urlscan.io logo urlscan.io
SecurityTrails logo

finnformen.craft-dev.ibooking.no Open in urlscan Pro
188.166.162.27  Public Scan

Go To Rescan Add Verdict Report
URL: https://finnformen.craft-dev.ibooking.no/
Submission: On February 14 via automatic, source certstream-suspicious — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 45 HTTP transactions. The main IP is 188.166.162.27, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is finnformen.craft-dev.ibooking.no.
TLS certificate: Issued by R3 on February 14th 2023. Valid for: 3 months.
This is the only time finnformen.craft-dev.ibooking.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 188.166.162.27 14061 (DIGITALOC...)
2 172.217.23.106 15169 (GOOGLE)
3 104.18.11.207 13335 (CLOUDFLAR...)
1 151.101.129.229 54113 (FASTLY)
13 87.238.33.176 39029 (REDPILL-L...)
2 69.16.175.42 20446 (STACKPATH...)
1 157.240.253.35 32934 (FACEBOOK)
2 142.250.184.195 15169 (GOOGLE)
45 9
20    188.166.162.27 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: craft-dev.ibooking.no
finnformen.craft-dev.ibooking.no
2    172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f106.1e100.net
fonts.googleapis.com
3    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
netdna.bootstrapcdn.com
1    151.101.129.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
13    87.238.33.176 (Oslo, Norway)

ASN39029 (REDPILL-LINPRO Redpill Linpro, NO)
PTR: ibooking.no
ibooking.no
bronnoytrim.ibooking.no
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
1    157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com
www.facebook.com
2    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
33 ibooking.no
finnformen.craft-dev.ibooking.no
ibooking.no
bronnoytrim.ibooking.no
1 MB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1229
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 5982
86 KB
2 gstatic.com
fonts.gstatic.com
30 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 985
36 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 114
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 468
981 B
45 7
Domain Requested by
20 finnformen.craft-dev.ibooking.no finnformen.craft-dev.ibooking.no
code.jquery.com
12 bronnoytrim.ibooking.no finnformen.craft-dev.ibooking.no
bronnoytrim.ibooking.no
2 fonts.gstatic.com fonts.googleapis.com
2 code.jquery.com finnformen.craft-dev.ibooking.no
2 maxcdn.bootstrapcdn.com finnformen.craft-dev.ibooking.no
maxcdn.bootstrapcdn.com
2 fonts.googleapis.com finnformen.craft-dev.ibooking.no
bronnoytrim.ibooking.no
1 netdna.bootstrapcdn.com bronnoytrim.ibooking.no
1 www.facebook.com finnformen.craft-dev.ibooking.no
1 ibooking.no finnformen.craft-dev.ibooking.no
1 cdn.jsdelivr.net finnformen.craft-dev.ibooking.no
45 10

This site contains links to these domains. Also see Links.

Domain
bronnoytrim.ibooking.no
ibooking.no
Subject Issuer Validity Valid
finnformen.craft-dev.ibooking.no
R3		 2023-02-14 -
2023-05-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
ibooking.no
R3		 2022-12-29 -
2023-03-29		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-11-24 -
2023-02-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://finnformen.craft-dev.ibooking.no/
Frame ID: 76CB03A6F87FC1940D5E04F5F4C4C798
Requests: 29 HTTP requests in this frame

Frame: https://bronnoytrim.ibooking.no/?daily
Frame ID: DA58B3B99ADA47288A57E95711FBEC6F
Requests: 15 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D100089261736680&tabs=timeline&width=250&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 1850C983F8AEA8D492AC0A4ED3459D32
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[devMode] Velkommen til Stærsk | iBooking AS

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • (?:/yui/|yui\.yahooapis\.com)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

45
Requests

98 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

9
IPs

4
Countries

1562 kB
Transfer

2206 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
finnformen.craft-dev.ibooking.no/ 		422 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://finnformen.craft-dev.ibooking.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) / Craft CMS
Resource Hash
ea8afc1a3d2376dff87072bf477d2e826c308816c6b224335407f481790ec216

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
18222
Content-Type
text/html; charset=utf-8
Date
Tue, 14 Feb 2023 18:19:12 GMT
Expires
0
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
X-Powered-By
Craft CMS
charset
utf-8
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,600i
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f106.1e100.net
Software
ESF /
Resource Hash
e58f489fbda63c62c06628df73063481d61ae8c12c907dea6a5cde669318c4d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Feb 2023 18:19:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 18:19:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Feb 2023 18:19:13 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 18:19:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
632
age
21845505
cdn-cachedat
12/13/2021 21:25:06
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
8ac87b10825a6871d9cd076fc3a23e4f
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7997cf929ca40afa-OSL
cdn-requestpullsuccess
True
royalslider.css
finnformen.craft-dev.ibooking.no/lib/royalslider/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://finnformen.craft-dev.ibooking.no/lib/royalslider/royalslider.css
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
f599dadc7e2f8d6ba4e4a194028c32d6827c0ced935ae96d29e3db76de0d4033

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 18:19:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 12:20:36 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"105c-5eb3a00bc6f37-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1150
Expires
0
rs-default.css
finnformen.craft-dev.ibooking.no/lib/royalslider/skins/default/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://finnformen.craft-dev.ibooking.no/lib/royalslider/skins/default/rs-default.css
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
25079eb3df398a25e98882845b864dbc7ac72e51beefa30d67b7828ec32d8657

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 18:19:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 12:20:36 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"238e-5eb3a00bcadb7-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2127
Expires
0
lightbox.css
finnformen.craft-dev.ibooking.no/lib/lightbox/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://finnformen.craft-dev.ibooking.no/lib/lightbox/css/lightbox.css
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
b23fc3e24a4f8ca9e480761f1bdde949020ef4d1beaa18f475b0613dcce6329e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 18:19:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 12:20:36 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"f33-5eb3a00bc5f97-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1093
Expires
0
slick.css
cdn.jsdelivr.net/jquery.slick/1.6.0/ 		2 KB
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick.css
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Feb 2023 18:19:13 GMT
age
10065338
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
557
x-served-by
cache-fra-eddf8230064-FRA, cache-bma1634-BMA
etag
W/"6c1-bp0TNCoRqM/Z5C7iQ+rq4BzaTiU"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
styles.css
finnformen.craft-dev.ibooking.no/build/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://finnformen.craft-dev.ibooking.no/build/styles.css?v=2
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
70a22737948fcaaf71790ecc2668b1d4314410eb00c271eef61c294abdd80c3d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 18:19:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Nov 2022 07:48:34 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"582d-5ee46bfb1523f-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4140
Expires
0
ST%C3%86RSK-LOGO.jpg
finnformen.craft-dev.ibooking.no/library/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://finnformen.craft-dev.ibooking.no/library/ST%C3%86RSK-LOGO.jpg
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
b9c45a9c0116f8ff93dd4b7deca8ba9f063e0dc059d71ba42bd51bcbed0d8e32

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 18:19:13 GMT
Last-Modified
Fri, 25 Nov 2022 07:34:55 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"9e64-5ee468ed8376e"
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
40548
Expires
0
slide4.jpg
finnformen.craft-dev.ibooking.no/library/Ref/ 		243 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://finnformen.craft-dev.ibooking.no/library/Ref/slide4.jpg
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8ec4b4bb46a93f98125ca996473ee502ea136520b7128fe768701d98ff2462da

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 18:19:13 GMT
Last-Modified
Mon, 17 Oct 2022 12:20:36 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3cb9e-5eb3a00bd3a57"
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
248734
Expires
0
ibooking-logo-web.png
ibooking.no/images/logos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibooking.no/images/logos/ibooking-logo-web.png
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
87.238.33.176 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
ibooking.no
Software
Apache /
Resource Hash
ef4c4f6631535f680b586e21805062c7253660dbdd8f590167fe6f47f291d395

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 17:24:44 GMT
Via
1.1 varnish (Varnish/6.0)
Last-Modified
Fri, 05 May 2017 21:36:48 GMT
Server
Apache
Age
3269
ETag
"b5515fad7cdfd0f2a7fd38ecd49ec9cd"
X-Src-Loadbalancer
prodweb-osl4
X-Varnish
11415706 12052423
Content-Type
image/png
X-Appserver
prodweb-osl4
Cache-control
private
Accept-Ranges
bytes
Content-Length
7205
jquery-1.11.3.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.3.min.js
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 18:19:13 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-176d5"
vary
Accept-Encoding
x-hw
1676398753.dop230.sk1.t,1676398753.cds224.sk1.hn,1676398753.cds216.sk1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33261
jquery-migrate-1.2.1.min.js
code.jquery.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 18:19:13 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-1c1f"
vary
Accept-Encoding
x-hw
1676398753.dop230.sk1.t,1676398753.cds224.sk1.hn,1676398753.cds242.sk1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3063
jquery.royalslider.min.js
finnformen.craft-dev.ibooking.no/lib/royalslider/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://finnformen.craft-dev.ibooking.no/lib/royalslider/jquery.royalslider.min.js
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
bfff1b5c216ffc8dda6a5152853b9b75174d56ed0913b84df144c381cc1808cc

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 18:19:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 12:20:36 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"c674-5eb3a00bc6f37-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
16688
Expires
0
lightbox.js
finnformen.craft-dev.ibooking.no/lib/lightbox/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://finnformen.craft-dev.ibooking.no/lib/lightbox/js/lightbox.js
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
4b4faa31e441780851f21a798288b9076629b5195c6ae7cf4b903a5b66b245d8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 18:19:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 12:20:36 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"474a-5eb3a00bc5f97-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5110
Expires
0
bundle.js
finnformen.craft-dev.ibooking.no/build/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://finnformen.craft-dev.ibooking.no/build/bundle.js
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
d101fdc522af8dc1023ef31a782448d46ca64c7e775061bd71e2a06bda274425

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 18:19:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Nov 2022 07:48:34 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"ec6-5ee46bfb1523f-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1353
Expires
0
/
bronnoytrim.ibooking.no/ Frame DA58 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bronnoytrim.ibooking.no/?daily
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
87.238.33.176 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
ibooking.no
Software
Apache /
Resource Hash
25a5479c9770a3bcc16ef6e8a92cf5a7c36e9c07d59b2d65bd8094ef650b4504

Request headers

Referer
https://finnformen.craft-dev.ibooking.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Accept-Ranges
bytes
Age
0
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
5954
Content-Type
text/html;charset=iso-8859-1
Date
Tue, 14 Feb 2023 18:19:13 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Pragma
no-cache
Server
Apache
Via
1.1 varnish (Varnish/6.0)
X-Appserver
prodweb-osl3
X-Src-Loadbalancer
prodweb-osl2
X-Varnish
80732206
page.php
www.facebook.com/plugins/ Frame 1850 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D100089261736680&tabs=timeline&width=250&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://finnformen.craft-dev.ibooking.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Feb 2023 18:19:13 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
Ou10ftqqexck7xsy0G+gjBsKP64QiQx5P0VJYCL16BFDQPYFa4WSzv8Dt0Jq19jVpL5QKpaZGzX95F17KsWygQ==
x-fb-rlafr
0
x-frame-options
DENY
x-xss-protection
0
AdobeStock_280905594.jpeg
finnformen.craft-dev.ibooking.no/library/ 		213 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://finnformen.craft-dev.ibooking.no/library/AdobeStock_280905594.jpeg
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
cba5f0b8bc49a7b87329a0584af490b8d9a929be6bf333d02c4ac72d5adee69d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 18:19:13 GMT
Last-Modified
Thu, 22 Dec 2022 08:56:04 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"35596-5f066d6c6be7c"
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
218518
Expires
0
0005.jpg
finnformen.craft-dev.ibooking.no/library/Ref/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://finnformen.craft-dev.ibooking.no/library/Ref/0005.jpg
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
b31e8de3f311e3c641624a6d572bbd698ddfb7a681b132cad9df0167212fb73f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 18:19:13 GMT
Last-Modified
Mon, 17 Oct 2022 12:20:36 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1f795-5eb3a00bd5997"
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
128917
Expires
0
ST%C3%86RSK-LOGO.jpg
finnformen.craft-dev.ibooking.no/library/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://finnformen.craft-dev.ibooking.no/library/ST%C3%86RSK-LOGO.jpg
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
b9c45a9c0116f8ff93dd4b7deca8ba9f063e0dc059d71ba42bd51bcbed0d8e32

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 18:19:13 GMT
Last-Modified
Fri, 25 Nov 2022 07:34:55 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"9e64-5ee468ed8376e"
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
40548
Expires
0
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,600i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://finnformen.craft-dev.ibooking.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 14:06:25 GMT
x-content-type-options
nosniff
age
447169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Feb 2024 14:06:25 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin
https://finnformen.craft-dev.ibooking.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 18:19:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
756
cdn-cachedat
06/09/2022 10:24:04
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64464
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"4b5a84aaf1c9485e060c503a0ff8cadb"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
67a3b3fdf9764c72fd3cce3c0d8a9442
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7997cf960f31b517-OSL
cdn-requestpullsuccess
True
prev.png
finnformen.craft-dev.ibooking.no/lib/lightbox/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://finnformen.craft-dev.ibooking.no/lib/lightbox/images/prev.png
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/lib/lightbox/css/lightbox.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/lib/lightbox/css/lightbox.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 18:19:13 GMT
Last-Modified
Mon, 17 Oct 2022 12:20:36 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"550-5eb3a00bc5f97"
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1360
Expires
0
next.png
finnformen.craft-dev.ibooking.no/lib/lightbox/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://finnformen.craft-dev.ibooking.no/lib/lightbox/images/next.png
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/lib/lightbox/css/lightbox.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/lib/lightbox/css/lightbox.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 18:19:13 GMT
Last-Modified
Mon, 17 Oct 2022 12:20:36 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"546-5eb3a00bc5f97"
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1350
Expires
0
loading.gif
finnformen.craft-dev.ibooking.no/lib/lightbox/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://finnformen.craft-dev.ibooking.no/lib/lightbox/images/loading.gif
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/lib/lightbox/css/lightbox.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/lib/lightbox/css/lightbox.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 18:19:13 GMT
Last-Modified
Mon, 17 Oct 2022 12:20:36 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"211c-5eb3a00bc5f97"
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
8476
Expires
0
close.png
finnformen.craft-dev.ibooking.no/lib/lightbox/images/ 		280 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://finnformen.craft-dev.ibooking.no/lib/lightbox/images/close.png
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/lib/lightbox/css/lightbox.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/lib/lightbox/css/lightbox.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 18:19:14 GMT
Last-Modified
Mon, 17 Oct 2022 12:20:36 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"118-5eb3a00bc5f97"
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
280
Expires
0
grab.png
finnformen.craft-dev.ibooking.no/lib/royalslider/ 		99 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://finnformen.craft-dev.ibooking.no/lib/royalslider/grab.png
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/lib/royalslider/royalslider.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
0bbc958f25216ff5c2fe09e3acae81c47b34b1308a1899b9f4444b4577bd2204

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/lib/royalslider/royalslider.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 18:19:14 GMT
Last-Modified
Mon, 17 Oct 2022 12:20:36 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"63-5eb3a00bc5f97"
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
99
Expires
0
slide4.jpg
finnformen.craft-dev.ibooking.no/library/Ref/ 		243 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://finnformen.craft-dev.ibooking.no/library/Ref/slide4.jpg
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8ec4b4bb46a93f98125ca996473ee502ea136520b7128fe768701d98ff2462da

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 18:19:14 GMT
Last-Modified
Mon, 17 Oct 2022 12:20:36 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3cb9e-5eb3a00bd3a57"
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
248734
Expires
0
preloader-white.gif
finnformen.craft-dev.ibooking.no/lib/royalslider/skins/preloaders/ 		869 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://finnformen.craft-dev.ibooking.no/lib/royalslider/skins/preloaders/preloader-white.gif
Requested by
Host: finnformen.craft-dev.ibooking.no
URL: https://finnformen.craft-dev.ibooking.no/lib/royalslider/skins/default/rs-default.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.162.27 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
craft-dev.ibooking.no
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
6833f7524e9ca01f3d6bc9a0ebbaf5fcc75f54dc5455de86eed6580f6f583342

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/lib/royalslider/skins/default/rs-default.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 18:19:14 GMT
Last-Modified
Mon, 17 Oct 2022 12:20:36 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"365-5eb3a00bcdc97"
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
869
Expires
0
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://finnformen.craft-dev.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
default.css
bronnoytrim.ibooking.no/css/ Frame DA58 		15 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bronnoytrim.ibooking.no/css/default.css
Requested by
Host: bronnoytrim.ibooking.no
URL: https://bronnoytrim.ibooking.no/?daily
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
87.238.33.176 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
ibooking.no
Software
Apache /
Resource Hash
5da95910876656444890e25006bfa2f988d62013fdb376a1cdd214786bf70096

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bronnoytrim.ibooking.no/?daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 18:19:14 GMT
Via
1.1 varnish (Varnish/6.0)
Last-Modified
Fri, 10 Feb 2023 11:20:55 GMT
Server
Apache
Age
0
ETag
"3a9d-5f456b0e029a3"
X-Src-Loadbalancer
prodweb-osl2
X-Varnish
80732208
Content-Type
text/css
X-Appserver
prodweb-osl3
Accept-Ranges
bytes
Content-Length
15005
standard.css
bronnoytrim.ibooking.no/css/responsive/ Frame DA58 		13 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bronnoytrim.ibooking.no/css/responsive/standard.css
Requested by
Host: bronnoytrim.ibooking.no
URL: https://bronnoytrim.ibooking.no/?daily
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
87.238.33.176 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
ibooking.no
Software
Apache /
Resource Hash
0b635a6335da6360ab45239e73ff1d38adcb9e0f492191798acb837a55d88999

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bronnoytrim.ibooking.no/?daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 18:19:14 GMT
Via
1.1 varnish (Varnish/6.0)
Last-Modified
Fri, 10 Feb 2023 11:20:55 GMT
Server
Apache
Age
0
ETag
"3382-5f456b0e04ccb"
X-Src-Loadbalancer
prodweb-osl4
X-Varnish
83047882
Content-Type
text/css
X-Appserver
prodweb-osl3
Accept-Ranges
bytes
Content-Length
13186
yahoo.js
bronnoytrim.ibooking.no/js/yui/ Frame DA58 		32 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bronnoytrim.ibooking.no/js/yui/yahoo.js
Requested by
Host: bronnoytrim.ibooking.no
URL: https://bronnoytrim.ibooking.no/?daily
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
87.238.33.176 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
ibooking.no
Software
Apache /
Resource Hash
d26ac287200ce2aa0f4e83fc375bc54a127cc26d771f50b4049445bf12645dc9

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bronnoytrim.ibooking.no/?daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 18:19:14 GMT
Via
1.1 varnish (Varnish/6.0)
Last-Modified
Fri, 10 Feb 2023 11:20:55 GMT
Server
Apache
Age
0
ETag
"814e-5f456b0e8c0fb"
X-Src-Loadbalancer
prodweb-osl4
X-Varnish
83047886
Content-Type
application/javascript
X-Appserver
prodweb-osl3
Accept-Ranges
bytes
Content-Length
33102
dom.js
bronnoytrim.ibooking.no/js/yui/ Frame DA58 		47 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bronnoytrim.ibooking.no/js/yui/dom.js
Requested by
Host: bronnoytrim.ibooking.no
URL: https://bronnoytrim.ibooking.no/?daily
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
87.238.33.176 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
ibooking.no
Software
Apache /
Resource Hash
d723ec55e92d266a3e3b1b33666a8f88b1ecaf40e3f02d4fb86fd9d1297ba8a6

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bronnoytrim.ibooking.no/?daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 18:19:14 GMT
Via
1.1 varnish (Varnish/6.0)
Last-Modified
Fri, 10 Feb 2023 11:20:55 GMT
Server
Apache
Age
0
ETag
"bc87-5f456b0e8b15b"
X-Src-Loadbalancer
prodweb-osl2
X-Varnish
80732215
Content-Type
application/javascript
X-Appserver
prodweb-osl3
Accept-Ranges
bytes
Content-Length
48263
event.js
bronnoytrim.ibooking.no/js/yui/ Frame DA58 		81 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bronnoytrim.ibooking.no/js/yui/event.js
Requested by
Host: bronnoytrim.ibooking.no
URL: https://bronnoytrim.ibooking.no/?daily
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
87.238.33.176 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
ibooking.no
Software
Apache /
Resource Hash
17c0ba0e465b2cde220f94ce7a6fd21b10aa236a21493094460b4e68fa194182

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bronnoytrim.ibooking.no/?daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 18:19:14 GMT
Via
1.1 varnish (Varnish/6.0)
Last-Modified
Fri, 10 Feb 2023 11:20:55 GMT
Server
Apache
Age
0
ETag
"142a3-5f456b0e8b543"
X-Src-Loadbalancer
prodweb-osl4
X-Varnish
80732217
Content-Type
application/javascript
X-Appserver
prodweb-osl3
Accept-Ranges
bytes
Content-Length
82595
animation.js
bronnoytrim.ibooking.no/js/yui/ Frame DA58 		47 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bronnoytrim.ibooking.no/js/yui/animation.js
Requested by
Host: bronnoytrim.ibooking.no
URL: https://bronnoytrim.ibooking.no/?daily
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
87.238.33.176 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
ibooking.no
Software
Apache /
Resource Hash
8d2e07971b225e50d3873a496533d5ce181816256736ba3c0f3d49f6552a6411

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bronnoytrim.ibooking.no/?daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 18:19:14 GMT
Via
1.1 varnish (Varnish/6.0)
Last-Modified
Fri, 10 Feb 2023 11:20:55 GMT
Server
Apache
Age
0
ETag
"bb12-5f456b0e89602"
X-Src-Loadbalancer
prodweb-osl2
X-Varnish
83601852
Content-Type
application/javascript
X-Appserver
prodweb-osl3
Accept-Ranges
bytes
Content-Length
47890
jquery-1.3.2.js
bronnoytrim.ibooking.no/js/jquery_1.3.2/ Frame DA58 		118 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bronnoytrim.ibooking.no/js/jquery_1.3.2/jquery-1.3.2.js
Requested by
Host: bronnoytrim.ibooking.no
URL: https://bronnoytrim.ibooking.no/?daily
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
87.238.33.176 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
ibooking.no
Software
Apache /
Resource Hash
233a5d16bee5a64bf3bc19abe3cc812a1e0619435f01c163f628773a469ff719

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bronnoytrim.ibooking.no/?daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 18:19:14 GMT
Via
1.1 varnish (Varnish/6.0)
Last-Modified
Fri, 10 Feb 2023 11:20:55 GMT
Server
Apache
Age
0
ETag
"1d72b-5f456b0e79046"
X-Src-Loadbalancer
prodweb-osl2
X-Varnish
83601854
Content-Type
application/javascript
X-Appserver
prodweb-osl3
Accept-Ranges
bytes
Content-Length
120619
main.js
bronnoytrim.ibooking.no/js/ Frame DA58 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bronnoytrim.ibooking.no/js/main.js
Requested by
Host: bronnoytrim.ibooking.no
URL: https://bronnoytrim.ibooking.no/?daily
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
87.238.33.176 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
ibooking.no
Software
Apache /
Resource Hash
b028082360185524062f1d01b14c27c647565776e1f391bcd5d2b27a6d8b79de

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bronnoytrim.ibooking.no/?daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 18:19:14 GMT
Via
1.1 varnish (Varnish/6.0)
Last-Modified
Fri, 10 Feb 2023 11:20:55 GMT
Server
Apache
Age
0
ETag
"3d02-5f456b0e7a3cf"
X-Src-Loadbalancer
prodweb-osl4
X-Varnish
80732227
Content-Type
application/javascript
X-Appserver
prodweb-osl3
Accept-Ranges
bytes
Content-Length
15618
bootstrap.min.css
netdna.bootstrapcdn.com/bootstrap/3.0.0/css/ Frame DA58 		95 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.min.css
Requested by
Host: bronnoytrim.ibooking.no
URL: https://bronnoytrim.ibooking.no/?daily
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cbda21998b65e08a7e936114cabd7f7783d0f590dd6efdd58c7faa8b6e7b9aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bronnoytrim.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 18:19:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
755, 617, 617
age
21845004
cdn-cachedat
2021-07-30 10:24:04
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:55 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f5f5e47ed343b9346c8b5b898e62a245
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7997cf95cf5f0afa-OSL
cdn-requestpullsuccess
True
bootstrap-responsive.min.css
bronnoytrim.ibooking.no/js/bootstrap/css/ Frame DA58 		16 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bronnoytrim.ibooking.no/js/bootstrap/css/bootstrap-responsive.min.css
Requested by
Host: bronnoytrim.ibooking.no
URL: https://bronnoytrim.ibooking.no/?daily
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
87.238.33.176 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
ibooking.no
Software
Apache /
Resource Hash
76a06227945b3f8215623543deed9aef209aad313f90eb1ab3b7ed367d0c238c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bronnoytrim.ibooking.no/?daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 16:31:11 GMT
Via
1.1 varnish (Varnish/6.0)
Last-Modified
Fri, 10 Feb 2023 11:20:55 GMT
Server
Apache
Age
6482
ETag
"41d1-5f456b0e76166"
X-Src-Loadbalancer
prodweb-osl2
X-Varnish
80732210 82513663
Content-Type
text/css
X-Appserver
prodweb-osl3
Accept-Ranges
bytes
Content-Length
16849
css
fonts.googleapis.com/ Frame DA58 		3 KB
726 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: bronnoytrim.ibooking.no
URL: https://bronnoytrim.ibooking.no/?daily
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f106.1e100.net
Software
ESF /
Resource Hash
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bronnoytrim.ibooking.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Feb 2023 18:19:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 16:22:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Feb 2023 18:19:14 GMT
standard_print.css
bronnoytrim.ibooking.no/css/ Frame DA58 		406 B
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bronnoytrim.ibooking.no/css/standard_print.css
Requested by
Host: bronnoytrim.ibooking.no
URL: https://bronnoytrim.ibooking.no/?daily
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
87.238.33.176 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
ibooking.no
Software
Apache /
Resource Hash
a13da5e5638eb10ec5c3bc1adb1ae6d1c9361c47e7b80856d8927672b2842521

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bronnoytrim.ibooking.no/?daily
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 18:19:14 GMT
Via
1.1 varnish (Varnish/6.0)
Last-Modified
Fri, 10 Feb 2023 11:20:55 GMT
Server
Apache
Age
0
ETag
"196-5f456b0e0643b"
X-Src-Loadbalancer
prodweb-osl4
X-Varnish
83664413
Content-Type
text/css
X-Appserver
prodweb-osl3
Accept-Ranges
bytes
Content-Length
406
jquery-ui-1.8.16.custom.css
bronnoytrim.ibooking.no/css/jquery/humanity/ Frame DA58 		33 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bronnoytrim.ibooking.no/css/jquery/humanity/jquery-ui-1.8.16.custom.css
Requested by
Host: bronnoytrim.ibooking.no
URL: https://bronnoytrim.ibooking.no/css/default.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
87.238.33.176 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
ibooking.no
Software
Apache /
Resource Hash
1ee4a2431abf9c7780b69b99a6511cd2ea3250a04bc588b0cc6680e30158e1ac

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bronnoytrim.ibooking.no/css/default.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 18:19:14 GMT
Via
1.1 varnish (Varnish/6.0)
Last-Modified
Fri, 10 Feb 2023 11:20:55 GMT
Server
Apache
Age
0
ETag
"82a3-5f456b0e03943"
X-Src-Loadbalancer
prodweb-osl2
X-Varnish
80732211
Content-Type
text/css
X-Appserver
prodweb-osl3
Accept-Ranges
bytes
Content-Length
33443
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ Frame DA58 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bronnoytrim.ibooking.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 16:07:18 GMT
x-content-type-options
nosniff
age
439916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Feb 2024 16:07:18 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery object| lightbox object| jQuery1113038031969502476737 boolean| appended number| bMargin

4 Cookies

Domain/Path Name / Value
finnformen.craft-dev.ibooking.no/ Name: CraftSessionId
Value: p4jbbrgti9n29so9a76li0i0g7
ibooking.no/ Name: SERVERID
Value: pwo4|Y+vQp|Y+vQp
bronnoytrim.ibooking.no/ Name: PHPSESSID
Value: vga2fe3fcupcf135gv4imhe9u4
bronnoytrim.ibooking.no/ Name: SERVERID
Value: pwo3|Y+vQp|Y+vQp

1 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bronnoytrim.ibooking.no
cdn.jsdelivr.net
code.jquery.com
finnformen.craft-dev.ibooking.no
fonts.googleapis.com
fonts.gstatic.com
ibooking.no
maxcdn.bootstrapcdn.com
netdna.bootstrapcdn.com
www.facebook.com
104.18.11.207
142.250.184.195
151.101.129.229
157.240.253.35
172.217.23.106
188.166.162.27
69.16.175.42
87.238.33.176
0b635a6335da6360ab45239e73ff1d38adcb9e0f492191798acb837a55d88999
0bbc958f25216ff5c2fe09e3acae81c47b34b1308a1899b9f4444b4577bd2204
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
17c0ba0e465b2cde220f94ce7a6fd21b10aa236a21493094460b4e68fa194182
1cbda21998b65e08a7e936114cabd7f7783d0f590dd6efdd58c7faa8b6e7b9aa
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
1ee4a2431abf9c7780b69b99a6511cd2ea3250a04bc588b0cc6680e30158e1ac
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
233a5d16bee5a64bf3bc19abe3cc812a1e0619435f01c163f628773a469ff719
25079eb3df398a25e98882845b864dbc7ac72e51beefa30d67b7828ec32d8657
25a5479c9770a3bcc16ef6e8a92cf5a7c36e9c07d59b2d65bd8094ef650b4504
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
4b4faa31e441780851f21a798288b9076629b5195c6ae7cf4b903a5b66b245d8
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
5da95910876656444890e25006bfa2f988d62013fdb376a1cdd214786bf70096
6833f7524e9ca01f3d6bc9a0ebbaf5fcc75f54dc5455de86eed6580f6f583342
70a22737948fcaaf71790ecc2668b1d4314410eb00c271eef61c294abdd80c3d
76a06227945b3f8215623543deed9aef209aad313f90eb1ab3b7ed367d0c238c
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
8d2e07971b225e50d3873a496533d5ce181816256736ba3c0f3d49f6552a6411
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
8ec4b4bb46a93f98125ca996473ee502ea136520b7128fe768701d98ff2462da
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
a13da5e5638eb10ec5c3bc1adb1ae6d1c9361c47e7b80856d8927672b2842521
b028082360185524062f1d01b14c27c647565776e1f391bcd5d2b27a6d8b79de
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23fc3e24a4f8ca9e480761f1bdde949020ef4d1beaa18f475b0613dcce6329e
b31e8de3f311e3c641624a6d572bbd698ddfb7a681b132cad9df0167212fb73f
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b9c45a9c0116f8ff93dd4b7deca8ba9f063e0dc059d71ba42bd51bcbed0d8e32
bfff1b5c216ffc8dda6a5152853b9b75174d56ed0913b84df144c381cc1808cc
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
cba5f0b8bc49a7b87329a0584af490b8d9a929be6bf333d02c4ac72d5adee69d
d101fdc522af8dc1023ef31a782448d46ca64c7e775061bd71e2a06bda274425
d26ac287200ce2aa0f4e83fc375bc54a127cc26d771f50b4049445bf12645dc9
d723ec55e92d266a3e3b1b33666a8f88b1ecaf40e3f02d4fb86fd9d1297ba8a6
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58f489fbda63c62c06628df73063481d61ae8c12c907dea6a5cde669318c4d0
ea8afc1a3d2376dff87072bf477d2e826c308816c6b224335407f481790ec216
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef4c4f6631535f680b586e21805062c7253660dbdd8f590167fe6f47f291d395
f599dadc7e2f8d6ba4e4a194028c32d6827c0ced935ae96d29e3db76de0d4033