8c1e15ada475bf68c7a13a45794a217e8e40ba97081595bd2f2c5449bf2753a61b753f4f207bc998c6e322b68c03b302f42e; Path=/; Secure; HTTPOnly
X-Frame-Options: SAMEORIGIN deny
Strict-Transport-Security: max-age=7776000; includeSubDomains
X-Content-Type: nosniff
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; font-src *; img-src * data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com *.typekit.net; frame-src *.doubleclick.net *.facebook.com *.facebook.net *.google.com; media-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typekit.net track.adform.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.facebook.net *.facebook.com *.adnxs.com *.doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Referrer-Policy: strict-origin
Date: Wed, 13 May 2020 07:25:11 GMT
Content-Length: 19526

GET
H/1.1 200
OK fontello.css
minside.flytoget.no/Content/Images/webfonts/css/ 3 KB
4 KB 64ms
42ms Stylesheet
text/css 81.93.160.208
Norway

General

Check archive.org

Show headers Download Go to

Full URL

https://minside.flytoget.no/Content/Images/webfonts/css/fontello.css

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.93.160.208 , Norway, ASN25148 (BASEFARM-ASN Oslo - Norway, NO),

Reverse DNS

Software

Resource Hash

bc43c321cf05f20e98528e37d25b94958c9d2588db57852d6e259df117b6fe0a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type: nosniff
Strict-Transport-Security: max-age=7776000; includeSubDomains
Referrer-Policy: strict-origin
Last-Modified: Thu, 06 Feb 2020 08:59:08 GMT
ETag: "016cdb0cbdcd51:0"
X-Frame-Options: deny
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Date: Wed, 13 May 2020 07:25:11 GMT
Content-Security-Policy: default-src 'self'; font-src *; img-src * data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com *.typekit.net; frame-src *.doubleclick.net *.facebook.com *.facebook.net *.google.com; media-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typekit.net track.adform.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.facebook.net *.facebook.com *.adnxs.com *.doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Accept-Ranges: bytes
Content-Length: 3329
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK fdkheaderjs Show response
minside.flytoget.no/bundles/ 1 KB
2 KB 121ms
43ms Script
text/javascript 81.93.160.208
Norway

General

Check archive.org

Show headers Download Go to

Full URL

https://minside.flytoget.no/bundles/fdkheaderjs?v=qS0ZqnY2HSpLbfdLAuxDByq7sODdNKzpXt9-khNGzns1

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.93.160.208 , Norway, ASN25148 (BASEFARM-ASN Oslo - Norway, NO),

Reverse DNS

Software

Resource Hash

bb738c63dd2b2fada6902a69f7a0a06324b32125bbac7715356d82aa3044cac0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type: nosniff
Strict-Transport-Security: max-age=7776000; includeSubDomains
Referrer-Policy: strict-origin
Last-Modified: Wed, 13 May 2020 07:25:12 GMT
X-Frame-Options: deny
Date: Wed, 13 May 2020 07:25:11 GMT
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src *; img-src * data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com *.typekit.net; frame-src *.doubleclick.net *.facebook.com *.facebook.net *.google.com; media-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typekit.net track.adform.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.facebook.net *.facebook.com *.adnxs.com *.doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Content-Length: 1374
X-XSS-Protection: 1; mode=block
Expires: Thu, 13 May 2021 07:25:12 GMT

GET
H/1.1 200
OK css
minside.flytoget.no/bundles/ 130 KB
131 KB 115ms
50ms Stylesheet
text/css 81.93.160.208
Norway

General

Check archive.org

Show headers Download Go to

Full URL

https://minside.flytoget.no/bundles/css?v=bZmZrJLLE0PnzVrSebpYCI6owdW85sCPIDazqdmBXB01

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.93.160.208 , Norway, ASN25148 (BASEFARM-ASN Oslo - Norway, NO),

Reverse DNS

Software

Resource Hash

6b0079963aab5eab8f6ac7e7ee6f2dd4f6b87ce59d9ec8d4cef03362786eb803

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type: nosniff
Strict-Transport-Security: max-age=7776000; includeSubDomains
Referrer-Policy: strict-origin
Last-Modified: Wed, 13 May 2020 07:25:12 GMT
X-Frame-Options: deny
Date: Wed, 13 May 2020 07:25:11 GMT
Vary: User-Agent
Content-Type: text/css; charset=utf-8
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src *; img-src * data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com *.typekit.net; frame-src *.doubleclick.net *.facebook.com *.facebook.net *.google.com; media-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typekit.net track.adform.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.facebook.net *.facebook.com *.adnxs.com *.doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Content-Length: 133587
X-XSS-Protection: 1; mode=block
Expires: Thu, 13 May 2021 07:25:12 GMT

GET
H/1.1 200
OK flytoget-logo-desktop.svg
minside.flytoget.no/Content/Images/svg/ 3 KB
3 KB 59ms
45ms Image
image/svg+xml 81.93.160.208
Norway

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minside.flytoget.no/Content/Images/svg/flytoget-logo-desktop.svg

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.93.160.208 , Norway, ASN25148 (BASEFARM-ASN Oslo - Norway, NO),

Reverse DNS

Software

Resource Hash

38c272266ed711d26371c5801d6596a196f47668bfcb835a9ccd866179c8dc86

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type: nosniff
Strict-Transport-Security: max-age=7776000; includeSubDomains
Referrer-Policy: strict-origin
Last-Modified: Thu, 06 Feb 2020 08:59:08 GMT
ETag: "016cdb0cbdcd51:0"
X-Frame-Options: deny
Content-Type: image/svg+xml
X-XSS-Protection: 1; mode=block
Date: Wed, 13 May 2020 07:25:11 GMT
Content-Security-Policy: default-src 'self'; font-src *; img-src * data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com *.typekit.net; frame-src *.doubleclick.net *.facebook.com *.facebook.net *.google.com; media-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typekit.net track.adform.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.facebook.net *.facebook.com *.adnxs.com *.doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Accept-Ranges: bytes
Content-Length: 2639
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK fdkjs Show response
minside.flytoget.no/bundles/no/ 334 KB
335 KB 42ms
42ms Script
text/javascript 81.93.160.208
Norway

General

Check archive.org

Show headers Download Go to

Full URL

https://minside.flytoget.no/bundles/no/fdkjs?v=T3btavkkqVvNzQpmaWGxwEem84AxgQUYRWz41pY6Eb01

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.93.160.208 , Norway, ASN25148 (BASEFARM-ASN Oslo - Norway, NO),

Reverse DNS

Software

Resource Hash

16b395d0098bf1925f4079211db0be81ecf73af948e25e9a8d8f53e96709836e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type: nosniff
Strict-Transport-Security: max-age=7776000; includeSubDomains
Referrer-Policy: strict-origin
Last-Modified: Wed, 13 May 2020 07:25:12 GMT
X-Frame-Options: deny
Date: Wed, 13 May 2020 07:25:11 GMT
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src *; img-src * data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com *.typekit.net; frame-src *.doubleclick.net *.facebook.com *.facebook.net *.google.com; media-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typekit.net track.adform.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.facebook.net *.facebook.com *.adnxs.com *.doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Content-Length: 341980
X-XSS-Protection: 1; mode=block
Expires: Thu, 13 May 2021 07:25:12 GMT

GET
H/1.1 200
OK activatedeal Show response
minside.flytoget.no/bundles/ 1 KB
2 KB 45ms
43ms Script
text/javascript 81.93.160.208
Norway

General

Check archive.org

Show headers Download Go to

Full URL

https://minside.flytoget.no/bundles/activatedeal?v=t8lGhXc6XZalW8nQmliFWN465mGgJuvd58q5mUC1Xvc1

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.93.160.208 , Norway, ASN25148 (BASEFARM-ASN Oslo - Norway, NO),

Reverse DNS

Software

Resource Hash

21b63a8daa7ad6ee11eb4e1f3f8a984d5eebdb29e8e9b96cb7d74892abf1fa36

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type: nosniff
Strict-Transport-Security: max-age=7776000; includeSubDomains
Referrer-Policy: strict-origin
Last-Modified: Wed, 13 May 2020 07:25:12 GMT
X-Frame-Options: deny
Date: Wed, 13 May 2020 07:25:11 GMT
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src *; img-src * data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com *.typekit.net; frame-src *.doubleclick.net *.facebook.com *.facebook.net *.google.com; media-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typekit.net track.adform.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.facebook.net *.facebook.com *.adnxs.com *.doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Content-Length: 1153
X-XSS-Protection: 1; mode=block
Expires: Thu, 13 May 2021 07:25:12 GMT

GET
H/1.1 200
OK partials Show response
minside.flytoget.no/bundles/ 152 KB
153 KB 43ms
42ms Script
text/javascript 81.93.160.208
Norway

General

Check archive.org

Show headers Download Go to

Full URL

https://minside.flytoget.no/bundles/partials?v=Bk4tYV1wA9NoWNFpaj2ETGLGAX8474ipbPqtdZpK-Cw1

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.93.160.208 , Norway, ASN25148 (BASEFARM-ASN Oslo - Norway, NO),

Reverse DNS

Software

Resource Hash

24927211b6c4ba0645e62e2bb7bce209f72da8fa21a5e1d9dcb311ebf8abcef7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type: nosniff
Strict-Transport-Security: max-age=7776000; includeSubDomains
Referrer-Policy: strict-origin
Last-Modified: Wed, 13 May 2020 07:25:12 GMT
X-Frame-Options: deny
Date: Wed, 13 May 2020 07:25:11 GMT
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src *; img-src * data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com *.typekit.net; frame-src *.doubleclick.net *.facebook.com *.facebook.net *.google.com; media-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typekit.net track.adform.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.facebook.net *.facebook.com *.adnxs.com *.doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Content-Length: 155549
X-XSS-Protection: 1; mode=block
Expires: Thu, 13 May 2021 07:25:12 GMT

GET
H/1.1 200
OK font-awesome.min.css
minside.flytoget.no/Content/Images/webfonts/css/ 26 KB
27 KB 88ms
43ms Stylesheet
text/css 81.93.160.208
Norway

General

Check archive.org

Show headers Download Go to

Full URL

https://minside.flytoget.no/Content/Images/webfonts/css/font-awesome.min.css

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.93.160.208 , Norway, ASN25148 (BASEFARM-ASN Oslo - Norway, NO),

Reverse DNS

Software

Resource Hash

eb901e93a4f8bdbd1e100dae97b52abb7d7b5393e4b99dc04ae774394c0fea2f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type: nosniff
Strict-Transport-Security: max-age=7776000; includeSubDomains
Referrer-Policy: strict-origin
Last-Modified: Thu, 06 Feb 2020 08:59:06 GMT
ETag: "0e99bafcbdcd51:0"
X-Frame-Options: deny
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Date: Wed, 13 May 2020 07:25:11 GMT
Content-Security-Policy: default-src 'self'; font-src *; img-src * data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com *.typekit.net; frame-src *.doubleclick.net *.facebook.com *.facebook.net *.google.com; media-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typekit.net track.adform.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.facebook.net *.facebook.com *.adnxs.com *.doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Accept-Ranges: bytes
Content-Length: 26649
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK intelecom-light.css
minside.flytoget.no/Content/ExternalChatClient/ 30 KB
31 KB 92ms
43ms Stylesheet
text/css 81.93.160.208
Norway

General

Check archive.org

Show headers Download Go to

Full URL

https://minside.flytoget.no/Content/ExternalChatClient/intelecom-light.css

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.93.160.208 , Norway, ASN25148 (BASEFARM-ASN Oslo - Norway, NO),

Reverse DNS

Software

Resource Hash

590f2dd42df409b9014dcb078add16b0789dd9eaeab109d0cc73165e0b881eb0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type: nosniff
Strict-Transport-Security: max-age=7776000; includeSubDomains
Referrer-Policy: strict-origin
Last-Modified: Thu, 06 Feb 2020 08:59:06 GMT
ETag: "0e99bafcbdcd51:0"
X-Frame-Options: deny
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Date: Wed, 13 May 2020 07:25:11 GMT
Content-Security-Policy: default-src 'self'; font-src *; img-src * data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com *.typekit.net; frame-src *.doubleclick.net *.facebook.com *.facebook.net *.google.com; media-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typekit.net track.adform.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.facebook.net *.facebook.com *.adnxs.com *.doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Accept-Ranges: bytes
Content-Length: 31152
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK jquery-latest.min.js Show response
minside.flytoget.no/Content/ExternalChatClient/ 86 KB
87 KB 93ms
43ms Script
application/javascript 81.93.160.208
Norway

General

Check archive.org

Show headers Download Go to

Full URL

https://minside.flytoget.no/Content/ExternalChatClient/jquery-latest.min.js

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.93.160.208 , Norway, ASN25148 (BASEFARM-ASN Oslo - Norway, NO),

Reverse DNS

Software

Resource Hash

412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type: nosniff
Strict-Transport-Security: max-age=7776000; includeSubDomains
Referrer-Policy: strict-origin
Last-Modified: Thu, 06 Feb 2020 08:59:06 GMT
ETag: "0e99bafcbdcd51:0"
X-Frame-Options: deny
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Date: Wed, 13 May 2020 07:25:11 GMT
Content-Security-Policy: default-src 'self'; font-src *; img-src * data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com *.typekit.net; frame-src *.doubleclick.net *.facebook.com *.facebook.net *.google.com; media-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typekit.net track.adform.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.facebook.net *.facebook.com *.adnxs.com *.doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Accept-Ranges: bytes
Content-Length: 88147
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK jquery-intelecomchat.libs.latest.min.js Show response
minside.flytoget.no/Content/ExternalChatClient/ 229 KB
230 KB 116ms
41ms Script
application/javascript 81.93.160.208
Norway

General

Check archive.org

Show headers Download Go to

Full URL

https://minside.flytoget.no/Content/ExternalChatClient/jquery-intelecomchat.libs.latest.min.js

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.93.160.208 , Norway, ASN25148 (BASEFARM-ASN Oslo - Norway, NO),

Reverse DNS

Software

Resource Hash

1bf5114f2d4efd7fcf4be840538bac7e6a98b63b1f3663186de64568cf5ff0bf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type: nosniff
Strict-Transport-Security: max-age=7776000; includeSubDomains
Referrer-Policy: strict-origin
Last-Modified: Thu, 06 Feb 2020 08:59:06 GMT
ETag: "0e99bafcbdcd51:0"
X-Frame-Options: deny
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Date: Wed, 13 May 2020 07:25:11 GMT
Content-Security-Policy: default-src 'self'; font-src *; img-src * data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com *.typekit.net; frame-src *.doubleclick.net *.facebook.com *.facebook.net *.google.com; media-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typekit.net track.adform.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.facebook.net *.facebook.com *.adnxs.com *.doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Accept-Ranges: bytes
Content-Length: 234846
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK jquery-intelecomchat.latest.min.js Show response
minside.flytoget.no/Content/ExternalChatClient/ 111 KB
112 KB 46ms
45ms Script
application/javascript 81.93.160.208
Norway

General

Check archive.org

Show headers Download Go to

Full URL

https://minside.flytoget.no/Content/ExternalChatClient/jquery-intelecomchat.latest.min.js

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.93.160.208 , Norway, ASN25148 (BASEFARM-ASN Oslo - Norway, NO),

Reverse DNS

Software

Resource Hash

d0eaad6b65c8af9b1f8c90e30886f73b7ecc9a776cb7d175538762633f96139b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type: nosniff
Strict-Transport-Security: max-age=7776000; includeSubDomains
Referrer-Policy: strict-origin
Last-Modified: Thu, 06 Feb 2020 08:59:06 GMT
ETag: "0e99bafcbdcd51:0"
X-Frame-Options: deny
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Date: Wed, 13 May 2020 07:25:11 GMT
Content-Security-Policy: default-src 'self'; font-src *; img-src * data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com *.typekit.net; frame-src *.doubleclick.net *.facebook.com *.facebook.net *.google.com; media-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typekit.net track.adform.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.facebook.net *.facebook.com *.adnxs.com *.doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Accept-Ranges: bytes
Content-Length: 113507
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK externalchatjs Show response
minside.flytoget.no/bundles/ 1 KB
2 KB 42ms
42ms Script
text/javascript 81.93.160.208
Norway

General

Check archive.org

Show headers Download Go to

Full URL

https://minside.flytoget.no/bundles/externalchatjs?v=BsM6Usht1cErofRnTV9bOlKcg4RIHXQ0zBjfseCvjss1

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.93.160.208 , Norway, ASN25148 (BASEFARM-ASN Oslo - Norway, NO),

Reverse DNS

Software

Resource Hash

ce8146db3dad4d3737fd34b4c7be706983b9d5dde8b4c7e300b552650118a024

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type: nosniff
Strict-Transport-Security: max-age=7776000; includeSubDomains
Referrer-Policy: strict-origin
Last-Modified: Wed, 13 May 2020 07:25:12 GMT
X-Frame-Options: deny
Date: Wed, 13 May 2020 07:25:11 GMT
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src *; img-src * data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com *.typekit.net; frame-src *.doubleclick.net *.facebook.com *.facebook.net *.google.com; media-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typekit.net track.adform.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.facebook.net *.facebook.com *.adnxs.com *.doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Content-Length: 1080
X-XSS-Protection: 1; mode=block
Expires: Thu, 13 May 2021 07:25:12 GMT

GET
H/1.1 200
OK googleTagManager Show response
minside.flytoget.no/bundles/ 324 B
1 KB 42ms
41ms Script
text/javascript 81.93.160.208
Norway

General

Check archive.org

Show headers Download Go to

Full URL

https://minside.flytoget.no/bundles/googleTagManager?v=gpK1vJz-77LkWJliKEduNtPJwLs4O-BkPT0fSkY4nZg1

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.93.160.208 , Norway, ASN25148 (BASEFARM-ASN Oslo - Norway, NO),

Reverse DNS

Software

Resource Hash

515aafbb4a7e6dcd1174280b6acb98b8f8d428a0ab1316f0a76c5f5b34a9e18e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type: nosniff
Strict-Transport-Security: max-age=7776000; includeSubDomains
Referrer-Policy: strict-origin
Last-Modified: Wed, 13 May 2020 07:25:12 GMT
X-Frame-Options: deny
Date: Wed, 13 May 2020 07:25:12 GMT
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src *; img-src * data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com *.typekit.net; frame-src *.doubleclick.net *.facebook.com *.facebook.net *.google.com; media-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typekit.net track.adform.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.facebook.net *.facebook.com *.adnxs.com *.doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Content-Length: 324
X-XSS-Protection: 1; mode=block
Expires: Thu, 13 May 2021 07:25:12 GMT

GET
H2 200 knb8wlu.js Show response
use.typekit.net/ 19 KB
8 KB 14ms
13ms Script
text/javascript 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/knb8wlu.js

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/bundles/fdkheaderjs?v=qS0ZqnY2HSpLbfdLAuxDByq7sODdNKzpXt9-khNGzns1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),

Reverse DNS

Software

nginx /

Resource Hash

2886a485eb876545b95f0dd1eda85ebe13985c09c6192079cc4fcf2da906ce30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
status: 200
date: Wed, 13 May 2020 07:25:12 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 7460

GET
H2 200 l
use.typekit.net/af/d32e26/00000000000000000001709b/27/ 18 KB
18 KB 5ms
4ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d32e26/00000000000000000001709b/27/l?subset_id=2&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/knb8wlu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: e2faaaaa831709ca8cf29d46c65860e3cb560cce2142153dbf393563bf024757

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://minside.flytoget.no/
Origin: https://minside.flytoget.no

Response headers

date: Wed, 13 May 2020 07:25:12 GMT
server: nginx
etag: "15087916bd76ad8da6b2ea9bb720294c3380400f"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 18288

GET
H2 200 l
use.typekit.net/af/c630c3/000000000000000000017098/27/ 17 KB
18 KB 6ms
5ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c630c3/000000000000000000017098/27/l?subset_id=2&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/knb8wlu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9c8e3b13abe74f948ffe564d62df78a1e23bfd810b0cde91ec21db3641fc0451

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://minside.flytoget.no/
Origin: https://minside.flytoget.no

Response headers

date: Wed, 13 May 2020 07:25:12 GMT
server: nginx
etag: "6c78a03f620b128b954ef8cfd53c3f6b37d2c8a0"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 17848

GET
H2 200 l
use.typekit.net/af/ee605b/000000000000000000017099/27/ 18 KB
18 KB 6ms
5ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ee605b/000000000000000000017099/27/l?subset_id=2&fvd=i3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/knb8wlu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 2c08abb36ae51ca66b8e7b6c01e66c4efd0c99921dafc3441194e728b46cc74b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://minside.flytoget.no/
Origin: https://minside.flytoget.no

Response headers

date: Wed, 13 May 2020 07:25:12 GMT
server: nginx
etag: "18ad5b770dc27289cd170abcc8db9d813fa35176"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 18140

GET
H2 200 l
use.typekit.net/af/cafa63/00000000000000000001709a/27/ 18 KB
18 KB 9ms
8ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cafa63/00000000000000000001709a/27/l?subset_id=2&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/knb8wlu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: be00e4d9084534d1f698641c6c2dc52233ceb289ed4a346bed529e4d837b53c7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://minside.flytoget.no/
Origin: https://minside.flytoget.no

Response headers

date: Wed, 13 May 2020 07:25:12 GMT
server: nginx
etag: "80373f634ced273d73a193515a03a49a36a20883"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 17996

GET
H2 200 l
use.typekit.net/af/80c5d0/00000000000000000001709c/27/ 18 KB
18 KB 10ms
9ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/80c5d0/00000000000000000001709c/27/l?subset_id=2&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/knb8wlu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 065ce8ac6d87f4fda2eadec67e201f11aaa559662b38759f5688ee4fa8579748

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://minside.flytoget.no/
Origin: https://minside.flytoget.no

Response headers

date: Wed, 13 May 2020 07:25:12 GMT
server: nginx
etag: "663a8bb3f605095df3e3511d6bd934eaeef48256"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 17972

GET
H/1.1 200
OK p.gif
p.typekit.net/ 35 B
367 B 6ms
6ms Image
image/gif 2a02:26f0:64:48a::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=knb8wlu&ht=tk&h=minside.flytoget.no&f=6848.6849.6850.6851.6852&a=690493&js=1.19.2&app=typekit&e=js&_=1589354712427
Requested by: Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64:48a::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 07:25:12 GMT
Last-Modified: Mon, 04 Feb 2019 20:54:30 GMT
Server: nginx
ETag: "5c58a686-23"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
Expires: Tue, 17 Sep 2019 11:04:41 GMT

GET
H/1.1 200
OK symbolfont.woff
minside.flytoget.no/Content/Images/webfonts/font/ 7 KB
8 KB 66ms
44ms Font
font/woff 81.93.160.208
Norway

General

Check archive.org

Show headers Download Go to

Full URL

https://minside.flytoget.no/Content/Images/webfonts/font/symbolfont.woff?9917628

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.93.160.208 , Norway, ASN25148 (BASEFARM-ASN Oslo - Norway, NO),

Reverse DNS

Software

Resource Hash

02a2186e5708926647ab5c72f53a9e8e21f81c0e403881ca6327f4c0c1cd4835

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://minside.flytoget.no/
Origin: https://minside.flytoget.no

Response headers

X-Content-Type: nosniff
Strict-Transport-Security: max-age=7776000; includeSubDomains
Referrer-Policy: strict-origin
Last-Modified: Thu, 06 Feb 2020 08:59:08 GMT
ETag: "016cdb0cbdcd51:0"
X-Frame-Options: deny
Content-Type: font/woff
X-XSS-Protection: 1; mode=block
Date: Wed, 13 May 2020 07:25:11 GMT
Content-Security-Policy: default-src 'self'; font-src *; img-src * data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com *.typekit.net; frame-src *.doubleclick.net *.facebook.com *.facebook.net *.google.com; media-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typekit.net track.adform.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.facebook.net *.facebook.com *.adnxs.com *.doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Accept-Ranges: bytes
Content-Length: 7132
X-Content-Type-Options: nosniff

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,400,300,600,700

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a69145833f2f7c1a7bcc6a10e239f1c976ded33d843d984c41c924e6c4943ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 May 2020 07:25:12 GMT
server: ESF
date: Wed, 13 May 2020 07:25:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 May 2020 07:25:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 186 KB
48 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MBTQ7G

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/bundles/googleTagManager?v=gpK1vJz-77LkWJliKEduNtPJwLs4O-BkPT0fSkY4nZg1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

69dbe5d9b8773478cd00560f3559056bcb85dd860f666d74d34419d6bd270b7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 07:25:12 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48969
x-xss-protection: 0
last-modified: Wed, 13 May 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 May 2020 07:25:12 GMT

GET
H/1.1 200
OK Status Show response
minside.flytoget.no/api/no/ 2 B
924 B 46ms
46ms XHR
application/json 81.93.160.208
Norway

General

Check archive.org

Show headers Download Go to

Full URL

https://minside.flytoget.no/api/no/Status

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/bundles/no/fdkjs?v=T3btavkkqVvNzQpmaWGxwEem84AxgQUYRWz41pY6Eb01

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.93.160.208 , Norway, ASN25148 (BASEFARM-ASN Oslo - Norway, NO),

Reverse DNS

Software

Resource Hash

12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://minside.flytoget.no/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type: nosniff
Pragma: no-cache
Strict-Transport-Security: max-age=7776000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Wed, 13 May 2020 07:25:12 GMT
X-Frame-Options: deny
Content-Type: application/json; charset=utf-8
Cache-Control: no-store, must-revalidate, max-age=0, private
Content-Security-Policy: default-src 'self'; font-src *; img-src * data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com *.typekit.net; frame-src *.doubleclick.net *.facebook.com *.facebook.net *.google.com; media-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typekit.net track.adform.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.facebook.net *.facebook.com *.adnxs.com *.doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Content-Length: 2
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin

GET
H/1.1 200
OK flytoget-logo-mobile.svg
minside.flytoget.no/Content/Images/svg/ 4 KB
5 KB 44ms
43ms Image
image/svg+xml 81.93.160.208
Norway

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minside.flytoget.no/Content/Images/svg/flytoget-logo-mobile.svg

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.93.160.208 , Norway, ASN25148 (BASEFARM-ASN Oslo - Norway, NO),

Reverse DNS

Software

Resource Hash

11f8df57c4394c3cc556dd97daf0381e8aedb9ad4b20a70932d0731050915624

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type: nosniff
Strict-Transport-Security: max-age=7776000; includeSubDomains
Referrer-Policy: strict-origin
Last-Modified: Thu, 06 Feb 2020 08:59:08 GMT
ETag: "016cdb0cbdcd51:0"
X-Frame-Options: deny
Content-Type: image/svg+xml
X-XSS-Protection: 1; mode=block
Date: Wed, 13 May 2020 07:25:12 GMT
Content-Security-Policy: default-src 'self'; font-src *; img-src * data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com *.typekit.net; frame-src *.doubleclick.net *.facebook.com *.facebook.net *.google.com; media-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typekit.net track.adform.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.facebook.net *.facebook.com *.adnxs.com *.doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Accept-Ranges: bytes
Content-Length: 4554
X-Content-Type-Options: nosniff

POST
H/1.1 200
OK / Show response
chat.puzzel.com/Time/GetTimeExitJson/ 129 B
510 B 164ms
41ms XHR
application/json 212.89.52.50
ASN-CATCHCOM

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.puzzel.com/Time/GetTimeExitJson/
Requested by: Host: minside.flytoget.no
URL: https://minside.flytoget.no/Content/ExternalChatClient/jquery-latest.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 212.89.52.50 , Norway, ASN2116 (ASN-CATCHCOM, NO),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a0a0386aaa9065a2b274c5d6b1e51d2c112364d6e5878838e350c1e99e8c0c1b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 13 May 2020 07:25:12 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Access-Control-Allow-Headers: *
Content-Length: 129

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBTQ7G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 1733
date: Wed, 13 May 2020 06:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Wed, 13 May 2020 08:56:19 GMT

GET
H2

200

activityi;dc_pre=CM2v3NinsOkCFQ2Mdwod3H0LIw;src=6073614;type=invmedia;cat=3okb8erg;ord=3130929045939;gtm=2wg4t0;auiddc=907395539.1589354713;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal
6073614.fls.doubleclick.net/ Frame 5BCA
Redirect Chain

https://6073614.fls.doubleclick.net/activityi;src=6073614;type=invmedia;cat=3okb8erg;ord=3130929045939;gtm=2wg4t0;auiddc=907395539.1589354713;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivate...
https://6073614.fls.doubleclick.net/activityi;dc_pre=CM2v3NinsOkCFQ2Mdwod3H0LIw;src=6073614;type=invmedia;cat=3okb8erg;ord=3130929045939;gtm=2wg4t0;auiddc=907395539.1589354713;~oref=https%3A%2F%2Fm...

0
0

67ms
66ms

Document
text/html

216.58.207.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6073614.fls.doubleclick.net/activityi;dc_pre=CM2v3NinsOkCFQ2Mdwod3H0LIw;src=6073614;type=invmedia;cat=3okb8erg;ord=3130929045939;gtm=2wg4t0;auiddc=907395539.1589354713;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBTQ7G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6073614.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CM2v3NinsOkCFQ2Mdwod3H0LIw;src=6073614;type=invmedia;cat=3okb8erg;ord=3130929045939;gtm=2wg4t0;auiddc=907395539.1589354713;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://minside.flytoget.no/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 13 May 2020 07:25:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 395
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 13-May-2020 07:40:13 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 13 May 2020 07:25:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6073614.fls.doubleclick.net/activityi;dc_pre=CM2v3NinsOkCFQ2Mdwod3H0LIw;src=6073614;type=invmedia;cat=3okb8erg;ord=3130929045939;gtm=2wg4t0;auiddc=907395539.1589354713;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 hotjar-1077266.js Show response
static.hotjar.com/c/ 3 KB
2 KB 160ms
50ms Script
application/javascript 147.75.84.91
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1077266.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBTQ7G

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),

Reverse DNS

Software

Resource Hash

cafa675565c74251991d659390bd931c65d92499cb90e09ae2424e27a30a8bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 07:25:12 GMT
content-encoding: br
x-content-type-options: nosniff
section-io-tag: hotjar
age: 108
status: 200
section-io-cache: Hit
vary: Accept-Encoding
content-length: 1530
cache-control: max-age=60
etag: W/74e997819ce40f7cec432ec133c73592
access-control-max-age: 600
section-io-origin-status: 200
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.024
section-io-id: 5f990426b41ffff23669ef2e772a6d18
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

GET
H2

200

activityi;dc_pre=CJbE3NinsOkCFc6KdwodS84Gew;src=8407662;type=invmedia;cat=flyto0;ord=1;num=3046094479543;gtm=2wg4t0;auiddc=907395539.1589354713;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActiva...
8407662.fls.doubleclick.net/ Frame A035
Redirect Chain

https://8407662.fls.doubleclick.net/activityi;src=8407662;type=invmedia;cat=flyto0;ord=1;num=3046094479543;gtm=2wg4t0;auiddc=907395539.1589354713;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActi...
https://8407662.fls.doubleclick.net/activityi;dc_pre=CJbE3NinsOkCFc6KdwodS84Gew;src=8407662;type=invmedia;cat=flyto0;ord=1;num=3046094479543;gtm=2wg4t0;auiddc=907395539.1589354713;~oref=https%3A%2F...

0
0

65ms
64ms

Document
text/html

216.58.207.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8407662.fls.doubleclick.net/activityi;dc_pre=CJbE3NinsOkCFc6KdwodS84Gew;src=8407662;type=invmedia;cat=flyto0;ord=1;num=3046094479543;gtm=2wg4t0;auiddc=907395539.1589354713;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBTQ7G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8407662.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJbE3NinsOkCFc6KdwodS84Gew;src=8407662;type=invmedia;cat=flyto0;ord=1;num=3046094479543;gtm=2wg4t0;auiddc=907395539.1589354713;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://minside.flytoget.no/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 13 May 2020 07:25:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 399
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 13-May-2020 07:40:13 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 13 May 2020 07:25:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8407662.fls.doubleclick.net/activityi;dc_pre=CJbE3NinsOkCFc6KdwodS84Gew;src=8407662;type=invmedia;cat=flyto0;ord=1;num=3046094479543;gtm=2wg4t0;auiddc=907395539.1589354713;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

activityi;dc_pre=CLHH3NinsOkCFQ32dwod7pIAIA;src=9835261;type=m-track;cat=m-ph;ord=1;num=5059426702454;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=u...
9835261.fls.doubleclick.net/ Frame 82F9
Redirect Chain

https://9835261.fls.doubleclick.net/activityi;src=9835261;type=m-track;cat=m-ph;ord=1;num=5059426702454;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5...
https://9835261.fls.doubleclick.net/activityi;dc_pre=CLHH3NinsOkCFQ32dwod7pIAIA;src=9835261;type=m-track;cat=m-ph;ord=1;num=5059426702454;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=unde...

0
0

67ms
67ms

Document
text/html

216.58.206.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9835261.fls.doubleclick.net/activityi;dc_pre=CLHH3NinsOkCFQ32dwod7pIAIA;src=9835261;type=m-track;cat=m-ph;ord=1;num=5059426702454;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=;u7=%2Fno%2FActivateDeal;u8=minside.flytoget.no;u11=1;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBTQ7G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.6 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9835261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLHH3NinsOkCFQ32dwod7pIAIA;src=9835261;type=m-track;cat=m-ph;ord=1;num=5059426702454;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=;u7=%2Fno%2FActivateDeal;u8=minside.flytoget.no;u11=1;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://minside.flytoget.no/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 13 May 2020 07:25:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 439
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 13-May-2020 07:40:13 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 13 May 2020 07:25:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9835261.fls.doubleclick.net/activityi;dc_pre=CLHH3NinsOkCFQ32dwod7pIAIA;src=9835261;type=m-track;cat=m-ph;ord=1;num=5059426702454;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=;u7=%2Fno%2FActivateDeal;u8=minside.flytoget.no;u11=1;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 28 KB
11 KB 179ms
67ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBTQ7G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

98272ae0cb3a95da5d3fc90a6772e95af0c014ee707e431b9542e3eb7410afc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 07:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 10796
x-xss-protection: 0
server: cafe
etag: 16444458054189666048
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 13 May 2020 07:25:12 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 131 KB
31 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 31766
x-xss-protection: 0
pragma: public
x-fb-debug: PbgtZWV5Ox6x0byF/Z/nflTAcwN/yiPiJD8GVh8OaqLSwi/acpJkgXlBlJbJTKHkyLmO1ieIsUGVQ9/iI+NAPQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 13 May 2020 07:25:12 GMT, Wed, 13 May 2020 07:25:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=618088&seg=3584880&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D618088%26seg%3D3584880%26t%3D1

463 B
1 KB

62ms
61ms

Script
application/javascript

37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D618088%26seg%3D3584880%26t%3D1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

6d4f16ab04363f67f815c797f219e7cc39e34485568d2c3f7d6de077ce493261

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 May 2020 07:25:15 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.30:80
AN-X-Request-Uuid: a0674dd6-d0d3-4a33-b96e-02c7439e5a1e
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 463
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 13 May 2020 07:25:14 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.41:80
AN-X-Request-Uuid: 1b8ff177-e700-414c-ba44-087884520469
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D618088%26seg%3D3584880%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET /
track.adform.net/serving/scripts/trackpoint/async/ 0
0

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1060449&seg=16060806&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1060449%26seg%3D16060806%26t%3D1

0
1 KB

56ms
56ms

Script
application/javascript

37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1060449%26seg%3D16060806%26t%3D1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 May 2020 07:25:15 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.232:80
AN-X-Request-Uuid: e82ea636-6ed8-42ac-97a1-e5dc763e60d7
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 13 May 2020 07:25:14 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.176:80
AN-X-Request-Uuid: c1e60e8e-1541-4838-8de5-a00ced148e65
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1060449%26seg%3D16060806%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 7 KB
3 KB 176ms
57ms Script
application/javascript 23.210.249.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: minside.flytoget.no
URL: https://minside.flytoget.no/no/ActivateDeal
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-83.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: ce286807879b65a976717fe36ead984c38a4e20a34af41ce4ad8bdade7664507

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 07:25:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Feb 2020 17:12:22 GMT
Server: nginx/1.13.10
ETag: "5e3af776-1dc5"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 2713
Expires: Thu, 14 May 2020 07:25:14 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 06:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2041
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Wed, 13 May 2020 07:51:11 GMT

GET
H2 200 1686623298235685 Show response
connect.facebook.net/signals/config/ 437 KB
110 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1686623298235685?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cf6984235df111c3d72d892ed49a5a0c60a34b764a08a009af157e024a1d5a66

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 112943
x-xss-protection: 0
pragma: public
x-fb-debug: 5DHat+ijvA73RbUNGZ80ApVoK+4j/ZwQ1hnnF9Zb6G3WaxCqxJDc9jrcokUe0o+/u79JySRWtDZdkf7oO4S8MQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 13 May 2020 07:25:12 GMT, Wed, 13 May 2020 07:25:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1284528601&t=pageview&_s=1&dl=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal&ul=en-us&de=UTF-8&dt=Aktiver%20avtale%20-%20Flytoget&sd=2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2929009-1&cid=1614924944.1589354713&jid=928124678&_gid=1075610699.1589354713&gjid=1898987900&_v=j82&z=1635826558
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2929009-1&cid=1614924944.1589354713&jid=928124678&_v=j82&z=1635826558
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2929009-1&cid=1614924944.1589354713&jid=928124678&_v=j82&z=1635826558&slf_rd=1&random=3801965468

42 B
106 B

18ms
17ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2929009-1&cid=1614924944.1589354713&jid=928124678&_v=j82&z=1635826558&slf_rd=1&random=3801965468

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 May 2020 07:25:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 May 2020 07:25:12 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2929009-1&cid=1614924944.1589354713&jid=928124678&_v=j82&z=1635826558&slf_rd=1&random=3801965468
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET trackpoint-async.js
s2.adform.net/banners/scripts/st/ 0
0

GET
H/1.1 200
OK fontawesome-webfont.woff
minside.flytoget.no/Content/Images/webfonts/fonts/ 79 KB
80 KB 44ms
43ms Font
font/woff 81.93.160.208
Norway

General

Check archive.org

Show headers Download Go to

Full URL

https://minside.flytoget.no/Content/Images/webfonts/fonts/fontawesome-webfont.woff?v=4.4.0

Requested by

Host: minside.flytoget.no
URL: https://minside.flytoget.no/Content/ExternalChatClient/jquery-latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.93.160.208 , Norway, ASN25148 (BASEFARM-ASN Oslo - Norway, NO),

Reverse DNS

Software

Resource Hash

a7c7e4930090e038a280fd61d88f0dc03dad4aeaedbd8c9be3dd9aa4c3b6f8d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://minside.flytoget.no/
Origin: https://minside.flytoget.no

Response headers

X-Content-Type: nosniff
Strict-Transport-Security: max-age=7776000; includeSubDomains
Referrer-Policy: strict-origin
Last-Modified: Thu, 06 Feb 2020 08:59:10 GMT
ETag: "043feb1cbdcd51:0"
X-Frame-Options: deny
Content-Type: font/woff
X-XSS-Protection: 1; mode=block
Date: Wed, 13 May 2020 07:25:12 GMT
Content-Security-Policy: default-src 'self'; font-src *; img-src * data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com *.typekit.net; frame-src *.doubleclick.net *.facebook.com *.facebook.net *.google.com; media-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.typekit.net track.adform.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.facebook.net *.facebook.com *.adnxs.com *.doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Accept-Ranges: bytes
Content-Length: 81284
X-Content-Type-Options: nosniff

GET
H2 200 /
www.facebook.com/tr/ 44 B
249 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1686623298235685&ev=PageView&dl=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal&rl=&if=false&ts=1589354713007&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&it=1589354712877&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 07:25:13 GMT, Wed, 13 May 2020 07:25:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 13 May 2020 07:25:13 GMT

GET
H2 200 modules.f622ea0eeded5efcf120.js Show response
script.hotjar.com/ 369 KB
70 KB 163ms
54ms Script
application/javascript 147.75.33.233
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.f622ea0eeded5efcf120.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1077266.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.33.233 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress14
Software: /
Resource Hash: 3c4873eed635f1a77818139d0f0a24de90b1e51d4cca69cc402a8ac0e3cfe660

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 07:25:13 GMT
content-encoding: br
age: 10790
status: 200
section-io-cache: Hit
content-length: 71434
last-modified: Tue, 12 May 2020 17:23:49 GMT
etag: "4308f42cecef454f1835ecfb7d6679dd"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.047
section-io-id: b2314e0914cb8b163365877cccb6fb16
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

GET
H/1.1 200
OK pixie
ib.adnxs.com/ 42 B
354 B 159ms
53ms Image
image/gif 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=66f69869-ef2e-49db-b46f-824f0c9bc470&it=1589354713031&v=0.0.14&u=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal&st=1589354713031&et=1589354713031&if=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: nginx/1.13.4 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 07:25:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.13.4
Connection: keep-alive
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 10.2.80.88:80
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1032521640/ 2 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1032521640/?random=1589354713051&cv=9&fst=1589354713051&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal&tiba=Aktiver%20avtale%20-%20Flytoget&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f91f3fe544aeedcc3e9c019811cc9ad57a2832d0db3282eeeeb9b12b6879896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 May 2020 07:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 996
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1032521640/ 42 B
122 B 20ms
18ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1032521640/?random=1589354713051&cv=9&fst=1589353200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal&tiba=Aktiver%20avtale%20-%20Flytoget&fmt=3&is_vtc=1&random=3646274783&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 May 2020 07:25:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1032521640/ 42 B
107 B 24ms
22ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1032521640/?random=1589354713051&cv=9&fst=1589353200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal&tiba=Aktiver%20avtale%20-%20Flytoget&fmt=3&is_vtc=1&random=3646274783&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 May 2020 07:25:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
150 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1686623298235685&ev=Microdata&dl=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal&rl=&if=false&ts=1589354714510&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Aktiver%20avtale%20-%20Flytoget%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&it=1589354712877&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 07:25:14 GMT, Wed, 13 May 2020 07:25:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 13 May 2020 07:25:14 GMT

GET
H/1.1 200
OK pixie
ib.adnxs.com/ 42 B
355 B 54ms
53ms Image
image/gif 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=Lead&va=5000&in=%2Fno%2FActivateDeal&pi=66f69869-ef2e-49db-b46f-824f0c9bc470&it=1589354713031&v=0.0.14&u=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal&st=1589354713031&et=1589354717852&if=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: nginx/1.13.4 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 07:25:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.13.4
Connection: keep-alive
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 10.2.80.148:80
Content-Length: 42
Content-Type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 44 B
253 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1686623298235685&ev=TOS-10s&dl=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal&rl=&if=false&ts=1589354722856&sw=1600&sh=1200&v=2.9.18&r=stable&ec=2&o=30&it=1589354712877&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 07:25:22 GMT, Wed, 13 May 2020 07:25:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 13 May 2020 07:25:22 GMT

GET
H2

200

activityi;dc_pre=CJay6d-nsOkCFQ2Mdwod3H0LIw;src=9835261;type=m-track;cat=m-pv15;ord=1;num=7640318631991;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5...
9835261.fls.doubleclick.net/ Frame 2F97
Redirect Chain

https://9835261.fls.doubleclick.net/activityi;src=9835261;type=m-track;cat=m-pv15;ord=1;num=7640318631991;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;...
https://9835261.fls.doubleclick.net/activityi;dc_pre=CJay6d-nsOkCFQ2Mdwod3H0LIw;src=9835261;type=m-track;cat=m-pv15;ord=1;num=7640318631991;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=un...

0
0

67ms
66ms

Document
text/html

216.58.206.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9835261.fls.doubleclick.net/activityi;dc_pre=CJay6d-nsOkCFQ2Mdwod3H0LIw;src=9835261;type=m-track;cat=m-pv15;ord=1;num=7640318631991;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=;u7=%2Fno%2FActivateDeal;u8=minside.flytoget.no;u11=1;u12=90;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBTQ7G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.6 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9835261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJay6d-nsOkCFQ2Mdwod3H0LIw;src=9835261;type=m-track;cat=m-pv15;ord=1;num=7640318631991;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=;u7=%2Fno%2FActivateDeal;u8=minside.flytoget.no;u11=1;u12=90;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://minside.flytoget.no/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 13 May 2020 07:25:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 446
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 13-May-2020 07:40:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 13 May 2020 07:25:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9835261.fls.doubleclick.net/activityi;dc_pre=CJay6d-nsOkCFQ2Mdwod3H0LIw;src=9835261;type=m-track;cat=m-pv15;ord=1;num=7640318631991;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=;u7=%2Fno%2FActivateDeal;u8=minside.flytoget.no;u11=1;u12=90;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
252 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1686623298235685&ev=PageView-15s&dl=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal&rl=&if=false&ts=1589354727856&sw=1600&sh=1200&v=2.9.18&r=stable&ec=3&o=30&it=1589354712877&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 07:25:27 GMT, Wed, 13 May 2020 07:25:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 13 May 2020 07:25:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
207 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1686623298235685&ev=TOS-15s&dl=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal&rl=&if=false&ts=1589354727858&sw=1600&sh=1200&v=2.9.18&r=stable&ec=4&o=30&it=1589354712877&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 07:25:27 GMT, Wed, 13 May 2020 07:25:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 13 May 2020 07:25:27 GMT

GET
H2

200

activityi;dc_pre=CNnNmuKnsOkCFRkEiwodmqMAQw;src=9835261;type=m-track;cat=m-tos10;ord=1;num=5404815224126;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u...
9835261.fls.doubleclick.net/ Frame BB69
Redirect Chain

https://9835261.fls.doubleclick.net/activityi;src=9835261;type=m-track;cat=m-tos10;ord=1;num=5404815224126;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined...
https://9835261.fls.doubleclick.net/activityi;dc_pre=CNnNmuKnsOkCFRkEiwodmqMAQw;src=9835261;type=m-track;cat=m-tos10;ord=1;num=5404815224126;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=u...

0
0

74ms
74ms

Document
text/html

216.58.206.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9835261.fls.doubleclick.net/activityi;dc_pre=CNnNmuKnsOkCFRkEiwodmqMAQw;src=9835261;type=m-track;cat=m-tos10;ord=1;num=5404815224126;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=;u7=%2Fno%2FActivateDeal;u8=minside.flytoget.no;u11=1;u12=90;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBTQ7G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.6 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9835261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CNnNmuKnsOkCFRkEiwodmqMAQw;src=9835261;type=m-track;cat=m-tos10;ord=1;num=5404815224126;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=;u7=%2Fno%2FActivateDeal;u8=minside.flytoget.no;u11=1;u12=90;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://minside.flytoget.no/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 13 May 2020 07:25:32 GMT
expires: Wed, 13 May 2020 07:25:32 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 395
x-xss-protection: 0
set-cookie: IDE=AHWqTUlX1O2bVvr0G7GQr42dY7AocG6RZm809jCUlbYBwo-z7lSf6AT-aYkMUdMJ; expires=Mon, 07-Jun-2021 07:25:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 13 May 2020 07:25:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9835261.fls.doubleclick.net/activityi;dc_pre=CNnNmuKnsOkCFRkEiwodmqMAQw;src=9835261;type=m-track;cat=m-tos10;ord=1;num=5404815224126;gtm=2wg4t0;auiddc=907395539.1589354713;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=;u7=%2Fno%2FActivateDeal;u8=minside.flytoget.no;u11=1;u12=90;~oref=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1284528601&t=event&ni=1&_s=1&dl=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal&ul=en-us&de=UTF-8&dt=Aktiver%20avtale%20-%20Flytoget&sd...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2929009-1&cid=1614924944.1589354713&jid=31824299&_gid=512229087.1589354733&gjid=365277448&_v=j82&z=1236870926
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2929009-1&cid=1614924944.1589354713&jid=31824299&_v=j82&z=1236870926
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2929009-1&cid=1614924944.1589354713&jid=31824299&_v=j82&z=1236870926&slf_rd=1&random=3629941311

42 B
106 B

20ms
19ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2929009-1&cid=1614924944.1589354713&jid=31824299&_v=j82&z=1236870926&slf_rd=1&random=3629941311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 May 2020 07:25:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 May 2020 07:25:32 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2929009-1&cid=1614924944.1589354713&jid=31824299&_v=j82&z=1236870926&slf_rd=1&random=3629941311
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
101 B 7ms
6ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&a=1284528601&t=event&ni=1&_s=1&dl=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal&ul=en-us&de=UTF-8&dt=Aktiver%20avtale%20-%20Flytoget&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Tid%20p%C3%A5%20side&ea=20%20sekund&el=%2Fno%2FActivateDeal&_u=aGjAAEAL~&jid=&gjid=&cid=1614924944.1589354713&tid=UA-2929009-1&_gid=512229087.1589354733&gtm=2wg4t0MBTQ7G&z=243346792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Apr 2020 11:53:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3094318
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixie
ib.adnxs.com/ 42 B
356 B 158ms
53ms Image
image/gif 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=Lead&va=20000&in=%2Fno%2FActivateDeal&pi=66f69869-ef2e-49db-b46f-824f0c9bc470&it=1589354713031&v=0.0.14&u=https%3A%2F%2Fminside.flytoget.no%2Fno%2FActivateDeal&st=1589354713031&et=1589354732862&if=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: nginx/1.13.4 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://minside.flytoget.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 07:25:34 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.13.4
Connection: keep-alive
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 10.13.71.155:80
Content-Length: 42
Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Domain: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
minside.flytoget.no/	1969-12-31 23:59:59	Name: TS017fdd08 Value: 01b50bf2b10a8ce8989d0d60299dc3733f0d075a2f61241ff6169d96f1cc9a2dea32ff98c6c6144237beaffa1f1fc5ea205e588f8c6e878bd83996012fdbe3acbf644d8c1e15ada475bf68c7a13a45794a217e8e40ba97081595bd2f2c5449bf2753a61b753f4f207bc998c6e322b68c03b302f42e
minside.flytoget.no/	1969-12-31 23:59:59	Name: BIGipServer~fly~fly-p-fdkweb-8088 Value: rd2o00000000000000000000ffff0a1f930ao8088
.flytoget.no/	1970-01-19 11:38:50	Name: _gcl_au Value: 1.1.907395539.1589354713
minside.flytoget.no/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: jMKUeg_Y4DcU_s30aO9LVYqQG4iJ7zaj1BYUIwfIPoNKL9CQHuzOKkF1XmvDTGXSdK2kjBfWq188uRkFQn0AdteKssg1
minside.flytoget.no/	1970-01-23 01:08:07	Name: language Value: no

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - You are sending a non-standard event 'TOS-10s'. The preferred way to send these events is using trackCustom. See 'https://developers.facebook.com/docs/ads-for-websites/pixel-events/#events' for more information.
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - You are sending a non-standard event 'PageView-15s'. The preferred way to send these events is using trackCustom. See 'https://developers.facebook.com/docs/ads-for-websites/pixel-events/#events' for more information.
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - You are sending a non-standard event 'TOS-15s'. The preferred way to send these events is using trackCustom. See 'https://developers.facebook.com/docs/ads-for-websites/pixel-events/#events' for more information.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; font-src ; img-src data:; style-src * 'unsafe-inline'; connect-src 'self' chat.puzzel.com .typekit.net; frame-src .doubleclick.net .facebook.com .facebook.net .google.com; media-src ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .typekit.net track.adform.net .googletagmanager.com .google-analytics.com .googleadservices.com .google.com .gstatic.com .facebook.net .facebook.com .adnxs.com .doubleclick.net *.hotjar.com tag.yieldoptimizer.com;
Strict-Transport-Security	max-age=7776000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6073614.fls.doubleclick.net
8407662.fls.doubleclick.net
9835261.fls.doubleclick.net
acdn.adnxs.com
chat.puzzel.com
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
ib.adnxs.com
minside.flytoget.no
p.typekit.net
s2.adform.net
script.hotjar.com
secure.adnxs.com
static.hotjar.com
stats.g.doubleclick.net
track.adform.net
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
s2.adform.net
track.adform.net
147.75.33.233
147.75.84.91
172.217.22.2
185.33.220.145
212.89.52.50
216.58.206.6
216.58.207.38
23.210.249.83
2a00:1450:4001:800::2003
2a00:1450:4001:801::2008
2a00:1450:4001:808::2004
2a00:1450:4001:80b::200a
2a00:1450:4001:81a::2002
2a00:1450:4001:81c::200e
2a00:1450:400c:c06::9d
2a01:4a0:1338:28::c38a:ff0a
2a02:26f0:64:48a::19fd
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
37.252.172.36
37.252.172.37
81.93.160.208
02a2186e5708926647ab5c72f53a9e8e21f81c0e403881ca6327f4c0c1cd4835
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
065ce8ac6d87f4fda2eadec67e201f11aaa559662b38759f5688ee4fa8579748
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11f8df57c4394c3cc556dd97daf0381e8aedb9ad4b20a70932d0731050915624
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
16b395d0098bf1925f4079211db0be81ecf73af948e25e9a8d8f53e96709836e
1bf5114f2d4efd7fcf4be840538bac7e6a98b63b1f3663186de64568cf5ff0bf
1f91f3fe544aeedcc3e9c019811cc9ad57a2832d0db3282eeeeb9b12b6879896
21b63a8daa7ad6ee11eb4e1f3f8a984d5eebdb29e8e9b96cb7d74892abf1fa36
24927211b6c4ba0645e62e2bb7bce209f72da8fa21a5e1d9dcb311ebf8abcef7
2886a485eb876545b95f0dd1eda85ebe13985c09c6192079cc4fcf2da906ce30
2a69145833f2f7c1a7bcc6a10e239f1c976ded33d843d984c41c924e6c4943ee
2c08abb36ae51ca66b8e7b6c01e66c4efd0c99921dafc3441194e728b46cc74b
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
38c272266ed711d26371c5801d6596a196f47668bfcb835a9ccd866179c8dc86
3c4873eed635f1a77818139d0f0a24de90b1e51d4cca69cc402a8ac0e3cfe660
3e649ec5973a669dcdbb930d5439e154e82f174e3f8b1e061ac08d006c2e0a61
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
515aafbb4a7e6dcd1174280b6acb98b8f8d428a0ab1316f0a76c5f5b34a9e18e
590f2dd42df409b9014dcb078add16b0789dd9eaeab109d0cc73165e0b881eb0
69dbe5d9b8773478cd00560f3559056bcb85dd860f666d74d34419d6bd270b7c
6b0079963aab5eab8f6ac7e7ee6f2dd4f6b87ce59d9ec8d4cef03362786eb803
6d4f16ab04363f67f815c797f219e7cc39e34485568d2c3f7d6de077ce493261
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
98272ae0cb3a95da5d3fc90a6772e95af0c014ee707e431b9542e3eb7410afc1
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c8e3b13abe74f948ffe564d62df78a1e23bfd810b0cde91ec21db3641fc0451
a0a0386aaa9065a2b274c5d6b1e51d2c112364d6e5878838e350c1e99e8c0c1b
a7c7e4930090e038a280fd61d88f0dc03dad4aeaedbd8c9be3dd9aa4c3b6f8d1
bb738c63dd2b2fada6902a69f7a0a06324b32125bbac7715356d82aa3044cac0
bc43c321cf05f20e98528e37d25b94958c9d2588db57852d6e259df117b6fe0a
be00e4d9084534d1f698641c6c2dc52233ceb289ed4a346bed529e4d837b53c7
cafa675565c74251991d659390bd931c65d92499cb90e09ae2424e27a30a8bec
ce286807879b65a976717fe36ead984c38a4e20a34af41ce4ad8bdade7664507
ce8146db3dad4d3737fd34b4c7be706983b9d5dde8b4c7e300b552650118a024
cf6984235df111c3d72d892ed49a5a0c60a34b764a08a009af157e024a1d5a66
d0eaad6b65c8af9b1f8c90e30886f73b7ecc9a776cb7d175538762633f96139b
e2faaaaa831709ca8cf29d46c65860e3cb560cce2142153dbf393563bf024757
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb901e93a4f8bdbd1e100dae97b52abb7d7b5393e4b99dc04ae774394c0fea2f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

minside.flytoget.no Open in urlscan Pro 81.93.160.208 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

62 Requests

94 %HTTPS

50 %IPv6

15 Domains

24 Subdomains

22 IPs

7 Countries

1637 kBTransfer

2552 kBSize

5 Cookies

2 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

minside.flytoget.no Open in urlscan Pro
81.93.160.208 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

94 %
HTTPS

50 %
IPv6

15
Domains

24
Subdomains

22
IPs

7
Countries

1637 kB
Transfer

2552 kB
Size

5
Cookies

62 HTTP transactions
-2 data transactions