urlscan.io logo urlscan.io
SecurityTrails logo

turin.se Open in urlscan Pro
159.253.31.225  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://turin.se/
Effective URL: https://turin.se/
Submission: On February 20 via api from US — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 16 domains to perform 79 HTTP transactions. The main IP is 159.253.31.225, located in Stockholm, Sweden and belongs to PORTLANE www.portlane.com, SE. The main domain is turin.se.
TLS certificate: Issued by R3 on December 29th 2022. Valid for: 3 months.
This is the only time turin.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 159.253.31.225 42708 (PORTLANE ...)
1 142.250.185.234 15169 (GOOGLE)
5 23.196.235.140 16625 (AKAMAI-AS)
4 142.250.181.226 15169 (GOOGLE)
2 157.240.252.13 32934 (FACEBOOK)
1 142.250.184.195 15169 (GOOGLE)
7 108.138.7.29 16509 (AMAZON-02)
2 142.250.186.142 15169 (GOOGLE)
9 142.250.184.226 15169 (GOOGLE)
2 13.32.99.76 16509 (AMAZON-02)
6 142.250.185.226 15169 (GOOGLE)
1 142.250.185.98 15169 (GOOGLE)
1 142.250.186.97 15169 (GOOGLE)
9 151.101.194.38 54113 (FASTLY)
4 108.138.7.94 16509 (AMAZON-02)
12 142.250.186.65 15169 (GOOGLE)
1 142.250.181.228 15169 (GOOGLE)
79 18
13    159.253.31.225 (Stockholm, Sweden)

ASN42708 (PORTLANE www.portlane.com, SE)
PTR: 159-253-31-225-static.glesys.net
turin.se
cms.dnh.se
1    142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com
5    23.196.235.140 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-235-140.deploy.static.akamaitechnologies.com
www.viator.com
cache.vtrcdn.com
4    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googletagservices.com
2    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
1    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
fonts.gstatic.com
7    108.138.7.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-29.fra56.r.cloudfront.net
aff.bstatic.com
cf.bstatic.com
2    142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net
www.google-analytics.com
9    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
2    13.32.99.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-76.fra60.r.cloudfront.net
www.booking.com
6    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
adservice.google.se
pagead2.googlesyndication.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
adservice.google.com
1    142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net
90556fd1f58aefb241bfb108944b0a7f.safeframe.googlesyndication.com
9    151.101.194.38 (United States)

ASN54113 (FASTLY, US)
media.tacdn.com
4    108.138.7.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-94.fra56.r.cloudfront.net
cf.bstatic.com
12    142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
18 googlesyndication.com
90556fd1f58aefb241bfb108944b0a7f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 137
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
264 KB
11 bstatic.com
aff.bstatic.com — Cisco Umbrella Rank: 23817
cf.bstatic.com — Cisco Umbrella Rank: 12501
76 KB
11 turin.se
turin.se
116 KB
9 tacdn.com
media.tacdn.com — Cisco Umbrella Rank: 43950
235 KB
9 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 186
155 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
170 KB
3 viator.com
www.viator.com — Cisco Umbrella Rank: 23845
10 KB
2 vtrcdn.com
cache.vtrcdn.com — Cisco Umbrella Rank: 62023
3 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 booking.com
www.booking.com — Cisco Umbrella Rank: 8138
31 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
89 KB
2 dnh.se
cms.dnh.se
335 KB
1 google.se
adservice.google.se — Cisco Umbrella Rank: 88152
531 B
1 gstatic.com
fonts.gstatic.com
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
79 16
Domain Requested by
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
11 turin.se 1 redirects turin.se
10 cf.bstatic.com www.booking.com
cf.bstatic.com
9 media.tacdn.com www.viator.com
9 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
turin.se
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
4 www.googletagservices.com turin.se
securepubads.g.doubleclick.net
3 www.viator.com turin.se
www.viator.com
2 cache.vtrcdn.com www.viator.com
2 www.booking.com aff.bstatic.com
cf.bstatic.com
2 www.google-analytics.com turin.se
www.google-analytics.com
2 connect.facebook.net turin.se
connect.facebook.net
2 cms.dnh.se turin.se
1 www.google.com tpc.googlesyndication.com
1 90556fd1f58aefb241bfb108944b0a7f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.se securepubads.g.doubleclick.net
1 aff.bstatic.com turin.se
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com turin.se
79 20

This site contains links to these domains. Also see Links.

Domain
hotellweekend.se
paris.se
barcelona.se
wien.se
dublin.se
budapest.se
Subject Issuer Validity Valid
turin.se
R3		 2022-12-29 -
2023-03-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
cms.dnh.se
R3		 2022-12-29 -
2023-03-29		 3 months crt.sh
www.viator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-29 -
2023-04-28		 9 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-11-30 -
2023-02-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.bstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-21 -
2023-10-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.booking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-03 -
2023-07-11		 a year crt.sh
*.google.se
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
media.tacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-23 -
2023-04-22		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://turin.se/
Frame ID: C5CAE024B0223F7334FAD967D8C87303
Requests: 30 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=nsb&w=265&h=360&aid=1424325&target_aid=821060&fid=1676924139666&
Frame ID: F8F7928606C20B256B98CA5BD3A70C8B
Requests: 12 HTTP requests in this frame

Frame: https://www.viator.com/sv-SE/widget/products?localeSwitch=1&partnerId=P00064214&currency=SEK&partnerType=AFFILIATE&campaign=&totalProducts=9&awinProgramId=&widgetRef=&widgetPreview=false&urls=https%3A%2F%2Fwww.viator.com%2FTurin%2Fd802-ttd&wd=%7B%22f%22%3A%22viw-78162%22%2C%22s%22%3A%22block%22%7D
Frame ID: 0CC2817B7ACFD0E4B3E7E6C84A1DBC43
Requests: 12 HTTP requests in this frame

Frame: https://90556fd1f58aefb241bfb108944b0a7f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 44C7485EB4CFE7DADE15079A8D342FB6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSb5WzLBP1DelfJpKz8ka3T2zkisyyvrALDj1u2sMkymIkQ0_tukdEXhKfZCQQEmZBqStc1QvKe4jext0pOTQHLntV2-qg9YCQAV0HMwgBKKw5uTbgkNWIE9t4DnpWkWg0upqwVvV5hntMSgQJSIhrusgraeCZVl_W3aHID3rjO3w1M89SbN33BRcagdjQJG2Iw--FFIZQAHvJlQVH2BLMrqPSIBjIjx72IU4GXNJPf4Jj3mRUAoMq9VH54uPi_yhrYZ6kf6sNQrdEA0rOqvxV8BfpM7BUrIMzuq8eczdFnvPL&sai=AMfl-YRVHnQgkOuVV1sNkA3oVGTROSNAVKK0h8c8fvUAejUfC6Eg2Zl2kXJYpqL_X1HxmGNr0yeOUzJwDHuP4e_a5VqiZygmDJaEAQpXtHjznQj0rvMz4bL0GDKjsMG8NsmIIYZuh2sAnNehFBv9dvU&sig=Cg0ArKJSzGYod0xT9g0sEAE&uach_m=[UACH]&adurl=
Frame ID: C3F8F10A339FDF1370149FF1AD1672FD
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1pkPder13CmsJ3Sq1w0JP7Ri-wfbRPvJ1wTWIfoeQ10uJF44X9hD3nI3IOa9c8FLDuTM0dZ-9SSOJu1DPXA5GuJ85gE2C7am-dSJ5vNbTj7NwID4UKkGzgHf8V0u_2V8b4lJI06siSSu9L7Qp948rPhNVGchRUbyPJPE_e5Jbe4VJsB0F65cm5pR85wgs7tojJ4N35SZLbU70Q4FBQWHv_3kDc8jox-4eH9US3mm_1tORbhfE1_BSbY5lpw1zwVrSeIHzW86V9MV2TXwkwKmdU7toqo8UHtListfZbcFdBIdM&sai=AMfl-YQaPULbQcPYllhw_DS-ebq6IPt6EoJcFl49RcDC5-Ia5BCGAkMjY8Us51y_uTDqwo9hHXMK_LqE5pBgxWKj8AYjYInbKHOx77obZwfd52WPoUAnvSn3ESaFyuFEvYpyz3gPv_gVxi1KNRNcHfg&sig=Cg0ArKJSzNmsN28vD0qSEAE&uach_m=[UACH]&adurl=
Frame ID: 51D5B8BD47F679BCB9D4CA965CE86CEB
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjASGIDWSSCj5btaUFmnvfViMoER1ZsQlixexdDUhmMniJEKT6oI9OnsXcyFRYoJKgB5duU2aXLuIu6RM22dcc2A4uKhtZ0eQsRUeFCTFkND3klj6_pw8J8-T01KZUyTokHED5QdISsmDcT5z2jqAtJhDhlHWPOylWGfDM_z7IDAPkikgO_mtQSXOVffwCpzyf21WKIsbOfWfgjsWugVfBZElO6fGGIkoBk4DqwZ7JEJvTZWDZs_kgLlYW80y3i_-zrWl4w74H0750ed0rgVexlV-Pd7K1RPiB85lJc_fudiVxkKrV&sai=AMfl-YTnErCKl9z8eFZqidho8zc22ojN5nr1DF78Iqktl72Ny73fdIS7SH6Kwdlt2Za-ltTUYZHY6UR3TUSSBcJXcUgjTazIlJUbPitMyhYWpfi8a5n1tAj8UAa4jpU2Ntkpf4PyPSf77TBTyxSmAwQ&sig=Cg0ArKJSzFnWjr-D29ylEAE&uach_m=[UACH]&adurl=
Frame ID: 924958D27FAF76D9D6BA5E4071B5F46D
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9748A66DDCE49758966DE221B86D9C2D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3E69EE3411BCD6918DF0FF02E2C85E5C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Turin.se – Italien med det bästa av Europa

Page URL History Show full URLs

  1. http://turin.se/ HTTP 301
    https://turin.se/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

79
Requests

100 %
HTTPS

0 %
IPv6

16
Domains

20
Subdomains

18
IPs

3
Countries

1552 kB
Transfer

2980 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://turin.se/ HTTP 301
    https://turin.se/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

79 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
turin.se/
Redirect Chain
  • http://turin.se/
  • https://turin.se/
21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://turin.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.253.31.225 Stockholm, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
159-253-31-225-static.glesys.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
ebc3fc891cc7bd661aec26bb1b8e9c164342cd847df24efc43a2fd4bb1449446

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Connection
Upgrade
Content-Encoding
gzip
Content-Length
6267
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Feb 2023 20:15:39 GMT
Link
<https://turin.se/wp-json/>; rel="https://api.w.org/", <https://turin.se/>; rel=shortlink
Server
Apache/2.4.38 (Debian)
Upgrade
h2,h2c
Vary
Accept-Encoding
X-Pingback
https://turin.se/xmlrpc.php

Redirect headers

Connection
Keep-Alive
Content-Length
299
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 20 Feb 2023 20:15:39 GMT
Keep-Alive
timeout=5, max=100
Location
https://turin.se/
Server
Apache/2.4.38 (Debian)
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Requested by
Host: turin.se
URL: https://turin.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 20 Feb 2023 20:15:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 19:37:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Feb 2023 20:15:39 GMT
typicons.min.css
turin.se/wp-content/themes/TravelNetworkNew/fonts/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turin.se/wp-content/themes/TravelNetworkNew/fonts/typicons.min.css
Requested by
Host: turin.se
URL: https://turin.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.253.31.225 Stockholm, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
159-253-31-225-static.glesys.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
73e3373dd87b60c283233a183bd3cc1b240b0ce73a4aef4b50dcddb55c7d79f1

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 20:15:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Jan 2015 13:07:10 GMT
Server
Apache/2.4.38 (Debian)
ETag
"3a79-50d151ddc3b80-gzip"
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade
Accept-Ranges
bytes
Content-Length
2624
style.css
turin.se/wp-content/themes/TravelNetworkNew/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turin.se/wp-content/themes/TravelNetworkNew/style.css
Requested by
Host: turin.se
URL: https://turin.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.253.31.225 Stockholm, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
159-253-31-225-static.glesys.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
eee365ce46c9aad0ca475e54bbbc5209869a3816b82e8ced5ecbb0bb1d9f888c

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 20:15:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Mar 2022 10:48:03 GMT
Server
Apache/2.4.38 (Debian)
ETag
"4dd9-5db5929d3d26d-gzip"
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade
Accept-Ranges
bytes
Content-Length
4365
widget.css
turin.se/wp-content/plugins/login-with-ajax/widget/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turin.se/wp-content/plugins/login-with-ajax/widget/widget.css?ver=4.7.25
Requested by
Host: turin.se
URL: https://turin.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.253.31.225 Stockholm, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
159-253-31-225-static.glesys.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
c0f26e64dc9d9cc394d163cf49fca788ed6d6043e4fad07c93317be46d0c8ba8

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 20:15:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Jan 2015 08:34:36 GMT
Server
Apache/2.4.38 (Debian)
ETag
"d95-50d9e1ff99f00-gzip"
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade
Accept-Ranges
bytes
Content-Length
1246
jquery.js
turin.se/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turin.se/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: turin.se
URL: https://turin.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.253.31.225 Stockholm, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
159-253-31-225-static.glesys.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 20:15:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Sep 2019 06:31:49 GMT
Server
Apache/2.4.38 (Debian)
ETag
"17a6a-591c879f2df40-gzip"
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
application/javascript
Connection
Upgrade
Accept-Ranges
bytes
Content-Length
33776
jquery-migrate.min.js
turin.se/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turin.se/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: turin.se
URL: https://turin.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.253.31.225 Stockholm, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
159-253-31-225-static.glesys.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 20:15:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Feb 2017 13:54:02 GMT
Server
Apache/2.4.38 (Debian)
ETag
"2748-547a09d3e5280-gzip"
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
application/javascript
Connection
Upgrade
Accept-Ranges
bytes
Content-Length
4014
login-with-ajax.js
turin.se/wp-content/plugins/login-with-ajax/widget/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turin.se/wp-content/plugins/login-with-ajax/widget/login-with-ajax.js?ver=4.7.25
Requested by
Host: turin.se
URL: https://turin.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.253.31.225 Stockholm, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
159-253-31-225-static.glesys.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
957a3f0a8edc5329ea9712791c06875a157a8bb0b008571dc5edb290e53aa363

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 20:15:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Jan 2015 08:34:36 GMT
Server
Apache/2.4.38 (Debian)
ETag
"1346-50d9e1ff99f00-gzip"
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
application/javascript
Connection
Upgrade
Accept-Ranges
bytes
Content-Length
1510
it.png
turin.se/wp-content/themes/TravelNetworkNew/flags/ 		147 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://turin.se/wp-content/themes/TravelNetworkNew/flags/it.png
Requested by
Host: turin.se
URL: https://turin.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.253.31.225 Stockholm, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
159-253-31-225-static.glesys.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
32724103c6bd2e21a844c1d6548574bb422c8e1c2bb8d8fe012bd65eef635f8e

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 20:15:39 GMT
Last-Modified
Tue, 20 Jan 2015 13:07:03 GMT
Server
Apache/2.4.38 (Debian)
ETag
"93-50d151d716bc0"
Upgrade
h2,h2c
Content-Type
image/png
Connection
Upgrade
Accept-Ranges
bytes
Content-Length
147
logo_turin.png
cms.dnh.se/turin/wp-content/uploads/sites/40/2014/05/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.dnh.se/turin/wp-content/uploads/sites/40/2014/05/logo_turin.png
Requested by
Host: turin.se
URL: https://turin.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.253.31.225 Stockholm, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
159-253-31-225-static.glesys.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
23c60bfca9bb325a2199489c77cd04040bcab6a7ead30499c11c032d56fc59ae

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 20:15:39 GMT
Last-Modified
Wed, 14 May 2014 16:30:09 GMT
Server
Apache/2.4.38 (Debian)
ETag
"144fc-4f95eb19de640"
Upgrade
h2,h2c
Content-Type
image/png
Connection
Upgrade
Accept-Ranges
bytes
Content-Length
83196
widget.js
www.viator.com/orion/partner/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.viator.com/orion/partner/widget.js
Requested by
Host: turin.se
URL: https://turin.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.235.140 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-235-140.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
50af0a5864489f17dda6dde4b13ce1b4cf80a479df9a5ce4d9a66c5e447c5704
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.viator.com:*
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
frame-ancestors 'self' *.viator.com:*
x-content-type-options
nosniff
date
Mon, 20 Feb 2023 20:15:39 GMT
content-encoding
gzip
x-datadome
protected
content-length
675
x-xss-protection
1; mode=block
x-unique-id
02106EA6:88FD_0A280714:01BB_63E58FEE_570AA9:04ED
last-modified
Thu, 09 Feb 2023 22:32:20 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
traceparent
00-4f6387b0d5204014b99e7eb18c4d3502-bd6c4baa9f4dc555-00
server
Apache
x-frame-options
SAMEORIGIN
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
cache-control
max-age=2592000, public
accept-ranges
bytes
expires
Fri, 17 Feb 2023 00:29:34 GMT
wp-embed.min.js
turin.se/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turin.se/wp-includes/js/wp-embed.min.js?ver=4.7.25
Requested by
Host: turin.se
URL: https://turin.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.253.31.225 Stockholm, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
159-253-31-225-static.glesys.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
57dd85466749e869c5958a2652e548673557a2390ec68490a353916353ecc74e

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 20:15:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Apr 2021 00:45:52 GMT
Server
Apache/2.4.38 (Debian)
ETag
"56a-5c00c4d517e88-gzip"
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
application/javascript
Connection
Upgrade
Accept-Ranges
bytes
Content-Length
735
gpt.js
www.googletagservices.com/tag/js/ 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: turin.se
URL: https://turin.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
79ad62cbaee9a316c3fa2542a9ebd0dc7f829d9d9a6302f0da659cc63c6e8d47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26545
x-xss-protection
0
server
sffe
etag
"1489 / 885 of 1000 / last-modified: 1676675148"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 20 Feb 2023 20:15:39 GMT
sdk.js
connect.facebook.net/sv_SE/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/sv_SE/sdk.js
Requested by
Host: turin.se
URL: https://turin.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
51381d82a13e1182eb226b3810826622afcc373b56025717bbaf426e5bdd9c40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 20 Feb 2023 20:15:39 GMT
content-md5
o7+NABX/sFw0knnVLx753Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
hr6df9U/P0rfJIunktwkt+9pLiTYIo6bmdO9c1E2UqvyxIibN7u13Dw64Ud4QUz8oqKw/fOij3AtWXiB3Msm7A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
2877890c3564a3f2a8b04ca0b7c974a4
cross-origin-opener-policy
same-origin-allow-popups
etag
"a0b330a724cb3f624736b9ac5c0db67e"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Mon, 20 Feb 2023 20:34:38 GMT
turin.jpg
cms.dnh.se/turin/wp-content/uploads/sites/40/2014/06/ 		253 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.dnh.se/turin/wp-content/uploads/sites/40/2014/06/turin.jpg
Requested by
Host: turin.se
URL: https://turin.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.253.31.225 Stockholm, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
159-253-31-225-static.glesys.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
a752b2b681dbe9ee104e92b370f37ce704d1c2ddb3d86507e71485393cf7298d

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 20:15:39 GMT
Last-Modified
Thu, 19 Jun 2014 07:42:34 GMT
Server
Apache/2.4.38 (Debian)
ETag
"3f595-4fc2b851e6e80"
Upgrade
h2,h2c
Content-Type
image/jpeg
Connection
Upgrade
Accept-Ranges
bytes
Content-Length
259477
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://turin.se
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 23:44:24 GMT
x-content-type-options
nosniff
age
419475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Feb 2024 23:44:24 GMT
flexiproduct.js
aff.bstatic.com/static/affiliate_base/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1676924139397
Requested by
Host: turin.se
URL: https://turin.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-29.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:39 GMT
content-encoding
br
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 13 Jun 2022 03:41:28 GMT
server
nginx
etag
W/"62a6b1e8-1849"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
617Fw2MuQTnuU2GHNwuMGCofXuJ66RexgMEwbRbA1tFqKvGvc3hg_Q==
expires
Wed, 22 Mar 2023 20:15:39 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: turin.se
URL: https://turin.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 20 Feb 2023 18:54:44 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4855
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 20 Feb 2023 20:54:44 GMT
typicons.woff
turin.se/wp-content/themes/TravelNetworkNew/fonts/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://turin.se/wp-content/themes/TravelNetworkNew/fonts/typicons.woff
Requested by
Host: turin.se
URL: https://turin.se/wp-content/themes/TravelNetworkNew/fonts/typicons.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.253.31.225 Stockholm, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
159-253-31-225-static.glesys.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
176dacd85c26ed46a0ed4e3228efcd676d806cd9c4f3e306192c3f5d1a535248

Request headers

Referer
https://turin.se/wp-content/themes/TravelNetworkNew/fonts/typicons.min.css
Origin
https://turin.se
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 20:15:39 GMT
Last-Modified
Tue, 20 Jan 2015 13:07:11 GMT
Server
Apache/2.4.38 (Debian)
ETag
"ec30-50d151deb7dc0"
Upgrade
h2,h2c
Content-Type
font/woff
Connection
Upgrade
Accept-Ranges
bytes
Content-Length
60464
sdk.js
connect.facebook.net/sv_SE/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/sv_SE/sdk.js?hash=17c03571be69c430f58e09aa872e1701
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/sv_SE/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
e57503c60213cd287e533d8c56a2679a70604a692b31de2e4200d29fe699edb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://turin.se/
Origin
https://turin.se
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 20 Feb 2023 20:15:39 GMT
content-md5
JFfohjJ2d9sGjpzf/izszw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88552
x-fb-rlafr
0
x-fb-debug
uzxlYIZlTQj024okPX6Sg0tq5/Xi/2wD+65Y57EdtupyGtZA16ZYk0GgLe2+8leg4y5V6OgGAVpSB2Dp5EmcPQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
6a37ed2670a42dfb2ca3bbeb769e00bd
cross-origin-opener-policy
same-origin-allow-popups
etag
"8446b468855054dc4e3ade42c5207db2"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 20 Feb 2024 19:34:28 GMT
collect
www.google-analytics.com/j/ 		3 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=556208268&t=pageview&_s=1&dl=https%3A%2F%2Fturin.se%2F&ul=en-us&de=UTF-8&dt=Turin.se%20%E2%80%93%20Italien%20med%20det%20b%C3%A4sta%20av%20Europa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1284189282&gjid=440718832&cid=996344736.1676924140&tid=UA-10675286-37&_gid=1550304493.1676924140&_r=1&_slc=1&z=1507609011
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://turin.se/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Feb 2023 20:15:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://turin.se
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget-main.js
www.viator.com/orion/partner/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.viator.com/orion/partner/widget-main.js?widgetPreview=false&date=1676924139619
Requested by
Host: www.viator.com
URL: https://www.viator.com/orion/partner/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.235.140 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-235-140.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6baf6a1a0557d6db52bc4e74c9235fdf8f67b3b190bcc511ffc170fc4d1b2f60
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.viator.com:*
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
frame-ancestors 'self' *.viator.com:*
x-content-type-options
nosniff
date
Mon, 20 Feb 2023 20:15:39 GMT
content-encoding
gzip
x-datadome
protected
content-length
1340
x-xss-protection
1; mode=block
x-unique-id
02106E74:CAA9_0A280E50:01BB_63F3D4EB_2C5BE01:6851
last-modified
Mon, 20 Feb 2023 13:25:10 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
traceparent
00-bbfb82c28eb3422f920f4d112f0eedbc-8039333f3c210a94-00
server
Apache
x-frame-options
SAMEORIGIN
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
cache-control
max-age=2592000, public
accept-ranges
bytes
expires
Mon, 27 Feb 2023 20:15:39 GMT
pubads_impl_2023021401.js
securepubads.g.doubleclick.net/gpt/ 		383 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
3ae88f57f0348d9b11258f88926e791d4dc8dc66b365d8aca36cb731257b7fc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 13:47:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23262
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132139
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 09:35:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 20 Feb 2024 13:47:57 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		30 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=turin.se
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
6f98b1ce932df2e56a12a7fe7da4ad9d92ad798a90af8a9675fe61e52f028ba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34
x-xss-protection
0
expires
Mon, 20 Feb 2023 20:15:39 GMT
flexiproduct.html
www.booking.com/ Frame F8F7 		76 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.booking.com/flexiproduct.html?product=nsb&w=265&h=360&aid=1424325&target_aid=821060&fid=1676924139666&
Requested by
Host: aff.bstatic.com
URL: https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1676924139397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
f1e1196e3065094bdb2847fae2429a0bd8fadd83d36e122f142eee8bebb55333
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://turin.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
private
content-encoding
br
content-length
29845
content-type
text/html; charset=UTF-8
date
Mon, 20 Feb 2023 20:15:40 GMT
nel
{"report_to":"default","max_age":604800}
report-to
{"group":"default","endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":604800}
server
nginx
strict-transport-security
max-age=604800
vary
User-Agent, Accept-Encoding
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-id
3xWGNb5iefJpiuVX9XjWQZOdJcipUXEPUgQEXVvOiX9p4tMhOJNyNg==
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
products
www.viator.com/sv-SE/widget/ Frame 0CC2 		61 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.viator.com/sv-SE/widget/products?localeSwitch=1&partnerId=P00064214&currency=SEK&partnerType=AFFILIATE&campaign=&totalProducts=9&awinProgramId=&widgetRef=&widgetPreview=false&urls=https%3A%2F%2Fwww.viator.com%2FTurin%2Fd802-ttd&wd=%7B%22f%22%3A%22viw-78162%22%2C%22s%22%3A%22block%22%7D
Requested by
Host: www.viator.com
URL: https://www.viator.com/orion/partner/widget-main.js?widgetPreview=false&date=1676924139619
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.235.140 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-235-140.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
92a20543f1709c850de287bb199219745add168a32cdd1e78e2fdba9085e7007
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://turin.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
content-encoding
gzip
content-language
sv
content-length
3216
content-type
text/html;charset=utf-8
date
Mon, 20 Feb 2023 20:15:40 GMT
server
Apache
strict-transport-security
max-age=15724800; includeSubDomains
traceparent
00-ba9e83a352314c78b8d3a2dcce561be0-a1635db9133ce8b7-00
vary
accept-encoding
x-datadome
protected
x-unique-id
02163D63:A9BB_0A280EFC:01BB_63F3D4EB_2AC4A1F:2E11
x-viator-tapersistentcookie
75c55440-d40e-4300-a690-b6f775568de2
integrator.js
adservice.google.se/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.se/adsid/integrator.js?domain=turin.se
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=turin.se
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		141 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=549949644057857&correlator=2946123322502956&eid=21065724%2C31072499&output=ldjh&gdfp_req=1&vrg=2023021401&ptt=17&impl=fifs&iu_parts=40173864%2CPT_turin%2CPB_turin%2CSC_BL_turin%2CMT_turin%2CMB_turin&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=980x240%2C980x240%2C300x600%2C300x250%2C300x250&ifi=1&adks=2815938035%2C1664294221%2C608167448%2C3483229093%2C1063141038&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1676924140072&lmt=1676924140&dlt=1676924139164&idt=874&adxs=189%2C189%2C1013%2C-9%2C-9&adys=283%2C1582%2C1545%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fturin.se%2F&frm=20&vis=1&psz=1250x22%7C1250x22%7C387x0%7C0x-1%7C0x-1&msz=1222x0%7C1222x0%7C300x0%7C0x-1%7C0x-1&fws=0%2C0%2C0%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0&ga_vid=996344736.1676924140&ga_sid=1676924140&ga_hid=556208268&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
50a440aab50876306fc12095b8a36f0977600daad24536847a22647c1dd1bcd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24874
x-xss-protection
0
google-lineitem-id
113715224,114710144,113729744,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138334174479,138334125167,138353489125,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://turin.se
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
90556fd1f58aefb241bfb108944b0a7f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 44C7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://90556fd1f58aefb241bfb108944b0a7f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turin.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Feb 2023 20:15:40 GMT
expires
Tue, 20 Feb 2024 20:15:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
partner-widget.b8a73c9365da3eb095e8.css
cache.vtrcdn.com//orion/css/ Frame 0CC2 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cache.vtrcdn.com//orion/css/partner-widget.b8a73c9365da3eb095e8.css
Requested by
Host: www.viator.com
URL: https://www.viator.com/sv-SE/widget/products?localeSwitch=1&partnerId=P00064214&currency=SEK&partnerType=AFFILIATE&campaign=&totalProducts=9&awinProgramId=&widgetRef=&widgetPreview=false&urls=https%3A%2F%2Fwww.viator.com%2FTurin%2Fd802-ttd&wd=%7B%22f%22%3A%22viw-78162%22%2C%22s%22%3A%22block%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.235.140 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-235-140.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
53966e4e310fbe0e51ab2a17f03541b6bcb48245bc52f0d4cd8bd25254e3e12a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.viator.com:*
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.viator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
frame-ancestors 'self' *.viator.com:*
x-content-type-options
nosniff
date
Mon, 20 Feb 2023 20:15:40 GMT
content-encoding
gzip
content-length
1152
x-xss-protection
1; mode=block
x-unique-id
02106E74:C163_0A2807DC:01BB_63E95B62_723AFD2:77EA
last-modified
Fri, 10 Feb 2023 17:34:10 GMT
server
Apache
traceparent
00-7c40cbf0fce04464a2477da9d0171459-8f7494b252abd10d-00
x-frame-options
SAMEORIGIN
vary
accept-encoding
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000, public
accept-ranges
bytes
expires
Sun, 19 Feb 2023 21:34:27 GMT
4b.jpg
media.tacdn.com/media/attractions-splice-spp-360x240/0b/9c/4a/ Frame 0CC2 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tacdn.com/media/attractions-splice-spp-360x240/0b/9c/4a/4b.jpg
Requested by
Host: www.viator.com
URL: https://www.viator.com/sv-SE/widget/products?localeSwitch=1&partnerId=P00064214&currency=SEK&partnerType=AFFILIATE&campaign=&totalProducts=9&awinProgramId=&widgetRef=&widgetPreview=false&urls=https%3A%2F%2Fwww.viator.com%2FTurin%2Fd802-ttd&wd=%7B%22f%22%3A%22viw-78162%22%2C%22s%22%3A%22block%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4e35868bc053b246f113e664259974c59088332b6071ab66b0769a291ff31206

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.viator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
via
1.1 varnish, 1.1 varnish
x-media-cdn
101294821
age
1893053
x-cache
HIT, HIT
content-length
26019
x-served-by
cache-iad-kiad7000131-IAD, cache-bma1683-BMA
last-modified
Tue, 26 Jan 2021 14:56:26 GMT
x-timer
S1676924140.201154,VS0,VE1
etag
"f79c87cb6b9f55ec83828dbe3c12308c"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
105, 1
72.jpg
media.tacdn.com/media/attractions-splice-spp-360x240/0b/36/a2/ Frame 0CC2 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tacdn.com/media/attractions-splice-spp-360x240/0b/36/a2/72.jpg
Requested by
Host: www.viator.com
URL: https://www.viator.com/sv-SE/widget/products?localeSwitch=1&partnerId=P00064214&currency=SEK&partnerType=AFFILIATE&campaign=&totalProducts=9&awinProgramId=&widgetRef=&widgetPreview=false&urls=https%3A%2F%2Fwww.viator.com%2FTurin%2Fd802-ttd&wd=%7B%22f%22%3A%22viw-78162%22%2C%22s%22%3A%22block%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
54831eaec10c9149ed2632561bc0536ad1c44592841456a643f5fe80aa8228a7

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.viator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
via
1.1 varnish, 1.1 varnish
x-media-cdn
386833308
age
454696
x-cache
HIT, HIT
content-length
22215
x-served-by
cache-iad-kiad7000102-IAD, cache-bma1683-BMA
last-modified
Fri, 23 Oct 2020 10:38:00 GMT
x-timer
S1676924140.201575,VS0,VE15
etag
"75314d64eb0b0969d182495254327b67"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
105, 1
f2.jpg
media.tacdn.com/media/attractions-splice-spp-360x240/09/89/be/ Frame 0CC2 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tacdn.com/media/attractions-splice-spp-360x240/09/89/be/f2.jpg
Requested by
Host: www.viator.com
URL: https://www.viator.com/sv-SE/widget/products?localeSwitch=1&partnerId=P00064214&currency=SEK&partnerType=AFFILIATE&campaign=&totalProducts=9&awinProgramId=&widgetRef=&widgetPreview=false&urls=https%3A%2F%2Fwww.viator.com%2FTurin%2Fd802-ttd&wd=%7B%22f%22%3A%22viw-78162%22%2C%22s%22%3A%22block%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
62c5b4b9ec242595b62d10cc1055a6b2ff6db1e35c4fd5901b24e13fbc0affa3

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.viator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
via
1.1 varnish, 1.1 varnish
x-media-cdn
219127944
age
1494980
x-cache
HIT, HIT
content-length
37573
x-served-by
cache-iad-kjyo7100164-IAD, cache-bma1683-BMA
last-modified
Wed, 16 Oct 2019 16:13:07 GMT
x-timer
S1676924140.201555,VS0,VE3
etag
"c71033c6ef030458485af1a3427ddf5b"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
40, 1
40.jpg
media.tacdn.com/media/attractions-splice-spp-360x240/09/21/fb/ Frame 0CC2 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tacdn.com/media/attractions-splice-spp-360x240/09/21/fb/40.jpg
Requested by
Host: www.viator.com
URL: https://www.viator.com/sv-SE/widget/products?localeSwitch=1&partnerId=P00064214&currency=SEK&partnerType=AFFILIATE&campaign=&totalProducts=9&awinProgramId=&widgetRef=&widgetPreview=false&urls=https%3A%2F%2Fwww.viator.com%2FTurin%2Fd802-ttd&wd=%7B%22f%22%3A%22viw-78162%22%2C%22s%22%3A%22block%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f96f6dafa00b927a576a9488f4ba20e92622a0190ebc87472c7dfd060e3451d6

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.viator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
via
1.1 varnish, 1.1 varnish
x-media-cdn
157514042
age
1767713
x-cache
HIT, HIT
content-length
26522
x-served-by
cache-iad-kcgs7200069-IAD, cache-bma1683-BMA
last-modified
Thu, 05 Sep 2019 14:46:10 GMT
x-timer
S1676924140.201509,VS0,VE1
etag
"ef95e1de6ee7275bdc67be512e8d3484"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
182, 1
3d.jpg
media.tacdn.com/media/attractions-splice-spp-360x240/0a/8c/11/ Frame 0CC2 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tacdn.com/media/attractions-splice-spp-360x240/0a/8c/11/3d.jpg
Requested by
Host: www.viator.com
URL: https://www.viator.com/sv-SE/widget/products?localeSwitch=1&partnerId=P00064214&currency=SEK&partnerType=AFFILIATE&campaign=&totalProducts=9&awinProgramId=&widgetRef=&widgetPreview=false&urls=https%3A%2F%2Fwww.viator.com%2FTurin%2Fd802-ttd&wd=%7B%22f%22%3A%22viw-78162%22%2C%22s%22%3A%22block%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2f9c057b5aed2abf114ba274a2ad8eb27fcb11f0463042e189ae4b6692bcb29e

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.viator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
via
1.1 varnish, 1.1 varnish
x-media-cdn
317110082
age
457530
x-cache
HIT, HIT
content-length
21911
x-served-by
cache-iad-kcgs7200102-IAD, cache-bma1683-BMA
last-modified
Fri, 28 Feb 2020 10:46:00 GMT
x-timer
S1676924140.201492,VS0,VE2
etag
"d463a928047c8bb71907c72b6eb10f9b"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
26, 1
bf.jpg
media.tacdn.com/media/attractions-splice-spp-360x240/0e/9d/03/ Frame 0CC2 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tacdn.com/media/attractions-splice-spp-360x240/0e/9d/03/bf.jpg
Requested by
Host: www.viator.com
URL: https://www.viator.com/sv-SE/widget/products?localeSwitch=1&partnerId=P00064214&currency=SEK&partnerType=AFFILIATE&campaign=&totalProducts=9&awinProgramId=&widgetRef=&widgetPreview=false&urls=https%3A%2F%2Fwww.viator.com%2FTurin%2Fd802-ttd&wd=%7B%22f%22%3A%22viw-78162%22%2C%22s%22%3A%22block%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9fef9054018362a5731aad936c42ce1c807c2eae305e03e48fba3d4dd2bed059

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.viator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
via
1.1 varnish, 1.1 varnish
x-media-cdn
270514705
age
2334553
x-cache
HIT, HIT
content-length
24356
x-served-by
cache-iad-kjyo7100108-IAD, cache-bma1683-BMA
last-modified
Fri, 15 Apr 2022 09:00:57 GMT
x-timer
S1676924140.201509,VS0,VE2
etag
"8a0bc45e9980f8fec5fbce0a614e1344"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
19, 1
1f.jpg
media.tacdn.com/media/attractions-splice-spp-360x240/06/e5/08/ Frame 0CC2 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tacdn.com/media/attractions-splice-spp-360x240/06/e5/08/1f.jpg
Requested by
Host: www.viator.com
URL: https://www.viator.com/sv-SE/widget/products?localeSwitch=1&partnerId=P00064214&currency=SEK&partnerType=AFFILIATE&campaign=&totalProducts=9&awinProgramId=&widgetRef=&widgetPreview=false&urls=https%3A%2F%2Fwww.viator.com%2FTurin%2Fd802-ttd&wd=%7B%22f%22%3A%22viw-78162%22%2C%22s%22%3A%22block%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b8228785bc1ff72ac36e3ca2a2b36c17da0b9e0883a3634564f85056701ad676

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.viator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
via
1.1 varnish, 1.1 varnish
x-media-cdn
159351220
age
1129930
x-cache
HIT, HIT
content-length
40098
x-served-by
cache-iad-kjyo7100107-IAD, cache-bma1683-BMA
last-modified
Wed, 19 Dec 2018 11:42:06 GMT
x-timer
S1676924140.241488,VS0,VE1
etag
"d77f407053c45efb7733dcaa4fbc0595"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
118, 1
55.jpg
media.tacdn.com/media/attractions-splice-spp-360x240/0b/d1/9e/ Frame 0CC2 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tacdn.com/media/attractions-splice-spp-360x240/0b/d1/9e/55.jpg
Requested by
Host: www.viator.com
URL: https://www.viator.com/sv-SE/widget/products?localeSwitch=1&partnerId=P00064214&currency=SEK&partnerType=AFFILIATE&campaign=&totalProducts=9&awinProgramId=&widgetRef=&widgetPreview=false&urls=https%3A%2F%2Fwww.viator.com%2FTurin%2Fd802-ttd&wd=%7B%22f%22%3A%22viw-78162%22%2C%22s%22%3A%22block%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
96e2446829c86000154b84ccd3d9748efe142a67e258d54c50d2c01b80c424bd

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.viator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
via
1.1 varnish, 1.1 varnish
x-media-cdn
182661255
age
1420221
x-cache
HIT, HIT
content-length
20117
x-served-by
cache-iad-kjyo7100081-IAD, cache-bma1683-BMA
last-modified
Wed, 05 May 2021 15:00:21 GMT
x-timer
S1676924140.241142,VS0,VE1
etag
"886a163216f85bb5dc3b4626c2dee3ea"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
179, 1
52.jpg
media.tacdn.com/media/attractions-splice-spp-360x240/0f/78/83/ Frame 0CC2 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tacdn.com/media/attractions-splice-spp-360x240/0f/78/83/52.jpg
Requested by
Host: www.viator.com
URL: https://www.viator.com/sv-SE/widget/products?localeSwitch=1&partnerId=P00064214&currency=SEK&partnerType=AFFILIATE&campaign=&totalProducts=9&awinProgramId=&widgetRef=&widgetPreview=false&urls=https%3A%2F%2Fwww.viator.com%2FTurin%2Fd802-ttd&wd=%7B%22f%22%3A%22viw-78162%22%2C%22s%22%3A%22block%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af04eab0c6afaf50894da76a85884b977235fac938bb5b4e2bce870eb96443ac

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.viator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
via
1.1 varnish, 1.1 varnish
x-media-cdn
156015903
age
2220762
x-cache
HIT, HIT
content-length
19980
x-served-by
cache-iad-kcgs7200055-IAD, cache-bma1683-BMA
last-modified
Thu, 11 Aug 2022 15:57:53 GMT
x-timer
S1676924140.241271,VS0,VE1
etag
"9000e39f952dc953d443fcc0ffffb22e"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
3, 1
widget-local.54f57d7c15bc9f59fb18.js
cache.vtrcdn.com//orion/partner-widgets/ Frame 0CC2 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache.vtrcdn.com//orion/partner-widgets/widget-local.54f57d7c15bc9f59fb18.js
Requested by
Host: www.viator.com
URL: https://www.viator.com/sv-SE/widget/products?localeSwitch=1&partnerId=P00064214&currency=SEK&partnerType=AFFILIATE&campaign=&totalProducts=9&awinProgramId=&widgetRef=&widgetPreview=false&urls=https%3A%2F%2Fwww.viator.com%2FTurin%2Fd802-ttd&wd=%7B%22f%22%3A%22viw-78162%22%2C%22s%22%3A%22block%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.235.140 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-235-140.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7f5fe73916522e2cb2187d96b81cad2a62839fc738661335d4392a0f83a749c0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.viator.com:*
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.viator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
frame-ancestors 'self' *.viator.com:*
x-content-type-options
nosniff
date
Mon, 20 Feb 2023 20:15:40 GMT
content-encoding
gzip
x-datadome
protected
content-length
1148
x-xss-protection
1; mode=block
x-unique-id
02106E9E:C285_0A280C38:01BB_63F38683_B88B54:5781
last-modified
Mon, 20 Feb 2023 13:27:54 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
traceparent
00-e11895162e474bfcb6ae8cd5390b0283-ad50ef23f05e09d0-00
server
Apache
x-frame-options
SAMEORIGIN
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
cache-control
max-age=2592000, public
accept-ranges
bytes
expires
Mon, 27 Feb 2023 14:41:07 GMT
82b674edb949dddf78e02d76e8593771bf2e85d5.css
cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/ Frame F8F7 		1 KB
1014 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=265&h=360&aid=1424325&target_aid=821060&fid=1676924139666&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-29.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
b40bd50a4795ccd4a8b88ff70fb14074d2f0bf599e072e98ccd302cfeb436b8a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 14:03:10 GMT
content-encoding
br
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P6
age
886350
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Fri, 05 Jun 2020 10:23:33 GMT
server
nginx
etag
W/"5eda1d25-51a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
FbrBf5jzbAKsdRdWk8YYTBNdpK9ecwhMmM1IRc4rGNWIzSrh1eme5w==
expires
Sun, 12 Mar 2023 14:03:10 GMT
f6d29e089da85314827d24b5e412d273b710cf84.css
cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/ Frame F8F7 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/f6d29e089da85314827d24b5e412d273b710cf84.css
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=265&h=360&aid=1424325&target_aid=821060&fid=1676924139666&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-29.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e3c37aa402d060ff9a8c441cd6918a1859cb6358eee091d9b7a7a6b12447e74b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 02:06:29 GMT
content-encoding
br
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P6
age
1188551
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Fri, 05 Jun 2020 10:23:33 GMT
server
nginx
etag
W/"5eda1d25-2ae3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
Iw317ZjR1gIqun3JGZol-2INDj4jbghEL38yo6AXABbEEKovCaNPhQ==
expires
Thu, 09 Mar 2023 02:06:29 GMT
19d26ccbecea13a40501b1a204f92d7797638c6b.css
cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/ Frame F8F7 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/19d26ccbecea13a40501b1a204f92d7797638c6b.css
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=265&h=360&aid=1424325&target_aid=821060&fid=1676924139666&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-29.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
da7cec1b9368c3c3c6ecdd18613157a1d81c19e1be2f2ab987499032b03d272f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 16:07:47 GMT
content-encoding
br
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P6
age
619673
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 28 Jun 2022 06:07:04 GMT
server
nginx
etag
W/"62ba9a88-33d2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
3a90uqPnTou2Hp7yrBNp37thWHZbIKO5adouP44_SXFViynGAH7t_A==
expires
Wed, 15 Mar 2023 16:07:47 GMT
3eb8e6d9f9a04e3583a9e8d949a559d3fad5c8c4.css
cf.bstatic.com/static/affiliate_base/css/flexi_product_nsb/ Frame F8F7 		952 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/affiliate_base/css/flexi_product_nsb/3eb8e6d9f9a04e3583a9e8d949a559d3fad5c8c4.css
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=265&h=360&aid=1424325&target_aid=821060&fid=1676924139666&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-29.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
601642ecd5e7a89187e12278ef792ecfe176c4553f7dc792557177a4048488e2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 02:02:14 GMT
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P6
age
238406
x-cache
Hit from cloudfront
content-length
952
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:19 GMT
server
nginx
etag
"5cadd1af-3b8"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
AAmor3MymhbD9HHTXmlfLMme3klfQGaDRBOam1usCq2rYJ_1XiXFNQ==
expires
Mon, 20 Mar 2023 02:02:14 GMT
ebc3273565b5e682ccaf01872d2e046749306442.png
cf.bstatic.com/static/img/affiliate_base/flexi/booking_logo_blue/ Frame F8F7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/static/img/affiliate_base/flexi/booking_logo_blue/ebc3273565b5e682ccaf01872d2e046749306442.png
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=265&h=360&aid=1424325&target_aid=821060&fid=1676924139666&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-29.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
69f81eea02cf09defcdb0c916f7ca869498f0d7045318c8ebfe469d2872cbbfa
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 02:58:33 GMT
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P6
age
148627
x-cache
Hit from cloudfront
content-length
2904
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:50 GMT
server
nginx
etag
"5cadd1ce-b58"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
KdAlfQw8GHB_-_iz7G7oYo4oz-T3hnuDkoBQZVA1gWHSU9qqjOwDxA==
expires
Tue, 21 Mar 2023 02:58:33 GMT
0ca8372024cd7370c4aed6aa1d8dd3d5feb83935.png
cf.bstatic.com/static/img/affiliate_base/flexi/usp_icon_dark_blue/ Frame F8F7 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/static/img/affiliate_base/flexi/usp_icon_dark_blue/0ca8372024cd7370c4aed6aa1d8dd3d5feb83935.png
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=265&h=360&aid=1424325&target_aid=821060&fid=1676924139666&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-29.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
5e511da3a4fb796a0757d341558c86fb123752f39c370f6dc1eef9bc4885bd31
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 01:57:47 GMT
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P6
age
1621073
x-cache
Hit from cloudfront
content-length
1230
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:50 GMT
server
nginx
etag
"5cadd1ce-4ce"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
5wYa8NEPcnziF09ygLtbR9BqiawZTGskIHFafn7jG51A3EpxZqhhEQ==
expires
Sat, 04 Mar 2023 01:57:47 GMT
85522fc012ea427986aabb503405f288a30cc3c8.js
cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/ Frame F8F7 		123 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/85522fc012ea427986aabb503405f288a30cc3c8.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=265&h=360&aid=1424325&target_aid=821060&fid=1676924139666&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-94.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
424bf606a1d0dc5c56a2f54917c3cbc6af946e33785ab71e35bac0b28fc9e959
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 11:31:20 GMT
content-encoding
br
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P6
age
722660
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 25 May 2022 11:00:45 GMT
server
nginx
etag
W/"628e0c5d-1ed10"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
5Xd63Etc9decpeKBzd0Sm6_qrDrZ5uPI5n2_MORbGosVwxgaiE_2Kw==
expires
Tue, 14 Mar 2023 11:31:20 GMT
eb78197b2eee9a032c319d91a6e1c581e295f284.js
cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_components_cloudfront_sd/ Frame F8F7 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_components_cloudfront_sd/eb78197b2eee9a032c319d91a6e1c581e295f284.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=265&h=360&aid=1424325&target_aid=821060&fid=1676924139666&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-94.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
fd0370177238527421278d27eb652e22a25d20784438f81f114b09f5a349e06d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 04:59:06 GMT
content-encoding
br
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P6
age
918994
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 04 Feb 2020 10:19:54 GMT
server
nginx
etag
W/"5e39454a-84eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
Z2nEqk16GSoMEueWa5cFeIVs8PPXxKpEBziUClBYv2fZPgcGNylEHQ==
expires
Sun, 12 Mar 2023 04:59:06 GMT
a620a252f1d0110ab972e81348133431e8486098.js
cf.bstatic.com/static/affiliate_base/js/flexi_nsb_cloudfront_sd/ Frame F8F7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/affiliate_base/js/flexi_nsb_cloudfront_sd/a620a252f1d0110ab972e81348133431e8486098.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=265&h=360&aid=1424325&target_aid=821060&fid=1676924139666&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-94.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
9afc14c1ac2584619b29bf2232f3ddd9da032d3acdf769e48ff7736f55a16e4e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 08:04:37 GMT
content-encoding
br
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P6
age
130263
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 04 Feb 2020 10:19:54 GMT
server
nginx
etag
W/"5e39454a-903"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
-EZ39rU31jKAHzcaIpBxQue86gq-AVeuWUT5zpUl7GlBPv76FlDcYQ==
expires
Tue, 21 Mar 2023 08:04:37 GMT
750fa5bec9bde5e6e09115b5970b8106f73a5646.woff
cf.bstatic.com/static/fonts/flexi/flexi/ Frame F8F7 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/fonts/flexi/flexi/750fa5bec9bde5e6e09115b5970b8106f73a5646.woff
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-94.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
727b71610239254fbeb9000a4774cf87b96bdd0c7eab1b781d67aa916ab6426e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css
Origin
https://www.booking.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 16:07:47 GMT
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P6
age
619673
x-cache
Hit from cloudfront
content-length
7772
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:49 GMT
server
nginx
etag
"5cadd1cd-1e5c"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
54XM4rqli3wMKn6mz3sBytJUDGIjn5SccPOmIulbSEA22-aB8Xz8HQ==
expires
Wed, 15 Mar 2023 16:07:47 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C3F8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSb5WzLBP1DelfJpKz8ka3T2zkisyyvrALDj1u2sMkymIkQ0_tukdEXhKfZCQQEmZBqStc1QvKe4jext0pOTQHLntV2-qg9YCQAV0HMwgBKKw5uTbgkNWIE9t4DnpWkWg0upqwVvV5hntMSgQJSIhrusgraeCZVl_W3aHID3rjO3w1M89SbN33BRcagdjQJG2Iw--FFIZQAHvJlQVH2BLMrqPSIBjIjx72IU4GXNJPf4Jj3mRUAoMq9VH54uPi_yhrYZ6kf6sNQrdEA0rOqvxV8BfpM7BUrIMzuq8eczdFnvPL&sai=AMfl-YRVHnQgkOuVV1sNkA3oVGTROSNAVKK0h8c8fvUAejUfC6Eg2Zl2kXJYpqL_X1HxmGNr0yeOUzJwDHuP4e_a5VqiZygmDJaEAQpXtHjznQj0rvMz4bL0GDKjsMG8NsmIIYZuh2sAnNehFBv9dvU&sig=Cg0ArKJSzGYod0xT9g0sEAE&uach_m=[UACH]&adurl=
Requested by
Host: turin.se
URL: https://turin.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 20 Feb 2023 20:15:40 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame C3F8 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 02:12:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
64969
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8814
x-xss-protection
0
server
cafe
etag
11378319237421819138
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Mar 2023 02:12:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame C3F8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 19:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
1689
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Mar 2023 19:47:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C3F8 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48814
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676465787912926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 20 Feb 2023 20:15:40 GMT
10138185903212840028
tpc.googlesyndication.com/simgad/ Frame C3F8 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10138185903212840028
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
de2429ef92fc6ecc3aa3be32c68c4160885934e82fbc066e1ed6963e0f3c3f9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 09:16:52 GMT
x-content-type-options
nosniff
age
212328
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71302
x-xss-protection
0
last-modified
Tue, 15 Dec 2020 12:15:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 18 Feb 2024 09:16:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 51D5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1pkPder13CmsJ3Sq1w0JP7Ri-wfbRPvJ1wTWIfoeQ10uJF44X9hD3nI3IOa9c8FLDuTM0dZ-9SSOJu1DPXA5GuJ85gE2C7am-dSJ5vNbTj7NwID4UKkGzgHf8V0u_2V8b4lJI06siSSu9L7Qp948rPhNVGchRUbyPJPE_e5Jbe4VJsB0F65cm5pR85wgs7tojJ4N35SZLbU70Q4FBQWHv_3kDc8jox-4eH9US3mm_1tORbhfE1_BSbY5lpw1zwVrSeIHzW86V9MV2TXwkwKmdU7toqo8UHtListfZbcFdBIdM&sai=AMfl-YQaPULbQcPYllhw_DS-ebq6IPt6EoJcFl49RcDC5-Ia5BCGAkMjY8Us51y_uTDqwo9hHXMK_LqE5pBgxWKj8AYjYInbKHOx77obZwfd52WPoUAnvSn3ESaFyuFEvYpyz3gPv_gVxi1KNRNcHfg&sig=Cg0ArKJSzNmsN28vD0qSEAE&uach_m=[UACH]&adurl=
Requested by
Host: turin.se
URL: https://turin.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 20 Feb 2023 20:15:40 GMT
10138185903212840028
tpc.googlesyndication.com/simgad/ Frame 51D5 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10138185903212840028
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
de2429ef92fc6ecc3aa3be32c68c4160885934e82fbc066e1ed6963e0f3c3f9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 09:16:52 GMT
x-content-type-options
nosniff
age
212328
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71302
x-xss-protection
0
last-modified
Tue, 15 Dec 2020 12:15:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 18 Feb 2024 09:16:52 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame 51D5 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 02:12:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
64969
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8814
x-xss-protection
0
server
cafe
etag
11378319237421819138
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Mar 2023 02:12:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 51D5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 19:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
1689
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Mar 2023 19:47:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 51D5 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48814
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676465787912926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 20 Feb 2023 20:15:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9249 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjASGIDWSSCj5btaUFmnvfViMoER1ZsQlixexdDUhmMniJEKT6oI9OnsXcyFRYoJKgB5duU2aXLuIu6RM22dcc2A4uKhtZ0eQsRUeFCTFkND3klj6_pw8J8-T01KZUyTokHED5QdISsmDcT5z2jqAtJhDhlHWPOylWGfDM_z7IDAPkikgO_mtQSXOVffwCpzyf21WKIsbOfWfgjsWugVfBZElO6fGGIkoBk4DqwZ7JEJvTZWDZs_kgLlYW80y3i_-zrWl4w74H0750ed0rgVexlV-Pd7K1RPiB85lJc_fudiVxkKrV&sai=AMfl-YTnErCKl9z8eFZqidho8zc22ojN5nr1DF78Iqktl72Ny73fdIS7SH6Kwdlt2Za-ltTUYZHY6UR3TUSSBcJXcUgjTazIlJUbPitMyhYWpfi8a5n1tAj8UAa4jpU2Ntkpf4PyPSf77TBTyxSmAwQ&sig=Cg0ArKJSzFnWjr-D29ylEAE&uach_m=[UACH]&adurl=
Requested by
Host: turin.se
URL: https://turin.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 20 Feb 2023 20:15:40 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame 9249 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 02:12:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
64969
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8814
x-xss-protection
0
server
cafe
etag
11378319237421819138
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Mar 2023 02:12:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 9249 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 19:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
1689
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Mar 2023 19:47:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9249 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48814
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676465787912926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 20 Feb 2023 20:15:40 GMT
15542599238786711450
tpc.googlesyndication.com/simgad/ Frame 9249 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15542599238786711450
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
c06a8857b16252b8f321b69bd5cb4de1e31dfe7d532d5e4e1c8d56a9474ad3ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 10:42:28 GMT
x-content-type-options
nosniff
age
466392
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54986
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 14:15:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 15 Feb 2024 10:42:28 GMT
fp_view
www.booking.com/affiliate/ Frame F8F7 		12 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.booking.com/affiliate/fp_view?aid=1424325&target_aid=821060&product_type=nsb
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/85522fc012ea427986aabb503405f288a30cc3c8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.booking.com/flexiproduct.html?product=nsb&w=265&h=360&aid=1424325&target_aid=821060&fid=1676924139666&
X-Requested-With
XMLHttpRequest
X-Booking-CSRF
Kw30YwAAAAA=LIaNZKodhoLCaoRoMlAxo6GkAUBHV79yIaGqfPonyszik9N-6ky49BshXmzpgC3CfBi8znDfH6wz85cwkLlJW2gSs1T4zYdi-dpPOiHButOL_CVag4bC1IqTRAo8d9Ohs2ldxa9lx0G_5NzGbNOghLZbwkFiK_AduPMuZYC1ucTTZ155YIe3lfsNSGwn-jI4yJ4ymLowJ8Kh9AZe
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
strict-transport-security
max-age=604800
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-content-options
nosniff
server
nginx
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
x-amz-cf-id
vZcaQXGaRxRkefISHfjloQx2WUkhqENL6KRdFS9-rJox2XWNt0rzEQ==
x-xss-protection
1; mode=block
truncated
/ Frame C3F8 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c68434b11a4c672163dc814698ee835f428575d8f15eff202a40c72f6c899bd

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 51D5 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
744440ca1f334be54d7b7444896877115b313dfa9edc54e84a4842f547418e0f

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9249 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca26903b08c5dbde58146344bc4032d518bd62ef21cd4d7b36fc796f6377c9b8

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 9249 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6lW9fNQRYwXWytIu9E0ynLPRla0LUtovUyIa3M-k0pzizG6jpkTU_8dxWynBx0l5Io9aZPjb-GkL2E87MhXUAlqACrZNwN-AOkMYwUXShncvMsNKZFIfUqD52jTVyJwOXIFpBG6TVAKizKpXNI-QsPMyvP2nXQvhFOa4mHKrIqOO1DT5PNBrRaY7iAMvfT7yxZdmvgTVRAyVfx69RYP4I7K0MAJRE62OIQmXhPngEWn4rg1XOKp3SBPKRD9zmPUj_EGRoAVX5ePM6x6McZJrMWfemvul40VdPOEzvD8Jwe9eHcI_Ug3g&sai=AMfl-YT7qyBMb0SZw1Xhww5iLFzgO9w1GUA1LkIryHibY_98tadBK4JL_n9z1T80POrEVD0W2touycFNijmmEopEnCrQ-28XhFsilDbFYmk3bxgzEX0du2iRWonT5wYCizUpJdDUULMf0i7zvACiyGw&sig=Cg0ArKJSzO_BNsAwbqhEEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 20 Feb 2023 20:15:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C3F8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEwNt-e0U1TlauaBX0ALkMPyM4e2EqxfTS00pdqH9iI3niLp1T8Zg4ghCd0YIkJkI0cP3MbPq3w30338W4NixdUbtof9U0TO8tBJIZEJGz3xACkUNg55alBzpE1Z3XglCJAfKhKJDcU6skgQ3rdoEZzetSdYnypyNiQzsjwMbt3nnVrlG2VQarL5DVa3w4jWgrZ-tm_7pEnF74uV-iAqFJE6sN1DJxyrpYkAOo9d7TC7VN595v2IQXH-4FNGKfKqKS_ZwQbE8zm-A5WlMkjxUMGFKfGqu6kpQR-av28drZGvrAEcM&sai=AMfl-YR97tskpucyih9QhMqGHR5dr1Cp1jG2-nQnY9AIDu6ln54GqaTQWP_BXZWOZBRrXdNXASE09zUA3Fm6FJEEmXJ_aHaZFNAnJN1zubBuUFmwrTvIEjJP9dlGA7UWA_rZDv7dtnMn-pMN9Lv0gHM&sig=Cg0ArKJSzKU1kp4W-5JLEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 20 Feb 2023 20:15:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 51D5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3x7Q7vF5ZKJE24mHSqgl5cwNmXIWwfmGEzA6UqAtX_QeNNOQ6cTG6rSC7Y_VGSnKPUH094iMTQgNBZwn-fTAWAeWUdLtUoVoRPefkMFORA0AIqbuBU-XTkzAHiaGBDkOUaYyXQl83Ju0laqphH6-5ic2pXJpg3YqNZ_acN6HCZobJOBjYpd8NgqCA2-2_BOlDaVfqUAE1gt129zal824caFGH3_RCuSPHxk6xSsT7CKUGbCLmdXzSeIxHxwQtyV6UA5sShwFrfNj17CbaQzakYNFUWzL0sV_-i_DINBOkj-5ruXI&sai=AMfl-YSlFRwClU0HkJVUArIdzI0VmfUvwZyHz7CdigEKUEG0JVrRvJ2DBChN4P09Cynzhj8Yj84YnsiUQFUlcKKPMr8mEleXzcYMX-UYtXUeMHDrVBLchdLrAwuzdllkxGe27Wd3EHshPJF6sCn-FDI&sig=Cg0ArKJSzA8GbO8y6lttEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 20 Feb 2023 20:15:40 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
92ff8acf862a8ee91aa5ea56d27a1a211969d1afeaafa8ef20c61dd0bd51a097
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11238
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 20 Feb 2023 20:15:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9748 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turin.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

accept-ranges
bytes
age
1637
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Feb 2023 19:48:24 GMT
expires
Tue, 20 Feb 2024 19:48:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3E69 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
GSE /
Resource Hash
79ed0afc8d624cb81cac7ef252091d59ccede8b82acbd608775a6ddc0e16c2f8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hK3Io8yBtV8_PZroWEvIIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://turin.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-hK3Io8yBtV8_PZroWEvIIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 20 Feb 2023 20:15:41 GMT
expires
Mon, 20 Feb 2023 20:15:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js
pagead2.googlesyndication.com/bg/ Frame 9748 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 22:20:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
251684
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14287
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Feb 2024 22:20:57 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3E69 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021401&jk=549949644057857&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 9748 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SfZRPA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 20:15:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C3F8 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstu53rLF2EgsvViFNNr2FEi13WxLIU069MI6tXDhicA7vwdxvFas_urV5MSy5rlp51ULvrz30fLoCMTykgNxFkNor_imjMLhGCkjuAog5aKj-VecPel&sig=Cg0ArKJSzNQVV2R6ZmJGEAE&id=lidar2&mcvt=1000&p=283,310,523,1290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230215&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2815938035&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676924140237&rpt=388&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Feb 2023 20:15:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021401&jk=549949644057857&bg=!d3SldCDNAAZYlHKzeJQ7ADkAdvg8Wv_pBe8W75Je2Rw0j3-VOnykCKjmtRnUdkbQJv7YUswOmSraOvX_cTz34Y0HYorETEXvlGACAAAASVIAAAAFaAEHmQKfxUAwLSw58HxRFWRpst4rgOKd0A7IQ62gFlirYPNukGz0pxBTi3_M27sTj3_A_s9h_ZYnSpOyefBO6AcHUcvBXSgUQ_mSq9EFDP0a5KIdHy9JnZB8ZWFFVcXu2uFZfu6e7pxZHH01oSV-QxAJ5LEfteD3j4EF6JZ-18T8v6UPmtxIEnagcSD3qLnCTKCDbM7KgQP434WPzvT5q2FZSmO4w99KI7fIhoMnJCRJIPHRQzuNB-N3MiceaLgUl6CW5LvHckrMxERlCGuI9v49P4f41wOw3AOBNmxWDx0Fcz9Fg1ZoEoHuTDVoay7kEEt9dji5MDvfrwKyrSkXLPI2RHQcjVjNG8CcIXSS-VVN2x8lLoUENRL34FCfd6AHR7Bk4RfuL8o_WQUQz9fIqgga5Ze81eh8EpQu8aTNtqZDdbIdSNGwrgrdmhuNovHPpt2KIgVLWpiN_dm5TTG_4TAgv76v28_D5t594EE25Zrv9A_Uklii9kbF7JrQGXzWHDM4H4idJ6wb-Utjw8a3jmzWrsoFOg4Q81utKlON0xUgIb75acYM9VmPNZVqh1jeMIlYwJuf0kMsyFsB6_E3updCBsIgX_UUudoCcT1w3Ionc0RZ7_wi4P7gbUY4FHPSl78IqZn7y--lDEyFKlgdXyr6JRDrPz67QWz8uhG6oYJXdMFmUbRUtgKj5loOloa4ZUfCbke03f3mGVTS0FvcIpG3kLCDNhRDiv8-CN1BK7a_bJqP5ay95xTuRR5rP5On4iUPkus6JEE6o687pJMc0Mxg3d76GYlG4A36YIq9Sl-aew1DmyTjz53xx0qDtmwykv1_J7CrFfByH78qJzpxaduMg2AEs0Yp9VhmRxP622K7pBVISToXShxtXjjZtlZltLgCzyw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://turin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 boolean| credentialless object| oncontentvisibilityautostatechange object| googletag object| _wpemojiSettings undefined| $ function| jQuery object| wp string| GoogleAnalyticsObject function| ga object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue function| _i_ function| _r_ object| BookingAff object| __buffer boolean| __VIATOR_WIDGET_SCR undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
.turin.se/ Name: _ga
Value: GA1.2.996344736.1676924140
.turin.se/ Name: _gid
Value: GA1.2.1550304493.1676924140
.turin.se/ Name: _gat
Value: 1
www.viator.com/ Name: x-viator-tapersistentcookie-xs
Value: 75c55440-d40e-4300-a690-b6f775568de2
.turin.se/ Name: __gads
Value: ID=614ff9050c226d6b:T=1676924140:S=ALNI_MZSgUBYed482MpNfZtr3adXb2ySNg
.turin.se/ Name: __gpi
Value: UID=00000bb9e4ec83cd:T=1676924140:RT=1676924140:S=ALNI_MYJfbUh9_GbH8qTVl6oLmO7-b_PXA
.doubleclick.net/ Name: IDE
Value: AHWqTUnSMJ4_zilTsLN7_tDdFx3sPjgB6ttomQn5iGHy4eLw53Y_BnE5azJ7bk-R1hM
.booking.com/ Name: bkng
Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbof7CEiNviT9ENgRy49udZLwW0I%2FBYZ3lzMBPnOu1b%2B%2B7IQDmfF4spiGmQIoiTa7XMUZmdxYNI1T%2F3wPhHQZ37CaKBE6ecXSD9TtjVODr5FxIS%2Bb0hWpz01JQ%2FqAxq39MBlK35gNA0rfxGhnE5qy413SICqtaEJuVzV7q6FQLVJk%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

90556fd1f58aefb241bfb108944b0a7f.safeframe.googlesyndication.com
adservice.google.com
adservice.google.se
aff.bstatic.com
cache.vtrcdn.com
cf.bstatic.com
cms.dnh.se
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
media.tacdn.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
turin.se
www.booking.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.viator.com
108.138.7.29
108.138.7.94
13.32.99.76
142.250.181.226
142.250.181.228
142.250.184.195
142.250.184.226
142.250.185.226
142.250.185.234
142.250.185.98
142.250.186.142
142.250.186.65
142.250.186.97
151.101.194.38
157.240.252.13
159.253.31.225
23.196.235.140
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
176dacd85c26ed46a0ed4e3228efcd676d806cd9c4f3e306192c3f5d1a535248
1c68434b11a4c672163dc814698ee835f428575d8f15eff202a40c72f6c899bd
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
23c60bfca9bb325a2199489c77cd04040bcab6a7ead30499c11c032d56fc59ae
2f9c057b5aed2abf114ba274a2ad8eb27fcb11f0463042e189ae4b6692bcb29e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32724103c6bd2e21a844c1d6548574bb422c8e1c2bb8d8fe012bd65eef635f8e
3ae88f57f0348d9b11258f88926e791d4dc8dc66b365d8aca36cb731257b7fc0
424bf606a1d0dc5c56a2f54917c3cbc6af946e33785ab71e35bac0b28fc9e959
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e35868bc053b246f113e664259974c59088332b6071ab66b0769a291ff31206
50a440aab50876306fc12095b8a36f0977600daad24536847a22647c1dd1bcd6
50af0a5864489f17dda6dde4b13ce1b4cf80a479df9a5ce4d9a66c5e447c5704
51381d82a13e1182eb226b3810826622afcc373b56025717bbaf426e5bdd9c40
53966e4e310fbe0e51ab2a17f03541b6bcb48245bc52f0d4cd8bd25254e3e12a
54831eaec10c9149ed2632561bc0536ad1c44592841456a643f5fe80aa8228a7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57dd85466749e869c5958a2652e548673557a2390ec68490a353916353ecc74e
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5e511da3a4fb796a0757d341558c86fb123752f39c370f6dc1eef9bc4885bd31
601642ecd5e7a89187e12278ef792ecfe176c4553f7dc792557177a4048488e2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c5b4b9ec242595b62d10cc1055a6b2ff6db1e35c4fd5901b24e13fbc0affa3
69f81eea02cf09defcdb0c916f7ca869498f0d7045318c8ebfe469d2872cbbfa
6baf6a1a0557d6db52bc4e74c9235fdf8f67b3b190bcc511ffc170fc4d1b2f60
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d
6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90
6f98b1ce932df2e56a12a7fe7da4ad9d92ad798a90af8a9675fe61e52f028ba9
727b71610239254fbeb9000a4774cf87b96bdd0c7eab1b781d67aa916ab6426e
73e3373dd87b60c283233a183bd3cc1b240b0ce73a4aef4b50dcddb55c7d79f1
744440ca1f334be54d7b7444896877115b313dfa9edc54e84a4842f547418e0f
79ad62cbaee9a316c3fa2542a9ebd0dc7f829d9d9a6302f0da659cc63c6e8d47
79ed0afc8d624cb81cac7ef252091d59ccede8b82acbd608775a6ddc0e16c2f8
7f5fe73916522e2cb2187d96b81cad2a62839fc738661335d4392a0f83a749c0
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
92a20543f1709c850de287bb199219745add168a32cdd1e78e2fdba9085e7007
92ff8acf862a8ee91aa5ea56d27a1a211969d1afeaafa8ef20c61dd0bd51a097
957a3f0a8edc5329ea9712791c06875a157a8bb0b008571dc5edb290e53aa363
96e2446829c86000154b84ccd3d9748efe142a67e258d54c50d2c01b80c424bd
9afc14c1ac2584619b29bf2232f3ddd9da032d3acdf769e48ff7736f55a16e4e
9fef9054018362a5731aad936c42ce1c807c2eae305e03e48fba3d4dd2bed059
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a752b2b681dbe9ee104e92b370f37ce704d1c2ddb3d86507e71485393cf7298d
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
af04eab0c6afaf50894da76a85884b977235fac938bb5b4e2bce870eb96443ac
b40bd50a4795ccd4a8b88ff70fb14074d2f0bf599e072e98ccd302cfeb436b8a
b8228785bc1ff72ac36e3ca2a2b36c17da0b9e0883a3634564f85056701ad676
c06a8857b16252b8f321b69bd5cb4de1e31dfe7d532d5e4e1c8d56a9474ad3ef
c0f26e64dc9d9cc394d163cf49fca788ed6d6043e4fad07c93317be46d0c8ba8
ca26903b08c5dbde58146344bc4032d518bd62ef21cd4d7b36fc796f6377c9b8
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
da7cec1b9368c3c3c6ecdd18613157a1d81c19e1be2f2ab987499032b03d272f
de2429ef92fc6ecc3aa3be32c68c4160885934e82fbc066e1ed6963e0f3c3f9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c37aa402d060ff9a8c441cd6918a1859cb6358eee091d9b7a7a6b12447e74b
e57503c60213cd287e533d8c56a2679a70604a692b31de2e4200d29fe699edb0
ebc3fc891cc7bd661aec26bb1b8e9c164342cd847df24efc43a2fd4bb1449446
eee365ce46c9aad0ca475e54bbbc5209869a3816b82e8ced5ecbb0bb1d9f888c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e1196e3065094bdb2847fae2429a0bd8fadd83d36e122f142eee8bebb55333
f96f6dafa00b927a576a9488f4ba20e92622a0190ebc87472c7dfd060e3451d6
fd0370177238527421278d27eb652e22a25d20784438f81f114b09f5a349e06d