urlscan.io logo urlscan.io
SecurityTrails logo

mobile.tallink.com Open in urlscan Pro
91.195.246.113  Public Scan

Go To Rescan Add Verdict Report
URL: https://mobile.tallink.com/
Submission: On July 22 via manual from NO — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 58 IPs in 13 countries across 67 domains to perform 159 HTTP transactions. The main IP is 91.195.246.113, located in Haabneeme, Estonia and belongs to TALLINK-AS, EE. The main domain is mobile.tallink.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 26th 2021. Valid for: a year.
This is the only time mobile.tallink.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 91.195.246.113 43958 (TALLINK-AS)
19 23.35.236.237 16625 (AKAMAI-AS)
2 4 52.208.83.22 16509 (AMAZON-02)
4 91.195.246.112 43958 (TALLINK-AS)
12 91.195.247.11 43958 (TALLINK-AS)
1 142.250.186.78 15169 (GOOGLE)
14 18.198.176.183 16509 (AMAZON-02)
1 13.225.78.91 16509 (AMAZON-02)
1 2.21.20.155 20940 (AKAMAI-ASN1)
3 204.79.197.200 8068 (MICROSOFT...)
4 23.36.163.249 20940 (AKAMAI-ASN1)
1 37.157.2.248 198622 (ADFORM)
1 3.248.150.209 16509 (AMAZON-02)
3 15.236.176.210 16509 (AMAZON-02)
1 1 34.250.43.187 16509 (AMAZON-02)
1 52.49.242.9 16509 (AMAZON-02)
1 3 37.157.6.247 198622 (ADFORM)
2 157.240.236.1 32934 (FACEBOOK)
2 87.240.190.67 47541 (VKONTAKTE...)
7 9 77.243.60.138 42697 (NETIC-AS)
2 142.250.186.168 15169 (GOOGLE)
1 13.225.78.118 16509 (AMAZON-02)
1 2 13.107.43.14 8068 (MICROSOFT...)
1 1 13.107.42.14 8068 (MICROSOFT...)
1 15 37.157.4.29 198622 (ADFORM)
1 2 54.77.56.172 16509 (AMAZON-02)
1 96.16.132.239 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
2 2 3.66.94.139 16509 (AMAZON-02)
1 1 185.86.139.113 201081 (SMARTADSE...)
1 3 3.126.56.137 16509 (AMAZON-02)
1 2.16.2.74 20940 (AKAMAI-ASN1)
2 2 52.59.173.142 16509 (AMAZON-02)
1 2 104.18.18.126 13335 (CLOUDFLAR...)
4 5 37.252.173.27 29990 (ASN-APPNEX)
2 2 2.23.8.237 16625 (AKAMAI-AS)
7 7 142.250.181.226 15169 (GOOGLE)
1 1 13.225.78.23 16509 (AMAZON-02)
1 52.57.150.20 16509 (AMAZON-02)
1 34.254.143.3 16509 (AMAZON-02)
2 3 35.244.174.68 15169 (GOOGLE)
2 3 52.17.214.109 16509 (AMAZON-02)
2 104.64.127.92 16625 (AKAMAI-AS)
1 34.98.64.218 15169 (GOOGLE)
1 1 52.17.154.165 16509 (AMAZON-02)
1 52.218.20.124 16509 (AMAZON-02)
2 2 15.235.15.221 16276 (OVH)
1 2 104.22.25.87 13335 (CLOUDFLAR...)
1 193.135.9.135 48314 (IP-PROJECTS)
1 63.34.135.249 16509 (AMAZON-02)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 13.225.78.87 16509 (AMAZON-02)
2 3 54.89.128.231 14618 (AMAZON-AES)
1 1 18.156.126.13 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 52.59.94.57 16509 (AMAZON-02)
1 52.223.40.198 16509 (AMAZON-02)
1 141.95.98.68 16276 (OVH)
2 2 35.190.24.218 15169 (GOOGLE)
1 2.23.9.94 16625 (AKAMAI-AS)
1 2 78.46.100.125 24940 (HETZNER-AS)
2 2 13.224.189.75 16509 (AMAZON-02)
2 3 213.19.147.44 26120 (RHYTHMONE)
2 2 35.227.248.159 15169 (GOOGLE)
1 46.19.11.36 51790 (SIEL)
1 76.223.111.18 16509 (AMAZON-02)
1 3.121.203.93 16509 (AMAZON-02)
1 142.250.185.162 15169 (GOOGLE)
2 157.240.236.35 32934 (FACEBOOK)
1 142.250.186.130 15169 (GOOGLE)
1 7 91.195.246.103 43958 (TALLINK-AS)
1 142.250.185.68 15169 (GOOGLE)
1 142.250.186.131 15169 (GOOGLE)
159 58
22    91.195.246.113 (Haabneeme, Estonia)

ASN43958 (TALLINK-AS, EE)
mobile.tallink.com
19    23.35.236.237 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-237.deploy.static.akamaitechnologies.com
assets.adobedtm.com
4    52.208.83.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-83-22.eu-west-1.compute.amazonaws.com
dpm.demdex.net
4    91.195.246.112 (Haabneeme, Estonia)

ASN43958 (TALLINK-AS, EE)
PTR: websvctest.tallinksilja.com
sso.tallink.com
12    91.195.247.11 (Haabneeme, Estonia)

ASN43958 (TALLINK-AS, EE)
booking.tallink.com
1    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
www.google-analytics.com
14    18.198.176.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-176-183.eu-central-1.compute.amazonaws.com
widget.alphablues.com
bots.alphablues.com
1    13.225.78.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-91.fra2.r.cloudfront.net
cdn.adt356.com
1    2.21.20.155 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-155.deploy.static.akamaitechnologies.com
snap.licdn.com
3    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
bat.bing.com
4    23.36.163.249 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-249.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
1    3.248.150.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-150-209.eu-west-1.compute.amazonaws.com
tallinksailja.demdex.net
3    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
saa.tallink.com
1    34.250.43.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-43-187.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    52.49.242.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-242-9.eu-west-1.compute.amazonaws.com
tallinksiljaoy.tt.omtrdc.net
3    37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
server.seadform.net
2    157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net
connect.facebook.net
2    87.240.190.67 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv67-190-240-87.vk.com
vk.com
9    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uip.semasio.net
uipglob.semasio.net
se.semasio.net
2    142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net
www.googletagmanager.com
1    13.225.78.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-118.fra2.r.cloudfront.net
adtr.io
2    13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
15    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
2    54.77.56.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-56-172.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    3.66.94.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-94-139.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2.16.2.74 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-2-74.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    52.59.173.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-173-142.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
5    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    2.23.8.237 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-8-237.deploy.static.akamaitechnologies.com
pixel.mathtag.com
7    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
1    13.225.78.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-23.fra2.r.cloudfront.net
redirect.userreport.com
1    52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadm.exelator.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
3    52.17.214.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-214-109.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    104.64.127.92 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-127-92.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
eu-u.openx.net
1    52.17.154.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-154-165.eu-west-1.compute.amazonaws.com
api.adrtx.net
1    52.218.20.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
2    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
2    104.22.25.87 (None, )

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    193.135.9.135 (Germany)

ASN48314 (IP-PROJECTS, DE)
cm.adsafety.net
1    63.34.135.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-135-249.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    13.225.78.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-87.fra2.r.cloudfront.net
pdw-adf.userreport.com
3    54.89.128.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-128-231.compute-1.amazonaws.com
a.audrte.com
1    18.156.126.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-126-13.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    85.114.159.93 (Rottweil, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    52.59.94.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-94-57.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    141.95.98.68 (France)

ASN16276 (OVH, FR)
PTR: ns3216657.ip-141-95-98.eu
id5-sync.com
2    35.190.24.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
1    2.23.9.94 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-9-94.deploy.static.akamaitechnologies.com
sync.teads.tv
2    78.46.100.125 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de
sync.1dmp.io
2    13.224.189.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-75.fra2.r.cloudfront.net
s.ad.smaato.net
3    213.19.147.44 (Beverwijk, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si
match.contentexchange.me
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    3.121.203.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-203-93.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googleadservices.com
2    157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com
www.facebook.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads.g.doubleclick.net
7    91.195.246.103 (Haabneeme, Estonia)

ASN43958 (TALLINK-AS, EE)
www.tallinksilja.com
en.tallink.com
www.tallink.com
1    142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net
www.google.com
1    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
www.google.no
Apex Domain
Subdomains		 Transfer
47 tallink.com
mobile.tallink.com
sso.tallink.com
booking.tallink.com
saa.tallink.com
en.tallink.com
www.tallink.com
1 MB
19 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 412
136 KB
18 adform.net
s2.adform.net — Cisco Umbrella Rank: 5687
track.adform.net — Cisco Umbrella Rank: 3758
c1.adform.net — Cisco Umbrella Rank: 606
dmp.adform.net — Cisco Umbrella Rank: 4506
40 KB
14 alphablues.com
widget.alphablues.com
bots.alphablues.com
163 KB
9 semasio.net
uip.semasio.net — Cisco Umbrella Rank: 19185
uipglob.semasio.net — Cisco Umbrella Rank: 1065
se.semasio.net — Cisco Umbrella Rank: 25455
5 KB
8 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
3 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 234
secure.adnxs.com — Cisco Umbrella Rank: 430
5 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 186
tallinksailja.demdex.net
7 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 919
73 KB
3 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2290
5 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 720
806 B
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 324
548 B
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 285
619 B
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 371
www.linkedin.com — Cisco Umbrella Rank: 472
3 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 344
12 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
556 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 451
581 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 543
686 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 675
1 KB
2 1dmp.io
sync.1dmp.io — Cisco Umbrella Rank: 12359
809 B
2 weborama.fr
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10303
529 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 792
1 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1792
mwzeom.zeotap.com — Cisco Umbrella Rank: 1448
888 B
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3919
953 B
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 471
654 B
2 userreport.com
redirect.userreport.com
pdw-adf.userreport.com — Cisco Umbrella Rank: 17145
824 B
2 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 971
1 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
1 KB
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 1642
693 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 650
824 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
102 KB
2 vk.com
vk.com — Cisco Umbrella Rank: 5436
24 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
110 KB
1 google.no
www.google.no — Cisco Umbrella Rank: 26064
548 B
1 google.com
www.google.com — Cisco Umbrella Rank: 10
548 B
1 tallinksilja.com
www.tallinksilja.com
268 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 125
15 KB
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 1018
134 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 400
140 B
1 contentexchange.me
match.contentexchange.me — Cisco Umbrella Rank: 20139
49 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1214
378 B
1 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 939
172 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 546
1 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 362
265 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1672
456 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 447
490 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 604
447 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 462
338 B
1 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 4724
229 B
1 amazonaws.com
s3-eu-west-1.amazonaws.com
390 B
1 adrtx.net
api.adrtx.net — Cisco Umbrella Rank: 21386
406 B
1 openx.net
eu-u.openx.net — Cisco Umbrella Rank: 2116
275 B
1 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1287
324 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 945
344 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 633
714 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 626
669 B
1 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 703
214 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 1779
522 B
1 seadform.net
server.seadform.net — Cisco Umbrella Rank: 27457
343 B
1 adtr.io
adtr.io — Cisco Umbrella Rank: 321092
5 KB
1 omtrdc.net
tallinksiljaoy.tt.omtrdc.net
723 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 810
517 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 738
3 KB
1 adt356.com
cdn.adt356.com — Cisco Umbrella Rank: 863283
5 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
0 ib-ibi.com Failed
global.ib-ibi.com Failed
159 67
Domain Requested by
22 mobile.tallink.com mobile.tallink.com
19 assets.adobedtm.com mobile.tallink.com
assets.adobedtm.com
12 c1.adform.net 1 redirects track.adform.net
c1.adform.net
12 booking.tallink.com mobile.tallink.com
7 cm.g.doubleclick.net 7 redirects
7 bots.alphablues.com widget.alphablues.com
7 widget.alphablues.com mobile.tallink.com
widget.alphablues.com
client
bots.alphablues.com
5 www.tallink.com en.tallink.com
4 se.semasio.net 4 redirects
4 analytics.tiktok.com mobile.tallink.com
analytics.tiktok.com
4 sso.tallink.com mobile.tallink.com
sso.tallink.com
4 dpm.demdex.net 2 redirects mobile.tallink.com
3 dmp.adform.net c1.adform.net
3 a.audrte.com 2 redirects c1.adform.net
3 secure.adnxs.com 2 redirects c1.adform.net
3 sync.crwdcntrl.net 2 redirects c1.adform.net
3 idsync.rlcdn.com 2 redirects c1.adform.net
3 ups.analytics.yahoo.com 1 redirects c1.adform.net
3 uip.semasio.net 1 redirects mobile.tallink.com
c1.adform.net
3 saa.tallink.com assets.adobedtm.com
3 bat.bing.com mobile.tallink.com
bat.bing.com
2 www.facebook.com mobile.tallink.com
2 pixel.tapad.com 2 redirects
2 sync.1rx.io 2 redirects
2 s.ad.smaato.net 2 redirects
2 sync.1dmp.io 1 redirects c1.adform.net
2 redirect.frontend.weborama.fr 2 redirects
2 pm.w55c.net 2 redirects
2 pixel.onaudience.com 2 redirects
2 tags.bluekai.com c1.adform.net
2 pixel.mathtag.com 2 redirects
2 ib.adnxs.com 2 redirects
2 uipglob.semasio.net 2 redirects
2 dsum-sec.casalemedia.com 1 redirects c1.adform.net
2 x.bidswitch.net 2 redirects
2 ih.adscale.de 2 redirects
2 ad.360yield.com 1 redirects c1.adform.net
2 px.ads.linkedin.com 1 redirects mobile.tallink.com
2 www.googletagmanager.com mobile.tallink.com
www.googletagmanager.com
2 vk.com mobile.tallink.com
2 connect.facebook.net mobile.tallink.com
connect.facebook.net
2 track.adform.net 1 redirects mobile.tallink.com
1 www.google.no mobile.tallink.com
1 www.google.com mobile.tallink.com
1 en.tallink.com client
1 www.tallinksilja.com 1 redirects
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 e1.emxdgt.com c1.adform.net
1 eb2.3lift.com c1.adform.net
1 match.contentexchange.me c1.adform.net
1 sync.targeting.unrulymedia.com c1.adform.net
1 sync.teads.tv c1.adform.net
1 id5-sync.com c1.adform.net
1 match.adsrvr.org c1.adform.net
1 dsp.adfarm1.adition.com 1 redirects
1 aa.agkn.com 1 redirects
1 pdw-adf.userreport.com c1.adform.net
1 simage2.pubmatic.com c1.adform.net
1 beacon.krxd.net c1.adform.net
1 cm.adsafety.net c1.adform.net
1 mwzeom.zeotap.com c1.adform.net
1 spl.zeotap.com 1 redirects
1 s3-eu-west-1.amazonaws.com c1.adform.net
1 api.adrtx.net 1 redirects
1 eu-u.openx.net c1.adform.net
1 loadm.exelator.com c1.adform.net
1 ps.eyeota.net c1.adform.net
1 redirect.userreport.com 1 redirects
1 ads.stickyadstv.com c1.adform.net
1 rtb-csync.smartadserver.com 1 redirects
1 token.rubiconproject.com c1.adform.net
1 ad.yieldlab.net c1.adform.net
1 server.seadform.net mobile.tallink.com
1 www.linkedin.com 1 redirects
1 adtr.io mobile.tallink.com
1 tallinksiljaoy.tt.omtrdc.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 tallinksailja.demdex.net assets.adobedtm.com
1 s2.adform.net mobile.tallink.com
1 snap.licdn.com mobile.tallink.com
1 cdn.adt356.com mobile.tallink.com
1 www.google-analytics.com mobile.tallink.com
0 global.ib-ibi.com Failed c1.adform.net
159 84

This site contains no links.

Subject Issuer Validity Valid
*.tallink.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-26 -
2022-09-01		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
widget.alphablues.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
cdn.adt356.com
Amazon		 2022-01-28 -
2023-02-26		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-06-10 -
2022-12-10		 6 months crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
saa.tallink.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-08 -
2023-05-09		 a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-11 -
2022-10-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-30 -
2022-07-29		 3 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-03-18 -
2023-04-03		 a year crt.sh
adtr.io
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.seadform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-11-04		 a year crt.sh
bots.alphablues.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.yieldlab.net
DigiCert SHA2 Secure Server CA		 2022-01-14 -
2023-01-13		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2022-03-18 -
2023-03-18		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.adsafety.net
R3		 2022-05-17 -
2022-08-15		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.userreport.com
Amazon		 2022-01-19 -
2023-02-17		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.id5-sync.com
R3		 2022-05-31 -
2022-08-29		 3 months crt.sh
teads.tv
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
*.contentexchange.me
Sectigo RSA Domain Validation Secure Server CA		 2022-05-31 -
2023-06-04		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2022-05-18 -
2023-06-19		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.google.no
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://mobile.tallink.com/
Frame ID: 02CEBE1138A758E22DC863FC3DBD3F02
Requests: 103 HTTP requests in this frame

Frame: https://tallinksailja.demdex.net/dest5.html?d_nsid=0
Frame ID: 5ABE1A84A18B91F39F47EF8AE3C77DE8
Requests: 1 HTTP requests in this frame

Frame: https://sso.tallink.com/component/shared.html
Frame ID: DF667F1A24AB22AA13E408BE27F968FE
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Frame ID: 7545EBE4BAC00006460F65CF5E52BF17
Requests: 46 HTTP requests in this frame

Frame: https://bots.alphablues.com/tallink-alphachat-se-agent/enduser.html?id=uUPsXCVuC7
Frame ID: 0346279DC64E5C06B739FDD65AFAFF41
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mobile Booking - Tallink Silja

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

159
Requests

81 %
HTTPS

0 %
IPv6

67
Domains

84
Subdomains

58
IPs

13
Countries

1805 kB
Transfer

5049 kB
Size

110
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AE8B5AD7591AC1560A495D25%40AdobeOrg&d_nsid=0&ts=1658485781036 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AE8B5AD7591AC1560A495D25%40AdobeOrg&d_nsid=0&ts=1658485781036
Request Chain 48
  • https://cm.everesttech.net/cm/dd?d_uuid=56117617926340130490334703289586749923 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ytp8FQAAALowbgNx
Request Chain 56
  • https://track.adform.net/Serving/TrackPoint/?pm=1974007&ADFPageName=Mobile%20Booking%20-%20Tallink%20Silja&ADFdivider=%7C&ord=57041386988&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fmobile.tallink.com%2F HTTP 302
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1974007&ADFPageName=Mobile%20Booking%20-%20Tallink%20Silja&ADFdivider=%7C&ord=57041386988&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fmobile.tallink.com%2F
Request Chain 60
  • https://uip.semasio.net/omdseomg/1/info?_ignore=32770172349093470&sType=track&nTrackingPointId=57662&_referrer=https%3A//mobile.tallink.com/ HTTP 302
  • https://uip.semasio.net/omdseomg/1/info2?_ignore=32770172349093470&sType=track&nTrackingPointId=57662&_referrer=https%3A//mobile.tallink.com/
Request Chain 77
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3678738&time=1658485781746&url=https%3A%2F%2Fmobile.tallink.com%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3678738%26time%3D1658485781746%26url%3Dhttps%253A%252F%252Fmobile.tallink.com%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3678738&time=1658485781746&url=https%3A%2F%2Fmobile.tallink.com%2F&liSync=true
Request Chain 90
  • https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=2194554243883020945&Expiration=1659695382 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2194554243883020945&Expiration=1659695382
Request Chain 93
  • https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2194554243883020945&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
  • https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2194554243883020945&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=ecb4ef10d5414525a12960fe22bf8438 HTTP 307
  • https://c1.adform.net/serving/cookie/match?party=9&uid=b1864db5fb81e7cbb06796ab3845b2ea9771180c1faadbbc5a7bfd29d735b7bb
Request Chain 94
  • https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=2194554243883020945&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=10&cid=7597453231756842418
Request Chain 95
  • https://ups.analytics.yahoo.com/ups/55944/sync?uid=2194554243883020945&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55944/sync?uid=2194554243883020945&_origin=1&verify=true
Request Chain 97
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2194554243883020945 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=2194554243883020945 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55859/sync?uid=9c934afc-6362-4ced-8d7c-8d9a56949b67&_origin=1&gdpr=&gdpr_consent=
Request Chain 98
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2194554243883020945&expiration=1659695382 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2194554243883020945&expiration=1659695382&C=1
Request Chain 99
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2194554243883020945&sInitiator=external HTTP 302
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=2194554243883020945&gdpr=&gdpr_consent=&sInitiator=external HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fse.semasio.net%252Fsync%252F1%252F4354957%253FsExtCookieId%253D%2524UID%2526sInitiator%253Dinternal%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=5359363223064234172&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal HTTP 302
  • https://se.semasio.net/sync/1/14876172?sExtCookieId=9f7062da-7c17-4f00-b4b3-0af6a1d214c1&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NENERUQzQzhGMDZCQTVE&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESENrSJIU5Cxgh1OpXknHSBos&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&google_cver=1 HTTP 302
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESENrSJIU5Cxgh1OpXknHSBos&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://redirect.userreport.com/cs/1/4CDED3C8F06BA5D&gdpr_consent= HTTP 301
  • https://uip.semasio.net/userreport/1/info
Request Chain 102
  • https://idsync.rlcdn.com/398366.gif?partner_uid=2194554243883020945 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTMjE5NDU1NDI0Mzg4MzAyMDk0NRAAGg0IlvjplgYSBQjoBxAAQgBKAA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESECFEs9Ia9c-hb0qAotDUuIo&google_cver=1
Request Chain 103
  • https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2194554243883020945/gdpr=/gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2194554243883020945/gdpr=/gdpr_consent=
Request Chain 106
  • https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Request Chain 107
  • https://pixel.onaudience.com/?mapped=2194554243883020945&partner=68 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=31cacb0c26169307/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=31cacb0c26169307 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f162b2a6-4665-4175-6265-d8b914dddc95&reqId=b6d675f6-2902-4345-6685-f1c2eb0aba19&zcluid=31cacb0c26169307&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEB_S48y3emc7DMwBiNRYQ88&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f162b2a6-4665-4175-6265-d8b914dddc95&reqId=b6d675f6-2902-4345-6685-f1c2eb0aba19&zcluid=31cacb0c26169307&zdid=1332
Request Chain 110
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MjE5NDU1NDI0Mzg4MzAyMDk0NQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=MjE5NDU1NDI0Mzg4MzAyMDk0NQ&google_tc= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPFmqGSVXVWtPBzFkOJT7Po&google_cver=1&google_ula=1641347,0
Request Chain 111
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=3&id=6716139883379384542&redirect=1 HTTP 302
  • https://secure.adnxs.com/setuid?entity=91&code=2194554243883020945
Request Chain 115
  • https://a.audrte.com/a?adform_uid=2194554243883020945 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEK_SCZJZzoHI8PwGIwR79iA&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 116
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2194554243883020945&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=56117617926340130490334703289586749923&noredirect=1
Request Chain 117
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2194554243883020945 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216393104220001534100
Request Chain 118
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7123142198869162130
Request Chain 120
  • https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1066&cid=ca6b62da-7c17-4e00-a31e-6ec93a7f8d5e
Request Chain 121
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=FtSEHHzs1OePUH5
Request Chain 125
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3706456862 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=U83MHfXMkwm9EEnv/v4naO
Request Chain 127
  • https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2194554243883020945 HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2194554243883020945&cs=1
Request Chain 128
  • https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=2194554243883020945 HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=2194554243883020945&cookieCheck=1 HTTP 302
  • https://sync.1rx.io/usersync/smaato/e8844768 HTTP 302
  • https://sync.1rx.io/usersync/smaato/e8844768?zcc=1&cb=1658485784046 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-82e306e1-ea60-4aa5-a1de-e0656dac88ae-003
Request Chain 129
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=2194554243883020945&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=2194554243883020945&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=2007&cid=6e9e2c89-14eb-41bb-8de0-ffcd8f6ea148
Request Chain 148
  • https://www.tallinksilja.com/documents/10192/130226512/tallink.css HTTP 301
  • https://en.tallink.com/documents/10192/130226512/tallink.css

159 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mobile.tallink.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
394576274f2c628321556543e6184d7ba9d4541f91f543c9cdf16bd62cf33810
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
995
content-type
text/html; charset=UTF-8
date
Fri, 22 Jul 2022 10:29:40 GMT
etag
W/"6f0-1815bbd0ff0"
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
vary
Accept-Encoding
x-frame-options
DENY
x-sw-bes
220.28151
launch-ENac5388c3787d4490accffc171ee4cfde.min.js
assets.adobedtm.com/ 		408 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ebf846fc68020263eb67fec2762536bf5be135b4cdf5a7a0fc19c4dd3c264b6c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:40 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:42:38 GMT
server
AkamaiNetStorage
etag
"af590b520be80f80df3d99f434b8299a:1657708958.541539"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mobile.tallink.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
103423
expires
Fri, 22 Jul 2022 11:29:40 GMT
booking~confirmation.1cbc3f97.chunk.css
mobile.tallink.com/static/css/ 		279 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mobile.tallink.com/static/css/booking~confirmation.1cbc3f97.chunk.css
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
818fe21a333a0d76a795b0582aa5dadfec2dc8059ad0d3e0317ce88673f73707

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:40 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"45a65-1815bbd0ff0"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
61702
runtime~booking.2817ae12.js
mobile.tallink.com/static/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mobile.tallink.com/static/js/runtime~booking.2817ae12.js
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
de2df4412720965ff8980e4f4b5d257a2f475006559bda76ba15f60aa44ce213

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:40 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"5d6-1815bbd0ff0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
927
vendors~booking.99133ba3.chunk.js
mobile.tallink.com/static/js/ 		124 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mobile.tallink.com/static/js/vendors~booking.99133ba3.chunk.js
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
742f40e182d8ab157a7f545d35a7d3ab3831913b74c7eed21c14b1a8b5c3c68b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:40 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"1f0d8-1815bbd0ff0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
54322
booking~confirmation.d39a8ed0.chunk.js
mobile.tallink.com/static/js/ 		1 KB
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mobile.tallink.com/static/js/booking~confirmation.d39a8ed0.chunk.js
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
a04be536dda39883f0c7940174c2401c645360d4f5fe2343da64dcd85477fbb9

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:40 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"564-1815bbd0ff0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
583
booking.7aaf5671.chunk.js
mobile.tallink.com/static/js/ 		1 MB
549 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mobile.tallink.com/static/js/booking.7aaf5671.chunk.js
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
6f37046f2fa820afba344dc44f710be8da60aa49c21cf9af3a452cf61d9739f3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:40 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"16dd06-1815bbd0ff0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
settings
mobile.tallink.com/ 		451 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mobile.tallink.com/settings
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/js/booking.7aaf5671.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
69c4009c523ffd9c7edaee1f44651d4da1d9a1a2fd6f08a28553f7d8806b137d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
last-modified
Thu, 28 Oct 2021 08:47:10 GMT
server
Tallink
etag
W/"1c3-17cc614e54f"
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
451
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AE8B5AD7591AC1560A495D25%40AdobeOrg&d_nsid=0&ts=1658485781036
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AE8B5AD7591AC1560A495D25%40AdobeOrg&d_nsid=0&ts=1658485781036
372 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AE8B5AD7591AC1560A495D25%40AdobeOrg&d_nsid=0&ts=1658485781036
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
HTTP/1.1
Server
52.208.83.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-83-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d0bedcf6b9ef38ef3b4ff3be6348dad34d489c71fe9237157451362a08ac4aee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v037-079c64f10.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
zeUIcNIMSiM=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://mobile.tallink.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
311
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v037-05d08ac2a.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://mobile.tallink.com
X-TID
2k4VdAvzQGg=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AE8B5AD7591AC1560A495D25%40AdobeOrg&d_nsid=0&ts=1658485781036
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
EX045f37e462d94c6bb71efe1d190e7ace-libraryCode_source.min.js
assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/ 		59 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/EX045f37e462d94c6bb71efe1d190e7ace-libraryCode_source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4ee04deac9d1026dccd82494e9938b2b9965ae0b63f5a59095792488a3b04d0e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:42:39 GMT
server
AkamaiNetStorage
etag
"7c8ee6c96c9ebb4439c0f889cd20c843:1657708959.317674"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mobile.tallink.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
20834
expires
Fri, 22 Jul 2022 11:29:41 GMT
RC86b44ef0d8384e0199b213a4ec5cd5ed-source.min.js
assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/ 		632 B
676 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/RC86b44ef0d8384e0199b213a4ec5cd5ed-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2a122abfa6bdf53752aacea2c06dbd712db7564b62bf1b5c82dd74e968b11cf4

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:42:39 GMT
server
AkamaiNetStorage
etag
"7c8ee6c96c9ebb4439c0f889cd20c843:1657708959.317674"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mobile.tallink.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
408
expires
Fri, 22 Jul 2022 11:29:41 GMT
RC2b20de3bb0904881bfeae701c5bb1c88-source.min.js
assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/ 		1 KB
885 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/RC2b20de3bb0904881bfeae701c5bb1c88-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0c368361d1a3a7b021c43c6e027d527ac55a67d6c1f001c33d8c7e2c9f2d95d5

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:42:39 GMT
server
AkamaiNetStorage
etag
"7c8ee6c96c9ebb4439c0f889cd20c843:1657708959.317674"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mobile.tallink.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
617
expires
Fri, 22 Jul 2022 11:29:41 GMT
RC70ef6a1a15c842f9adf2130c578d38e9-source.min.js
assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/ 		615 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/RC70ef6a1a15c842f9adf2130c578d38e9-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
da50cb62910190f3c883ef593ac42d22f282e2a2d0cca40bdf83feee209c88be

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:42:39 GMT
server
AkamaiNetStorage
etag
"7c8ee6c96c9ebb4439c0f889cd20c843:1657708959.317674"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mobile.tallink.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
373
expires
Fri, 22 Jul 2022 11:29:41 GMT
RC29e5c3f0abe44e398be143bec5d2e8cf-source.min.js
assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/ 		503 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/RC29e5c3f0abe44e398be143bec5d2e8cf-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ddf54bab14f78c2126e8f55be4b51544ef17aee5a1b25b90662fff45f443ee38

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:42:39 GMT
server
AkamaiNetStorage
etag
"7c8ee6c96c9ebb4439c0f889cd20c843:1657708959.317674"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mobile.tallink.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
320
expires
Fri, 22 Jul 2022 11:29:41 GMT
RCe34060089a4a476d8efbd083bb43bb12-source.min.js
assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/ 		958 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/RCe34060089a4a476d8efbd083bb43bb12-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f68024b101488a6d3e732e23a159fe9939195d0e8ef3dbac2f386eb1529815c1

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:42:39 GMT
server
AkamaiNetStorage
etag
"7c8ee6c96c9ebb4439c0f889cd20c843:1657708959.317674"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mobile.tallink.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
371
expires
Fri, 22 Jul 2022 11:29:41 GMT
RC8f6e9cc0f62b4178beb9a25977928694-source.min.js
assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/ 		1 KB
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/RC8f6e9cc0f62b4178beb9a25977928694-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a9ea5f7923c0d7d06e5507c9fd82ef828791276c612131398b86cbc863e08779

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:42:39 GMT
server
AkamaiNetStorage
etag
"7c8ee6c96c9ebb4439c0f889cd20c843:1657708959.317674"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mobile.tallink.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
569
expires
Fri, 22 Jul 2022 11:29:41 GMT
RCa8b64810d03e4c6f9b231d97321c409e-source.min.js
assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/ 		919 B
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/RCa8b64810d03e4c6f9b231d97321c409e-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
659dfe3750a0795398ae7ccd7c71912f4d86765f52ab470efdc69ff37255bff2

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:42:39 GMT
server
AkamaiNetStorage
etag
"7c8ee6c96c9ebb4439c0f889cd20c843:1657708959.317674"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mobile.tallink.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
405
expires
Fri, 22 Jul 2022 11:29:41 GMT
RC1d096b2f68284f5fb763308531038f27-source.min.js
assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/ 		756 B
736 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/RC1d096b2f68284f5fb763308531038f27-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8de577f4c47e77ccf091b857dbaa0ab186821e658150fafc95f54c35db4c3b48

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:42:39 GMT
server
AkamaiNetStorage
etag
"7c8ee6c96c9ebb4439c0f889cd20c843:1657708959.317674"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mobile.tallink.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
468
expires
Fri, 22 Jul 2022 11:29:41 GMT
RCdb0f856c3d4642d280f204f9a7c9026d-source.min.js
assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/ 		1 KB
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/RCdb0f856c3d4642d280f204f9a7c9026d-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
050a983c237a5866a7e2caeaae8e584237920fa095aa3faa3e16bee56bf954fe

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:42:39 GMT
server
AkamaiNetStorage
etag
"7c8ee6c96c9ebb4439c0f889cd20c843:1657708959.317674"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mobile.tallink.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
738
expires
Fri, 22 Jul 2022 11:29:41 GMT
RCcde9a62b77ef49e8abe5858c39e15550-source.min.js
assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/ 		1 KB
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/RCcde9a62b77ef49e8abe5858c39e15550-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8ce78e70fb9a7ff2fae0948c752019e0a7cabcce39b866442f6a01ab4bee5ce4

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:42:39 GMT
server
AkamaiNetStorage
etag
"7c8ee6c96c9ebb4439c0f889cd20c843:1657708959.317674"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mobile.tallink.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
665
expires
Fri, 22 Jul 2022 11:29:41 GMT
sso.min.js
sso.tallink.com/component/ 		573 KB
226 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.tallink.com/component/sso.min.js
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/js/booking.7aaf5671.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.112 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
websvctest.tallinksilja.com
Software
Tallink /
Resource Hash
bfc77177c1e16eb80d828189bcb8650f62a54300e4cd3ae4662f42301b0c3462

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Fri, 22 Jul 2022 10:29:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Oct 2020 12:04:38 GMT
Server
Tallink
Vary
Accept-Encoding
Content-Type
application/javascript
X-Sw-Bes
29.48105
Transfer-Encoding
chunked
Accept-Ranges
bytes
config
booking.tallink.com/api/ 		153 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://booking.tallink.com/api/config?mobile=true
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/js/booking.7aaf5671.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.247.11 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
c5ec4116c8bce31be362958bcd957843c4a73335adddc56b1558fea34871f7cb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none'
Content-Encoding
gzip
Server
Tallink
X-Frame-Options
DENY
Date
Fri, 22 Jul 2022 10:29:40 GMT
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://mobile.tallink.com
X-Sw-Bes
222.48081
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
open
booking.tallink.com/api/session/ 		47 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://booking.tallink.com/api/session/open?mobile=true&locale=sv&country=SE
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/js/booking.7aaf5671.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.247.11 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
f3b0465307cb1c6f3d2cc58c8a353a7005fc24c797cf4bad6e91d343da541dd2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none'
Content-Encoding
gzip
Server
Tallink
X-Frame-Options
DENY
Date
Fri, 22 Jul 2022 10:29:41 GMT
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://mobile.tallink.com
X-Sw-Bes
221.48081
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5024
date
Fri, 22 Jul 2022 09:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 22 Jul 2022 11:05:57 GMT
bundle.prod.js
widget.alphablues.com/widget/latest/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.alphablues.com/widget/latest/bundle.prod.js
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.176.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-176-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f05a44861ce14dd152284e28b1428abdc5b30693351b8a222dc224f003b0374f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
cache-control
no-cache
last-modified
Sun, 04 Oct 2020 12:25:51 GMT
server
nginx
content-encoding
gzip
etag
W/"8450dc41e262ea0d74c18abd962f9d46"
content-type
application/javascript
jsTag
cdn.adt356.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adt356.com/jsTag?ap=1161519273
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-91.fra2.r.cloudfront.net
Software
/
Resource Hash
8eb3dda312c70419f8926efbaef0722b92b9c5e4d6ad771417d25a807c9fc8eb

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 06:13:57 GMT
content-encoding
gzip
age
15344
etag
"C4DD22A9DE1A25454F6F052B62AA648E"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
4558
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-id
k5xWhe595SLGkgCoAC_wiu2DH-2w4gH0huhXtregbJxtxyGNpllc9Q==
x-cache-hits
0
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Fri, 22 Jul 2022 10:29:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=81869
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 18:22:08 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3CCCB5440A5D44FEA803B4428C90BD99 Ref B: OSL30EDGE0510 Ref C: 2022-07-22T10:29:41Z
etag
"0c8eafcad81d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Fri, 22 Jul 2022 10:29:41 GMT
accept-ranges
bytes
content-length
11360
events.js
analytics.tiktok.com/i18n/pixel/ 		141 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7J7MNOR5MNIA38JK5LG&lib=ttq
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
62a1fb4e9d85300fe7acf744e0ee25172a0a9575b301ba8d1c38ce3cc5da3a8e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
6e6211de.46c3fbe
date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-222-16-85.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time
100,23.36.161.221
server-timing
cdn-cache; desc=MISS, edge; dur=95, origin; dur=8, inner; dur=3
pragma
no-cache
server
nginx
x-tt-logid
20220722102941010004003007735002039119A585E
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
8,23.222.16.85
x-tt-trace-host
01ac4fec60f934c00eb7ce9141a8db828268c9030ef88f489ea2f66553fa8e1ab85744f2997a8e88dbbca10286c21b56fbc9e7d9046a72c4754f3c3a0af53353cbfda7a5b73a59df10cd6b3a00e15af6ff37f37a11f2d780fc8cc37ed144d6eea1
expires
Fri, 22 Jul 2022 10:29:41 GMT
trackpoint-async.js
s2.adform.net/banners/scripts/st/ 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 11:34:23 GMT
server
nginx
x-amz-request-id
tx00000000000004b3c9b00-0062da6d80-323354ba-default
etag
W/"552eeb5f0620fb6f56733d625b5e719e"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
uUPsXCVuC7
widget.alphablues.com/config/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://widget.alphablues.com/config/uUPsXCVuC7
Requested by
Host: widget.alphablues.com
URL: https://widget.alphablues.com/widget/latest/bundle.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.176.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-176-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
950437957f89a96be011dda6b0c5af85f73671af4b960c2a453350e7f6b56fa5

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
server
nginx
etag
W/"0f61a3078c538938a8336d3c2b4b80910b16d284"
access-control-allow-methods
post, get, options
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
access-control-allow-headers
x-requested-with
expires
Fri, 22 Jul 2022 10:29:41 GMT
v3
booking.tallink.com/api/payment/ 		72 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://booking.tallink.com/api/payment/v3?mobile=true&sessionGUID=0CE94239-CC23-4749-82BD-C84D56E2E47D&locale=sv&country=SE
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/js/booking.7aaf5671.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.247.11 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
b1b0ad63ec8a24dfed2023c6e51b9804af1499474aae078a3a63bcb1b6dbec4b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none'
Content-Encoding
gzip
Server
Tallink
X-Frame-Options
DENY
Date
Fri, 22 Jul 2022 10:29:41 GMT
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://mobile.tallink.com
X-Sw-Bes
221.48081
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
timetables
booking.tallink.com/api/cruise/ 		39 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://booking.tallink.com/api/cruise/timetables?mobile=true&sessionGUID=0CE94239-CC23-4749-82BD-C84D56E2E47D&locale=sv&country=SE&from=STO&to=TUR&dateFrom=2022-07-22&dateTo=2022-08-31&voyageType=CRUISE&searchFutureSails=false&eveningDeparture=true
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/js/booking.7aaf5671.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.247.11 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
df7e195f7f0187dd56575c7ab2cb7a32f818a7132a848d13e67807bed6037e89
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none'
Content-Encoding
gzip
Server
Tallink
X-Frame-Options
DENY
Date
Fri, 22 Jul 2022 10:29:40 GMT
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://mobile.tallink.com
X-Sw-Bes
222.48081
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
logo_combined_tallink_silja_full.svg
mobile.tallink.com/assets/images/_cacheCommon/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile.tallink.com/assets/images/_cacheCommon/logo_combined_tallink_silja_full.svg
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
8b005e1fb4643827336255067683bc6ae60cb71c1447e11828956e2c8f1537dd

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"f3e-1815bbd0ff0"
vary
Accept-Encoding
content-type
image/svg+xml
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
2686
icon_adult.svg
mobile.tallink.com/assets/images/_cacheCommon/ 		1 KB
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile.tallink.com/assets/images/_cacheCommon/icon_adult.svg
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
68b7c161087cc8ea9ed269117820c5cc7dd455b0aab67ef5c6781c8c4f523691

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"405-1815bbd0ff0"
vary
Accept-Encoding
content-type
image/svg+xml
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
846
icon_youth.svg
mobile.tallink.com/assets/images/_cacheCommon/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile.tallink.com/assets/images/_cacheCommon/icon_youth.svg
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
26115557edbc3d39b4a1634a5a855ac47f9614fddb5c0a045e03907911d5f84f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"70d-1815bbd0ff0"
vary
Accept-Encoding
content-type
image/svg+xml
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
1234
icon_junior.svg
mobile.tallink.com/assets/images/_cacheCommon/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile.tallink.com/assets/images/_cacheCommon/icon_junior.svg
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
d49dc21082c98a2893d4eb6ca616db32d89da951d5c87b8436ce9fc8ca3ca6dc

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"704-1815bbd0ff0"
vary
Accept-Encoding
content-type
image/svg+xml
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
1282
icon_child.svg
mobile.tallink.com/assets/images/_cacheCommon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile.tallink.com/assets/images/_cacheCommon/icon_child.svg
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
1b5928c6631a449ca0d249d004b9ac5609a2ced3cb3dc31fe384943e6eb11847

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"5bd-1815bbd0ff0"
vary
Accept-Encoding
content-type
image/svg+xml
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
1140
ribbon_discount.svg
mobile.tallink.com/assets/images/discountCode/ 		2 KB
867 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile.tallink.com/assets/images/discountCode/ribbon_discount.svg
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
430628d56b463dab101e91c192bed1b80c36d3e6fec9d122072ae7a255249077

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"6a8-1815bbd0ff0"
vary
Accept-Encoding
content-type
image/svg+xml
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
756
megastar@1x.jpg
mobile.tallink.com/assets/images/shipBackground/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile.tallink.com/assets/images/shipBackground/megastar@1x.jpg
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/css/booking~confirmation.1cbc3f97.chunk.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
c722e474e50b805bc368be505b565f9bd0ca6df0404537576e911abbfb61272d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/static/css/booking~confirmation.1cbc3f97.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"48ce-1815bbd0ff0"
content-type
image/jpeg
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
18638
arrow_down.svg
mobile.tallink.com/assets/images/common/ 		362 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile.tallink.com/assets/images/common/arrow_down.svg
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/css/booking~confirmation.1cbc3f97.chunk.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
25b9e4b601d17559ccbff44d6ce08162e5eeb37afc0ef2e3db0007821651ea51

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/static/css/booking~confirmation.1cbc3f97.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"16a-1815bbd0ff0"
vary
Accept-Encoding
content-type
image/svg+xml
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
362
swap_arrow.svg
mobile.tallink.com/assets/images/common/ 		663 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile.tallink.com/assets/images/common/swap_arrow.svg
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/css/booking~confirmation.1cbc3f97.chunk.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
a83ff0f30a5c3703602301ef9d0438111fc2de8df3e665b6b23ae4a487a2351a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/static/css/booking~confirmation.1cbc3f97.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"297-1815bbd0ff0"
vary
Accept-Encoding
content-type
image/svg+xml
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
663
swap_bg.svg
mobile.tallink.com/assets/images/common/ 		495 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile.tallink.com/assets/images/common/swap_bg.svg
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/css/booking~confirmation.1cbc3f97.chunk.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
da61023ef9e6eff6c68482c6eadde410406119fb2c02cb25258b2c53bff7e35c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/static/css/booking~confirmation.1cbc3f97.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"1ef-1815bbd0ff0"
vary
Accept-Encoding
content-type
image/svg+xml
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
495
icon_wave_body.svg
mobile.tallink.com/assets/images/_cacheCommon/ 		458 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile.tallink.com/assets/images/_cacheCommon/icon_wave_body.svg
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/css/booking~confirmation.1cbc3f97.chunk.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
8a45b67a5d60015da5e408eb84e5caa085b1ca017e09b6b8cf68ddda861e0f92

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/static/css/booking~confirmation.1cbc3f97.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"1ca-1815bbd0ff0"
vary
Accept-Encoding
content-type
image/svg+xml
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
458
icon_enter_arrow.svg
mobile.tallink.com/assets/images/_cacheCommon/ 		341 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile.tallink.com/assets/images/_cacheCommon/icon_enter_arrow.svg
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/css/booking~confirmation.1cbc3f97.chunk.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
ed41c9cd5c9680ab1a24ec22a2e02c7492260fb2f0e2ad601b40f625ae0d46d6

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/static/css/booking~confirmation.1cbc3f97.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"155-1815bbd0ff0"
vary
Accept-Encoding
content-type
image/svg+xml
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
341
GT-Walsheim-Pro-Regular.woff2
mobile.tallink.com/assets/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mobile.tallink.com/assets/fonts/GT-Walsheim-Pro-Regular.woff2
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/css/booking~confirmation.1cbc3f97.chunk.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
9d7d7df73aa6c29e375d9e8b64fb5dc17afedb60a84465f8832cb9c44165c23c

Request headers

Referer
https://mobile.tallink.com/static/css/booking~confirmation.1cbc3f97.chunk.css
Origin
https://mobile.tallink.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"ddac-1815bbd0ff0"
content-type
font/woff2
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
56748
GT-Walsheim-Pro-Medium.woff2
mobile.tallink.com/assets/fonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mobile.tallink.com/assets/fonts/GT-Walsheim-Pro-Medium.woff2
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/css/booking~confirmation.1cbc3f97.chunk.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
a7c404d5a1feb26a68dbe1b6f022f9988e0d54a2dd8236b93eebc6f595649a1a

Request headers

Referer
https://mobile.tallink.com/static/css/booking~confirmation.1cbc3f97.chunk.css
Origin
https://mobile.tallink.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"d86c-1815bbd0ff0"
content-type
font/woff2
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
55404
dest5.html
tallinksailja.demdex.net/ Frame 5ABE 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tallinksailja.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.150.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-150-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mobile.tallink.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v037-0a61bcd65.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
zfvVZbDERWY=
content-encoding
gzip
date
Fri, 22 Jul 2022 10:29:41 GMT
last-modified
Thu, 21 Jul 2022 19:45:03 GMT
vary
accept-encoding
id
saa.tallink.com/ 		48 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://saa.tallink.com/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=AE8B5AD7591AC1560A495D25%40AdobeOrg&mid=55592984987509362890316230298018717819&ts=1658485781452
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
abfa52a3ce73fbbb6a0e67ba4f20323ea7c395a13e9bd1c195add4ffd99a92de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mobile.tallink.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-69c8d8cc76-57lzd
vary
Origin
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://mobile.tallink.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Ytp8FQAAALowbgNx
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=56117617926340130490334703289586749923
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ytp8FQAAALowbgNx
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ytp8FQAAALowbgNx
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
HTTP/1.1
Server
52.208.83.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-83-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v037-0af2d90ac.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
tybLlTIXSCo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ytp8FQAAALowbgNx
Date
Fri, 22 Jul 2022 10:29:41 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
tallinksiljaoy.tt.omtrdc.net/rest/v1/ 		357 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tallinksiljaoy.tt.omtrdc.net/rest/v1/delivery?client=tallinksiljaoy&sessionId=9ec7c80cf753412b8019f2e978b83458&version=2.8.2
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.242.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-242-9.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ba77932c61afdcb9788a5cc3b3249a3587d98d386f6b7a7a1a38fa7e831309bd

Request headers

Referer
https://mobile.tallink.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://mobile.tallink.com
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
67c0f370b762f1c70484aadd2b9acf89
RC11e880e859594293836247d5417b3b81-source.min.js
assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/ 		592 B
547 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/RC11e880e859594293836247d5417b3b81-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5dce6224aa67134739b6153193a2970bcc1423d1bc4d069beea1efcc3db9fc90

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:42:39 GMT
server
AkamaiNetStorage
etag
"7c8ee6c96c9ebb4439c0f889cd20c843:1657708959.317674"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mobile.tallink.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
279
expires
Fri, 22 Jul 2022 11:29:41 GMT
RC8129dd1fe6834231a556c4992a0ec4bd-source.min.js
assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/RC8129dd1fe6834231a556c4992a0ec4bd-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bd1a299aff8e932682f1f24b0c6fc6dc024ecee3f08e3ac6d05642047ff71aa4

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:42:39 GMT
server
AkamaiNetStorage
etag
"7c8ee6c96c9ebb4439c0f889cd20c843:1657708959.317674"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mobile.tallink.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
2117
expires
Fri, 22 Jul 2022 11:29:41 GMT
RCcf3b366c6ecb433c8125f71256317220-source.min.js
assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/RCcf3b366c6ecb433c8125f71256317220-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
deedb17210f4a7932f48cdf59e69ce5ca47c8a3a5b293b63284fa503b3ec5f88

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:42:39 GMT
server
AkamaiNetStorage
etag
"7c8ee6c96c9ebb4439c0f889cd20c843:1657708959.317674"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mobile.tallink.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
943
expires
Fri, 22 Jul 2022 11:29:41 GMT
RCf36dfa1dc9c747eb9f65858464808fe1-source.min.js
assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/ 		941 B
687 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/RCf36dfa1dc9c747eb9f65858464808fe1-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3a29d8e77890c7da6163050d05f9071de32a81cb85c4d6137cd9715210d2fde6

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:42:39 GMT
server
AkamaiNetStorage
etag
"7c8ee6c96c9ebb4439c0f889cd20c843:1657708959.317674"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mobile.tallink.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
419
expires
Fri, 22 Jul 2022 11:29:41 GMT
RC2110a50392d342658c8e294b56e101ae-source.min.js
assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/ 		448 B
512 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/RC2110a50392d342658c8e294b56e101ae-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bfe12f9ce812d105bcd8785f0d88d671ded9299bec83c266960315bdb01bd789

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:42:39 GMT
server
AkamaiNetStorage
etag
"7c8ee6c96c9ebb4439c0f889cd20c843:1657708959.317674"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mobile.tallink.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
244
expires
Fri, 22 Jul 2022 11:29:41 GMT
RC5c239962adec40e29a329e283be31955-source.min.js
assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/ 		1 KB
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/RC5c239962adec40e29a329e283be31955-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3ea22e0e6a52c34b0039a299d30f44e2916911c1922e49d4782e46e3fbeda5c9

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:42:39 GMT
server
AkamaiNetStorage
etag
"7c8ee6c96c9ebb4439c0f889cd20c843:1657708959.317674"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mobile.tallink.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
562
expires
Fri, 22 Jul 2022 11:29:41 GMT
/
track.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://track.adform.net/Serving/TrackPoint/?pm=1974007&ADFPageName=Mobile%20Booking%20-%20Tallink%20Silja&ADFdivider=%7C&ord=57041386988&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3...
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1974007&ADFPageName=Mobile%20Booking%20-%20Tallink%20Silja&ADFdivider=%7C&ord=57041386988&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=ht...
856 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1974007&ADFPageName=Mobile%20Booking%20-%20Tallink%20Silja&ADFdivider=%7C&ord=57041386988&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fmobile.tallink.com%2F
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b98b7d0feaaa5efb0059903bdf49a5c20eb11d3418c7d637afec1bd6c3d1e9b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
688
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:41 GMT
server
nginx
location
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1974007&ADFPageName=Mobile%20Booking%20-%20Tallink%20Silja&ADFdivider=%7C&ord=57041386988&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fmobile.tallink.com%2F
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/html; charset=utf-8
expires
-1
RC0c405bf859bb49ff8cee0868922a2a69-source.min.js
assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/ 		1 KB
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/RC0c405bf859bb49ff8cee0868922a2a69-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENac5388c3787d4490accffc171ee4cfde.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f6acce8c63097c8a94d3ccc7119674a104d1b9cd813ceff7ea49032d0da87625

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:42:39 GMT
server
AkamaiNetStorage
etag
"7c8ee6c96c9ebb4439c0f889cd20c843:1657708959.317674"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mobile.tallink.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
513
expires
Fri, 22 Jul 2022 11:29:41 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26001
x-xss-protection
0
pragma
public
x-fb-debug
Ug4e8zDv1wLmb+k1arJJmxKqGmjMzVTjf7KAoj4leXkEKqJZxzxQJSIMweaEmtTNwk8ulof+TQn3RibZASWiIw==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Fri, 22 Jul 2022 10:29:42 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
openapi.js
vk.com/js/api/ 		104 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?160
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx /
Resource Hash
f036531b5f9e56993ce2f6c3677bb3b3734859f9747fca67a7095f25095330bc

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
br
x-frontend
front224007
last-modified
Tue, 15 Mar 2022 10:42:47 GMT
server
kittenx
etag
"62306da7-5b1b"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
23323
expires
Tue, 26 Jul 2022 10:29:41 GMT
info2
uip.semasio.net/omdseomg/1/
Redirect Chain
  • https://uip.semasio.net/omdseomg/1/info?_ignore=32770172349093470&sType=track&nTrackingPointId=57662&_referrer=https%3A//mobile.tallink.com/
  • https://uip.semasio.net/omdseomg/1/info2?_ignore=32770172349093470&sType=track&nTrackingPointId=57662&_referrer=https%3A//mobile.tallink.com/
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uip.semasio.net/omdseomg/1/info2?_ignore=32770172349093470&sType=track&nTrackingPointId=57662&_referrer=https%3A//mobile.tallink.com/
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
HTTP/1.1
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:43 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:43 GMT
frontend-id
11
location
/omdseomg/1/info2?_ignore=32770172349093470&sType=track&nTrackingPointId=57662&_referrer=https%3A//mobile.tallink.com/
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
js
www.googletagmanager.com/gtag/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-5638134
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2656e0740ad841bac7e05e1e3fd00bfa57edd0a1058562132f80fdd53803a8c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:42 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41409
x-xss-protection
0
last-modified
Fri, 22 Jul 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Jul 2022 10:29:42 GMT
jsTag
adtr.io/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adtr.io/jsTag?ap=1161519273
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
/
Resource Hash
8eb3dda312c70419f8926efbaef0722b92b9c5e4d6ad771417d25a807c9fc8eb

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 09:38:01 GMT
content-encoding
gzip
age
16737
etag
"C4DD22A9DE1A25454F6F052B62AA648E"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
4558
via
1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-amz-cf-id
88wyS1bkA1sdX5yyNz-WEKzrN7yTxKdI2JT1YMBdR9y0TEmA_3qjJQ==
x-cache-hits
0
alphachat.prod.js
widget.alphablues.com/widget/8.0.7/ 		508 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.alphablues.com/widget/8.0.7/alphachat.prod.js
Requested by
Host: widget.alphablues.com
URL: https://widget.alphablues.com/widget/latest/bundle.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.176.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-176-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d03289de960bac464b12ee35a6bf9c44d5f7c001d216c72d00cac13568e1484b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
cache-control
no-cache
last-modified
Fri, 17 Sep 2021 07:08:55 GMT
server
nginx
content-encoding
gzip
etag
W/"e6ddf1a57ceaaaceb46471c7b711ca06"
content-type
application/javascript
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7J7MNOR5MNIA38JK5LG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
b40b3b6.46c4592
date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-17.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time
102,23.36.161.221
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=15, inner; dur=4
pragma
no-cache
server
nginx
x-tt-logid
202207221029410100020077350020180A882B9E
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
15,23.220.104.17
x-tt-trace-host
01ac4fec60f934c00eb7ce9141a8db828268c9030ef88f489ea2f66553fa8e1ab83c1f9e7646837f63938bda9bf78f339f51890447b579459bdf0dc5da5228c8761a2d07b965cf4b3fa6fbdbcd84209606fd69e0dc85c5e4a74215c7879eae1a40
expires
Fri, 22 Jul 2022 10:29:41 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		872 B
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C7J7MNOR5MNIA38JK5LG&hostname=mobile.tallink.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7J7MNOR5MNIA38JK5LG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
20724e8201d8580c22359ff4510a549a2417be65658cd001dff8d7c31f9bfae4

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
46c4703
date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=101
content-length
349
pragma
no-cache
server
nginx
x-tt-logid
202207221029410100040030077350020130A862653
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
101,23.36.161.221
x-tt-trace-host
01ac4fec60f934c00eb7ce9141a8db8282e5a05fcc70da038728a1eb5d33d193fd04eceef854eb2493c417356ecced9d1057385a5da95b51be9b3395e1ac8f482acd05addf5b7d4fae1321514cccb17639
expires
Fri, 22 Jul 2022 10:29:41 GMT
extraServices
booking.tallink.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://booking.tallink.com/api/extraServices?mobile=true&locale=sv&country=SE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.247.11 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mobile.tallink.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Origin
https://mobile.tallink.com
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Content-Length
0
Content-Security-Policy
frame-ancestors 'none'
Date
Fri, 22 Jul 2022 10:29:41 GMT
Server
Tallink
X-Frame-Options
DENY
X-Sw-Bes
223.48081
extraServices
booking.tallink.com/api/ 		20 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://booking.tallink.com/api/extraServices?mobile=true&locale=sv&country=SE
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/js/booking.7aaf5671.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.247.11 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
d6e443419d42f41a64046a68c3e386ad5d18c619ec2b4449e74d6ae7f7315b04
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

Referer
https://mobile.tallink.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

Content-Security-Policy
frame-ancestors 'none'
Content-Encoding
gzip
Server
Tallink
X-Frame-Options
DENY
Date
Fri, 22 Jul 2022 10:29:41 GMT
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://mobile.tallink.com
X-Sw-Bes
221.48081
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
mealPackages
booking.tallink.com/api/ 		515 B
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://booking.tallink.com/api/mealPackages?mobile=true&locale=sv&country=SE&sessionGUID=0CE94239-CC23-4749-82BD-C84D56E2E47D&outwardSailId=2143280
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/js/booking.7aaf5671.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.247.11 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
fcd4ab2905eb2064e63a081a6875caa468b523c4b89c2c2c97174faaaf2f9af2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none'
Content-Encoding
gzip
Server
Tallink
X-Frame-Options
DENY
Date
Fri, 22 Jul 2022 10:29:41 GMT
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://mobile.tallink.com
X-Sw-Bes
221.48081
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
v2
booking.tallink.com/api/onboardServices/ 		0
0
cabinServices
booking.tallink.com/api/ 		120 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://booking.tallink.com/api/cabinServices?mobile=true&sessionGUID=0CE94239-CC23-4749-82BD-C84D56E2E47D&outwardSailId=2143280&adults=1&youths=0&juniors=0&children=0&locale=sv&experimental=true
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/js/booking.7aaf5671.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.247.11 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
d00a9aabd0920ee430576a52d6737cbe1a04809de05d27902c088650bdf35ebd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none'
Content-Encoding
gzip
Server
Tallink
X-Frame-Options
DENY
Date
Fri, 22 Jul 2022 10:29:41 GMT
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://mobile.tallink.com
X-Sw-Bes
221.48081
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
meals
booking.tallink.com/api/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://booking.tallink.com/api/meals?mobile=true&returnSailId=2143280&locale=sv&country=SE&sessionGUID=0CE94239-CC23-4749-82BD-C84D56E2E47D&outwardSailId=2143280
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/js/booking.7aaf5671.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.247.11 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
6c38c44f9a7eda74f78672598d0b06f56cd644c819eb6f8e7bc1b282e281d693
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none'
Content-Encoding
gzip
Server
Tallink
X-Frame-Options
DENY
Date
Fri, 22 Jul 2022 10:29:41 GMT
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://mobile.tallink.com
X-Sw-Bes
221.48081
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
travelclasses
booking.tallink.com/api/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://booking.tallink.com/api/travelclasses?mobile=true&locale=sv&country=SE&from=STO&to=TUR&voyageType=CRUISE&includeSharedCabins=false&outwardSailId=2143280&includePetCabins=false&includeRegularCabins=true&includeSpecialCabins=false
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/js/booking.7aaf5671.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.247.11 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
7e43a5bcfd52108c65e296621ef51939b1eec855b632464ca7bec26877e826e0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none'
Content-Encoding
gzip
Server
Tallink
X-Frame-Options
DENY
Date
Fri, 22 Jul 2022 10:29:41 GMT
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://mobile.tallink.com
X-Sw-Bes
221.48081
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
land
booking.tallink.com/api/ 		19 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://booking.tallink.com/api/land?mobile=true&sessionGUID=0CE94239-CC23-4749-82BD-C84D56E2E47D&locale=sv&country=SE&outwardSailId=2143280
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/js/booking.7aaf5671.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.247.11 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
8b45d458c3f0c3e73ae26a8c8ed5b45812128012921623ff989e6412ff2d7c64
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none'
Content-Encoding
gzip
Server
Tallink
X-Frame-Options
DENY
Date
Fri, 22 Jul 2022 10:29:41 GMT
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://mobile.tallink.com
X-Sw-Bes
221.48081
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
galaxy@1x.jpg
mobile.tallink.com/assets/images/shipBackground/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile.tallink.com/assets/images/shipBackground/galaxy@1x.jpg
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/css/booking~confirmation.1cbc3f97.chunk.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.113 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
be5480673ba7625314cb1d282c454fe14a88c63b0be011574c9d642db261c585

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/static/css/booking~confirmation.1cbc3f97.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
last-modified
Mon, 13 Jun 2022 06:25:26 GMT
server
Tallink
etag
W/"40cf-1815bbd0ff0"
content-type
image/jpeg
x-sw-bes
220.28151
cache-control
public, max-age=0
accept-ranges
bytes
content-length
16591
137027551.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/137027551.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1A06E427051848078E0BFDF18F4C22C2 Ref B: OSL30EDGE0510 Ref C: 2022-07-22T10:29:41Z
date
Fri, 22 Jul 2022 10:29:41 GMT
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=137027551&Ver=2&mid=b5f4977d-842c-41ee-99e1-9b4795b568f1&sid=325ce3a009a911edac030ddf9e19880c&vid=325d0f6009a911ed93137d6be30c6028&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Mobile%20Booking%20-%20Tallink%20Silja&p=https%3A%2F%2Fmobile.tallink.com%2F&r=&lt=1027&evt=pageLoad&msclkid=N&sv=1&rn=827360
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6E18D5C2097F4BCC8CE0068A374CA558 Ref B: OSL30EDGE0510 Ref C: 2022-07-22T10:29:41Z
date
Fri, 22 Jul 2022 10:29:41 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3678738&time=1658485781746&url=https%3A%2F%2Fmobile.tallink.com%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3678738%26time%3D1658485781746%26url%3Dhttps%253A%252F%252Fmobile.tallink.com%252...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3678738&time=1658485781746&url=https%3A%2F%2Fmobile.tallink.com%2F&liSync=true
0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3678738&time=1658485781746&url=https%3A%2F%2Fmobile.tallink.com%2F&liSync=true
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Server
13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:42 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: E33D1D140FDA4D49AD893D3CCBCFBBBC Ref B: HEL01EDGE0720 Ref C: 2022-07-22T10:29:42Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXkYk/2VCXkbm5hZ7XpQQ==
x-li-fabric
prod-lva1

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options
nosniff
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXkYk/ztwbSLpa+EVo4mQ==
pragma
no-cache
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 9B7C11E35C5E4A8D846DC685D0728EC1 Ref B: OSL30EDGE0512 Ref C: 2022-07-22T10:29:42Z
x-frame-options
sameorigin
date
Fri, 22 Jul 2022 10:29:41 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=31536000
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3678738&time=1658485781746&url=https%3A%2F%2Fmobile.tallink.com%2F&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
shared.html
sso.tallink.com/component/ Frame DF66 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.tallink.com/component/shared.html
Requested by
Host: sso.tallink.com
URL: https://sso.tallink.com/component/sso.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.112 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
websvctest.tallinksilja.com
Software
Tallink /
Resource Hash
345db89310bb00b60d93751a3f8ba80ae31fdc84b1b054aceb7df05ef19250cf

Request headers

Referer
https://mobile.tallink.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
801
Content-Type
text/html
Date
Fri, 22 Jul 2022 10:29:41 GMT
Last-Modified
Mon, 26 Oct 2020 12:04:40 GMT
Server
Tallink
Vary
Accept-Encoding
X-Sw-Bes
29.48105
persistence
sso.tallink.com/api/ 		4 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sso.tallink.com/api/persistence
Requested by
Host: sso.tallink.com
URL: https://sso.tallink.com/component/sso.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.112 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
websvctest.tallinksilja.com
Software
Tallink /
Resource Hash
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

Request headers

Accept
application/json, text/plain, */*
Referer
https://mobile.tallink.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Fri, 22 Jul 2022 10:29:41 GMT
Server
Tallink
Vary
Origin, Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://mobile.tallink.com
X-Sw-Bes
29.48105
Access-Control-Allow-Credentials
true
Content-Length
4
pixels
c1.adform.net/imatch/ Frame 7545 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Requested by
Host: track.adform.net
URL: https://track.adform.net/Serving/TrackPoint/?pm=1974007&ADFPageName=Mobile%20Booking%20-%20Tallink%20Silja&ADFdivider=%7C&ord=57041386988&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fmobile.tallink.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3165dd5c01615e664442b4c357e1cbfd8ae1e1f984d9174c06b657af988986b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mobile.tallink.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 22 Jul 2022 10:29:42 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
server.seadform.net/serving/cookie/sync/ 		35 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://server.seadform.net/serving/cookie/sync/?uid=2194554243883020945&stamp=KQm968gqJ0sDvP-67D9Y4w2
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Jul 2022 10:29:42 GMT
cache-control
private
server
nginx
content-type
image/gif
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pixel
analytics.tiktok.com/api/v2/ 		0
696 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7J7MNOR5MNIA38JK5LG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mobile.tallink.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
253a70e3.46c4afa
date
Fri, 22 Jul 2022 10:29:42 GMT
x-cache-remote
TCP_MISS from a23-222-16-23.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time
390,23.36.161.221
server-timing
cdn-cache; desc=MISS, edge; dur=240, origin; dur=154, inner; dur=56
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20220722102942010002003002005006003000068BAE4A
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
154,23.222.16.23
x-tt-trace-host
01ac4fec60f934c00eb7ce9141a8db828268c9030ef88f489ea2f66553fa8e1ab8a546fd16f9589cc2fa00aae711aea55e4a55f925016586f8c32a8c9ab36bab324e4fe2b2249888a595069a8e279c7f025d0846addeaacbbd3c47afa05add78b4
expires
Fri, 22 Jul 2022 10:29:42 GMT
rtrg
vk.com/ 		49 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-345527-b4rCK&metatag_url=https%3A%2F%2Fmobile.tallink.com%2F&metatag_title=Mobile%20Booking%20-%20Tallink%20Silja
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx / KPHP/7.4.111647
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
content-encoding
gzip
x-frontend
front224007
server
kittenx
x-powered-by
KPHP/7.4.111647
strict-transport-security
max-age=15768000
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
cookies.js
sso.tallink.com/component/ Frame DF66 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.tallink.com/component/cookies.js
Requested by
Host: sso.tallink.com
URL: https://sso.tallink.com/component/shared.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.112 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
websvctest.tallinksilja.com
Software
Tallink /
Resource Hash
244e6f3a5523ddb410d442dc501867b31882915b4f735588f3b4e162f204fc6a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sso.tallink.com/component/shared.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Fri, 22 Jul 2022 10:29:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Oct 2020 12:04:40 GMT
Server
Tallink
Vary
Accept-Encoding
Content-Type
application/javascript
X-Sw-Bes
29.48105
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
832
travelclasses
booking.tallink.com/api/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://booking.tallink.com/api/travelclasses?mobile=true&locale=sv&country=SE&from=STO&to=TUR&voyageType=CRUISE&includeSharedCabins=false&outwardSailId=2143280&includePetCabins=true&includeRegularCabins=false&includeSpecialCabins=true
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/static/js/booking.7aaf5671.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.247.11 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
0937a6f160a091257b52bea8198eb6d46c1b646b2f966d8d89386f79e3cf5db4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none'
Content-Encoding
gzip
Server
Tallink
X-Frame-Options
DENY
Date
Fri, 22 Jul 2022 10:29:41 GMT
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://mobile.tallink.com
X-Sw-Bes
221.48081
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
container.css
widget.alphablues.com/widget/8.0.7/ 		104 B
281 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.alphablues.com/widget/8.0.7/container.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.176.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-176-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7ccfd936cee64f0745c39ac7d727eca92484fd1cefffc0e7fe6ab7438d9e52de

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:42 GMT
last-modified
Fri, 17 Sep 2021 07:08:55 GMT
server
nginx
etag
"9b17a36992e3951babacbfe28364ff95"
content-type
text/css
cache-control
no-cache
accept-ranges
bytes
content-length
104
enduser.html
bots.alphablues.com/tallink-alphachat-se-agent/ Frame 0346 		478 B
614 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bots.alphablues.com/tallink-alphachat-se-agent/enduser.html?id=uUPsXCVuC7
Requested by
Host: widget.alphablues.com
URL: https://widget.alphablues.com/widget/8.0.7/alphachat.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.176.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-176-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cb4df778d0b58b5e73d544c059bfc4a2ddffcf04268affb613d5655b7a313c8d

Request headers

Referer
https://mobile.tallink.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
max-age=600
content-length
478
content-type
text/html
date
Fri, 22 Jul 2022 10:29:42 GMT
etag
"a4214458ad70cb43dc502597015b606d50de75c8"
server
nginx
s32708550521472
saa.tallink.com/b/ss/tallinksprod/10/JS-2.17.0-LCUM/ 		146 B
502 B 		Script
General
Check archive.org
Download Go to
Full URL
https://saa.tallink.com/b/ss/tallinksprod/10/JS-2.17.0-LCUM/s32708550521472?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=22%2F6%2F2022%2010%3A29%3A42%205%200&d.&nsid=0&jsonv=1&.d&sdid=545611039D1579AC-2940E6A4E27EFCB1&mid=55592984987509362890316230298018717819&aamlh=6&ce=UTF-8&g=https%3A%2F%2Fmobile.tallink.com%2F&cc=USD&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v85=%2B1&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AE8B5AD7591AC1560A495D25%40AdobeOrg&AQE=1
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/EX045f37e462d94c6bb71efe1d190e7ace-libraryCode_source.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
b37f7489b7210ff3075eb667d40e1bc4ed40c98227b25f74e8c690b625363561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-aam-tid
btUyE5g7SaU=
date
Fri, 22 Jul 2022 10:29:42 GMT
x-content-type-options
nosniff
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
vary
*
content-length
146
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-1-v037-02f215fd6.edge-irl1.demdex.com 3 ms
pragma
no-cache
last-modified
Sat, 23 Jul 2022 10:29:42 GMT
server
jag
xserver
anedge-69c8d8cc76-mlc4l
etag
3561571098319290368-4619765332993458201
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Thu, 21 Jul 2022 10:29:42 GMT
plf
c1.adform.net/imatch/ Frame 7545 		0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plff
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:42 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
match
ad.360yield.com/ul_cb/ Frame 7545
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=2194554243883020945&Expiration=1659695382
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2194554243883020945&Expiration=1659695382
43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2194554243883020945&Expiration=1659695382
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Server
54.77.56.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-56-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Jul 2022 10:29:42 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2194554243883020945&Expiration=1659695382
date
Fri, 22 Jul 2022 10:29:42 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
ad.yieldlab.net/ Frame 7545 		0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=4879&ext_id=2194554243883020945
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-132-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Jul 2022 10:29:42 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Thu, 21 Jul 2022 10:29:42 GMT
token
token.rubiconproject.com/ Frame 7545 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=5232&puid=2194554243883020945
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
match
c1.adform.net/serving/cookie/ Frame 7545
Redirect Chain
  • https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2194554243883020945&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
  • https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2194554243883020945&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=ecb4ef10d5414525a...
  • https://c1.adform.net/serving/cookie/match?party=9&uid=b1864db5fb81e7cbb06796ab3845b2ea9771180c1faadbbc5a7bfd29d735b7bb
35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=9&uid=b1864db5fb81e7cbb06796ab3845b2ea9771180c1faadbbc5a7bfd29d735b7bb
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:42 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

location
https://c1.adform.net/serving/cookie/match?party=9&uid=b1864db5fb81e7cbb06796ab3845b2ea9771180c1faadbbc5a7bfd29d735b7bb
date
Fri, 22 Jul 2022 10:29:42 GMT
content-length
0
p3p
CP=NOI PSA OUR
match
c1.adform.net/serving/cookie/ Frame 7545
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=2194554243883020945&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
  • https://c1.adform.net/serving/cookie/match?party=10&cid=7597453231756842418
35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=10&cid=7597453231756842418
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:42 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

location
https://c1.adform.net/serving/cookie/match?party=10&cid=7597453231756842418
pragma
no-cache
date
Fri, 22 Jul 2022 10:29:41 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
ups.analytics.yahoo.com/ups/55944/ Frame 7545
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55944/sync?uid=2194554243883020945&_origin=1
  • https://ups.analytics.yahoo.com/ups/55944/sync?uid=2194554243883020945&_origin=1&verify=true
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55944/sync?uid=2194554243883020945&_origin=1&verify=true
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:42 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55944/sync?uid=2194554243883020945&_origin=1&verify=true
date
Fri, 22 Jul 2022 10:29:42 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-registering
ads.stickyadstv.com/ Frame 7545 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2194554243883020945
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.2.74 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-2-74.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Jul 2022 10:29:42 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1658485782393003-352
Expires
Fri, 22 Jul 2022 10:29:42 GMT
sync
ups.analytics.yahoo.com/ups/55859/ Frame 7545
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2194554243883020945
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=2194554243883020945
  • https://ups.analytics.yahoo.com/ups/55859/sync?uid=9c934afc-6362-4ced-8d7c-8d9a56949b67&_origin=1&gdpr=&gdpr_consent=
0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55859/sync?uid=9c934afc-6362-4ced-8d7c-8d9a56949b67&_origin=1&gdpr=&gdpr_consent=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:42 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location
//ups.analytics.yahoo.com/ups/55859/sync?uid=9c934afc-6362-4ced-8d7c-8d9a56949b67&_origin=1&gdpr=&gdpr_consent=
Date
Fri, 22 Jul 2022 10:29:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 7545
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2194554243883020945&expiration=1659695382
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2194554243883020945&expiration=1659695382&C=1
43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2194554243883020945&expiration=1659695382&C=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72eb7f2b5f7eb512-OSL
pragma
no-cache
date
Fri, 22 Jul 2022 10:29:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZ%2BIQ3ktP9qI44Zdj9vwS0l2bJxKziLzVxBFA1ixb81VubhPcVmDWW7IgqfzOOltrrg5uTWJvjP26iTLRwbdZ7aXmxZDn2TCayZXr9bsaHalKEJmIecHgAUZFrFHscBx4dBF%2BjEH9Ezx7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6K%2BCyhGzbHQlApm6ZVg%2BGceDEB5BRTz1C5qNvWG9YlS7h2B3zkiTkSEBxP9ujOgYKLdjbWpL6i0q8qMUtxSsB5ia8dFVdO6p8NKzLaPaK%2FyxcEH8Tf4DC5DOFyQaOibg3tJT00zTL8M7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=111&external_user_id=2194554243883020945&expiration=1659695382&C=1
cache-control
no-cache
cf-ray
72eb7f2acee8b512-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
info
uip.semasio.net/userreport/1/ Frame 7545
Redirect Chain
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2194554243883020945&sInitiator=external
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=2194554243883020945&gdpr=&gdpr_consent=&sInitiator=external
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fse.semasio.net%252Fsync%252F1%252F4354957%253FsExtCookieId%253D%2524UID%2526sInitiator%253Dinternal%26gdpr%3D0%26gdpr_consent%3D
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=5359363223064234172&sInitiator=internal&gdpr=0&gdpr_consent=
  • https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal
  • https://se.semasio.net/sync/1/14876172?sExtCookieId=9f7062da-7c17-4f00-b4b3-0af6a1d214c1&sInitiator=internal&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NENERUQzQzhGMDZCQTVE&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESENrSJIU5Cxgh1OpXknHSBos&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&google_cver=1
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESENrSJIU5Cxgh1OpXknHSBos&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=
  • https://redirect.userreport.com/cs/1/4CDED3C8F06BA5D&gdpr_consent=
  • https://uip.semasio.net/userreport/1/info
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uip.semasio.net/userreport/1/info
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
HTTP/1.1
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:46 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Date
Fri, 22 Jul 2022 10:29:44 GMT
Via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
X-Cache
Miss from cloudfront
Location
https://uip.semasio.net/userreport/1/info
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
7QJh8oaCY0ajcAhUaYbVtUl9k26lf4zBOKnenWOYFYWTQEQu8A_4vw==
match
ps.eyeota.net/ Frame 7545 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=2194554243883020945&bid=9gdtmu1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Fri, 22 Jul 2022 10:29:42 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
/
loadm.exelator.com/load/ Frame 7545 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2194554243883020945
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
362358.gif
idsync.rlcdn.com/ Frame 7545
Redirect Chain
  • https://idsync.rlcdn.com/398366.gif?partner_uid=2194554243883020945
  • https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTMjE5NDU1NDI0Mzg4MzAyMDk0NRAAGg0IlvjplgYSBQjoBxAAQgBKAA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESECFEs9Ia9c-hb0qAotDUuIo&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECFEs9Ia9c-hb0qAotDUuIo&google_cver=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 22 Jul 2022 10:29:43 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECFEs9Ia9c-hb0qAotDUuIo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2194554243883020945/gdpr=/ Frame 7545
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2194554243883020945/gdpr=/gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2194554243883020945/gdpr=/gdpr_consent=
49 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2194554243883020945/gdpr=/gdpr_consent=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Server
52.17.214.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-214-109.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:42 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
expires
0
cache-control
no-cache
x-server
10.45.17.9
content-type
image/gif
content-length
49
x-consent
absent

Redirect headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:42 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2194554243883020945/gdpr=/gdpr_consent=
cache-control
no-cache
x-server
10.45.10.219
content-length
0
expires
0
29729
tags.bluekai.com/site/ Frame 7545 		62 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/29729?id=2194554243883020945
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.127.92 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-127-92.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:42 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length
62
content-type
image/gif
sd
eu-u.openx.net/w/1.0/ Frame 7545 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2194554243883020945
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:42 GMT
via
1.1 google
server
OXGW/485d39a
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 7545
Redirect Chain
  • https://api.adrtx.net/thirdparty/click?p=adfo
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
35 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
HTTP/1.1
Server
52.218.20.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Fri, 22 Jul 2022 10:29:43 GMT
Last-Modified
Thu, 29 Oct 2015 16:41:57 GMT
Server
AmazonS3
x-amz-request-id
B35QG0CWZZ994FE8
ETag
"c2196de8ba412c60c22ab491af7b1409"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
35
x-amz-id-2
gK2e6ma6Rb+jmAENZ83u11EIEzi+TCykOo/zzlKetjLIcDzhTKiAco3E6ZDQDyK3TlbxbAVfx7Y=

Redirect headers

X-Error-Reason
Missing UserId
Date
Fri, 22 Jul 2022 10:29:42 GMT
Server
akka-http/10.2.9
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
137
mw
mwzeom.zeotap.com/ Frame 7545
Redirect Chain
  • https://pixel.onaudience.com/?mapped=2194554243883020945&partner=68
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=31cacb0c26169307/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=31cacb0c26169307
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f162b2a6-4665-4175-6265-d8b914dddc95&reqId=b6d675f6-2902-4345-6685-f1c2eb0aba19&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEB_S48y3emc7DMwBiNRYQ88&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f162b2a6-4665-4175-6265-d8b914dddc95&reqId=b6d675f6-2902-4345-6685-f1c...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEB_S48y3emc7DMwBiNRYQ88&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f162b2a6-4665-4175-6265-d8b914dddc95&reqId=b6d675f6-2902-4345-6685-f1c2eb0aba19&zcluid=31cacb0c26169307&zdid=1332
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Server
104.22.25.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://c1.adform.net
access-control-allow-credentials
true
cf-ray
72eb7f340ec90b51-OSL
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEB_S48y3emc7DMwBiNRYQ88&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f162b2a6-4665-4175-6265-d8b914dddc95&reqId=b6d675f6-2902-4345-6685-f1c2eb0aba19&zcluid=31cacb0c26169307&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cm.adsafety.net/ Frame 7545 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=2194554243883020945
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.135.9.135 , Germany, ASN48314 (IP-PROJECTS, DE),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Fri, 22 Jul 2022 10:29:42 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usermatch.gif
beacon.krxd.net/ Frame 7545 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=2194554243883020945
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.135.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-135-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:42 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1658485785
x-served-by
beacon-n006-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
c1.adform.net/serving/cookie/match/ Frame 7545
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MjE5NDU1NDI0Mzg4MzAyMDk0NQ
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=MjE5NDU1NDI0Mzg4MzAyMDk0NQ&google_tc=
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPFmqGSVXVWtPBzFkOJT7Po&google_cver=1&google_ula=1641347,0
35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPFmqGSVXVWtPBzFkOJT7Po&google_cver=1&google_ula=1641347,0
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:43 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPFmqGSVXVWtPBzFkOJT7Po&google_cver=1&google_ula=1641347,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
secure.adnxs.com/ Frame 7545
Redirect Chain
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
  • https://c1.adform.net/serving/cookie/match?party=3&id=6716139883379384542&redirect=1
  • https://secure.adnxs.com/setuid?entity=91&code=2194554243883020945
43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=91&code=2194554243883020945
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
HTTP/1.1
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Jul 2022 10:29:42 GMT
X-Proxy-Origin
178.255.148.165; 178.255.148.165; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
428d782b-f6ea-40ba-995c-00a543bdf32b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:42 GMT
server
nginx
location
https://secure.adnxs.com/setuid?entity=91&code=2194554243883020945
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
plf
c1.adform.net/imatch/ Frame 7545 		0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plfm
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:42 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
Pug
simage2.pubmatic.com/AdServer/ Frame 7545 		42 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2194554243883020945
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
pdw-adf.userreport.com/ Frame 7545 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdw-adf.userreport.com/cs
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-87.fra2.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Fri, 22 Jul 2022 06:53:25 GMT
Via
1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.20.0
Age
12977
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C2
Content-Length
43
X-Amz-Cf-Id
az8Z38FZD1xZjuVieQXMTHF0glqIp_u4UW7QyaEz-iuMPuYENi8J-w==
p
a.audrte.com/ Frame 7545
Redirect Chain
  • https://a.audrte.com/a?adform_uid=2194554243883020945
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEK_SCZJZzoHI8PwGIwR79iA&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
HTTP/1.1
Server
54.89.128.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-128-231.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Fri, 22 Jul 2022 10:29:43 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 22 Jul 2022 10:29:43 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
c1.adform.net/serving/cookie/ Frame 7545
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2194554243883020945&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=56117617926340130490334703289586749923&noredirect=1
35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1007&cid=56117617926340130490334703289586749923&noredirect=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:42 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

DCS
dcs-prod-irl1-2-v037-094d84bab.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
6RPEtab+SyM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://c1.adform.net/serving/cookie/match?party=1007&cid=56117617926340130490334703289586749923&noredirect=1
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
dmp.adform.net/serving/cookie/match/ Frame 7545
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2194554243883020945
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216393104220001534100
35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216393104220001534100
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:43 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:43 GMT
server
AAWebServer
location
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216393104220001534100
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
/
dmp.adform.net/serving/cookie/match/ Frame 7545
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7123142198869162130
35 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7123142198869162130
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:43 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Location
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7123142198869162130
Date
Fri, 22 Jul 2022 10:29:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
33302
tags.bluekai.com/site/ Frame 7545 		62 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33302?id=2194554243883020945
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.127.92 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-127-92.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:43 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length
62
content-type
image/gif
match
c1.adform.net/serving/cookie/ Frame 7545
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
  • https://c1.adform.net/serving/cookie/match?party=1066&cid=ca6b62da-7c17-4e00-a31e-6ec93a7f8d5e
35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1066&cid=ca6b62da-7c17-4e00-a31e-6ec93a7f8d5e
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:43 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Date
Fri, 22 Jul 2022 10:29:43 GMT
Server
MT3 4475 c1dc35a master cdg-pixel-x12 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://c1.adform.net/serving/cookie/match?party=1066&cid=ca6b62da-7c17-4e00-a31e-6ec93a7f8d5e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 22 Jul 2022 10:29:42 GMT
match
c1.adform.net/serving/cookie/ Frame 7545
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=FtSEHHzs1OePUH5
35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1084&cid=FtSEHHzs1OePUH5
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:43 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Pragma
no-cache
Date
Fri, 22 Jul 2022 10:29:43 GMT
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0ec0c6ff59ec4bd79@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://c1.adform.net/serving/cookie/match?party=1084&cid=FtSEHHzs1OePUH5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 7545 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
image.sbmx
global.ib-ibi.com/ Frame 7545 		0
0
0.gif
id5-sync.com/s/10/ Frame 7545 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/10/0.gif?puid=2194554243883020945
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:43 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
/
dmp.adform.net/serving/cookie/match/ Frame 7545
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3706456862
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=U83MHfXMkwm9EEnv/v4naO
35 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=U83MHfXMkwm9EEnv/v4naO
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:43 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:42 GMT
via
1.1 google
last-modified
Fri, 22 Jul 2022 10:29:43 GMT
server
Weborama Collect Frontend
location
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=U83MHfXMkwm9EEnv/v4naO
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
um
sync.teads.tv/ Frame 7545 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=119&uid=2194554243883020945
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.9.94 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-9-94.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:43 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 22 Jul 2022 10:29:43 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
pixel.gif
sync.1dmp.io/ Frame 7545
Redirect Chain
  • https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2194554243883020945
  • https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2194554243883020945&cs=1
35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2194554243883020945&cs=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Server
78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.125.100.46.78.clients.your-server.de
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:43 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-type
image/gif
content-length
35
expires
0

Redirect headers

location
/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2194554243883020945&cs=1
date
Fri, 22 Jul 2022 10:29:43 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-length
0
expires
0
RX-82e306e1-ea60-4aa5-a1de-e0656dac88ae-003
sync.targeting.unrulymedia.com/csync/ Frame 7545
Redirect Chain
  • https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=2194554243883020945
  • https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=2194554243883020945&cookieCheck=1
  • https://sync.1rx.io/usersync/smaato/e8844768
  • https://sync.1rx.io/usersync/smaato/e8844768?zcc=1&cb=1658485784046
  • https://sync.targeting.unrulymedia.com/csync/RX-82e306e1-ea60-4aa5-a1de-e0656dac88ae-003
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-82e306e1-ea60-4aa5-a1de-e0656dac88ae-003
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Server
213.19.147.44 Beverwijk, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:44 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-82e306e1-ea60-4aa5-a1de-e0656dac88ae-003
pragma
no-cache
date
Fri, 22 Jul 2022 10:29:44 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
match
c1.adform.net/serving/cookie/ Frame 7545
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=2194554243883020945&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=2194554243883020945&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
  • https://c1.adform.net/serving/cookie/match?party=2007&cid=6e9e2c89-14eb-41bb-8de0-ffcd8f6ea148
35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=2007&cid=6e9e2c89-14eb-41bb-8de0-ffcd8f6ea148
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:43 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

location
https://c1.adform.net/serving/cookie/match?party=2007&cid=6e9e2c89-14eb-41bb-8de0-ffcd8f6ea148
date
Fri, 22 Jul 2022 10:29:43 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
2194554243883020945
match.contentexchange.me/adform/ Frame 7545 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.contentexchange.me/adform/2194554243883020945?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
ilog.vsn.si
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:43 GMT
content-length
0
server
nginx/1.16.1
xuid
eb2.3lift.com/ Frame 7545 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7354&xuid=2194554243883020945&dongle=AD20
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
put
e1.emxdgt.com/ Frame 7545 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d52&uid=2194554243883020945
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.121.203.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-203-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Fri, 22 Jul 2022 10:29:43 GMT
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html
plf
c1.adform.net/imatch/ Frame 7545 		0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plfl
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=2194554243883020945&agencyId=600&advertiserId=2062011&src=tp&rnd=693230
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:42 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
438846086591304
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/438846086591304?v=2.9.65&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
4f85da4209cc4441a6058f9f50d886f558e57822e24b96fbc497d1a4fe74ae2e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
Bf0mGaqVEIy6BHcXKDHXGkTV95efAN2sh4iB3j7uYsKU6VJ26qI1GqbBrV0e3BcsFuSV00yjMOL+QVUljPhs6A==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 22 Jul 2022 10:29:42 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1658485782320
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
enduser0.1.js
widget.alphablues.com/assets/ Frame 0346 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.alphablues.com/assets/enduser0.1.js
Requested by
Host: bots.alphablues.com
URL: https://bots.alphablues.com/tallink-alphachat-se-agent/enduser.html?id=uUPsXCVuC7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.176.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-176-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a423c14b791fbb37ea52f2290bc64e0657bb24faf5b5070c685f82f7e399731e

Request headers

Referer
https://bots.alphablues.com/
Origin
https://bots.alphablues.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:42 GMT
content-encoding
gzip
last-modified
Wed, 28 Oct 2020 11:39:03 GMT
server
nginx
etag
W/"196a7bab1e654a78829e289508645574"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
no-cache
s34709878536848
saa.tallink.com/b/ss/tallinksprod/10/JS-2.17.0-LCUM/ 		146 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://saa.tallink.com/b/ss/tallinksprod/10/JS-2.17.0-LCUM/s34709878536848?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=22%2F6%2F2022%2010%3A29%3A42%205%200&d.&nsid=0&jsonv=1&.d&mid=55592984987509362890316230298018717819&aamlh=6&ce=UTF-8&pageName=%2Fse-sv%2Fmobile%20booking&g=https%3A%2F%2Fmobile.tallink.com%2F&cc=SEK&events=event49%3D1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=mobile.tallink.com&v2=anonymous&v3=cruise&v6=desktop&c10=0&c11=1&v11=sto&v12=tur&v13=sto-tur&c14=1&v14=22-07-2022&v15=23-07-2022&v16=2&v17=0&v18=1&c19=%2Fmobile&c20=%2Fse-sv%2Fmobile%20booking&v22=1&v33=regular&v37=sv&v38=se&v40=no%20value&v51=cruise&v57=19%3A30&v58=08%3A20&v60=mobile&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AE8B5AD7591AC1560A495D25%40AdobeOrg&lrt=94&AQE=1
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2756a4211637/c911a2977602/ff2f5e71f994/EX045f37e462d94c6bb71efe1d190e7ace-libraryCode_source.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a91acd6b23a54e549c86aba0b57ebb35190920221aafdf256b82b7f63a40fcb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-aam-tid
08r6Fj1NRSg=
date
Fri, 22 Jul 2022 10:29:42 GMT
x-content-type-options
nosniff
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
vary
*
content-length
146
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-1-v037-0cd612d85.edge-irl1.demdex.com 3 ms
pragma
no-cache
last-modified
Sat, 23 Jul 2022 10:29:42 GMT
server
jag
xserver
anedge-69c8d8cc76-ghgf4
etag
3561571098271383552-4619885540816717624
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Thu, 21 Jul 2022 10:29:42 GMT
js
www.googletagmanager.com/gtag/ 		168 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1041950154&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-5638134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
88dd72442ad850cc6f0bd279903ce112060e957df373ea0709048adfc6957ac0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:42 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62240
x-xss-protection
0
last-modified
Fri, 22 Jul 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Jul 2022 10:29:42 GMT
sync
bots.alphablues.com/tallink-alphachat-se-agent/ Frame 0346 		666 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bots.alphablues.com/tallink-alphachat-se-agent/sync
Requested by
Host: widget.alphablues.com
URL: https://widget.alphablues.com/assets/enduser0.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.176.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-176-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8df0a9679c84ec8a6380425419fa95ee25a1ba2a964183e469e9d1feb823154e

Request headers

Referer
https://bots.alphablues.com/tallink-alphachat-se-agent/enduser.html?id=uUPsXCVuC7
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Jul 2022 10:29:42 GMT
server
nginx
etag
"6081a5553ad57e3044f1cb5bdcc9df9e6819eeae"
access-control-allow-methods
post, get, options
content-type
text/html; charset=UTF-8
access-control-allow-origin
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin, Alphachat-Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-XSRFToken, Enduser-Token
content-length
666
handover
bots.alphablues.com/tallink-alphachat-se-agent/ 		208 B
562 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bots.alphablues.com/tallink-alphachat-se-agent/handover
Requested by
Host: widget.alphablues.com
URL: https://widget.alphablues.com/widget/8.0.7/alphachat.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.176.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-176-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d2622b3304b9ca7097b03cdf8ba039de2b2d53d21610cf55ffcfac8ba4efed1

Request headers

Referer
https://mobile.tallink.com/
Enduser-Token
2|1:0|10:1658485782|17:alphachat_enduser|92:NzZhODc5OTgtOWExMC00NGY0LWI3MWQtZDMxOGEzNTM5YWExPj4+Pj4+MjAyMi0wNy0yMlQxMDoyOTo0Mi4zMTIwMDFa|4ce868d236aa7c8e5837c71d8867adccf26afbcdb5450663f6be724f6992c2f2
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Jul 2022 10:29:42 GMT
server
nginx
access-control-allow-methods
post, get, options
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://mobile.tallink.com
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin, Alphachat-Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-XSRFToken, Enduser-Token
content-length
208
handover
bots.alphablues.com/tallink-alphachat-se-agent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bots.alphablues.com/tallink-alphachat-se-agent/handover
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.176.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-176-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,enduser-token
Access-Control-Request-Method
POST
Origin
https://mobile.tallink.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin, Alphachat-Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-XSRFToken, Enduser-Token
access-control-allow-methods
post, get, options
access-control-allow-origin
https://mobile.tallink.com
date
Fri, 22 Jul 2022 10:29:42 GMT
server
nginx
conversion_async.js
www.googleadservices.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1041950154&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15160
x-xss-protection
0
server
cafe
etag
9823212955285023900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Jul 2022 10:29:42 GMT
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=438846086591304&ev=PageView&dl=https%3A%2F%2Fmobile.tallink.com%2F&rl=&if=false&ts=1658485782463&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658485782462.788240835&it=1658485782098&coo=false&tm=1&exp=u0&rqm=GET
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 22 Jul 2022 10:29:42 GMT
history
bots.alphablues.com/tallink-alphachat-se-agent/ 		31 B
384 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bots.alphablues.com/tallink-alphachat-se-agent/history
Requested by
Host: widget.alphablues.com
URL: https://widget.alphablues.com/widget/8.0.7/alphachat.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.176.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-176-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2597bcee29a176b6bd9c2196cb71435221b41a1cd3dc4b14675be1816c22a1c7

Request headers

Referer
https://mobile.tallink.com/
Enduser-Token
2|1:0|10:1658485782|17:alphachat_enduser|92:NzZhODc5OTgtOWExMC00NGY0LWI3MWQtZDMxOGEzNTM5YWExPj4+Pj4+MjAyMi0wNy0yMlQxMDoyOTo0Mi4zMTIwMDFa|4ce868d236aa7c8e5837c71d8867adccf26afbcdb5450663f6be724f6992c2f2
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Jul 2022 10:29:42 GMT
server
nginx
access-control-allow-methods
post, get, options
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://mobile.tallink.com
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin, Alphachat-Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-XSRFToken, Enduser-Token
content-length
31
history
bots.alphablues.com/tallink-alphachat-se-agent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bots.alphablues.com/tallink-alphachat-se-agent/history
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.176.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-176-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,enduser-token
Access-Control-Request-Method
POST
Origin
https://mobile.tallink.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin, Alphachat-Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-XSRFToken, Enduser-Token
access-control-allow-methods
post, get, options
access-control-allow-origin
https://mobile.tallink.com
date
Fri, 22 Jul 2022 10:29:42 GMT
server
nginx
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1041950154/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1041950154/?random=1658485782707&cv=9&fst=1658485782707&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7k0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmobile.tallink.com%2F&tiba=Mobile%20Booking%20-%20Tallink%20Silja&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ae3b765d8b1bfadf9b062c823a862d2cbaf0b8ac1ffe6c6bf26fc6efbe993f90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1041
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
bots.alphablues.com/tallink-alphachat-se-agent/ Frame 0346 		357 B
729 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bots.alphablues.com/tallink-alphachat-se-agent/sync
Requested by
Host: widget.alphablues.com
URL: https://widget.alphablues.com/assets/enduser0.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.176.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-176-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fef814ecbdd67b5776f4d79c91cd34ca3852e393983f87e8e6687219e76b2c4b

Request headers

Referer
https://bots.alphablues.com/tallink-alphachat-se-agent/enduser.html?id=uUPsXCVuC7
Enduser-Token
2|1:0|10:1658485782|17:alphachat_enduser|92:NzZhODc5OTgtOWExMC00NGY0LWI3MWQtZDMxOGEzNTM5YWExPj4+Pj4+MjAyMi0wNy0yMlQxMDoyOTo0Mi4zMTIwMDFa|4ce868d236aa7c8e5837c71d8867adccf26afbcdb5450663f6be724f6992c2f2
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Jul 2022 10:29:43 GMT
server
nginx
etag
"0966b0bb5daea84dfec9d3ed574319c78828e565"
access-control-allow-methods
post, get, options
content-type
text/html; charset=UTF-8
access-control-allow-origin
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin, Alphachat-Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-XSRFToken, Enduser-Token
content-length
357
bundle.css
widget.alphablues.com/widget/8.0.7/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.alphablues.com/widget/8.0.7/bundle.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.176.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-176-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e2004ff8ebbb8cea8013ca4af39469e3be46fc602b879b97a9e67869af190593

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:43 GMT
cache-control
no-cache
last-modified
Fri, 17 Sep 2021 07:08:55 GMT
server
nginx
content-encoding
gzip
etag
W/"2d26966ec5b6ef7a80137a08dd4fd4e3"
content-type
text/css
tallink.css
en.tallink.com/documents/10192/130226512/
Redirect Chain
  • https://www.tallinksilja.com/documents/10192/130226512/tallink.css
  • https://en.tallink.com/documents/10192/130226512/tallink.css
18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://en.tallink.com/documents/10192/130226512/tallink.css
Requested by
Host: client
URL: about:client
Protocol
H2
Server
91.195.246.103 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
3e9d4782e5991a3892f409655c7d64f401e61d0f0fae95d2aed19b1b2cb4eb7d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sw-bes
136.8443
content-disposition
attachment; filename="tallink.css"
vary
Accept-Encoding
content-length
3605
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 02 May 2022 11:16:53 GMT
server
Tallink
x-frame-options
SAMEORIGIN
etag
"6bc3676"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/css
x-proxy-cache-date
Mon, 04 Jul 2022 11:19:14 GMT
cache-control
no-store,no-cache,private
x-country-code
NO
x-proxy-cache
HIT

Redirect headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:43 GMT
x-content-type-options
nosniff
server
Tallink
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/html
location
https://en.tallink.com/documents/10192/130226512/tallink.css
x-sw-bes
136.8443
cache-control
no-store,no-cache,private
x-country-code
NO
vary
Accept-Encoding
content-length
162
x-xss-protection
1; mode=block
/
www.google.com/pagead/1p-user-list/1041950154/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1041950154/?random=1658485782707&cv=9&fst=1658484000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmobile.tallink.com%2F&tiba=Mobile%20Booking%20-%20Tallink%20Silja&async=1&fmt=3&is_vtc=1&random=1519821688&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.no/pagead/1p-user-list/1041950154/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.no/pagead/1p-user-list/1041950154/?random=1658485782707&cv=9&fst=1658484000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmobile.tallink.com%2F&tiba=Mobile%20Booking%20-%20Tallink%20Silja&async=1&fmt=3&is_vtc=1&random=1519821688&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:29:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tallink-chat-icon-settings.svg
www.tallink.com/documents/10192/130226512/ 		1 KB
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tallink.com/documents/10192/130226512/tallink-chat-icon-settings.svg
Requested by
Host: en.tallink.com
URL: https://en.tallink.com/documents/10192/130226512/tallink.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.103 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
d21290832fc0b4faee591018e87fae42895c3de80777af7669ff8531f5021591
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://en.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sw-bes
135.8443
content-disposition
attachment; filename="tallink-chat-icon-settings.svg"
vary
Accept-Encoding
content-length
840
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 09 Dec 2020 08:20:50 GMT
server
Tallink
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/svg+xml
x-proxy-cache-date
Fri, 22 Jul 2022 10:28:23 GMT
cache-control
no-store,no-cache,private
x-country-code
NO
x-proxy-cache
HIT
tallink-chat-icon-minimize.svg
www.tallink.com/documents/10192/130226512/ 		157 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tallink.com/documents/10192/130226512/tallink-chat-icon-minimize.svg
Requested by
Host: en.tallink.com
URL: https://en.tallink.com/documents/10192/130226512/tallink.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.103 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
b397364527ad2d2c1b5cf97d1175c142c4bc3319435641ecf8612de425d47d06
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://en.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:44 GMT
x-content-type-options
nosniff
x-sw-bes
136.8443
content-disposition
attachment; filename="tallink-chat-icon-minimize.svg"
vary
Accept-Encoding
content-length
157
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 04 Jun 2020 12:12:50 GMT
server
Tallink
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/svg+xml
x-proxy-cache-date
Fri, 22 Jul 2022 10:26:56 GMT
cache-control
no-store,no-cache,private
x-country-code
NO
x-proxy-cache
HIT
tallink-chat-icon-close.svg
www.tallink.com/documents/10192/130226512/ 		467 B
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tallink.com/documents/10192/130226512/tallink-chat-icon-close.svg
Requested by
Host: en.tallink.com
URL: https://en.tallink.com/documents/10192/130226512/tallink.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.103 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
a5f99a24dc699d8bef91ee63965e78f41f6c9a7cb6f7caa4c92e6b0b09c226b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://en.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:44 GMT
x-content-type-options
nosniff
x-sw-bes
134.8443
content-disposition
attachment; filename="tallink-chat-icon-close.svg"
vary
Accept-Encoding
content-length
467
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 04 Jun 2020 11:58:48 GMT
server
Tallink
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/svg+xml
x-proxy-cache-date
Fri, 22 Jul 2022 10:28:24 GMT
cache-control
no-store,no-cache,private
x-country-code
NO
x-proxy-cache
HIT
alphablues-chat-icon-attachment.svg
widget.alphablues.com/widget/assets/img/ 		1 KB
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget.alphablues.com/widget/assets/img/alphablues-chat-icon-attachment.svg
Requested by
Host: widget.alphablues.com
URL: https://widget.alphablues.com/widget/8.0.7/bundle.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.176.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-176-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c6c55cc82e519811455f22fe4527bb4115d97abbd3bb9cba448fa3bfebc6aaad

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://widget.alphablues.com/widget/8.0.7/bundle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:43 GMT
cache-control
no-cache
last-modified
Thu, 04 Jun 2020 06:58:53 GMT
server
nginx
content-encoding
gzip
etag
W/"5b04908d279a5fdb00f6076f5db25048"
content-type
image/svg+xml
tallink-chat-icon-next.svg
www.tallink.com/documents/10192/130226512/ 		338 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tallink.com/documents/10192/130226512/tallink-chat-icon-next.svg
Requested by
Host: en.tallink.com
URL: https://en.tallink.com/documents/10192/130226512/tallink.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.103 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
94518fe337b03268b7ca40d66ec0cbf8f923367074b4dc852e24c11b322a84e9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://en.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:44 GMT
x-content-type-options
nosniff
x-sw-bes
135.8443
content-disposition
attachment; filename="tallink-chat-icon-next.svg"
vary
Accept-Encoding
content-length
338
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 04 Jun 2020 11:58:48 GMT
server
Tallink
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/svg+xml
x-proxy-cache-date
Fri, 22 Jul 2022 10:27:52 GMT
cache-control
no-store,no-cache,private
x-country-code
NO
x-proxy-cache
HIT
tallink-chat-icon.svg
www.tallink.com/documents/10192/130226512/ 		843 B
998 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tallink.com/documents/10192/130226512/tallink-chat-icon.svg
Requested by
Host: en.tallink.com
URL: https://en.tallink.com/documents/10192/130226512/tallink.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.195.246.103 Haabneeme, Estonia, ASN43958 (TALLINK-AS, EE),
Reverse DNS
Software
Tallink /
Resource Hash
5e16083c6415dc22665b865cec4563442955dd3d096d1bb737d2196c4406611c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://en.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:44 GMT
x-content-type-options
nosniff
x-sw-bes
134.8443
content-disposition
attachment; filename="tallink-chat-icon.svg"
vary
Accept-Encoding
content-length
843
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 04 Jun 2020 11:58:47 GMT
server
Tallink
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/svg+xml
x-proxy-cache-date
Fri, 22 Jul 2022 10:23:26 GMT
cache-control
no-store,no-cache,private
x-country-code
NO
x-proxy-cache
HIT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=438846086591304&ev=Microdata&dl=https%3A%2F%2Fmobile.tallink.com%2F&rl=&if=false&ts=1658485783966&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Mobile%20Booking%20-%20Tallink%20Silja%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1658485782462.788240835&it=1658485782098&coo=false&es=automatic&tm=3&exp=u0&rqm=GET
Requested by
Host: mobile.tallink.com
URL: https://mobile.tallink.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://mobile.tallink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:29:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 22 Jul 2022 10:29:44 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
booking.tallink.com
URL
https://booking.tallink.com/api/onboardServices/v2?mobile=true&locale=sv&country=SE&sessionGUID=0CE94239-CC23-4749-82BD-C84D56E2E47D&outwardSailId=2143280&adults=1
Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=2194554243883020945

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| serviceWorkerInit object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in number| offset object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| __target_telemetry object| TF function| getPageName function| getProducts function| getPreviousProducts function| getNewProducts object| dataLayer function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_Integrate function| AppMeasurement function| s_gi function| s_pgicq string| s_account object| s function| DIL number| s_objectID number| s_giq string| GoogleAnalyticsObject function| ga function| checkDigiDataReady number| timerStart number| timerLimit function| checkDigitalDataReady function| checkDigitalDataTransactionReady string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk object| uetq string| TiktokAnalyticsObject object| ttq object| _adftrack object| ADTERRORHANDLER object| ADT object| digiData object| Adform object| KJUR object| adf boolean| fbTrackingSent function| fbq function| _fbq number| smoRand string| smoPrtKey string| smoPUrl string| smoParams string| smoInfo string| smoSD string| smoTrUrl object| smoTrImg function| gtag boolean| jsTagSet object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| UET function| UET_init function| UET_push object| ueto_8c8ca411b2 boolean| _already_called_lintrk object| google_tag_data object| gaplugins function| _Mathpow number| _MathLN function| _Mathsqrt function| _Mathlog function| _Mathabs function| _StringfromCharCode function| _Mathexp function| _Mathexpm function| _Mathmax function| _Mathceil function| _Mathround function| _Mathfloor function| _Mathmin object| System function| asap function| Observable object| SSO object| trackingData boolean| IS_CLIENT_SIDE boolean| IS_ANDROID_WEBVIEW boolean| IS_IOS_WEBVIEW boolean| IS_WEB undefined| androidBridge undefined| iosBridge function| _bridgeSend function| _bridgeSupports boolean| IS_BRIDGE_AVAILABLE function| obj2qs object| fastXDM object| VK object| WebComponents function| __CE_installPolyfill object| ShadyCSS number| __mobxInstanceCount undefined| __mobxGlobals object| Alphachat object| s_i_tallinksprod string| jh_date number| j number| errIndex number| infoIndex object| google_tag_manager function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| alphachatCaptchaCallback

110 Cookies

Domain/Path Name / Value
mobile.tallink.com/ Name: default-persistance
Value: 3691885578.63341.0000
.tallink.com/ Name: at_check
Value: true
.demdex.net/ Name: demdex
Value: 56117617926340130490334703289586749923
booking.tallink.com/ Name: iki3persistance
Value: 3708662794.53691.0000
sso.tallink.com/ Name: default-persistance
Value: 500675594.59835.0000
.tallink.com/ Name: AMCVS_AE8B5AD7591AC1560A495D25%40AdobeOrg
Value: 1
.bing.com/ Name: MUID
Value: 183FDB4D22FA68E91F01CAA4230F69CB
.adform.net/ Name: C
Value: 1
.tallink.com/ Name: s_ecid
Value: MCMID%7C55592984987509362890316230298018717819
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Ytp8FQAAALowbgNx
.semasio.net/ Name: SEUNCY
Value: 4CDED3C8F06BA5D
.tallink.com/ Name: _uetsid
Value: 325ce3a009a911edac030ddf9e19880c
.tallink.com/ Name: _uetvid
Value: 325d0f6009a911ed93137d6be30c6028
.adform.net/ Name: uid
Value: 2194554243883020945
.adform.net/ Name: CM
Value: 1|1
.dpm.demdex.net/ Name: dpm
Value: 56117617926340130490334703289586749923
mobile.tallink.com/ Name: ssoAuthState
Value: {%22identifier%22:%22%22%2C%22countryCode%22:%22%22%2C%22otpMethod%22:%22%22%2C%22authId%22:%22%22%2C%22email%22:%22%22%2C%22phone%22:%22%22%2C%22username%22:%22%22%2C%22isWelcome%22:true}
mobile.tallink.com/ Name: ssoUsers
Value: []
.tallink.com/ Name: mbox
Value: session#9ec7c80cf753412b8019f2e978b83458#1658487642|PC#9ec7c80cf753412b8019f2e978b83458.37_0#1721730582
.tiktok.com/ Name: _ttp
Value: 2CIMjd7qoq2Uia4RvAYe4VRtSdK
.tallink.com/ Name: AMCV_AE8B5AD7591AC1560A495D25%40AdobeOrg
Value: 359503849%7CMCIDTS%7C19196%7CMCMID%7C55592984987509362890316230298018717819%7CMCAAMLH-1659090581%7C6%7CMCAAMB-1659090581%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1658492981s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19203%7CvVersion%7C5.0.1
.tallink.com/ Name: _tt_enable_cookie
Value: 1
.tallink.com/ Name: _ttp
Value: fb74a8e4-3ded-4e74-a610-979039b3a80e
.tallink.com/ Name: alphachat-test
Value: 1
.vk.com/ Name: remixlang
Value: 55
.vk.com/ Name: remixstlid
Value: 9075531971174226540_ozgZEcaajhlBFtm2iDOq5YbInnNRWAar83ZUHS1wdc0
mobile.tallink.com/ Name: ssoPersistence
Value: test
.tallink.com/ Name: s_vs
Value: 1
.tallink.com/ Name: s_cc
Value: true
.seadform.net/ Name: uid
Value: 2194554243883020945
.adform.net/ Name: CM14
Value: 1658572182_1658485782_1_Hu7u4e4e4R7u7u4REREeERERERHhEQ
.mobile.tallink.com/ Name: aam_uuid
Value: 56117617926340130490334703289586749923
.tallink.com/ Name: gpv_pn
Value: %2Fse-sv%2Fmobile%20booking
.casalemedia.com/ Name: CMID
Value: Ytp8Fminr-fSnFxlY4LFfQAA
.casalemedia.com/ Name: CMPS
Value: 4445
.casalemedia.com/ Name: CMPRO
Value: 4445
.tallink.com/ Name: _gcl_au
Value: 1.1.387870968.1658485782
.adscale.de/ Name: uu
Value: ecb4ef10d5414525a12960fe22bf8438
.adscale.de/ Name: cct
Value: 1658485782262
.yieldlab.net/ Name: id
Value: 49cc9549-28d4-44d4-9ea1-0560b979f1bc
.smartadserver.com/ Name: pid
Value: 7597453231756842418
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 22:2194554243883020945
.yahoo.com/ Name: A3
Value: d=AQABBBZ82mICEB4AhFMp1M6WfaEbDPl1PwYFEgEBAQHN22LkYgAAAAAA_eMAAA&S=AQAAAtE5ThCbpK_NZQc7KpnTRr4
.360yield.com/ Name: tuuid
Value: 404ef65a-0bf6-4b2d-b757-240f2029e61d
.360yield.com/ Name: tuuid_lu
Value: 1658485782
.casalemedia.com/ Name: CMTS
Value: 4552
.ih.adscale.de/ Name: tu
Value: 4#703363553#42~2194554243883020945~460690~0~0
.bidswitch.net/ Name: tuuid
Value: 9c934afc-6362-4ced-8d7c-8d9a56949b67
.bidswitch.net/ Name: c
Value: 1658485782
.bidswitch.net/ Name: tuuid_lu
Value: 1658485782
.linkedin.com/ Name: UserMatchHistory
Value: AQKBJpOSlQY70AAAAYIldLb9ceCCY5ppn1vY05tzU-rYFWzYJb54qRXZzUkhCy1zQuAt9u9bEv7ioQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIqXBdGVW-ZBAAAAYIldLb9WKGEjvJkiBEZW0_IauxPYi2K7JcBjP8JROWpBoOAo_CF4O8-HFnlbhGaKE2D-g
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&1727c676-0c3c-436d-8b01-28ab45f94251"
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2638:u=1:x=1:i=1658485782:t=1658572182:v=2:sig=AQG0cyTxBFr-tl3OImg0t04icOIBmfgx"
.360yield.com/ Name: um
Value: !42,MiGeph38kHxr1ufHiKi.3R-F5pBeZ5C1xBGbbei8a3-5,1659695382
.360yield.com/ Name: umeh
Value: !42,0,1720693782,-1
ads.stickyadstv.com/ Name: uid-bp-617
Value: 2194554243883020945
ads.stickyadstv.com/ Name: UID
Value: fdb32b9df362a9c2c8652ce3a742195b
ads.stickyadstv.com/ Name: sessionId
Value: 3be9b452f6c0aac52712a6cff135224
.tallink.com/ Name: _fbp
Value: fb.1.1658485782462.788240835
.analytics.yahoo.com/ Name: IDSYNC
Value: "1760~265m:173n~265m"
.eyeota.net/ Name: SERVERID
Value: 21506~DM
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.rlcdn.com/ Name: pxrc
Value: CJb46ZYGEgUI6AcQABIGCLrqARAA
.adnxs.com/ Name: uuid2
Value: 6716139883379384542
.krxd.net/ Name: _kuid_
Value: O-ORIXlU
.onaudience.com/ Name: cookie
Value: 31cacb0c26169307
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2194554243883020945&KRTB&23263-2194554243883020945
.pubmatic.com/ Name: PugT
Value: 1658485781
.linkedin.com/ Name: lang
Value: v=2&lang=no-no
.www.linkedin.com/ Name: bscookie
Value: "v=1&202207221029423efef26d-0873-4b07-8fc2-c22f529ed1c9AQFprBSwDpziZH9kDMqVv-nii5VmnOFZ"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTg0ODU3ODI7MjswMjHmgl6GVuLY0wgGHgNMPNlMlxLf9xmYsj3tlLSm2mv+Cw==
.facebook.com/ Name: fr
Value: 0XDmh36WuoGE0ggRr..Bi2nwW...1.0.Bi2nwW.
.adnxs.com/ Name: anj
Value: dTM7k!M4/YD>6NRF']wIg2GVMdwa=l!]tbPl1M66+q([OUezYKZ5?4RQ66^#Os_idSXGSp3c_u*Fq#Go!AXTO:4=sB!.db9]<n8$
.onaudience.com/ Name: done_redirects219
Value: 1
.tallink.com/ Name: alphachat-active-session
Value: 76a87998-9a10-44f4-b71d-d318a3539aa1%2Cnull%2Cfalse%2Cnull%2Cfalse%2Cnull%2Cnull
.doubleclick.net/ Name: IDE
Value: AHWqTUlLdXj0tv2Amth7K4rEjHCkLhE978sVF0NvbsyB7HGUcr8OD9pezmiv9BZtpdQ
.agkn.com/ Name: ab
Value: 0001%3AET1KMFkw%2Bqk2kcRfoCuuslQrjwf7UJsq
.adfarm1.adition.com/ Name: UserID1
Value: 7123142198869162130
.rlcdn.com/ Name: rlas3
Value: s49U+IvlVAyPAP8Ikv6cZad3SJaKF0AkRXKXa8ijsMU=
.mathtag.com/ Name: uuid
Value: ca6b62da-7c17-4e00-a31e-6ec93a7f8d5e
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.w55c.net/ Name: wfivefivec
Value: FtSEHHzs1OePUH5
.w55c.net/ Name: matchadform
Value: 5
.audrte.com/ Name: arcki2_adform
Value: 2194554243883020945!20210804!1658485783304
.audrte.com/ Name: arcki2_TTT
Value: 1658485783305!8blaM2dJMomTdu3DEnv-l9fDw!H4sIAAAAAAAAAEWWO5KmJwxFF/PFVPEQD4UOHLhcduCaDUgC9r+EOXTiSebvbn4Q0r3nksepbVukXY+mdt2S1mLJtcXubddb/NO5tVepaZYzkqjVpDZzaiq+I87aZ35Rt5asmkoPT812JD93JWvRbZWcm8fn4mK6d3JbPUk+JXmrjeM4r+95JN+veK63S6Qq5klO2UnPzUn2uK3E7X71G6Emunuad9XUzmBRvnziy3lo28X0Y4mNmUequc7UZj9Jy7Jkd/XuGtyqfzX03syiebyn1stJVnwlZ4fhPd+I9bV7bps3Uh6XRXo16bCTuPPpMvLSXb7Ya3mOkSj+JInFxRY1VV962+5ah362YvvqK51M28VHZ9H4KbGvIrPkNr6xGMXNkmafi7FQPb2+1FTH5RDZHFdPj6VRU5yh7HTYqSxPFONr93v8dvo07hmLcrIyuyo9Wb+S5NZegrG4ydfXLgya41Zj5WGlFi9p1Lw9wuSu8R3fw+LNvlKzbOVTo5mlhjES8Tj1485utiUV0Vd4tKTzlnSOznq4eGwWlTzbKpHu+7uU3BNfW+mWXHbpLZfpX6k9zkaU2hrlllBUcoI9l/Y2NG5QE5JDo5LM3qJp7FQkJ8vFtp+Z10IqtMvq0lcEiwKNm3ehWdnl2Ojnns9i+hzGTrVyO2HK7gj5tjZHm5RSz4cPblWOm40rSvbBThx8Ch2mPQhpf/dEaPhObTSj40/tWlfK2OWOcmpZ6zOZHvwmjfZagCsShXiq0UN2aZdzviP9tTN+imC73l7hiz0HF/eptc5vL5GzKsp2FkkwloW+kobY3Hf0fPTz0i+FbMbeLgOm2boUB0fPXSeeqe0TGWvh5YRU+VPF4QYB0i7x1jwN5x8jSNcn2jKeJTmp7IyNg4lXV5H1xfBldXKxEWh8V6QynQHcLUfQdmZRbeu03bDHcIAhbGc2Je1te06rODi+A4OWCvZol+oPUvEh3PPERCattEpNQm8uDo6oP8fR8eYIWUddRw1q3O+vf//547+///yVcFkHLXXhs6tFUUpL4wwGOpxCu1qqUxb+Wc6/r9Cv0l7z6+bk1yHtI6djcfSOMQtK3BgcJdVUrFpCwjsBHzRrRcdUF7r21Y4k63jSGOwketPauNxHHsuZQZuMIfd+Wr3ptEuHM33xV3JDqgfDIbWAIsuismjoehShcLPsiOjmbSKPAd+kJ70A4h1ATdr7+80Gw0J1bYTW5dMm3AYldqCBhQrIznAbk/fejmBD+3QxMi8FlKF5AfHgbzGwSg/4QA/Pl0+fSE7S1cntpryOtWdb/nvkanY+IDw60ZKkoxopNpNtRPbaVPahsE2fNIvMvFMvo9EsbO2CRWI81EDQdeW71s0MEHtBNcIcuR2EjmBg3WNs1+9Wz/vdjssLckckni8tIFaub98257cEoyx5SjfckSuppLmkZSCS70yN8sny652OkxpPri/fFJTk6/yas7y3r0FdZOuYcTAWeInPhhFSuppVaZD5cxQAQFZasz0LohdGyihx8Qyptqt8MmrU8VLNGRs/AX92T6RILz4K6FWkguIJq7RfiEo/kggih6Zwm96VFewUbZCMPfVjsMMQJd4sqd8Gl2bpudp3JfZeWGxAQUIQS9jIREvv9GZXcLu+LZtRgxoWFhYB/yX4xvdpNGVdVILoDvYtLxfoY5NKOcGetVSOllbV7EP+R0xKirmoiThO/qCCtU9nHPq8v2qFabrR00/hyA+cc2agpGFjgKjP56oKftOI+WhLOXZQ3vK4h4u3MvP/3uen+ZI2c3FSjw+XGJIlZNWMgodIgBecTppq4Z3RCSsCJ6dyB3Oo7zGCnVMAwjI8F+LhO8yY+tiEXj6M+Eu992leOcfrivyBC7RIXI86K8MqiP4Fmh2rw1BAz+1DR6Xm4Lrrvmi0B2oY+ih2+HqG5J/WnjOQf6BH+TxZXuEHZUNgaEOS5+/mxWTLRFZ4ROLNIa9JDO0aCOjIpqagkZsHVNf39jkYaeHOpBd2QFe7e3ym1fLm7eT9hUNrBf4drkgdFY3xlMhf5jUD+4lrIe6JIXZ6RiMKiOVQ2Li+pTObX9C2Xy7cw7PmvTsZ66QVA0SgMiX9eCslg2EPSGS6H3a6Z81+h+wZX+EpUR71wh5LGnHrFXtQj0V2Uq4vXlG3LSeE8VJ/WUQ0XuVRFuMU6WxUL8EfWLS1BE7BBNpLuu9JQHhnwpjr9q8b1uUdyCHKEyQGhID8ab/Z5SNhXj7vjhuE7nUBI73ml3rkoxovDGsNPX4MCsZZThOwklW8cGFnBSObjMBFW8rXW4E/wfc7zx4SlYMvbmmQqPLyLjyHP9ArTvaktjq4RRq8WMg/HgXUzdWZ5m9At/OM3wsAAA==
.weborama.fr/ Name: AFFICHE_W
Value: qVCH@b16waup89
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.1dmp.io/ Name: uid
Value: 33662a94-09a9-11ed-8677-901b0e934d81
.zeotap.com/ Name: zc
Value: f162b2a6-4665-4175-6265-d8b914dddc95
.zeotap.com/ Name: zsc
Value: %E8-%C5%F3%9A%99d1%E9%8C%BD%DB%C5%01_g%EE%DB%A1I1%E1K%80%FF%A0%A6%15%7Ce%1B%A9%DA%1Cb%22%C9%3ByC%CBD%BAVNB%3C%B5%B2%3Ec%E8%E4%02%D1%22%FC%DDs%1E%CE%B6U%B7%07%BCek%B1%A3%04%28s%9F%9D%B64o%8F%DAM%07W
.audrte.com/ Name: arcki2_ddp
Value: CAESEK_SCZJZzoHI8PwGIwR79iA!20210804!1658485783543
.tapad.com/ Name: TapAd_TS
Value: 1658485783583
.tapad.com/ Name: TapAd_DID
Value: 6e9e2c89-14eb-41bb-8de0-ffcd8f6ea148
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.audrte.com/ Name: arcki2
Value: 8blaM2dJMomTdu3DEnv-l9fDw!20210804!1658485783687
.smaato.net/ Name: SCM
Value: e8844768
.smaato.net/ Name: SCMu
Value: e8844768
.smaato.net/ Name: SCM1001213
Value: e8844768
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-82e306e1-ea60-4aa5-a1de-e0656dac88ae-003%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-82e306e1-ea60-4aa5-a1de-e0656dac88ae-003%22%7D
.tallink.com/ Name: s_ptc
Value: 0.00%5E%5E0.00%5E%5E0.06%5E%5E0.11%5E%5E0.06%5E%5E0.05%5E%5E4.12%5E%5E0.00%5E%5E4.35

1 Console Messages

Source Level URL
Text
network error URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=2194554243883020945
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
adtr.io
analytics.tiktok.com
api.adrtx.net
assets.adobedtm.com
bat.bing.com
beacon.krxd.net
booking.tallink.com
bots.alphablues.com
c1.adform.net
cdn.adt356.com
cm.adsafety.net
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
en.tallink.com
eu-u.openx.net
global.ib-ibi.com
googleads.g.doubleclick.net
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
mobile.tallink.com
mwzeom.zeotap.com
pdw-adf.userreport.com
pixel.mathtag.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
px.ads.linkedin.com
redirect.frontend.weborama.fr
redirect.userreport.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
saa.tallink.com
se.semasio.net
secure.adnxs.com
server.seadform.net
simage2.pubmatic.com
snap.licdn.com
spl.zeotap.com
sso.tallink.com
sync.1dmp.io
sync.1rx.io
sync.crwdcntrl.net
sync.targeting.unrulymedia.com
sync.teads.tv
tags.bluekai.com
tallinksailja.demdex.net
tallinksiljaoy.tt.omtrdc.net
token.rubiconproject.com
track.adform.net
uip.semasio.net
uipglob.semasio.net
ups.analytics.yahoo.com
vk.com
widget.alphablues.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.no
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.tallink.com
www.tallinksilja.com
x.bidswitch.net
booking.tallink.com
global.ib-ibi.com
104.18.18.126
104.22.25.87
104.64.127.92
13.107.42.14
13.107.43.14
13.224.189.75
13.225.78.118
13.225.78.23
13.225.78.87
13.225.78.91
141.95.98.68
142.250.181.226
142.250.185.162
142.250.185.68
142.250.186.130
142.250.186.131
142.250.186.168
142.250.186.78
15.235.15.221
15.236.176.210
157.240.236.1
157.240.236.35
18.156.126.13
18.198.176.183
185.64.189.110
185.86.139.113
193.135.9.135
2.16.2.74
2.21.20.155
2.23.8.237
2.23.9.94
204.79.197.200
213.19.147.44
23.35.236.237
23.36.163.249
3.121.203.93
3.126.56.137
3.248.150.209
3.66.94.139
34.250.43.187
34.254.143.3
34.98.64.218
35.190.24.218
35.227.248.159
35.244.174.68
37.157.2.248
37.157.4.29
37.157.6.247
37.252.173.27
46.19.11.36
52.17.154.165
52.17.214.109
52.208.83.22
52.218.20.124
52.223.40.198
52.49.242.9
52.57.150.20
52.59.173.142
52.59.94.57
54.77.56.172
54.89.128.231
63.34.135.249
69.173.144.165
76.223.111.18
77.243.60.138
78.46.100.125
85.114.159.93
87.240.190.67
91.195.246.103
91.195.246.112
91.195.246.113
91.195.247.11
96.16.132.239
050a983c237a5866a7e2caeaae8e584237920fa095aa3faa3e16bee56bf954fe
0937a6f160a091257b52bea8198eb6d46c1b646b2f966d8d89386f79e3cf5db4
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c368361d1a3a7b021c43c6e027d527ac55a67d6c1f001c33d8c7e2c9f2d95d5
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1b5928c6631a449ca0d249d004b9ac5609a2ced3cb3dc31fe384943e6eb11847
1d2622b3304b9ca7097b03cdf8ba039de2b2d53d21610cf55ffcfac8ba4efed1
20724e8201d8580c22359ff4510a549a2417be65658cd001dff8d7c31f9bfae4
244e6f3a5523ddb410d442dc501867b31882915b4f735588f3b4e162f204fc6a
2597bcee29a176b6bd9c2196cb71435221b41a1cd3dc4b14675be1816c22a1c7
25b9e4b601d17559ccbff44d6ce08162e5eeb37afc0ef2e3db0007821651ea51
26115557edbc3d39b4a1634a5a855ac47f9614fddb5c0a045e03907911d5f84f
2656e0740ad841bac7e05e1e3fd00bfa57edd0a1058562132f80fdd53803a8c3
2a122abfa6bdf53752aacea2c06dbd712db7564b62bf1b5c82dd74e968b11cf4
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3165dd5c01615e664442b4c357e1cbfd8ae1e1f984d9174c06b657af988986b1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
345db89310bb00b60d93751a3f8ba80ae31fdc84b1b054aceb7df05ef19250cf
394576274f2c628321556543e6184d7ba9d4541f91f543c9cdf16bd62cf33810
3a29d8e77890c7da6163050d05f9071de32a81cb85c4d6137cd9715210d2fde6
3e9d4782e5991a3892f409655c7d64f401e61d0f0fae95d2aed19b1b2cb4eb7d
3ea22e0e6a52c34b0039a299d30f44e2916911c1922e49d4782e46e3fbeda5c9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
430628d56b463dab101e91c192bed1b80c36d3e6fec9d122072ae7a255249077
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee04deac9d1026dccd82494e9938b2b9965ae0b63f5a59095792488a3b04d0e
4f85da4209cc4441a6058f9f50d886f558e57822e24b96fbc497d1a4fe74ae2e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5dce6224aa67134739b6153193a2970bcc1423d1bc4d069beea1efcc3db9fc90
5e16083c6415dc22665b865cec4563442955dd3d096d1bb737d2196c4406611c
62a1fb4e9d85300fe7acf744e0ee25172a0a9575b301ba8d1c38ce3cc5da3a8e
659dfe3750a0795398ae7ccd7c71912f4d86765f52ab470efdc69ff37255bff2
68b7c161087cc8ea9ed269117820c5cc7dd455b0aab67ef5c6781c8c4f523691
69c4009c523ffd9c7edaee1f44651d4da1d9a1a2fd6f08a28553f7d8806b137d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c38c44f9a7eda74f78672598d0b06f56cd644c819eb6f8e7bc1b282e281d693
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
6f37046f2fa820afba344dc44f710be8da60aa49c21cf9af3a452cf61d9739f3
742f40e182d8ab157a7f545d35a7d3ab3831913b74c7eed21c14b1a8b5c3c68b
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ccfd936cee64f0745c39ac7d727eca92484fd1cefffc0e7fe6ab7438d9e52de
7e43a5bcfd52108c65e296621ef51939b1eec855b632464ca7bec26877e826e0
818fe21a333a0d76a795b0582aa5dadfec2dc8059ad0d3e0317ce88673f73707
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88dd72442ad850cc6f0bd279903ce112060e957df373ea0709048adfc6957ac0
8a45b67a5d60015da5e408eb84e5caa085b1ca017e09b6b8cf68ddda861e0f92
8b005e1fb4643827336255067683bc6ae60cb71c1447e11828956e2c8f1537dd
8b45d458c3f0c3e73ae26a8c8ed5b45812128012921623ff989e6412ff2d7c64
8ce78e70fb9a7ff2fae0948c752019e0a7cabcce39b866442f6a01ab4bee5ce4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de577f4c47e77ccf091b857dbaa0ab186821e658150fafc95f54c35db4c3b48
8df0a9679c84ec8a6380425419fa95ee25a1ba2a964183e469e9d1feb823154e
8eb3dda312c70419f8926efbaef0722b92b9c5e4d6ad771417d25a807c9fc8eb
94518fe337b03268b7ca40d66ec0cbf8f923367074b4dc852e24c11b322a84e9
950437957f89a96be011dda6b0c5af85f73671af4b960c2a453350e7f6b56fa5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d7d7df73aa6c29e375d9e8b64fb5dc17afedb60a84465f8832cb9c44165c23c
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
a04be536dda39883f0c7940174c2401c645360d4f5fe2343da64dcd85477fbb9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a423c14b791fbb37ea52f2290bc64e0657bb24faf5b5070c685f82f7e399731e
a5f99a24dc699d8bef91ee63965e78f41f6c9a7cb6f7caa4c92e6b0b09c226b7
a7c404d5a1feb26a68dbe1b6f022f9988e0d54a2dd8236b93eebc6f595649a1a
a83ff0f30a5c3703602301ef9d0438111fc2de8df3e665b6b23ae4a487a2351a
a91acd6b23a54e549c86aba0b57ebb35190920221aafdf256b82b7f63a40fcb0
a9ea5f7923c0d7d06e5507c9fd82ef828791276c612131398b86cbc863e08779
abfa52a3ce73fbbb6a0e67ba4f20323ea7c395a13e9bd1c195add4ffd99a92de
ae3b765d8b1bfadf9b062c823a862d2cbaf0b8ac1ffe6c6bf26fc6efbe993f90
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b0ad63ec8a24dfed2023c6e51b9804af1499474aae078a3a63bcb1b6dbec4b
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b37f7489b7210ff3075eb667d40e1bc4ed40c98227b25f74e8c690b625363561
b397364527ad2d2c1b5cf97d1175c142c4bc3319435641ecf8612de425d47d06
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b98b7d0feaaa5efb0059903bdf49a5c20eb11d3418c7d637afec1bd6c3d1e9b9
ba77932c61afdcb9788a5cc3b3249a3587d98d386f6b7a7a1a38fa7e831309bd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd1a299aff8e932682f1f24b0c6fc6dc024ecee3f08e3ac6d05642047ff71aa4
be5480673ba7625314cb1d282c454fe14a88c63b0be011574c9d642db261c585
bfc77177c1e16eb80d828189bcb8650f62a54300e4cd3ae4662f42301b0c3462
bfe12f9ce812d105bcd8785f0d88d671ded9299bec83c266960315bdb01bd789
c5ec4116c8bce31be362958bcd957843c4a73335adddc56b1558fea34871f7cb
c6c55cc82e519811455f22fe4527bb4115d97abbd3bb9cba448fa3bfebc6aaad
c722e474e50b805bc368be505b565f9bd0ca6df0404537576e911abbfb61272d
cb4df778d0b58b5e73d544c059bfc4a2ddffcf04268affb613d5655b7a313c8d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00a9aabd0920ee430576a52d6737cbe1a04809de05d27902c088650bdf35ebd
d03289de960bac464b12ee35a6bf9c44d5f7c001d216c72d00cac13568e1484b
d0bedcf6b9ef38ef3b4ff3be6348dad34d489c71fe9237157451362a08ac4aee
d21290832fc0b4faee591018e87fae42895c3de80777af7669ff8531f5021591
d49dc21082c98a2893d4eb6ca616db32d89da951d5c87b8436ce9fc8ca3ca6dc
d6e443419d42f41a64046a68c3e386ad5d18c619ec2b4449e74d6ae7f7315b04
da50cb62910190f3c883ef593ac42d22f282e2a2d0cca40bdf83feee209c88be
da61023ef9e6eff6c68482c6eadde410406119fb2c02cb25258b2c53bff7e35c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddf54bab14f78c2126e8f55be4b51544ef17aee5a1b25b90662fff45f443ee38
de2df4412720965ff8980e4f4b5d257a2f475006559bda76ba15f60aa44ce213
deedb17210f4a7932f48cdf59e69ce5ca47c8a3a5b293b63284fa503b3ec5f88
df7e195f7f0187dd56575c7ab2cb7a32f818a7132a848d13e67807bed6037e89
e2004ff8ebbb8cea8013ca4af39469e3be46fc602b879b97a9e67869af190593
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebf846fc68020263eb67fec2762536bf5be135b4cdf5a7a0fc19c4dd3c264b6c
ed41c9cd5c9680ab1a24ec22a2e02c7492260fb2f0e2ad601b40f625ae0d46d6
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f036531b5f9e56993ce2f6c3677bb3b3734859f9747fca67a7095f25095330bc
f05a44861ce14dd152284e28b1428abdc5b30693351b8a222dc224f003b0374f
f3b0465307cb1c6f3d2cc58c8a353a7005fc24c797cf4bad6e91d343da541dd2
f68024b101488a6d3e732e23a159fe9939195d0e8ef3dbac2f386eb1529815c1
f6acce8c63097c8a94d3ccc7119674a104d1b9cd813ceff7ea49032d0da87625
fcd4ab2905eb2064e63a081a6875caa468b523c4b89c2c2c97174faaaf2f9af2
fef814ecbdd67b5776f4d79c91cd34ca3852e393983f87e8e6687219e76b2c4b