URL: https://client.thriftytours.co.nz/
Submission: On November 18 via automatic, source certstream-suspicious

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 22 HTTP transactions. The main IP is 49.50.246.183, located in Auckland, New Zealand and belongs to HDNETNZ hd.net.nz, NZ. The main domain is client.thriftytours.co.nz.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 18th 2019. Valid for: 3 months.
This is the only time client.thriftytours.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 49.50.246.183 24466 (HDNETNZ h...)
3 93.184.220.42 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
22 4
Domain Requested by
14 client.thriftytours.co.nz client.thriftytours.co.nz
3 www.google.com client.thriftytours.co.nz
www.gstatic.com
3 static.olark.com client.thriftytours.co.nz
static.olark.com
1 www.gstatic.com www.google.com
1 resources.nzft.co.nz client.thriftytours.co.nz
22 5

This site contains links to these domains. Also see Links.

Domain
live.thriftytours.co.nz
Subject Issuer Validity Valid
funkychicken.nz
Let's Encrypt Authority X3
2019-11-18 -
2020-02-16
3 months crt.sh
newzealand.7doufeng.com
Let's Encrypt Authority X3
2019-11-04 -
2020-02-02
3 months crt.sh
s2.wac.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2019-05-01 -
2020-11-18
2 years crt.sh
www.google.com
GTS CA 1O1
2019-11-05 -
2020-01-28
3 months crt.sh
*.google.com
GTS CA 1O1
2019-11-05 -
2020-01-28
3 months crt.sh

This page contains 4 frames:

Primary Page: https://client.thriftytours.co.nz/
Frame ID: 3B423104B5BDA14857B3230C38A87D04
Requests: 18 HTTP requests in this frame

Frame: https://static.olark.com/jsclient/app.js
Frame ID: 0C7AF4D62F209615B2BD1C16536D4217
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdLwrgUAAAAAN1Zt2Vx3EsAtkKBLlZNw-N8xgDZ&co=aHR0cHM6Ly9jbGllbnQudGhyaWZ0eXRvdXJzLmNvLm56OjQ0Mw..&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=invisible&badge=bottomright&cb=2mvfpmpnklb0
Frame ID: 55A75BD65F911F173270098554B75B86
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6LdLwrgUAAAAAN1Zt2Vx3EsAtkKBLlZNw-N8xgDZ&cb=mtwfo7miu9my
Frame ID: 4072D6B14BC84494CBCA486B7E3EB33E
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery-ui.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery-ui.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

22
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

268 kB
Transfer

807 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
client.thriftytours.co.nz/
5 KB
2 KB
Document
General
Full URL
https://client.thriftytours.co.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.50.246.183 Auckland, New Zealand, ASN24466 (HDNETNZ hd.net.nz, NZ),
Reverse DNS
nzft1.newzealandfinetouring.co.nz
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8f93bdb532cfb8363d73d3f9ebd73cf58e8273bb24abc1be8ad1ece7ab7c3685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
client.thriftytours.co.nz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-User
?1

Response headers

Date
Mon, 18 Nov 2019 22:31:38 GMT
Server
Apache/2.4.18 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Credentials
true
Vary
Host,Accept-Encoding
Set-Cookie
PHPSESSID=249bn5v4psid7hps4nuuk1avj2; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip
Connection
keep-alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
origin, x-requested-with, content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Length
1691
Keep-Alive
timeout=5, max=100
Content-Type
text/html; charset=UTF-8
min.ttnz-client-login.all.1.css
client.thriftytours.co.nz/cache/css_compressed/
156 KB
24 KB
Stylesheet
General
Full URL
https://client.thriftytours.co.nz/cache/css_compressed/min.ttnz-client-login.all.1.css
Requested by
Host: client.thriftytours.co.nz
URL: https://client.thriftytours.co.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.50.246.183 Auckland, New Zealand, ASN24466 (HDNETNZ hd.net.nz, NZ),
Reverse DNS
nzft1.newzealandfinetouring.co.nz
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
ee66d88e0dd321dfb01a890aef068deba00ab5bd8850015603904819f66691d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://client.thriftytours.co.nz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Mon, 18 Nov 2019 22:31:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
GET, POST, OPTIONS
Connection
keep-alive, Keep-Alive
Content-Length
24266
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=99
Last-Modified
Mon, 18 Nov 2019 22:31:38 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
W/"270df-597a682d44f1a-gzip"
Vary
Host,Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2630000, public, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, x-requested-with, content-type
min.auth-index.all.1.css
client.thriftytours.co.nz/cache/css_compressed/
73 KB
15 KB
Stylesheet
General
Full URL
https://client.thriftytours.co.nz/cache/css_compressed/min.auth-index.all.1.css
Requested by
Host: client.thriftytours.co.nz
URL: https://client.thriftytours.co.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.50.246.183 Auckland, New Zealand, ASN24466 (HDNETNZ hd.net.nz, NZ),
Reverse DNS
nzft1.newzealandfinetouring.co.nz
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
ea384425552dd2b62e0b90647d202cd5fb2dd42f29aceec936099026abc5c602
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://client.thriftytours.co.nz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Mon, 18 Nov 2019 22:31:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
GET, POST, OPTIONS
Connection
keep-alive, Keep-Alive
Content-Length
14615
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=100
Last-Modified
Mon, 18 Nov 2019 22:31:38 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
W/"12469-597a682d45eba-gzip"
Vary
Host,Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2630000, public, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, x-requested-with, content-type
logo.png
client.thriftytours.co.nz/common/site_assets/ttnz/img/
18 KB
18 KB
Image
General
Full URL
https://client.thriftytours.co.nz/common/site_assets/ttnz/img/logo.png
Requested by
Host: client.thriftytours.co.nz
URL: https://client.thriftytours.co.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.50.246.183 Auckland, New Zealand, ASN24466 (HDNETNZ hd.net.nz, NZ),
Reverse DNS
nzft1.newzealandfinetouring.co.nz
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
18ba78fa45bbd5d25cdb07d6f7ebcd67ea4f47360f06d2df65377b130cfbe9b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://client.thriftytours.co.nz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Mon, 18 Nov 2019 22:31:39 GMT
Last-Modified
Sun, 17 Nov 2019 22:55:14 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"4658-59792b9587de7"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Cache-Control
max-age=2630000, public, must-revalidate
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
18008
jquery-3.3.1.min.js
client.thriftytours.co.nz/common/js/
85 KB
30 KB
Script
General
Full URL
https://client.thriftytours.co.nz/common/js/jquery-3.3.1.min.js
Requested by
Host: client.thriftytours.co.nz
URL: https://client.thriftytours.co.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.50.246.183 Auckland, New Zealand, ASN24466 (HDNETNZ hd.net.nz, NZ),
Reverse DNS
nzft1.newzealandfinetouring.co.nz
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://client.thriftytours.co.nz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Mon, 18 Nov 2019 22:31:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 May 2018 02:50:39 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"15391-56d77884f7dc0-gzip"
Vary
Accept-Encoding
Connection
keep-alive, Keep-Alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2630000, public, must-revalidate
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
30313
bootstrap.bundle.min.js
client.thriftytours.co.nz/common/js/
75 KB
21 KB
Script
General
Full URL
https://client.thriftytours.co.nz/common/js/bootstrap.bundle.min.js
Requested by
Host: client.thriftytours.co.nz
URL: https://client.thriftytours.co.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.50.246.183 Auckland, New Zealand, ASN24466 (HDNETNZ hd.net.nz, NZ),
Reverse DNS
nzft1.newzealandfinetouring.co.nz
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
82f2ad52d85f65359f1764a693ccd97c95b71711e9bab44fcc3a11e82012eb8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://client.thriftytours.co.nz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Mon, 18 Nov 2019 22:31:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Mar 2019 03:17:15 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"12c07-583504f52c4c0-gzip"
Vary
Accept-Encoding
Connection
keep-alive, Keep-Alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2630000, public, must-revalidate
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
21507
jquery.annoy.min.js
client.thriftytours.co.nz/common/js/
3 KB
2 KB
Script
General
Full URL
https://client.thriftytours.co.nz/common/js/jquery.annoy.min.js
Requested by
Host: client.thriftytours.co.nz
URL: https://client.thriftytours.co.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.50.246.183 Auckland, New Zealand, ASN24466 (HDNETNZ hd.net.nz, NZ),
Reverse DNS
nzft1.newzealandfinetouring.co.nz
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
dacc51572789d986de5a0403c97ce081aa9586dbfb59d1008a810299fc91add2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://client.thriftytours.co.nz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Mon, 18 Nov 2019 22:31:39 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Nov 2019 22:55:14 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"d7f-59792b95ed6f4-gzip"
Vary
Accept-Encoding
Connection
keep-alive, Keep-Alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2630000, public, must-revalidate
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1106
jquery.formtools2.min.js
client.thriftytours.co.nz/common/js/
3 KB
2 KB
Script
General
Full URL
https://client.thriftytours.co.nz/common/js/jquery.formtools2.min.js
Requested by
Host: client.thriftytours.co.nz
URL: https://client.thriftytours.co.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.50.246.183 Auckland, New Zealand, ASN24466 (HDNETNZ hd.net.nz, NZ),
Reverse DNS
nzft1.newzealandfinetouring.co.nz
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
bb026d5496e68af466be65eed7e8a1a8b4430524f0bc72f2c529487f40f96dd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://client.thriftytours.co.nz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Mon, 18 Nov 2019 22:31:39 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Nov 2019 22:55:14 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"c8a-59792b95f7335-gzip"
Vary
Accept-Encoding
Connection
keep-alive, Keep-Alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2630000, public, must-revalidate
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1163
functions.js
client.thriftytours.co.nz/common/js/
9 KB
3 KB
Script
General
Full URL
https://client.thriftytours.co.nz/common/js/functions.js
Requested by
Host: client.thriftytours.co.nz
URL: https://client.thriftytours.co.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.50.246.183 Auckland, New Zealand, ASN24466 (HDNETNZ hd.net.nz, NZ),
Reverse DNS
nzft1.newzealandfinetouring.co.nz
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
2fd550f36a9844688fb32ad51f8b30ea61edefe62cc2d2c030f43a30ba0c1ffd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://client.thriftytours.co.nz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Mon, 18 Nov 2019 22:31:39 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Nov 2019 22:55:14 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"22c4-59792b95ddcf2-gzip"
Vary
Accept-Encoding
Connection
keep-alive, Keep-Alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2630000, public, must-revalidate
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2693
jquery-ui.min.js
client.thriftytours.co.nz/common/plugins_js/jquery-ui-1.12.1.datepicker/
36 KB
11 KB
Script
General
Full URL
https://client.thriftytours.co.nz/common/plugins_js/jquery-ui-1.12.1.datepicker/jquery-ui.min.js
Requested by
Host: client.thriftytours.co.nz
URL: https://client.thriftytours.co.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.50.246.183 Auckland, New Zealand, ASN24466 (HDNETNZ hd.net.nz, NZ),
Reverse DNS
nzft1.newzealandfinetouring.co.nz
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
d18f5e158ac9df71856e8870f24963a20179e5f7dbc20f241ae9a6c31652850b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://client.thriftytours.co.nz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Mon, 18 Nov 2019 22:31:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 Jul 2019 22:43:09 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"8f43-58ca65a2e5940-gzip"
Vary
Accept-Encoding
Connection
keep-alive, Keep-Alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2630000, public, must-revalidate
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
11104
login_form.js
client.thriftytours.co.nz/js-include/t1574115737/auth/
310 B
962 B
Script
General
Full URL
https://client.thriftytours.co.nz/js-include/t1574115737/auth/login_form.js
Requested by
Host: client.thriftytours.co.nz
URL: https://client.thriftytours.co.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.50.246.183 Auckland, New Zealand, ASN24466 (HDNETNZ hd.net.nz, NZ),
Reverse DNS
nzft1.newzealandfinetouring.co.nz
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
52023e5eee8fa79d7459681e1f90c94617a5fbd150997b75f58e672bce34cfd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://client.thriftytours.co.nz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Mon, 18 Nov 2019 22:31:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
GET, POST, OPTIONS
Connection
keep-alive, Keep-Alive
Content-Length
202
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=99
Last-Modified
Mon, 18 Nov 2019 22:22:17 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"136-597a661643c18-gzip"
Vary
Host,Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2630000, public, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, x-requested-with, content-type
common.js
client.thriftytours.co.nz/common/js/
2 KB
1 KB
Script
General
Full URL
https://client.thriftytours.co.nz/common/js/common.js
Requested by
Host: client.thriftytours.co.nz
URL: https://client.thriftytours.co.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.50.246.183 Auckland, New Zealand, ASN24466 (HDNETNZ hd.net.nz, NZ),
Reverse DNS
nzft1.newzealandfinetouring.co.nz
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8cd9333064464ff24e9cb4b2b7003961d8df9d61ec4e5b1b5438ff5b6ddac581
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://client.thriftytours.co.nz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Mon, 18 Nov 2019 22:31:40 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Nov 2019 22:55:14 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"63a-59792b95d40b1-gzip"
Vary
Accept-Encoding
Connection
keep-alive, Keep-Alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2630000, public, must-revalidate
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
647
olark.min.js
client.thriftytours.co.nz/common//js/
1 KB
1 KB
Script
General
Full URL
https://client.thriftytours.co.nz/common//js/olark.min.js
Requested by
Host: client.thriftytours.co.nz
URL: https://client.thriftytours.co.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.50.246.183 Auckland, New Zealand, ASN24466 (HDNETNZ hd.net.nz, NZ),
Reverse DNS
nzft1.newzealandfinetouring.co.nz
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
3b1f1a87e21167679370cf15ff8bd2a1b58654e326cfb75781affe5c1970912d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://client.thriftytours.co.nz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Mon, 18 Nov 2019 22:31:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Sep 2019 22:05:09 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"5ce-592c6e9e78f40-gzip"
Vary
Accept-Encoding
Connection
keep-alive, Keep-Alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2630000, public, must-revalidate
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
593
common.min.js
resources.nzft.co.nz/
1 KB
851 B
Script
General
Full URL
https://resources.nzft.co.nz/common.min.js
Requested by
Host: client.thriftytours.co.nz
URL: https://client.thriftytours.co.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.50.246.183 Auckland, New Zealand, ASN24466 (HDNETNZ hd.net.nz, NZ),
Reverse DNS
nzft1.newzealandfinetouring.co.nz
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
3ac9960518d4ac5209d2b30ad161fd292f3b0198308b4f8c68c365f27ff13bf8

Request headers

Referer
https://client.thriftytours.co.nz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Mon, 18 Nov 2019 22:31:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Sep 2019 22:19:28 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"5dc-592c71d29223a-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2630000, public, must-revalidate
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
417
loader.js
static.olark.com/jsclient/
9 KB
3 KB
Script
General
Full URL
https://static.olark.com/jsclient/loader.js
Requested by
Host: client.thriftytours.co.nz
URL: https://client.thriftytours.co.nz/common//js/olark.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A4) /
Resource Hash
d69064f9d472279ad64fef86f9cfe6d061608010d8d8aa04cf874568c4186416

Request headers

Referer
https://client.thriftytours.co.nz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Mon, 18 Nov 2019 22:31:40 GMT
content-encoding
gzip
last-modified
Mon, 18 Nov 2019 14:37:20 GMT
server
ECS (fcn/41A4)
etag
"5dd2aca0-22be"
vary
Accept-Encoding
x-cache
HIT
p3p
CP='Olark does not have a P3P policy. Learn why here: http://olark.com/p3p'
status
200
cache-control
max-age=10800
accept-ranges
bytes
content-type
application/x-javascript
content-length
3146
via
1.1 google
expires
Tue, 19 Nov 2019 01:31:40 GMT
app.js
static.olark.com/jsclient/ Frame 0C7A
54 KB
18 KB
Script
General
Full URL
https://static.olark.com/jsclient/app.js
Requested by
Host: static.olark.com
URL: https://static.olark.com/jsclient/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40FB) /
Resource Hash
ff88c00091fb773133f695482fae9b018bec1826c1df1c52a6213b9ed90751bd

Request headers

Referer
https://client.thriftytours.co.nz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Mon, 18 Nov 2019 22:31:40 GMT
content-encoding
gzip
last-modified
Mon, 18 Nov 2019 14:37:20 GMT
server
ECS (fcn/40FB)
etag
W/"5dd2aca0-d844"
vary
Accept-Encoding
x-cache
HIT
p3p
CP='Olark does not have a P3P policy. Learn why here: http://olark.com/p3p'
status
200
cache-control
max-age=10800
accept-ranges
bytes
content-type
application/x-javascript
content-length
18380
via
1.1 google
expires
Tue, 19 Nov 2019 01:31:40 GMT
api.js
www.google.com/recaptcha/
789 B
580 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=loadRecaptchaV2&render=explicit
Requested by
Host: client.thriftytours.co.nz
URL: https://client.thriftytours.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
9e2a66800bc205c7d27fbc3ec64b50a6562d7ab2b18e4a82a64aa3e35de90076
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://client.thriftytours.co.nz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Mon, 18 Nov 2019 22:31:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
485
x-xss-protection
1; mode=block
expires
Mon, 18 Nov 2019 22:31:40 GMT
NZD
client.thriftytours.co.nz/index/set_default_currency/
49 B
708 B
XHR
General
Full URL
https://client.thriftytours.co.nz/index/set_default_currency/NZD
Requested by
Host: client.thriftytours.co.nz
URL: https://client.thriftytours.co.nz/common/js/jquery-3.3.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.50.246.183 Auckland, New Zealand, ASN24466 (HDNETNZ hd.net.nz, NZ),
Reverse DNS
nzft1.newzealandfinetouring.co.nz
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
5ac5ebf1a21b4d1dd2df14cb77fd8f79d1c9a17d58af2c2a7e5406ed79db7fea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://client.thriftytours.co.nz/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Mon, 18 Nov 2019 22:31:40 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive, Keep-Alive
Vary
Host
Content-Length
49
X-XSS-Protection
1; mode=block
Pragma
no-cache
Access-Control-Allow-Headers
origin, x-requested-with, content-type
Server
Apache/2.4.18 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=5, max=98
Expires
Thu, 19 Nov 1981 08:52:00 GMT
5141-158-10-6796.js
static.olark.com/a/assets/v0/site/ Frame 0C7A
22 KB
22 KB
Script
General
Full URL
https://static.olark.com/a/assets/v0/site/5141-158-10-6796.js?cb=1574116300460
Requested by
Host: static.olark.com
URL: https://static.olark.com/jsclient/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40AD) /
Resource Hash
98c1b6a02dc93ca9a512cdb6c1ff4ca89f8ee397392cdd105d201d07c7c4ab10

Request headers

Referer
https://client.thriftytours.co.nz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Mon, 18 Nov 2019 22:31:40 GMT
via
1.1 google
last-modified
Sun, 17 Nov 2019 20:24:45 GMT
server
ECS (fcn/40AD)
access-control-allow-origin
*
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
22404
recaptcha__en.js
www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/
254 KB
91 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=loadRecaptchaV2&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3b6f51d30b4b20b9e7b3da75b5c14a51ce39ec203b9fa37e043f097272d5540e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://client.thriftytours.co.nz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Mon, 11 Nov 2019 18:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Nov 2019 05:06:47 GMT
server
sffe
age
619415
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
92852
x-xss-protection
0
expires
Tue, 10 Nov 2020 18:28:05 GMT
anchor
www.google.com/recaptcha/api2/ Frame 55A7
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdLwrgUAAAAAN1Zt2Vx3EsAtkKBLlZNw-N8xgDZ&co=aHR0cHM6Ly9jbGllbnQudGhyaWZ0eXRvdXJzLmNvLm56OjQ0Mw..&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=invisible&badge=bottomright&cb=2mvfpmpnklb0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CUyqOZD880UStj6DHLLrkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LdLwrgUAAAAAN1Zt2Vx3EsAtkKBLlZNw-N8xgDZ&co=aHR0cHM6Ly9jbGllbnQudGhyaWZ0eXRvdXJzLmNvLm56OjQ0Mw..&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=invisible&badge=bottomright&cb=2mvfpmpnklb0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://client.thriftytours.co.nz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://client.thriftytours.co.nz/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 18 Nov 2019 22:31:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-CUyqOZD880UStj6DHLLrkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
8650
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
bframe
www.google.com/recaptcha/api2/ Frame 4072
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6LdLwrgUAAAAAN1Zt2Vx3EsAtkKBLlZNw-N8xgDZ&cb=mtwfo7miu9my
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4yFbkmWN6PNHwiWYYfxw/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6LdLwrgUAAAAAN1Zt2Vx3EsAtkKBLlZNw-N8xgDZ&cb=mtwfo7miu9my
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://client.thriftytours.co.nz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://client.thriftytours.co.nz/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 18 Nov 2019 22:31:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-4yFbkmWN6PNHwiWYYfxw/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1116
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| bootstrap string| annoy_html function| Annoy function| AnnoyAlert function| AnnoyLoading function| AnnoyRemove function| AnnoyConfirm function| ajaxModal function| addSpinner function| removeSpinner function| productlink function| ajaxModalDismiss function| recalculatePricesBasedOnSelectedCurrencyCode function| convertToNzd function| getCurrencySettings function| generateGuid function| stickyFooter function| lazyLoadCallback function| formatMoney function| jumpToAnchor function| isMobileSiteNavBarOn function| loadRecaptchaV2 function| executeCaptcha function| toggleMobileSiteNav function| repositionSiteNavBar function| addJS function| downloadJSAtOnload object| $php function| olark object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha object| closure_lm_234537 object| lazy_image_configs

1 Cookies

Domain/Path Name / Value
client.thriftytours.co.nz/ Name: PHPSESSID
Value: 249bn5v4psid7hps4nuuk1avj2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

client.thriftytours.co.nz
resources.nzft.co.nz
static.olark.com
www.google.com
www.gstatic.com
2a00:1450:4001:800::2004
2a00:1450:4001:819::2003
49.50.246.183
93.184.220.42
18ba78fa45bbd5d25cdb07d6f7ebcd67ea4f47360f06d2df65377b130cfbe9b0
2fd550f36a9844688fb32ad51f8b30ea61edefe62cc2d2c030f43a30ba0c1ffd
3ac9960518d4ac5209d2b30ad161fd292f3b0198308b4f8c68c365f27ff13bf8
3b1f1a87e21167679370cf15ff8bd2a1b58654e326cfb75781affe5c1970912d
3b6f51d30b4b20b9e7b3da75b5c14a51ce39ec203b9fa37e043f097272d5540e
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
52023e5eee8fa79d7459681e1f90c94617a5fbd150997b75f58e672bce34cfd7
5ac5ebf1a21b4d1dd2df14cb77fd8f79d1c9a17d58af2c2a7e5406ed79db7fea
82f2ad52d85f65359f1764a693ccd97c95b71711e9bab44fcc3a11e82012eb8b
8cd9333064464ff24e9cb4b2b7003961d8df9d61ec4e5b1b5438ff5b6ddac581
8f93bdb532cfb8363d73d3f9ebd73cf58e8273bb24abc1be8ad1ece7ab7c3685
98c1b6a02dc93ca9a512cdb6c1ff4ca89f8ee397392cdd105d201d07c7c4ab10
9e2a66800bc205c7d27fbc3ec64b50a6562d7ab2b18e4a82a64aa3e35de90076
bb026d5496e68af466be65eed7e8a1a8b4430524f0bc72f2c529487f40f96dd9
d18f5e158ac9df71856e8870f24963a20179e5f7dbc20f241ae9a6c31652850b
d69064f9d472279ad64fef86f9cfe6d061608010d8d8aa04cf874568c4186416
dacc51572789d986de5a0403c97ce081aa9586dbfb59d1008a810299fc91add2
ea384425552dd2b62e0b90647d202cd5fb2dd42f29aceec936099026abc5c602
ee66d88e0dd321dfb01a890aef068deba00ab5bd8850015603904819f66691d2
ff88c00091fb773133f695482fae9b018bec1826c1df1c52a6213b9ed90751bd