tribu.groupenordik.com Open in urlscan Pro
3.165.206.18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tribu.groupenordik.com/center/4/reservations
Effective URL:
https://tribu.groupenordik.com/center/4/reservations
Submission: On July 18 via api (July 18th 2024, 8:19:54 am UTC) from US — Scanned from DE

Summary HTTP 133 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 39 IPs in 4 countries across 25 domains to perform 133 HTTP transactions. The main IP is 3.165.206.18, located in United States and belongs to AMAZON-02, US. The main domain is tribu.groupenordik.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on August 21st 2023. Valid for: a year.

This is the only time tribu.groupenordik.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	3.165.206.18 3.165.206.18	16509 (AMAZON-02) (AMAZON-02)
1	108.157.188.87 108.157.188.87	16509 (AMAZON-02) (AMAZON-02)
14	34.233.109.105 34.233.109.105	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:710... 2a02:26f0:7100:7a8::33e7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1 6	2600:9000:25a... 2600:9000:25a2:1600:c:2652:1440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	54.174.199.219 54.174.199.219	14618 (AMAZON-AES) (AMAZON-AES)
1	108.156.60.79 108.156.60.79	16509 (AMAZON-02) (AMAZON-02)
7	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
4	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
7	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
1	18.245.175.16 18.245.175.16	16509 (AMAZON-02) (AMAZON-02)
1 5	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.22.14 18.66.22.14	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	3.163.248.4 3.163.248.4	16509 (AMAZON-02) (AMAZON-02)
5	23.36.162.210 23.36.162.210	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 6	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
3	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2013	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	34.252.158.105 34.252.158.105	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::73 2620:1ec:bdf::73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:1901:0:7... 2600:1901:0:7628::	15169 (GOOGLE) (GOOGLE)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.119.174.243 20.119.174.243	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
133	39

10 3.165.206.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-165-206-18.vie50.r.cloudfront.net

tribu.groupenordik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.188.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-188-87.mxp53.r.cloudfront.net

i5.createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 34.233.109.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-109-105.compute-1.amazonaws.com

tribu-api.groupenordik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:7a8::33e7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:25a2:1600:c:2652:1440:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn.gladly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 54.174.199.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-199-219.compute-1.amazonaws.com

log-api.groupenordik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-79.ams1.r.cloudfront.net

cdn.groupenordik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.130.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

spoppe-b.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.2.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fast.a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-forms.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.175.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-175-16.cdg55.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.22.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-22-14.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.163.248.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.36.162.210 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-210.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.23.102 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f6.1e100.net

13757512.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
14198057.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

metrics.thermea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.158.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-158-105.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::73 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7628:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	groupenordik.com tribu.groupenordik.com tribu-api.groupenordik.com log-api.groupenordik.com cdn.groupenordik.com	3 MB
14	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 4027 static-tracking.klaviyo.com — Cisco Umbrella Rank: 4898 fast.a.klaviyo.com — Cisco Umbrella Rank: 5294 static-forms.klaviyo.com — Cisco Umbrella Rank: 5083	80 KB
10	doubleclick.net 3 redirects 13757512.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 210 stats.g.doubleclick.net — Cisco Umbrella Rank: 252 14198057.fls.doubleclick.net	2 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	246 KB
6	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 1202 tr6.snapchat.com — Cisco Umbrella Rank: 1340	641 B
6	gladly.com 1 redirects cdn.gladly.com — Cisco Umbrella Rank: 13810	102 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 c.clarity.ms — Cisco Umbrella Rank: 1838 r.clarity.ms — Cisco Umbrella Rank: 8637	28 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 963	142 KB
5	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 534 c.bing.com — Cisco Umbrella Rank: 341	17 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	463 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	3 KB
4	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4988	76 KB
3	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 394 s.amazon-adsystem.com — Cisco Umbrella Rank: 399	6 KB
3	google.com www.google.com — Cisco Umbrella Rank: 10 region1.analytics.google.com — Cisco Umbrella Rank: 3773	982 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	thermea.com metrics.thermea.com	370 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	72 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	60 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 8904	171 B
1	google.de www.google.de — Cisco Umbrella Rank: 6716	63 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1413	21 KB
1	azureedge.net spoppe-b.azureedge.net — Cisco Umbrella Rank: 18465	7 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	23 KB
1	sharepointonline.com static2.sharepointonline.com — Cisco Umbrella Rank: 4344	36 KB
1	createsend1.com i5.createsend1.com — Cisco Umbrella Rank: 898958	24 KB
133	25

	Domain	Requested by
14	log-api.groupenordik.com	tribu.groupenordik.com
14	tribu-api.groupenordik.com	tribu.groupenordik.com
10	tribu.groupenordik.com	tribu.groupenordik.com
8	fonts.gstatic.com	fonts.googleapis.com
7	static.klaviyo.com	tribu.groupenordik.com static.klaviyo.com
6	cdn.gladly.com	1 redirects tribu.groupenordik.com cdn.gladly.com
5	analytics.tiktok.com	tribu.groupenordik.com analytics.tiktok.com
5	static-tracking.klaviyo.com	static.klaviyo.com
5	www.googletagmanager.com	tribu.groupenordik.com www.googletagmanager.com
5	fonts.googleapis.com	client
4	tr.snapchat.com	sc-static.net
4	13757512.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	bat.bing.com	www.googletagmanager.com bat.bing.com
4	dev.visualwebsiteoptimizer.com	tribu.groupenordik.com dev.visualwebsiteoptimizer.com
3	ad.doubleclick.net
2	c.clarity.ms	1 redirects
2	tr6.snapchat.com	sc-static.net
2	www.facebook.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	s.amazon-adsystem.com	1 redirects
2	14198057.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	metrics.thermea.com	www.googletagmanager.com analytics.tiktok.com
2	connect.facebook.net	tribu.groupenordik.com connect.facebook.net
2	www.google.com	tribu.groupenordik.com www.gstatic.com
1	r.clarity.ms	analytics.tiktok.com
1	c.bing.com	1 redirects
1	content.hotjar.io	script.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static-forms.klaviyo.com	static.klaviyo.com
1	fast.a.klaviyo.com	static.klaviyo.com
1	sc-static.net	tribu.groupenordik.com
1	c.amazon-adsystem.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	spoppe-b.azureedge.net
1	cdn.groupenordik.com
1	cdnjs.cloudflare.com	tribu.groupenordik.com
1	www.gstatic.com	www.google.com
1	static2.sharepointonline.com	tribu.groupenordik.com
1	i5.createsend1.com	tribu.groupenordik.com
133	42

This site contains links to these domains. Also see Links.

Domain
outdatedbrowser.com
thermea.com

Subject Issuer	Validity	Valid
groupenordik.com Amazon RSA 2048 M01	`2023-08-21` - `2024-09-18`	a year	crt.sh
*.createsend1.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-10`	a year	crt.sh
privatecdn.sharepointonline.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-07-01`	a year	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
gladly.com Amazon RSA 2048 M03	`2024-07-02` - `2025-07-30`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
static.klaviyo.com R11	`2024-07-11` - `2024-10-09`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2024-06-29` - `2025-07-31`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-06-06` - `2025-06-06`	a year	crt.sh
static-tracking.klaviyo.com R3	`2024-05-20` - `2024-08-18`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-26` - `2024-07-25`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
fast.a.klaviyo.com R11	`2024-07-11` - `2024-10-09`	3 months	crt.sh
static-forms.klaviyo.com R11	`2024-06-19` - `2024-09-17`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
metrics.thermea.com WR3	`2024-05-22` - `2024-08-20`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.de WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-21` - `2025-02-20`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://tribu.groupenordik.com/center/4/reservations
Frame ID: 7F7D5373D910191BA657D1D075EAFD86
Requests: 115 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHC0AaAAAAAIpjZnwxhQs1bPyKHnnxvIKxzq39&co=aHR0cHM6Ly90cmlidS5ncm91cGVub3JkaWsuY29tOjQ0Mw..&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&theme=light&size=invisible&badge=bottomleft&cb=kyng8217edjs
Frame ID: 02413107DBECC4781CEDA933A58DF23C
Requests: 1 HTTP requests in this frame

Frame: https://13757512.fls.doubleclick.net/activityi;dc_pre=CL-HxPGTsIcDFQWbjggdoD0Nmg;src=13757512;type=websi0;cat=rtg_w00;ord=5356858396238;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1619186311;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9190650653z879233041za201zb79233041;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations
Frame ID: FF7BAEE3063D9F0408CC8281392378CD
Requests: 1 HTTP requests in this frame

Frame: https://13757512.fls.doubleclick.net/activityi;dc_pre=CNqExPGTsIcDFXK0jggdoPYNng;src=13757512;type=websi0;cat=rtg_w000;ord=6081938662335;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1941420988;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9190650653z879233041za201zb79233041;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations
Frame ID: 7E689ED786AADD704C11029BD176F490
Requests: 1 HTTP requests in this frame

Frame: https://14198057.fls.doubleclick.net/activityi;dc_pre=CL_t0vGTsIcDFe2EjggdKPgG0g;src=14198057;type=invmedia;cat=rp-wh0;ord=8205314742102;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1607207372;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9190789782z879233041za201zb79233041;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations
Frame ID: 04CC4A4DCF77574FEC02F76F4259BF8D
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=1b4da0f6-d00b-4123-b46d-58ca777904eb&u_scsid=1da18328-5e14-439b-93da-b5344d850d98&u_sclid=aa196920-6ac5-4424-85ef-8303304e3222
Frame ID: 5415EAA8B71B73C0180433779B5535AF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Reservation | Nordik Spa-Nature | Whitby

Page URL History Show full URLs

http://tribu.groupenordik.com/center/4/reservations HTTP 307
https://tribu.groupenordik.com/center/4/reservations Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

133
Requests

93 %
HTTPS

47 %
IPv6

25
Domains

42
Subdomains

39
IPs

4
Countries

4415 kB
Transfer

8395 kB
Size

35
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://outdatedbrowser.com/en
Title: Consult the list of browsers

Search URL Search Domain Scan URL

URL: http://outdatedbrowser.com/fr
Title: Consultez la liste de fureteurs

Search URL Search Domain Scan URL

URL: https://thermea.com/terms-and-cancellation-policy
Title: See our conditions of sale

Search URL Search Domain Scan URL

URL: https://thermea.com/whitby/privacy-policy/
Title: Read our privacy policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tribu.groupenordik.com/center/4/reservations HTTP 307
https://tribu.groupenordik.com/center/4/reservations Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://cdn.gladly.com/chat-sdk/widget.js?q=1721290789116 HTTP 301
https://cdn.gladly.com/assets/chat-sdk/bundle~a4e37442f8de4695d0db.js

Request Chain 91

https://13757512.fls.doubleclick.net/activityi;src=13757512;type=websi0;cat=rtg_w00;ord=5356858396238;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1619186311;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9190650653z879233041za201zb79233041;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations HTTP 302
https://13757512.fls.doubleclick.net/activityi;dc_pre=CL-HxPGTsIcDFQWbjggdoD0Nmg;src=13757512;type=websi0;cat=rtg_w00;ord=5356858396238;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1619186311;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9190650653z879233041za201zb79233041;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations

Request Chain 92

https://13757512.fls.doubleclick.net/activityi;src=13757512;type=websi0;cat=rtg_w000;ord=6081938662335;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1941420988;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9190650653z879233041za201zb79233041;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations HTTP 302
https://13757512.fls.doubleclick.net/activityi;dc_pre=CNqExPGTsIcDFXK0jggdoPYNng;src=13757512;type=websi0;cat=rtg_w000;ord=6081938662335;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1941420988;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9190650653z879233041za201zb79233041;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations

Request Chain 100

https://14198057.fls.doubleclick.net/activityi;src=14198057;type=invmedia;cat=rp-wh0;ord=8205314742102;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1607207372;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9190789782z879233041za201zb79233041;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations HTTP 302
https://14198057.fls.doubleclick.net/activityi;dc_pre=CL_t0vGTsIcDFe2EjggdKPgG0g;src=14198057;type=invmedia;cat=rp-wh0;ord=8205314742102;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1607207372;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9190789782z879233041za201zb79233041;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations

Request Chain 103

https://s.amazon-adsystem.com/iu3?pid=891a8382-f459-40b4-8456-bf24f1fae046&event=PageView&gtmVersion=3.3&ts=1721290791762 HTTP 302
https://s.amazon-adsystem.com/iu3?pid=891a8382-f459-40b4-8456-bf24f1fae046&event=PageView&gtmVersion=3.3&ts=1721290791762&dcc=t

Request Chain 126

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6B616163EBC34D62AB63E598BB15941C&RedC=c.clarity.ms&MXFR=37FAEA9D72D26763049EFE5D76D26920 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6B616163EBC34D62AB63E598BB15941C&MUID=0DA9DF3ED8716DFC057FCBFED9DD6C19

133 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request reservations Show response
tribu.groupenordik.com/center/4/
Redirect Chain

http://tribu.groupenordik.com/center/4/reservations
https://tribu.groupenordik.com/center/4/reservations

4 KB
4 KB

714ms
489ms

Document
text/html

3.165.206.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu.groupenordik.com/center/4/reservations
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.206.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-206-18.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ab79db892f8aa8c064ee59e3d89c83b3bc57af4ade1e3f82b52db24f7b4558b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2172
content-length: 3607
content-type: text/html
date: Thu, 18 Jul 2024 07:43:36 GMT
etag: "9e981873832274100a3c8e48704133c0"
last-modified: Fri, 12 Jul 2024 14:22:41 GMT
server: AmazonS3
via: 1.1 099789dcc2dc61f3a3221c8edb33ae6a.cloudfront.net (CloudFront)
x-amz-cf-id: hY0W81SaZCfTPkVGQwsfRaIco1NDIlINXlZFCGojrCnIpFTsDwCg0A==
x-amz-cf-pop: VIE50-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: xl9SMI2o3h9RsX8xG7HxIFOnJ15oKrSB
x-cache: Error from cloudfront

Redirect headers

Location: https://tribu.groupenordik.com/center/4/reservations
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 nordik-logo_4.png
i5.createsend1.com/ei/y/9A/693/128/053841/csimport/ 24 KB
24 KB 215ms
67ms Image
image/png 108.157.188.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i5.createsend1.com/ei/y/9A/693/128/053841/csimport/nordik-logo_4.png

Requested by

Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/center/4/reservations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.188.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-188-87.mxp53.r.cloudfront.net

Software

csw /

Resource Hash

b75e15ca879986ee6664885fd67fcdb0c7f3fe0a2a484dc0584ff7e350e30c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 18:18:54 GMT
via: 1.1 cdca2ef3838160d8a1854035c9fbb126.cloudfront.net (CloudFront)
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: csw
x-amz-cf-pop: MXP53-P1
age: 50454
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=86400
content-length: 24332
x-xss-protection: 1; mode=block
x-amz-cf-id: z285lUG4FkZQW-eOZiRBvYlHYFVrbSsfJqwYsuLxltC01BVUArIdIg==

GET
H2 200 runtime~main.9aca458ff49a5f2a7d39.js Show response
tribu.groupenordik.com/ 4 KB
4 KB 52ms
52ms Script
text/javascript 3.165.206.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu.groupenordik.com/runtime~main.9aca458ff49a5f2a7d39.js
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/center/4/reservations
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.206.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-206-18.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 898d72fa7765c3ef19a2d9ca839befaffab3bbe899ec6887e2abf84efad7c53f

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: tcKnX9KMi9sJBg_FGCloZwrjZCJco7o_
date: Thu, 18 Jul 2024 08:19:48 GMT
via: 1.1 099789dcc2dc61f3a3221c8edb33ae6a.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jul 2024 14:22:43 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P3
age: 2932
x-amz-server-side-encryption: AES256
etag: "074a9d01fdcd81a965e596d2ce310d85"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 3900
x-amz-cf-id: HRM6J7qoJoQ6LChsOCf51JaDJsHMmJog3ZvRm_fy8SdY-irfi1sJnw==

GET
H2 200 vendors~main.b27ca1426c94650c4c27.chunk.js Show response
tribu.groupenordik.com/ 1 MB
1 MB 94ms
91ms Script
text/javascript 3.165.206.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu.groupenordik.com/vendors~main.b27ca1426c94650c4c27.chunk.js
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/center/4/reservations
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.206.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-206-18.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d907143e8808f3b855db9de4d37994ebbb3276578f67298d44e83eb1cf2dbe6

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: YLX_86M7MqiSr4LOXGRFR.4f3WTdHaRz
date: Thu, 18 Jul 2024 08:19:48 GMT
via: 1.1 099789dcc2dc61f3a3221c8edb33ae6a.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jul 2024 14:22:43 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P3
age: 2932
x-amz-server-side-encryption: AES256
etag: "a6151936eb741a519b708428471b5f15"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 1123849
x-amz-cf-id: kYR23HMVgD1wofz65EZetJQ-h46UPA7TLJ2_eYny7yS22Qikco0FWg==

GET
H2 200 main.5588369be53b6ad4926d.chunk.js Show response
tribu.groupenordik.com/ 82 KB
82 KB 66ms
63ms Script
text/javascript 3.165.206.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu.groupenordik.com/main.5588369be53b6ad4926d.chunk.js
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/center/4/reservations
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.206.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-206-18.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4493f2d434419a1707b0c4ae9aa4941eefaee9dd5b5a0b65c1aae9f564fdb91a

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: s.e4hbXMb4VMXV.4GRn1W4vMvNyMPVKB
date: Thu, 18 Jul 2024 08:19:48 GMT
via: 1.1 099789dcc2dc61f3a3221c8edb33ae6a.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jul 2024 14:22:41 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P3
age: 2932
x-amz-server-side-encryption: AES256
etag: "ee0793bf84f2af78e49f271b4ad8ce0a"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 83764
x-amz-cf-id: IryQbd8frDDCnGi8Enxas6jjw95hzy9DlofxFgn2UGfK2rNlEMjt1g==

GET
H/1.1 200
OK startSession Show response
tribu-api.groupenordik.com/v3.1/ 45 B
620 B 339ms
122ms Fetch
application/json 34.233.109.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu-api.groupenordik.com/v3.1/startSession?device=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36&mobile=false
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/main.5588369be53b6ad4926d.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.233.109.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-109-105.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: d13e7c9f15c8d65d447a77f8a42a9500d7a5296eb836142cb7d23a3c4ff3ef09

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 18 Jul 2024 08:19:48 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"2d-ectoraTcFFSyIG961uyk+FZjQtk"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tribu.groupenordik.com
Access-Control-Expose-Headers: Content-Range, Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Tribu-Source, Winston-Session, source
Content-Length: 45

GET
H2 200 54.f2fc488d3c3327503715.chunk.js Show response
tribu.groupenordik.com/ 1 MB
1 MB 37ms
34ms Script
text/javascript 3.165.206.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu.groupenordik.com/54.f2fc488d3c3327503715.chunk.js
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/runtime~main.9aca458ff49a5f2a7d39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.206.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-206-18.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ffac5dac16efbd1798b571450bb83c12a7cba52556fd05c0ad6601dd2d19b7f8

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: QscEiVcQxnmK5ToBHAQ1JeAKImcvoyS2
date: Thu, 18 Jul 2024 08:19:48 GMT
via: 1.1 099789dcc2dc61f3a3221c8edb33ae6a.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jul 2024 14:22:40 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P3
age: 2932
x-amz-server-side-encryption: AES256
etag: "20b06d28f0b7e9706f6b160508e40642"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 1547659
x-amz-cf-id: tBw-rMSW3-Rszmmyz-tZI1ACZDzXdQQ4YACdqbMySySq1-7CxUy6cg==

GET
H2 200 55.79f5ae2b96b075b5a4bd.chunk.js Show response
tribu.groupenordik.com/ 139 KB
140 KB 106ms
104ms Script
text/javascript 3.165.206.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu.groupenordik.com/55.79f5ae2b96b075b5a4bd.chunk.js
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/runtime~main.9aca458ff49a5f2a7d39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.206.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-206-18.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 627fc97d8b151ca60c2b8b6446ebd96374ac208bca51cdd4ba7538c29b1163f4

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: X9.b9IIx63fjeNGv7QKvw.LsPSMHFxvv
date: Thu, 18 Jul 2024 08:19:48 GMT
via: 1.1 099789dcc2dc61f3a3221c8edb33ae6a.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jul 2024 14:22:40 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P3
age: 2932
x-amz-server-side-encryption: AES256
etag: "e552dadf0ec291298f0d0f9a9c1253e1"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 142452
x-amz-cf-id: xnDX2YeviBZmLfHA92T9KvMZ0mtrR2gT1_lhDPaOfBDixe7ew67-yQ==

GET
H2 200 segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ 35 KB
36 KB 69ms
19ms Font
application/font-woff2 2a02:26f0:7100:7a8::33e7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/center/4/reservations
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:7a8::33e7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer: https://tribu.groupenordik.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 18 Jul 2024 08:19:48 GMT
last-modified: Thu, 02 Nov 2017 17:22:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hl8dtlRfyUovRETdYOe7xg==
etag: 0x8D522163B704E10
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: a26c00c3-001e-0001-6476-11d9f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=12631711
x-ms-version: 2009-09-19
content-length: 36344

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 78ms
25ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display:400,400i%7CRaleway:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4eff49008ae499712c5aef82be66b2427a5868692af2a70cfeb1f69f8aec276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jul 2024 08:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jul 2024 08:19:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jul 2024 08:19:49 GMT

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 76ms
24ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e55be984fa65654a00a393579c8b9544656bb7d0a2eb49ab2629022ac6cd41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jul 2024 08:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jul 2024 07:50:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jul 2024 08:19:49 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
982 B 75ms
20ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=captchaOnLoad&render=explicit

Requested by

Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/55.79f5ae2b96b075b5a4bd.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f402960c64438d20ad4b5a0e643373d4a2350af4e80e4ae5562ca622688d7ed2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 18 Jul 2024 08:19:49 GMT

GET
H2

200

bundle~a4e37442f8de4695d0db.js Show response
cdn.gladly.com/assets/chat-sdk/
Redirect Chain

https://cdn.gladly.com/chat-sdk/widget.js?q=1721290789116
https://cdn.gladly.com/assets/chat-sdk/bundle~a4e37442f8de4695d0db.js

40 KB
14 KB

17ms
15ms

Script
text/javascript

2600:9000:25a2:1600:c:2652:1440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gladly.com/assets/chat-sdk/bundle~a4e37442f8de4695d0db.js
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/center/4/reservations
Protocol: H2
Server: 2600:9000:25a2:1600:c:2652:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 949aefabdd6bf11cc0668f785f907bbc5389fa60f77fc861cb7910576418fe31

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 fec5e83bcae9ab1295b776b3f64183d0.cloudfront.net (CloudFront)
date: Wed, 17 Jul 2024 22:18:41 GMT
last-modified: Tue, 16 Jul 2024 22:10:28 GMT
server: AmazonS3
x-amz-cf-pop: ZRH55-P1
age: 36069
etag: W/"b90177c2182cfca09760b85b7c76cd50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31449600
x-amz-cf-id: KQmVqx33tpknGoPutdkCD7RwhCacGCUILEOLmNpsGWIN906fZPSehg==

Redirect headers

date: Thu, 18 Jul 2024 08:19:38 GMT
via: 1.1 fec5e83bcae9ab1295b776b3f64183d0.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: ZRH55-P1
age: 12
x-cache: Hit from cloudfront
location: //cdn.gladly.com/assets/chat-sdk/bundle~a4e37442f8de4695d0db.js
content-length: 0
x-amz-cf-id: krIODMBuuBd6HCP0gtOv22zoZBvKxoWbXgrjH0Hf7v-K51_d9kmLnw==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 536 KB
213 KB 53ms
11ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaOnLoad&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 06:47:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 217833
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 08:01:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Jul 2025 06:47:53 GMT

GET
H2 200 vendor-node_modules_reduxjs_toolkit_dist_redux-toolkit_cjs_production_min_js-node_modules_cha-edcf42~7e4b1eb44ab16ed249c8.js Show response
cdn.gladly.com/assets/chat-sdk/ 120 KB
41 KB 21ms
14ms Script
text/javascript 2600:9000:25a2:1600:c:2652:1440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gladly.com/assets/chat-sdk/vendor-node_modules_reduxjs_toolkit_dist_redux-toolkit_cjs_production_min_js-node_modules_cha-edcf42~7e4b1eb44ab16ed249c8.js
Requested by: Host: cdn.gladly.com
URL: https://cdn.gladly.com/chat-sdk/widget.js?q=1721290789116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:1600:c:2652:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f85870622e9de4c829336adf8b1d3a43f06f1a934e5ab59f98cc3e01418af8f4

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 fec5e83bcae9ab1295b776b3f64183d0.cloudfront.net (CloudFront)
date: Wed, 17 Jul 2024 19:50:05 GMT
last-modified: Thu, 11 Jul 2024 21:21:30 GMT
server: AmazonS3
x-amz-cf-pop: ZRH55-P1
age: 44985
etag: W/"cfda58878c0b24b058f7e4e0eb0778d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31449600
x-amz-cf-id: bWVg-eUaneIbAAaR6UR3uNMcg_3x6QD22o41IVL9IObCA3SspM4fxQ==

GET
H2 200 apiBootstrap~d122c1e54821184e6e69.js Show response
cdn.gladly.com/assets/chat-sdk/ 144 KB
43 KB 31ms
24ms Script
text/javascript 2600:9000:25a2:1600:c:2652:1440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gladly.com/assets/chat-sdk/apiBootstrap~d122c1e54821184e6e69.js
Requested by: Host: cdn.gladly.com
URL: https://cdn.gladly.com/chat-sdk/widget.js?q=1721290789116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:1600:c:2652:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2c1df6aa01c24cb27ba50327cd1e8ff3c3fa258a6ab18e8c44a97f88c9a0d81

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 19:49:40 GMT
content-encoding: gzip
via: 1.1 fec5e83bcae9ab1295b776b3f64183d0.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Tue, 16 Jul 2024 22:10:28 GMT
server: AmazonS3
x-amz-cf-pop: ZRH55-P1
age: 45010
etag: W/"0cab8c218c3bb793348ee99e0595a5b2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31449600
x-amz-cf-id: NyHopj9gbTyA1o_NrGNSSnrRTJZbfYI26xozGKa-5gyzpENvF1BVow==

GET
H2 200 groupenordik.com-thermea.json Show response
cdn.gladly.com/orgs/configs/chat/ 5 KB
3 KB 277ms
242ms Fetch
application/json 2600:9000:25a2:1600:c:2652:1440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gladly.com/orgs/configs/chat/groupenordik.com-thermea.json?q=1721290789343
Requested by: Host: cdn.gladly.com
URL: https://cdn.gladly.com/assets/chat-sdk/apiBootstrap~d122c1e54821184e6e69.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:1600:c:2652:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f8806a5cec3e0781edae5bc62564ea885236a84341e4401cbe279ff6deba1d7

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 9f25aa45df27e50f380232059fde4c1a.cloudfront.net (CloudFront)
date: Thu, 18 Jul 2024 08:19:50 GMT
x-amz-cf-pop: ZRH55-P1
x-cache: RefreshHit from cloudfront
last-modified: Thu, 06 Jun 2024 22:38:39 GMT
server: AmazonS3
etag: W/"ddff182037f15f78d3ec55b0365a9d73"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 0BiynUjfvTe_hV8h6He8k0KqSb0Z0pFdVc-Qd8cg8_Kjw1z7db4ROg==

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 0241 0
0 71ms
36ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHC0AaAAAAAIpjZnwxhQs1bPyKHnnxvIKxzq39&co=aHR0cHM6Ly90cmlidS5ncm91cGVub3JkaWsuY29tOjQ0Mw..&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&theme=light&size=invisible&badge=bottomleft&cb=kyng8217edjs

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T2s8Cg_FR3Y2mVzLhOg9ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tribu.groupenordik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-T2s8Cg_FR3Y2mVzLhOg9ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jul 2024 08:19:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 groupenordik.com-thermea-dynamic.json Show response
cdn.gladly.com/orgs/configs/chat/ 572 B
1 KB 293ms
290ms Fetch
application/json 2600:9000:25a2:1600:c:2652:1440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gladly.com/orgs/configs/chat/groupenordik.com-thermea-dynamic.json
Requested by: Host: cdn.gladly.com
URL: https://cdn.gladly.com/assets/chat-sdk/apiBootstrap~d122c1e54821184e6e69.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:1600:c:2652:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb937d2c4cd6e9eb7c68cacbbcba87b78fb312bfb53e16601f475309a5ba7b5f

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:50 GMT
x-amz-version-id: null
via: 1.1 9f25aa45df27e50f380232059fde4c1a.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
x-cache: Miss from cloudfront
content-length: 572
last-modified: Thu, 18 Jul 2024 08:10:22 GMT
server: AmazonS3
etag: "958c199c087f058fc8d83af80876465a"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 32gLmMHcuj1roJEWgDoM0mrETDvW170-0tlVS4N9VmAyMhm0EbcQKA==

GET
H2 200 favicon.png
tribu.groupenordik.com/public/icons/ 1 KB
2 KB 423ms
423ms Other
image/png 3.165.206.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu.groupenordik.com/public/icons/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.206.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-206-18.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9e66265637cbe60961f95a0a557873b5e4afb75ca31bd8915c9344bf44eeb07

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: pu4fSW6w6gUrOjce2QHhpKl027q8H9_o
date: Thu, 18 Jul 2024 08:19:50 GMT
via: 1.1 099789dcc2dc61f3a3221c8edb33ae6a.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jul 2024 14:22:42 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P3
x-amz-server-side-encryption: AES256
etag: "caa076114607e7a267fa5f6d1ab7bfc3"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1166
x-amz-cf-id: 5OsliRXzwmaAuGk2rnni5OIme2kddC9JTPDTLf5YOCt-EBHqePPgxA==

GET
H3 200 sp.min.js Show response
cdnjs.cloudflare.com/ajax/libs/snowplow/2.16.3/ 76 KB
23 KB 62ms
35ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/snowplow/2.16.3/sp.min.js

Requested by

Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/center/4/reservations

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c4b37e1a1a629c838a519652ddb794ff357eb469ea309904b70831a37541f26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 708199
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 22953
last-modified: Wed, 25 Nov 2020 19:51:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fbeb5c9-12e22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NyfFUIHf9HZzMSphSOnAn%2Bag4xjO861JZfFPED9JgaZcrmATcyDYo8iX9kZh87BUoVLgpnSVOYXl94VYYftmNjQuDfdg5eK28zaFPZt2EfDdn5kfBCy65wzFCr6w0Hww6RveKxjRLSnMJcvDGttiE6q8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a510c8d595b5c37-AMS
expires: Tue, 08 Jul 2025 08:19:49 GMT

GET
H/1.1 200
OK validateToken Show response
tribu-api.groupenordik.com/v3.1/ 524 B
1 KB 192ms
189ms Fetch
application/json 34.233.109.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu-api.groupenordik.com/v3.1/validateToken?winstonSessionId=a5f8957b-03fc-43ce-aac5-798f0d225ff0&token=03AFcWeA5HPouYbPxBdGB9qMxT-3Z5Ho2qKnpVkrLUz4T8ituczVw36Tdm-rTpVcP_eDjbmeM_hcluFpxQQD700oHLt4nA6DewNT74Uv1wcYom1rezepV4uMT7gt6ER4MFC-occ3JZnSEmXcbAq5WCZ2BUoi_8f8Q1FyRhzglkNo-mHd7-0DnMhOX4FzZF6bXFsX9zNbLKC1CbiTRnunFm1n87tZO8nYTIWx0gJj91MBe2EBcZTpT2EcxHm4XRIIbEH3Ujjy1tYXxSnQNwAOYXKK-9hAQvpIVUblQOJX1tw6XJB2B0JAl_RL1MuHou452nESxCjSDg2Qhqv9DHnDUzdkUVamRVEhyOJKBqtcvJLjB20kym6p6Bqq6rmosxbjAFQO-CoDqYrwjt5dmbs7QGWXrbgE0Os7BVLrlxRszrPyPAxUNdjHeSPxrrfdSGd7R4rh2LPd_03gyPCyE9YeLLy1OXwrg6DGU6u3YOOcL3eYAWqhseyPwGisWVs6D60NlF8qzlJWq-Y8KMSvSRr-SFguWik1V2F91d0fKSJ-v26uwreun1buRKu0DXOH4edRXw4Im0badCQa2BPMKj-Tr_xjIwGplmLM9Fkxm_nWxP1rbW5iOte4Ua3rtVBchjC-2lLirPNHf-j3T0eyinbgpcieIj3YzEsk7wBoNfYuWlBjlHce2N30c4A-kUtRFnb7iGrhKzLwRTQDL_0VwfQP4JcJTbOW0qmmTxyJ1PDsYLlA3XQvt08ZsRcgS2e_xEMW2V44jIUXvWKDwn6q7SYdkXR6cobjt8yk_EBnChusjtweFllhPTXLVpKu7HDOTvZvee-NEO0ROa3SdzbfgNhiAamKdQ_gqfAREmTnmgq5dda1IYbbNwLpvLAT3bYhU1uPDWVXh0r7vkGDjL
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/55.79f5ae2b96b075b5a4bd.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.233.109.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-109-105.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: 1a0ea2e4a021e29bdc3c30c4ce30158bacf1343ede1f4d04cc7277939ec5c445

Request headers

Referer: https://tribu.groupenordik.com/
Tribu-Source: 4
Authorization: null
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Winston-Session: a5f8957b-03fc-43ce-aac5-798f0d225ff0

Response headers

Date: Thu, 18 Jul 2024 08:19:50 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"20c-BN6Ia5HeEXdeGdPAbUgvVA4mFco"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tribu.groupenordik.com
Access-Control-Expose-Headers: Content-Range, Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Tribu-Source, Winston-Session, source
Content-Length: 524

OPTIONS
H/1.1 204
No Content validateToken
tribu-api.groupenordik.com/v3.1/ Frame 0
0 115ms
113ms Preflight 34.233.109.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu-api.groupenordik.com/v3.1/validateToken?winstonSessionId=a5f8957b-03fc-43ce-aac5-798f0d225ff0&token=03AFcWeA5HPouYbPxBdGB9qMxT-3Z5Ho2qKnpVkrLUz4T8ituczVw36Tdm-rTpVcP_eDjbmeM_hcluFpxQQD700oHLt4nA6DewNT74Uv1wcYom1rezepV4uMT7gt6ER4MFC-occ3JZnSEmXcbAq5WCZ2BUoi_8f8Q1FyRhzglkNo-mHd7-0DnMhOX4FzZF6bXFsX9zNbLKC1CbiTRnunFm1n87tZO8nYTIWx0gJj91MBe2EBcZTpT2EcxHm4XRIIbEH3Ujjy1tYXxSnQNwAOYXKK-9hAQvpIVUblQOJX1tw6XJB2B0JAl_RL1MuHou452nESxCjSDg2Qhqv9DHnDUzdkUVamRVEhyOJKBqtcvJLjB20kym6p6Bqq6rmosxbjAFQO-CoDqYrwjt5dmbs7QGWXrbgE0Os7BVLrlxRszrPyPAxUNdjHeSPxrrfdSGd7R4rh2LPd_03gyPCyE9YeLLy1OXwrg6DGU6u3YOOcL3eYAWqhseyPwGisWVs6D60NlF8qzlJWq-Y8KMSvSRr-SFguWik1V2F91d0fKSJ-v26uwreun1buRKu0DXOH4edRXw4Im0badCQa2BPMKj-Tr_xjIwGplmLM9Fkxm_nWxP1rbW5iOte4Ua3rtVBchjC-2lLirPNHf-j3T0eyinbgpcieIj3YzEsk7wBoNfYuWlBjlHce2N30c4A-kUtRFnb7iGrhKzLwRTQDL_0VwfQP4JcJTbOW0qmmTxyJ1PDsYLlA3XQvt08ZsRcgS2e_xEMW2V44jIUXvWKDwn6q7SYdkXR6cobjt8yk_EBnChusjtweFllhPTXLVpKu7HDOTvZvee-NEO0ROa3SdzbfgNhiAamKdQ_gqfAREmTnmgq5dda1IYbbNwLpvLAT3bYhU1uPDWVXh0r7vkGDjL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.233.109.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-109-105.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,tribu-source,winston-session
Access-Control-Request-Method: GET
Origin: https://tribu.groupenordik.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Tribu-Source, Winston-Session, source
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Origin: https://tribu.groupenordik.com
Access-Control-Expose-Headers: Content-Range, Authorization
Connection: keep-alive
Date: Thu, 18 Jul 2024 08:19:50 GMT
Server: nginx
X-Powered-By: Express

OPTIONS
H/1.1 204
No Content 4
tribu-api.groupenordik.com/v3.1/center/ Frame 0
0 113ms
113ms Preflight 34.233.109.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu-api.groupenordik.com/v3.1/center/4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.233.109.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-109-105.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,tribu-source,winston-session
Access-Control-Request-Method: GET
Origin: https://tribu.groupenordik.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Tribu-Source, Winston-Session, source
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Origin: https://tribu.groupenordik.com
Access-Control-Expose-Headers: Content-Range, Authorization
Connection: keep-alive
Date: Thu, 18 Jul 2024 08:19:50 GMT
Server: nginx
X-Powered-By: Express

GET
H/1.1 200
OK 4 Show response
tribu-api.groupenordik.com/v3.1/center/ 2 KB
3 KB 210ms
137ms Fetch
application/json 34.233.109.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu-api.groupenordik.com/v3.1/center/4
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/55.79f5ae2b96b075b5a4bd.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.233.109.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-109-105.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: f7a0e77bdd23f98968210e79d1f2c9a08b2fc19de758a4b32ffdcc02ab0207fc

Request headers

Referer: https://tribu.groupenordik.com/
Tribu-Source: 4
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRmNzE3NjAzLWY2ZDctNDM3NS1hODk5LTQxZWFjZjNhNGE1NCIsImxhc3RMb2dpbiI6IjIwMjQtMDctMThUMDg6MTk6NTAuNDE4WiIsIlBlcm1hbmVudFRva2VuSWQiOi02NjYsIlN0YXR1c0lkIjo0MiwiZXhwaXJ5IjoiMjAyNC0wNy0xOCAwOToxOTo1MCswMDowMCIsImlhdCI6MTcyMTI5MDc5MCwiZXhwIjoxNzIxMjk0MzkwLCJpc3MiOiJHcm91cGUgTm9yZGlrIiwic3ViIjoiaW5mb0BsZW5vcmRpay5jb20ifQ.JteyYvdnnZ9yPbjtVBOe2B_jZe7qTTld4KR9q4KUI2Lqdvbcnt8VCwmG-yfDHkdfoF2CCsayaAYzP_CoHTD9Yw
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Winston-Session: a5f8957b-03fc-43ce-aac5-798f0d225ff0
Content-Type: application/json

Response headers

Date: Thu, 18 Jul 2024 08:19:50 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"88b-DG9wWkdDLkDe3RcUvVMKngc09Cs"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tribu.groupenordik.com
Access-Control-Expose-Headers: Content-Range, Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Tribu-Source, Winston-Session, source
Content-Length: 2187

OPTIONS
H/1.1 204
No Content centers
tribu-api.groupenordik.com/v3.1/ Frame 0
0 235ms
121ms Preflight 34.233.109.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu-api.groupenordik.com/v3.1/centers
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.233.109.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-109-105.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,tribu-source,winston-session
Access-Control-Request-Method: GET
Origin: https://tribu.groupenordik.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Tribu-Source, Winston-Session, source
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Origin: https://tribu.groupenordik.com
Access-Control-Expose-Headers: Content-Range, Authorization
Connection: keep-alive
Date: Thu, 18 Jul 2024 08:19:50 GMT
Server: nginx
X-Powered-By: Express

GET
H/1.1 200
OK centers Show response
tribu-api.groupenordik.com/v3.1/ 6 KB
7 KB 132ms
131ms Fetch
application/json 34.233.109.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu-api.groupenordik.com/v3.1/centers
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/55.79f5ae2b96b075b5a4bd.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.233.109.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-109-105.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: ae7d0c61b67ea048362a9945b083551066861aa6bdbd613ca2e9969b814ee5b5

Request headers

Referer: https://tribu.groupenordik.com/
Tribu-Source: 4
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRmNzE3NjAzLWY2ZDctNDM3NS1hODk5LTQxZWFjZjNhNGE1NCIsImxhc3RMb2dpbiI6IjIwMjQtMDctMThUMDg6MTk6NTAuNDE4WiIsIlBlcm1hbmVudFRva2VuSWQiOi02NjYsIlN0YXR1c0lkIjo0MiwiZXhwaXJ5IjoiMjAyNC0wNy0xOCAwOToxOTo1MCswMDowMCIsImlhdCI6MTcyMTI5MDc5MCwiZXhwIjoxNzIxMjk0MzkwLCJpc3MiOiJHcm91cGUgTm9yZGlrIiwic3ViIjoiaW5mb0BsZW5vcmRpay5jb20ifQ.JteyYvdnnZ9yPbjtVBOe2B_jZe7qTTld4KR9q4KUI2Lqdvbcnt8VCwmG-yfDHkdfoF2CCsayaAYzP_CoHTD9Yw
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Winston-Session: a5f8957b-03fc-43ce-aac5-798f0d225ff0

Response headers

Date: Thu, 18 Jul 2024 08:19:50 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"194d-xZ8xY8QoRpULp/H7OTTI5LWIVOk"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tribu.groupenordik.com
Access-Control-Expose-Headers: Content-Range, Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Tribu-Source, Winston-Session, source
Content-Length: 6477

OPTIONS
H2 204 log
log-api.groupenordik.com/ Frame 0
0 663ms
99ms Preflight 54.174.199.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://log-api.groupenordik.com/log
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.199.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-199-219.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,tribu-source,winston-session
Access-Control-Request-Method: POST
Origin: https://tribu.groupenordik.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,Tribu-Source,Winston-Session,Source
access-control-allow-methods: GET,POST
access-control-allow-origin: https://tribu.groupenordik.com
access-control-max-age: 3600
date: Thu, 18 Jul 2024 08:19:51 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 log Show response
log-api.groupenordik.com/ 41 B
248 B 293ms
288ms Fetch
application/json 54.174.199.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://log-api.groupenordik.com/log
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/main.5588369be53b6ad4926d.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.199.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-199-219.compute-1.amazonaws.com
Software: /
Resource Hash: 224609cf094659ccdbecbb42d69479991c7a99fb3b48c07fd582af5b3865b327

Request headers

Accept: application/json
Referer: https://tribu.groupenordik.com/
Tribu-Source: 4
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRmNzE3NjAzLWY2ZDctNDM3NS1hODk5LTQxZWFjZjNhNGE1NCIsImxhc3RMb2dpbiI6IjIwMjQtMDctMThUMDg6MTk6NTAuNDE4WiIsIlBlcm1hbmVudFRva2VuSWQiOi02NjYsIlN0YXR1c0lkIjo0MiwiZXhwaXJ5IjoiMjAyNC0wNy0xOCAwOToxOTo1MCswMDowMCIsImlhdCI6MTcyMTI5MDc5MCwiZXhwIjoxNzIxMjk0MzkwLCJpc3MiOiJHcm91cGUgTm9yZGlrIiwic3ViIjoiaW5mb0BsZW5vcmRpay5jb20ifQ.JteyYvdnnZ9yPbjtVBOe2B_jZe7qTTld4KR9q4KUI2Lqdvbcnt8VCwmG-yfDHkdfoF2CCsayaAYzP_CoHTD9Yw
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Winston-Session: a5f8957b-03fc-43ce-aac5-798f0d225ff0
Content-Type: application/json

Response headers

access-control-allow-origin: https://tribu.groupenordik.com
date: Thu, 18 Jul 2024 08:19:51 GMT
access-control-expose-headers: Content-Range,Authorization
access-control-allow-credentials: true
content-length: 41
vary: Origin
content-type: application/json; charset=utf-8

GET
H2 200 0.0790a1c35c4ec68e9cbf.chunk.js Show response
tribu.groupenordik.com/ 97 KB
0 4ms
4ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu.groupenordik.com/0.0790a1c35c4ec68e9cbf.chunk.js
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/runtime~main.9aca458ff49a5f2a7d39.js
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b62d90f178240da918f5ade4d5626116bc5ba1508d9ae4310c3ea4edb479820

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:48 GMT
via: 1.1 099789dcc2dc61f3a3221c8edb33ae6a.cloudfront.net (CloudFront)
x-amz-version-id: 5OMoWAGpT9HoycO3HUmq9vkopxoHXnS9
last-modified: Fri, 12 Jul 2024 14:22:41 GMT
server: AmazonS3
age: 2931
x-amz-cf-pop: VIE50-P3
etag: "314bc18afacf521f970ef99b2c29a5c7"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 98995
x-amz-cf-id: q7QJK7BhW2HgU2tvLhrYnQIpF9Lm8XA5iqXK6dX86kr9-fHbp6rTLg==

GET
H2 200 1.1333df2853aa99443584.chunk.js Show response
tribu.groupenordik.com/ 11 KB
0 4ms
4ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu.groupenordik.com/1.1333df2853aa99443584.chunk.js
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/runtime~main.9aca458ff49a5f2a7d39.js
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e264bc369fb6d4162ddcbe4daeb03fa7697d9eeb3cf0889196ec428d6b32670d

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:48 GMT
via: 1.1 099789dcc2dc61f3a3221c8edb33ae6a.cloudfront.net (CloudFront)
x-amz-version-id: bSgqgevEjyaBJ94PgiDhVX6efpieMwST
last-modified: Fri, 12 Jul 2024 14:22:39 GMT
server: AmazonS3
age: 2931
x-amz-cf-pop: VIE50-P3
etag: "132fbc267c1edb1e4300301398a5ab77"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 11650
x-amz-cf-id: DdfXN6nye06mFdn6xi_PWbNBNIjujhMPqhMHkhKpZNmnV_3po96yzQ==

GET
H2 200 2.e4d0c86be1bd415f22c6.chunk.js Show response
tribu.groupenordik.com/ 519 KB
0 5ms
5ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu.groupenordik.com/2.e4d0c86be1bd415f22c6.chunk.js
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/runtime~main.9aca458ff49a5f2a7d39.js
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b404f67b7cc814d8324dea98af99f7406bdc58ccf3951d53c0dd136c097d9faa

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:48 GMT
via: 1.1 099789dcc2dc61f3a3221c8edb33ae6a.cloudfront.net (CloudFront)
x-amz-version-id: fLa9RaAS3glG4OaF_QEQxjizhWXTB_8B
last-modified: Fri, 12 Jul 2024 14:22:39 GMT
server: AmazonS3
age: 2931
x-amz-cf-pop: VIE50-P3
etag: "af893780b4929c9001823d90ca5d3a40"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 531906
x-amz-cf-id: iRNsUYpPoFFgtsnjcQ4mHJv39Oy4iG9Z_XmUPWWxQNBNz6keXkRA9Q==

GET
H2 200 6.05c04ba6f51bdf241e82.chunk.js Show response
tribu.groupenordik.com/ 72 KB
0 4ms
4ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu.groupenordik.com/6.05c04ba6f51bdf241e82.chunk.js
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/runtime~main.9aca458ff49a5f2a7d39.js
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21070a9162abb1b3856867407478e1e88d3c3846f63c1b542c37b6fd253623bc

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:48 GMT
via: 1.1 099789dcc2dc61f3a3221c8edb33ae6a.cloudfront.net (CloudFront)
x-amz-version-id: TKeJvjbqLsDbuRBeMBTfbbGsT.Gej9z4
last-modified: Fri, 12 Jul 2024 14:22:41 GMT
server: AmazonS3
age: 2931
x-amz-cf-pop: VIE50-P3
etag: "681c87c1e15cdd7f95fec9b2b8191854"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 73706
x-amz-cf-id: eVRdOdWOcdwt0-3Y41YdaW5SPnwfqhDlXnsRicve13DrpcXVN6sIog==

POST
H2 200 log Show response
log-api.groupenordik.com/ 41 B
248 B 290ms
287ms Fetch
application/json 54.174.199.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://log-api.groupenordik.com/log
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/main.5588369be53b6ad4926d.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.199.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-199-219.compute-1.amazonaws.com
Software: /
Resource Hash: 224609cf094659ccdbecbb42d69479991c7a99fb3b48c07fd582af5b3865b327

Request headers

Accept: application/json
Referer: https://tribu.groupenordik.com/
Tribu-Source: 4
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRmNzE3NjAzLWY2ZDctNDM3NS1hODk5LTQxZWFjZjNhNGE1NCIsImxhc3RMb2dpbiI6IjIwMjQtMDctMThUMDg6MTk6NTAuNDE4WiIsIlBlcm1hbmVudFRva2VuSWQiOi02NjYsIlN0YXR1c0lkIjo0MiwiZXhwaXJ5IjoiMjAyNC0wNy0xOCAwOToxOTo1MCswMDowMCIsImlhdCI6MTcyMTI5MDc5MCwiZXhwIjoxNzIxMjk0MzkwLCJpc3MiOiJHcm91cGUgTm9yZGlrIiwic3ViIjoiaW5mb0BsZW5vcmRpay5jb20ifQ.JteyYvdnnZ9yPbjtVBOe2B_jZe7qTTld4KR9q4KUI2Lqdvbcnt8VCwmG-yfDHkdfoF2CCsayaAYzP_CoHTD9Yw
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Winston-Session: a5f8957b-03fc-43ce-aac5-798f0d225ff0
Content-Type: application/json

Response headers

access-control-allow-origin: https://tribu.groupenordik.com
date: Thu, 18 Jul 2024 08:19:51 GMT
access-control-expose-headers: Content-Range,Authorization
access-control-allow-credentials: true
content-length: 41
vary: Origin
content-type: application/json; charset=utf-8

POST
H2 200 log Show response
log-api.groupenordik.com/ 41 B
248 B 290ms
286ms Fetch
application/json 54.174.199.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://log-api.groupenordik.com/log
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/main.5588369be53b6ad4926d.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.199.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-199-219.compute-1.amazonaws.com
Software: /
Resource Hash: 224609cf094659ccdbecbb42d69479991c7a99fb3b48c07fd582af5b3865b327

Request headers

Accept: application/json
Referer: https://tribu.groupenordik.com/
Tribu-Source: 4
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRmNzE3NjAzLWY2ZDctNDM3NS1hODk5LTQxZWFjZjNhNGE1NCIsImxhc3RMb2dpbiI6IjIwMjQtMDctMThUMDg6MTk6NTAuNDE4WiIsIlBlcm1hbmVudFRva2VuSWQiOi02NjYsIlN0YXR1c0lkIjo0MiwiZXhwaXJ5IjoiMjAyNC0wNy0xOCAwOToxOTo1MCswMDowMCIsImlhdCI6MTcyMTI5MDc5MCwiZXhwIjoxNzIxMjk0MzkwLCJpc3MiOiJHcm91cGUgTm9yZGlrIiwic3ViIjoiaW5mb0BsZW5vcmRpay5jb20ifQ.JteyYvdnnZ9yPbjtVBOe2B_jZe7qTTld4KR9q4KUI2Lqdvbcnt8VCwmG-yfDHkdfoF2CCsayaAYzP_CoHTD9Yw
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Winston-Session: a5f8957b-03fc-43ce-aac5-798f0d225ff0
Content-Type: application/json

Response headers

access-control-allow-origin: https://tribu.groupenordik.com
date: Thu, 18 Jul 2024 08:19:51 GMT
access-control-expose-headers: Content-Range,Authorization
access-control-allow-credentials: true
content-length: 41
vary: Origin
content-type: application/json; charset=utf-8

POST
H/1.1 200
OK drafts Show response
tribu-api.groupenordik.com/v3.1/reservations/center/4/ 3 KB
3 KB 429ms
230ms Fetch
application/json 34.233.109.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu-api.groupenordik.com/v3.1/reservations/center/4/drafts
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/55.79f5ae2b96b075b5a4bd.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.233.109.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-109-105.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: 8961772183e69c3f47f069eb2a50016126dde6ffa7d0c180cb8cf7e42c19efad

Request headers

Referer: https://tribu.groupenordik.com/
Tribu-Source: 4
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRmNzE3NjAzLWY2ZDctNDM3NS1hODk5LTQxZWFjZjNhNGE1NCIsImxhc3RMb2dpbiI6IjIwMjQtMDctMThUMDg6MTk6NTAuNDE4WiIsIlBlcm1hbmVudFRva2VuSWQiOi02NjYsIlN0YXR1c0lkIjo0MiwiZXhwaXJ5IjoiMjAyNC0wNy0xOCAwOToxOTo1MCswMDowMCIsImlhdCI6MTcyMTI5MDc5MCwiZXhwIjoxNzIxMjk0MzkwLCJpc3MiOiJHcm91cGUgTm9yZGlrIiwic3ViIjoiaW5mb0BsZW5vcmRpay5jb20ifQ.JteyYvdnnZ9yPbjtVBOe2B_jZe7qTTld4KR9q4KUI2Lqdvbcnt8VCwmG-yfDHkdfoF2CCsayaAYzP_CoHTD9Yw
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Winston-Session: a5f8957b-03fc-43ce-aac5-798f0d225ff0
Content-Type: application/json

Response headers

Date: Thu, 18 Jul 2024 08:19:51 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"a15-6G1KcmkKl/MdIr2ussOQ5SCmY7g"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tribu.groupenordik.com
Access-Control-Expose-Headers: Content-Range, Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Tribu-Source, Winston-Session, source
Content-Length: 2581

GET
H2 200 Thermea_logo_spa_village_whitby_color.png
cdn.groupenordik.com/logo/color/ 32 KB
33 KB 562ms
43ms Image
image/png 108.156.60.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.groupenordik.com/logo/color/Thermea_logo_spa_village_whitby_color.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-79.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e076b2a21de75325ae18a6e6605cea109773f8ab9046f9ba3d7b4400044e4a56

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:51 GMT
via: 1.1 3bdef981159de9c713020c64476ba0e4.cloudfront.net (CloudFront)
last-modified: Tue, 03 Nov 2020 12:33:41 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 61984
etag: "7e6e28d901a00b4cd790dbe9aed76d85"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 33183
x-amz-cf-id: rHXeoshVxrXEBRsw7iyJ6YSDGiF7TTep0kWHqBbSL80jVO8aLtghGQ==

OPTIONS
H2 204 log
log-api.groupenordik.com/ Frame 0
0 647ms
99ms Preflight 54.174.199.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://log-api.groupenordik.com/log
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.199.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-199-219.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,tribu-source,winston-session
Access-Control-Request-Method: POST
Origin: https://tribu.groupenordik.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,Tribu-Source,Winston-Session,Source
access-control-allow-methods: GET,POST
access-control-allow-origin: https://tribu.groupenordik.com
access-control-max-age: 3600
date: Thu, 18 Jul 2024 08:19:51 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 204 log
log-api.groupenordik.com/ Frame 0
0 644ms
98ms Preflight 54.174.199.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://log-api.groupenordik.com/log
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.199.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-199-219.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,tribu-source,winston-session
Access-Control-Request-Method: POST
Origin: https://tribu.groupenordik.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,Tribu-Source,Winston-Session,Source
access-control-allow-methods: GET,POST
access-control-allow-origin: https://tribu.groupenordik.com
access-control-max-age: 3600
date: Thu, 18 Jul 2024 08:19:51 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H/1.1 204
No Content drafts
tribu-api.groupenordik.com/v3.1/reservations/center/4/ Frame 0
0 111ms
108ms Preflight 34.233.109.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu-api.groupenordik.com/v3.1/reservations/center/4/drafts
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.233.109.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-109-105.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,tribu-source,winston-session
Access-Control-Request-Method: POST
Origin: https://tribu.groupenordik.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Tribu-Source, Winston-Session, source
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Origin: https://tribu.groupenordik.com
Access-Control-Expose-Headers: Content-Range, Authorization
Connection: keep-alive
Date: Thu, 18 Jul 2024 08:19:50 GMT
Server: nginx
X-Powered-By: Express

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 6 KB
2 KB 148ms
89ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UNeZWk

Requested by

Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/vendors~main.b27ca1426c94650c4c27.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

775c867eab5b4d79380568e5d6a3c02603cb19fc6995baebd229950f4381ff35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 18 Jul 2024 08:19:50 GMT
age: 30922
x-cache: HIT, MISS
content-length: 1176
x-served-by: cache-lga21965-LGA, cache-fra-etou8220085-FRA
server: nginx
x-timer: S1721290791.907572,VS0,VE83
etag: "7942f819615768147f202ed585273a03"
allow: GET, OPTIONS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-language: en-us
cache-control: max-age=1, stale-while-revalidate=10800, stale-if-error=86400
access-control-allow-credentials: true
content-type: application/javascript
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 38, 0

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 11 KB
4 KB 52ms
12ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=657556&u=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations&f=1&vn=1.4
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/center/4/reservations
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 31d91027f955b76a9620ed4ce170dce41c8b4188ff24ee7b69c2233ec3e50cac

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:50 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1721229965"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 331 KB
104 KB 69ms
29ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCFQX99

Requested by

Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/center/4/reservations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62862828b35915aad09a58a8121bc41660c0670c8b93fbef59aac06f991720ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106526
x-xss-protection: 0
last-modified: Thu, 18 Jul 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Jul 2024 08:19:50 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 43ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:09:13 GMT
x-content-type-options: nosniff
age: 213037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Jul 2025 21:09:13 GMT

GET
H2 200 NoeDisplay-Bold.ttf
tribu.groupenordik.com/public/fonts/NoeDisplay/ 105 KB
106 KB 36ms
33ms Font
font/ttf 3.165.206.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu.groupenordik.com/public/fonts/NoeDisplay/NoeDisplay-Bold.ttf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.206.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-206-18.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7caa7ea71906bf87ec15a6c606555ea4eba0681344e339f3cad56bf8e81bdb0f

Request headers

Referer: https://tribu.groupenordik.com/center/4/reservations
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: mK2qjkELL8OmwsXy1o9Yv9CsLBDYZcm3
date: Thu, 18 Jul 2024 08:19:50 GMT
via: 1.1 099789dcc2dc61f3a3221c8edb33ae6a.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jul 2024 14:22:42 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P3
age: 2932
x-amz-server-side-encryption: AES256
etag: "30a71dcf9a1c39558ca4e97c92a4b2fa"
x-cache: Hit from cloudfront
content-type: font/ttf
accept-ranges: bytes
content-length: 107772
x-amz-cf-id: y4Sq4-d7-QZa1e6KOQg_ibG-6myi0RZMJCiqWRh35LEoMJV5d1QULQ==

GET
H2 200 fabric-icons-a13498cf.woff
spoppe-b.azureedge.net/files/fabric-cdn-prod_20210407.001/assets/icons/ 7 KB
7 KB 74ms
8ms Font
font/woff 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://spoppe-b.azureedge.net/files/fabric-cdn-prod_20210407.001/assets/icons/fabric-icons-a13498cf.woff
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C9C) /
Resource Hash: 43c551ea819a83b1100f566ecf6bd70db5a019f165d221200af2df11c4448627

Request headers

Referer: https://tribu.groupenordik.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 18 Jul 2024 08:19:50 GMT
content-md5: FOwtMfN7sPQ/1EHRHncdUA==
age: 10042141
x-cache: HIT
content-length: 6784
x-ms-lease-status: unlocked
last-modified: Wed, 07 Apr 2021 19:14:54 GMT
server: ECAcc (frc/4C9C)
etag: 0x8D8F9F96D1DC619
content-type: font/woff
access-control-allow-origin: *
x-ms-request-id: e49ea690-a01e-006c-7a96-7dc048000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

OPTIONS
H2 204 log
log-api.groupenordik.com/ Frame 0
0 501ms
99ms Preflight 54.174.199.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://log-api.groupenordik.com/log
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.199.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-199-219.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,tribu-source,winston-session
Access-Control-Request-Method: POST
Origin: https://tribu.groupenordik.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,Tribu-Source,Winston-Session,Source
access-control-allow-methods: GET,POST
access-control-allow-origin: https://tribu.groupenordik.com
access-control-max-age: 3600
date: Thu, 18 Jul 2024 08:19:51 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H/1.1 204
No Content advisory
tribu-api.groupenordik.com/v3.1/ Frame 0
0 112ms
112ms Preflight 34.233.109.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu-api.groupenordik.com/v3.1/advisory?StatusId=153&CenterId=4&startDate=2024-07-18&endDate=2024-07-18
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.233.109.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-109-105.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,tribu-source,winston-session
Access-Control-Request-Method: GET
Origin: https://tribu.groupenordik.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Tribu-Source, Winston-Session, source
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Origin: https://tribu.groupenordik.com
Access-Control-Expose-Headers: Content-Range, Authorization
Connection: keep-alive
Date: Thu, 18 Jul 2024 08:19:51 GMT
Server: nginx
X-Powered-By: Express

GET
H2 200 css
fonts.googleapis.com/ 23 KB
0 0ms
0ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display:400,400i%7CRaleway:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4eff49008ae499712c5aef82be66b2427a5868692af2a70cfeb1f69f8aec276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jul 2024 08:19:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jul 2024 08:19:49 GMT

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
0 1ms
1ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e55be984fa65654a00a393579c8b9544656bb7d0a2eb49ab2629022ac6cd41f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jul 2024 07:50:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jul 2024 08:19:49 GMT

POST
H2 200 log Show response
log-api.groupenordik.com/ 41 B
248 B 278ms
274ms Fetch
application/json 54.174.199.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://log-api.groupenordik.com/log
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/main.5588369be53b6ad4926d.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.199.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-199-219.compute-1.amazonaws.com
Software: /
Resource Hash: 224609cf094659ccdbecbb42d69479991c7a99fb3b48c07fd582af5b3865b327

Request headers

Accept: application/json
Referer: https://tribu.groupenordik.com/
Tribu-Source: 4
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRmNzE3NjAzLWY2ZDctNDM3NS1hODk5LTQxZWFjZjNhNGE1NCIsImxhc3RMb2dpbiI6IjIwMjQtMDctMThUMDg6MTk6NTAuNDE4WiIsIlBlcm1hbmVudFRva2VuSWQiOi02NjYsIlN0YXR1c0lkIjo0MiwiZXhwaXJ5IjoiMjAyNC0wNy0xOCAwOToxOTo1MCswMDowMCIsImlhdCI6MTcyMTI5MDc5MCwiZXhwIjoxNzIxMjk0MzkwLCJpc3MiOiJHcm91cGUgTm9yZGlrIiwic3ViIjoiaW5mb0BsZW5vcmRpay5jb20ifQ.JteyYvdnnZ9yPbjtVBOe2B_jZe7qTTld4KR9q4KUI2Lqdvbcnt8VCwmG-yfDHkdfoF2CCsayaAYzP_CoHTD9Yw
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Winston-Session: a5f8957b-03fc-43ce-aac5-798f0d225ff0
Content-Type: application/json

Response headers

access-control-allow-origin: https://tribu.groupenordik.com
date: Thu, 18 Jul 2024 08:19:51 GMT
access-control-expose-headers: Content-Range,Authorization
access-control-allow-credentials: true
content-length: 41
vary: Origin
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK advisory Show response
tribu-api.groupenordik.com/v3.1/ 978 B
2 KB 136ms
135ms Fetch
application/json 34.233.109.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu-api.groupenordik.com/v3.1/advisory?StatusId=153&CenterId=4&startDate=2024-07-18&endDate=2024-07-18
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/55.79f5ae2b96b075b5a4bd.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.233.109.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-109-105.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: 7752a73d9188c4899446711c59a7ce7acc537b346f4ea359e2bb3ed8cdb7f897

Request headers

Referer: https://tribu.groupenordik.com/
Tribu-Source: 4
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRmNzE3NjAzLWY2ZDctNDM3NS1hODk5LTQxZWFjZjNhNGE1NCIsImxhc3RMb2dpbiI6IjIwMjQtMDctMThUMDg6MTk6NTAuNDE4WiIsIlBlcm1hbmVudFRva2VuSWQiOi02NjYsIlN0YXR1c0lkIjo0MiwiZXhwaXJ5IjoiMjAyNC0wNy0xOCAwOToxOTo1MCswMDowMCIsImlhdCI6MTcyMTI5MDc5MCwiZXhwIjoxNzIxMjk0MzkwLCJpc3MiOiJHcm91cGUgTm9yZGlrIiwic3ViIjoiaW5mb0BsZW5vcmRpay5jb20ifQ.JteyYvdnnZ9yPbjtVBOe2B_jZe7qTTld4KR9q4KUI2Lqdvbcnt8VCwmG-yfDHkdfoF2CCsayaAYzP_CoHTD9Yw
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Winston-Session: a5f8957b-03fc-43ce-aac5-798f0d225ff0

Response headers

Date: Thu, 18 Jul 2024 08:19:51 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"3d2-E5RobMkDLAKWb4I2170GahR5XW4"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tribu.groupenordik.com
Access-Control-Expose-Headers: Content-Range, Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Tribu-Source, Winston-Session, source
Content-Length: 978

POST
H2 200 log Show response
log-api.groupenordik.com/ 41 B
248 B 260ms
256ms Fetch
application/json 54.174.199.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://log-api.groupenordik.com/log
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/main.5588369be53b6ad4926d.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.199.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-199-219.compute-1.amazonaws.com
Software: /
Resource Hash: 224609cf094659ccdbecbb42d69479991c7a99fb3b48c07fd582af5b3865b327

Request headers

Accept: application/json
Referer: https://tribu.groupenordik.com/
Tribu-Source: 4
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRmNzE3NjAzLWY2ZDctNDM3NS1hODk5LTQxZWFjZjNhNGE1NCIsImxhc3RMb2dpbiI6IjIwMjQtMDctMThUMDg6MTk6NTAuNDE4WiIsIlBlcm1hbmVudFRva2VuSWQiOi02NjYsIlN0YXR1c0lkIjo0MiwiZXhwaXJ5IjoiMjAyNC0wNy0xOCAwOToxOTo1MCswMDowMCIsImlhdCI6MTcyMTI5MDc5MCwiZXhwIjoxNzIxMjk0MzkwLCJpc3MiOiJHcm91cGUgTm9yZGlrIiwic3ViIjoiaW5mb0BsZW5vcmRpay5jb20ifQ.JteyYvdnnZ9yPbjtVBOe2B_jZe7qTTld4KR9q4KUI2Lqdvbcnt8VCwmG-yfDHkdfoF2CCsayaAYzP_CoHTD9Yw
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Winston-Session: a5f8957b-03fc-43ce-aac5-798f0d225ff0
Content-Type: application/json

Response headers

access-control-allow-origin: https://tribu.groupenordik.com
date: Thu, 18 Jul 2024 08:19:51 GMT
access-control-expose-headers: Content-Range,Authorization
access-control-allow-credentials: true
content-length: 41
vary: Origin
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK advisory Show response
tribu-api.groupenordik.com/v3.1/ 978 B
519 B 487ms
210ms Fetch
application/json 34.233.109.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu-api.groupenordik.com/v3.1/advisory?StatusId=153&CenterId=4&startDate=2024-07-18&endDate=2024-07-18
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/55.79f5ae2b96b075b5a4bd.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.233.109.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-109-105.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: 7752a73d9188c4899446711c59a7ce7acc537b346f4ea359e2bb3ed8cdb7f897

Request headers

Referer: https://tribu.groupenordik.com/
Tribu-Source: 4
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRmNzE3NjAzLWY2ZDctNDM3NS1hODk5LTQxZWFjZjNhNGE1NCIsImxhc3RMb2dpbiI6IjIwMjQtMDctMThUMDg6MTk6NTAuNDE4WiIsIlBlcm1hbmVudFRva2VuSWQiOi02NjYsIlN0YXR1c0lkIjo0MiwiZXhwaXJ5IjoiMjAyNC0wNy0xOCAwOToxOTo1MCswMDowMCIsImlhdCI6MTcyMTI5MDc5MCwiZXhwIjoxNzIxMjk0MzkwLCJpc3MiOiJHcm91cGUgTm9yZGlrIiwic3ViIjoiaW5mb0BsZW5vcmRpay5jb20ifQ.JteyYvdnnZ9yPbjtVBOe2B_jZe7qTTld4KR9q4KUI2Lqdvbcnt8VCwmG-yfDHkdfoF2CCsayaAYzP_CoHTD9Yw
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Winston-Session: a5f8957b-03fc-43ce-aac5-798f0d225ff0

Response headers

Date: Thu, 18 Jul 2024 08:19:51 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"3d2-E5RobMkDLAKWb4I2170GahR5XW4"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tribu.groupenordik.com
Access-Control-Expose-Headers: Content-Range, Authorization
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Tribu-Source, Winston-Session, source
Content-Length: 978

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
0 1ms
0ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:09:13 GMT
x-content-type-options: nosniff
age: 213037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Jul 2025 21:09:13 GMT

GET
H2 200 NoeDisplay-Bold.ttf
tribu.groupenordik.com/public/fonts/NoeDisplay/ 105 KB
0 2ms
1ms Font
font/ttf 3.165.206.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu.groupenordik.com/public/fonts/NoeDisplay/NoeDisplay-Bold.ttf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.206.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-206-18.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7caa7ea71906bf87ec15a6c606555ea4eba0681344e339f3cad56bf8e81bdb0f

Request headers

Referer: https://tribu.groupenordik.com/center/4/reservations
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: mK2qjkELL8OmwsXy1o9Yv9CsLBDYZcm3
date: Thu, 18 Jul 2024 08:19:50 GMT
via: 1.1 099789dcc2dc61f3a3221c8edb33ae6a.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jul 2024 14:22:42 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P3
age: 2932
x-amz-server-side-encryption: AES256
etag: "30a71dcf9a1c39558ca4e97c92a4b2fa"
x-cache: Hit from cloudfront
content-type: font/ttf
accept-ranges: bytes
content-length: 107772
x-amz-cf-id: y4Sq4-d7-QZa1e6KOQg_ibG-6myi0RZMJCiqWRh35LEoMJV5d1QULQ==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
0 2ms
2ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:09:13 GMT
x-content-type-options: nosniff
age: 213037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Jul 2025 21:09:13 GMT

GET
H2 200 ico-calandar.svg
tribu.groupenordik.com/public/icons/ 3 KB
3 KB 426ms
422ms Image
image/svg+xml 3.165.206.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tribu.groupenordik.com/public/icons/ico-calandar.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.206.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-206-18.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a7e28167d5600d93f17a2d4a5c3f5358922344b9eb5caff879e7bd30946dc74

Request headers

Referer: https://tribu.groupenordik.com/center/4/reservations
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: X7rRCZDTLugBrBeEeii6ZsF9thOFek82
date: Thu, 18 Jul 2024 08:19:52 GMT
via: 1.1 099789dcc2dc61f3a3221c8edb33ae6a.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jul 2024 14:22:42 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P3
x-amz-server-side-encryption: AES256
etag: "d72f4de8cd52933b66471ac3ea53cfb7"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: rcrkTZFfXVu3xBbTLCNOhqQWX6sK4eaiz2jY-LlkZLLhaxdIq-GFsQ==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
0 1ms
1ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:09:13 GMT
x-content-type-options: nosniff
age: 213037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Jul 2025 21:09:13 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
0 1ms
1ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:09:13 GMT
x-content-type-options: nosniff
age: 213037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Jul 2025 21:09:13 GMT

GET
H3 200 tag-ac8701a1ac1f94912bd75a261983ffe8.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 196 KB
54 KB 41ms
29ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-ac8701a1ac1f94912bd75a261983ffe8.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=657556&u=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations&f=1&vn=1.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 4c61a1cff50857d8166a02a383862bc8420f0cf38117552044037e9d76de51be

Request headers

Referer: https://tribu.groupenordik.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:50 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 17 Jul 2024 15:25:45 GMT
server: gfra1
etag: "6697e279-d8a7"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55463

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
143 B 165ms
163ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=657556&d=tribu.groupenordik.com&u=D6D164463945141349C22DB9749B11530&h=51b5c83006c7bbc8a69778633784bca8&t=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv2c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:51 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv2c
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

POST
H2 200 log Show response
log-api.groupenordik.com/ 41 B
248 B 275ms
272ms Fetch
application/json 54.174.199.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://log-api.groupenordik.com/log
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/main.5588369be53b6ad4926d.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.199.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-199-219.compute-1.amazonaws.com
Software: /
Resource Hash: 224609cf094659ccdbecbb42d69479991c7a99fb3b48c07fd582af5b3865b327

Request headers

Accept: application/json
Referer: https://tribu.groupenordik.com/
Tribu-Source: 4
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRmNzE3NjAzLWY2ZDctNDM3NS1hODk5LTQxZWFjZjNhNGE1NCIsImxhc3RMb2dpbiI6IjIwMjQtMDctMThUMDg6MTk6NTAuNDE4WiIsIlBlcm1hbmVudFRva2VuSWQiOi02NjYsIlN0YXR1c0lkIjo0MiwiZXhwaXJ5IjoiMjAyNC0wNy0xOCAwOToxOTo1MCswMDowMCIsImlhdCI6MTcyMTI5MDc5MCwiZXhwIjoxNzIxMjk0MzkwLCJpc3MiOiJHcm91cGUgTm9yZGlrIiwic3ViIjoiaW5mb0BsZW5vcmRpay5jb20ifQ.JteyYvdnnZ9yPbjtVBOe2B_jZe7qTTld4KR9q4KUI2Lqdvbcnt8VCwmG-yfDHkdfoF2CCsayaAYzP_CoHTD9Yw
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Winston-Session: a5f8957b-03fc-43ce-aac5-798f0d225ff0
Content-Type: application/json

Response headers

access-control-allow-origin: https://tribu.groupenordik.com
date: Thu, 18 Jul 2024 08:19:51 GMT
access-control-expose-headers: Content-Range,Authorization
access-control-allow-credentials: true
content-length: 41
vary: Origin
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK advisory Show response
tribu-api.groupenordik.com/v3.1/ 978 B
519 B 285ms
157ms Fetch
application/json 34.233.109.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu-api.groupenordik.com/v3.1/advisory?StatusId=153&CenterId=4&startDate=2024-07-18&endDate=2024-07-18
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/55.79f5ae2b96b075b5a4bd.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.233.109.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-109-105.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: 7752a73d9188c4899446711c59a7ce7acc537b346f4ea359e2bb3ed8cdb7f897

Request headers

Referer: https://tribu.groupenordik.com/
Tribu-Source: 4
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRmNzE3NjAzLWY2ZDctNDM3NS1hODk5LTQxZWFjZjNhNGE1NCIsImxhc3RMb2dpbiI6IjIwMjQtMDctMThUMDg6MTk6NTAuNDE4WiIsIlBlcm1hbmVudFRva2VuSWQiOi02NjYsIlN0YXR1c0lkIjo0MiwiZXhwaXJ5IjoiMjAyNC0wNy0xOCAwOToxOTo1MCswMDowMCIsImlhdCI6MTcyMTI5MDc5MCwiZXhwIjoxNzIxMjk0MzkwLCJpc3MiOiJHcm91cGUgTm9yZGlrIiwic3ViIjoiaW5mb0BsZW5vcmRpay5jb20ifQ.JteyYvdnnZ9yPbjtVBOe2B_jZe7qTTld4KR9q4KUI2Lqdvbcnt8VCwmG-yfDHkdfoF2CCsayaAYzP_CoHTD9Yw
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Winston-Session: a5f8957b-03fc-43ce-aac5-798f0d225ff0

Response headers

Date: Thu, 18 Jul 2024 08:19:51 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"3d2-E5RobMkDLAKWb4I2170GahR5XW4"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tribu.groupenordik.com
Access-Control-Expose-Headers: Content-Range, Authorization
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Tribu-Source, Winston-Session, source
Content-Length: 978

GET
H2 200 fender_analytics.f692ee00c71150d7db91.js Show response
static-tracking.klaviyo.com/onsite/js/ 31 KB
13 KB 285ms
9ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.f692ee00c71150d7db91.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UNeZWk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56

Request headers

Referer: https://tribu.groupenordik.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 5WJy..Lo4mK2jnII0rHa1l5haINArMgZ
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 18 Jul 2024 08:19:51 GMT
x-amz-request-id: 41Y2RTP149KA3F25
age: 30943
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12748
x-amz-id-2: mKL1xWMRGO3xerTYlPL0yRvVbZ5DZgnzOEYw7UzT/IairFK8mTlaNUFMOeD5za6kjnB4D8Fzjtw=
x-served-by: cache-lga21947-LGA, cache-fra-etou8220068-FRA
last-modified: Thu, 11 Apr 2024 15:48:20 GMT
server: AmazonS3
etag: "cb6418619f08d5e582cf68f2d2432438"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: f762585ddd3a013913c4e420e75aa2819d1084f2
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 10, 6720

GET
H2 200 static.500134348b1f0969ffe3.js Show response
static-tracking.klaviyo.com/onsite/js/ 2 KB
1 KB 285ms
10ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UNeZWk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

Referer: https://tribu.groupenordik.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 2L_.X11dgB5ItJdIxOLpsdUl7RuAaHwi
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Thu, 18 Jul 2024 08:19:51 GMT
x-amz-request-id: F82JVRQFRQE0D0ND
age: 30943
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 1029
x-amz-id-2: XmO+iStmg5njyuMH7vXkQdM03SQBJDOIcVKuFvHQmczFeeUes7JtthO+XbG+RcAUTnJlfLyP1tUWCT8PTcmHv+9kgXg+SY0S
x-served-by: cache-lga21976-LGA, cache-fra-etou8220068-FRA
last-modified: Wed, 27 Mar 2024 10:30:34 GMT
server: AmazonS3
etag: "64de10774c3382fe4adddab07ea17f0d"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 2825b63e6933b08d1be25eea4d99ad73625b8faa
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 3169, 6819

GET
H2 200 runtime.7ff3ebc3099743cd438f.js Show response
static.klaviyo.com/onsite/js/ 20 KB
8 KB 23ms
8ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/runtime.7ff3ebc3099743cd438f.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UNeZWk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20df2c1c2170ba0eb77de27df09eee23ec72623191fb14da51646ec5d0fe1982

Request headers

Referer: https://tribu.groupenordik.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: VoBOz0BOmB0XD6FGKXJy.zNt3Bl6JQ0g
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 18 Jul 2024 08:19:51 GMT
x-amz-request-id: BE7VQ4R20VNKZYAF
age: 30943
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 7697
x-amz-id-2: KTqeMjT3YG0zZijeNMlQ9pd9Qq6dTFAYw9AbjTJ+Ng/Qn5oWN/SBzsWzJNuD9OHVIgTnbnwYIhkcVP7Nn8dTZw==
x-served-by: cache-lga21920-LGA, cache-fra-eddf8230100-FRA
last-modified: Wed, 17 Jul 2024 19:57:18 GMT
server: AmazonS3
etag: "279229b19205851d17c512bf01339b0e"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: f1c6516e02f57938c63fa8c4fa01601397355ffd
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 37, 18026

GET
H2 200 sharedUtils.58c71a5d906c1c27c8e6.js Show response
static.klaviyo.com/onsite/js/ 48 KB
18 KB 24ms
10ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.58c71a5d906c1c27c8e6.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UNeZWk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43f84fc07ca84521ccdd33195be1d62cbe8b43720aecc3e26d859b15061c3b30

Request headers

Referer: https://tribu.groupenordik.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: ITWaxvCLmiXAceusM0.5yRJFy.eMUuuz
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 18 Jul 2024 08:19:51 GMT
x-amz-request-id: FY7ATG7XXCNQ66H2
age: 30943
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 17916
x-amz-id-2: dnsW8FA9YHOznUgcBOOipeCChPutGh4+MstMRwg50IZcDj4sMsAEPm03Ts6wH4QAP830M5Y+miU=
x-served-by: cache-lga21941-LGA, cache-fra-eddf8230100-FRA
last-modified: Thu, 27 Jun 2024 09:36:48 GMT
server: AmazonS3
etag: "6cc01be3baf017cfa85878bcac0f9e8f"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 912e2bb7dd18552828727b3c1954397389e047e7
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 425464, 15805

GET
H2 200 vendors~signup_forms~post_identification_sync~onsite-triggering.c14341885543cb645efc.js Show response
static.klaviyo.com/onsite/js/ 12 KB
4 KB 23ms
8ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms~post_identification_sync~onsite-triggering.c14341885543cb645efc.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UNeZWk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2222a907ad2fb7ba41f4a997ef171321add118fc95f14be074debc3290e1ac59

Request headers

Referer: https://tribu.groupenordik.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Ez16MoxhPquxXdlhYF9sWgpH9m1QDXhm
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 18 Jul 2024 08:19:51 GMT
x-amz-request-id: RC12JSQ3R2B07EYD
age: 30942
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 4100
x-amz-id-2: p7UZsp5JEN6wbLK2qdMQiZclhFKdFs4cb20pOOn9PVKbj9SooS36vR7ofoo/uX+CX/Nk+9WS8KGYF+3M3QRlD7eNxjq71Z+e
x-served-by: cache-lga21980-LGA, cache-fra-eddf8230100-FRA
last-modified: Mon, 24 Jun 2024 13:00:51 GMT
server: AmazonS3
etag: "9ffe3c33ee0912112ebffc1673dcb79e"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 1ba971f639266cabe55904cbeae0edad9add3ed4
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 11, 12498

GET
H2 200 vendors~signup_forms.02363fe5acd5fa75cb6b.js Show response
static.klaviyo.com/onsite/js/ 21 KB
7 KB 23ms
9ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UNeZWk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0a9caf662f6ac36c25690c76124101ec7ee0d8937734ddf35ffa89dfb7120ad

Request headers

Referer: https://tribu.groupenordik.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Mekwof6XjI4q2BHYhTSsMqFmFe4SDBfo
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 18 Jul 2024 08:19:51 GMT
x-amz-request-id: RC1EAVJFCYCYTEDW
age: 30942
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 6996
x-amz-id-2: hXz2idQOMfvufPQKWZX9zk3PUt+OZnC/NjRGF7CqBFcdHgDlBey9v48kAMOPi/ieP96Pmm9RUjHnRiSsZxSO8IqTE5wpOq6A
x-served-by: cache-lga21949-LGA, cache-fra-eddf8230100-FRA
last-modified: Mon, 24 Jun 2024 13:00:51 GMT
server: AmazonS3
etag: "61ccc2011600d4f458768ffe94ddb555"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 1ba971f639266cabe55904cbeae0edad9add3ed4
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 26, 12383

GET
H2 200 default~signup_forms~onsite-triggering.880bde204b8ee5a4bc37.js Show response
static.klaviyo.com/onsite/js/ 32 KB
10 KB 24ms
10ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/default~signup_forms~onsite-triggering.880bde204b8ee5a4bc37.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UNeZWk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 914f159ab6f0a08a1cec049c6ed2b02c6dce9a3c6a5d7103c1028baf5c6ddfcd

Request headers

Referer: https://tribu.groupenordik.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: TCLdJkL8Iy0EL9kJPG2XU3Ulc0EcHiYO
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 18 Jul 2024 08:19:51 GMT
x-amz-request-id: CPRP7MF7AHSYEWER
age: 30942
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 9251
x-amz-id-2: l0ozQ6LhzI0QJ2qQ8NlubwXKpVFMEIUuoPByJZARCUQQstPH1mf16K7R9fasrlb/iNTN3TvJjF/eidQgRixc35EZNsNmmsKcBHPQS18HQKo=
x-served-by: cache-lga21940-LGA, cache-fra-eddf8230100-FRA
last-modified: Tue, 02 Jul 2024 18:50:16 GMT
server: AmazonS3
etag: "d6b76df89ecf86204b5fe867d284de34"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: c4f147782cde260d619a1c566ff3b2560e3ad660
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 50, 12472

GET
H2 200 signup_forms.6a972a58c16254a9f1c7.js Show response
static.klaviyo.com/onsite/js/ 14 KB
5 KB 23ms
9ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signup_forms.6a972a58c16254a9f1c7.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UNeZWk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4f459599d92979623b52c45d6b3775486f92cb00db55621b43799cfd91bf98f

Request headers

Referer: https://tribu.groupenordik.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: bQ2zCRyZKHh.rDJ1xI_V0BLETa9p9yAu
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 18 Jul 2024 08:19:51 GMT
x-amz-request-id: XB5KNB0S4CZMK3XP
age: 30942
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 5138
x-amz-id-2: Fu134mf2p8y4q4ahgn0Dld8hhdu6CEIgNaRdH8F5QSURuwehsLpLtLCbR5Sgu2uU4nzuUbMdQI4=
x-served-by: cache-lga21931-LGA, cache-fra-eddf8230100-FRA
last-modified: Thu, 27 Jun 2024 16:31:42 GMT
server: AmazonS3
etag: "eed975187f707457bafc3d36797f3ab1"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: dab50ba5f2ff41d14ab217987084867b2749f75b
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 10, 12453

GET
H2 200 vendors~signup_forms~post_identification_sync~onsite-triggering.c14341885543cb645efc.js Show response
static-tracking.klaviyo.com/onsite/js/ 12 KB
5 KB 283ms
9ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/vendors~signup_forms~post_identification_sync~onsite-triggering.c14341885543cb645efc.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UNeZWk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2222a907ad2fb7ba41f4a997ef171321add118fc95f14be074debc3290e1ac59

Request headers

Referer: https://tribu.groupenordik.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Ez16MoxhPquxXdlhYF9sWgpH9m1QDXhm
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 18 Jul 2024 08:19:51 GMT
x-amz-request-id: RC1EZRKKZWTXDW24
age: 30943
x-amz-server-side-encryption: AES256
x-cache: MISS, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 4100
x-amz-id-2: MqhXEwKiXe6X1bphLEN6vMIIWM4vaKqWPMirlu2SOxo7AUNF6VpDi3rnIjq1A7oSrVGmSnW3pZyvbfsTVB3cfCkxjN+deUn8
x-served-by: cache-lga21953-LGA, cache-fra-etou8220068-FRA
last-modified: Mon, 24 Jun 2024 13:00:51 GMT
server: AmazonS3
etag: "9ffe3c33ee0912112ebffc1673dcb79e"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 1ba971f639266cabe55904cbeae0edad9add3ed4
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 0, 2077

GET
H2 200 post_identification_sync.80a9838e5269fa405bb8.js Show response
static-tracking.klaviyo.com/onsite/js/ 7 KB
3 KB 284ms
10ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/post_identification_sync.80a9838e5269fa405bb8.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UNeZWk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96d715821d79f29e15ed8399d28692157edd63f1a966c84a2316acc0da1619a0

Request headers

Referer: https://tribu.groupenordik.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: _roiCG8wE3ZGGDTdwT0MUHk.uQpTeGs8
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 18 Jul 2024 08:19:51 GMT
x-amz-request-id: RC16GQ80K31MP7S6
age: 30943
x-amz-server-side-encryption: AES256
x-cache: MISS, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 2769
x-amz-id-2: X9oMqXSPn8AXqhPS7mrJwK0tzuWGLxSq7Kgs9VyGbKJno52sQbQFaZI0Cd6XM/1Qu507OWv7Ieo=
x-served-by: cache-lga21943-LGA, cache-fra-etou8220068-FRA
last-modified: Mon, 24 Jun 2024 13:00:51 GMT
server: AmazonS3
etag: "580450955a7b959e14e1797859dce4cc"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 1ba971f639266cabe55904cbeae0edad9add3ed4
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 0, 2067

GET
H2 200 web_personalization.7397e806a943491e69c2.js Show response
static-tracking.klaviyo.com/onsite/js/ 1 KB
986 B 284ms
10ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/web_personalization.7397e806a943491e69c2.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UNeZWk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49670d3dccd8c4fc5d3548d71705d19a1106dba8a827946bc0299e3d264ede36

Request headers

Referer: https://tribu.groupenordik.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: F49PlQ8HkibAtyPrbYdkFlOXhfZ1Dbf8
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 18 Jul 2024 08:19:51 GMT
x-amz-request-id: KD20RFBDF9HVZSCN
age: 30943
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 764
x-amz-id-2: Gjff4nWsAbDJsXAV38WjC90YQwf0q9cSRSJBDYlg50Ha551XCxbTjjFYe5se8xNU4ecQ5syKYgY=
x-served-by: cache-lga21935-LGA, cache-fra-etou8220068-FRA
last-modified: Thu, 11 Apr 2024 15:48:20 GMT
server: AmazonS3
etag: "b250a423c9df971fc0e85c05f37165d7"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: f762585ddd3a013913c4e420e75aa2819d1084f2
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 17, 72

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
102 KB 29ms
27ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YDKSW2PHQG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCFQX99

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c0a447243e5abfa93df3a976bec1464981af21eac1a9f188c89952c62c452aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104067
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Jul 2024 08:19:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 328 KB
105 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3W2K69CWPQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCFQX99

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c44f17e3f9e18f43708713c4e665f31a38cbd9b2a7757c7039e96bb0cf8eed34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107834
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Jul 2024 08:19:51 GMT

GET
H2 200 hotjar-2739394.js Show response
static.hotjar.com/c/ 9 KB
4 KB 291ms
53ms Script
application/javascript 18.245.175.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2739394.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCFQX99

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.175.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-175-16.cdg55.r.cloudfront.net

Software

Resource Hash

1a3a93ea34d0b0b1fd5855609b12a0910f8ac6e183f793fc78431df8caa0c5ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 6e594f8f42f605861c78a8ce76dbf5c6.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG55-P1
etag: W/a74642e42a874b963e6c031ab8eaab60
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: vnJYpoBAz5hoZyU_xDDMQGiljI92T1FW3-HDDDLfI2iPhhvXNxSJ-A==

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 268ms
30ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCFQX99

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 18 Jul 2024 08:19:50 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 31EF7182BD364E7AB97C70182728F257 Ref B: FRA31EDGE0713 Ref C: 2024-07-18T08:19:51Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

POST
H2 200 log Show response
log-api.groupenordik.com/ 41 B
248 B 260ms
256ms Fetch
application/json 54.174.199.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://log-api.groupenordik.com/log
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/main.5588369be53b6ad4926d.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.199.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-199-219.compute-1.amazonaws.com
Software: /
Resource Hash: 224609cf094659ccdbecbb42d69479991c7a99fb3b48c07fd582af5b3865b327

Request headers

Accept: application/json
Referer: https://tribu.groupenordik.com/
Tribu-Source: 4
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRmNzE3NjAzLWY2ZDctNDM3NS1hODk5LTQxZWFjZjNhNGE1NCIsImxhc3RMb2dpbiI6IjIwMjQtMDctMThUMDg6MTk6NTAuNDE4WiIsIlBlcm1hbmVudFRva2VuSWQiOi02NjYsIlN0YXR1c0lkIjo0MiwiZXhwaXJ5IjoiMjAyNC0wNy0xOCAwOToxOTo1MCswMDowMCIsImlhdCI6MTcyMTI5MDc5MCwiZXhwIjoxNzIxMjk0MzkwLCJpc3MiOiJHcm91cGUgTm9yZGlrIiwic3ViIjoiaW5mb0BsZW5vcmRpay5jb20ifQ.JteyYvdnnZ9yPbjtVBOe2B_jZe7qTTld4KR9q4KUI2Lqdvbcnt8VCwmG-yfDHkdfoF2CCsayaAYzP_CoHTD9Yw
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Winston-Session: a5f8957b-03fc-43ce-aac5-798f0d225ff0
Content-Type: application/json

Response headers

access-control-allow-origin: https://tribu.groupenordik.com
date: Thu, 18 Jul 2024 08:19:51 GMT
access-control-expose-headers: Content-Range,Authorization
access-control-allow-credentials: true
content-length: 41
vary: Origin
content-type: application/json; charset=utf-8

GET
H2 200 amzn.js Show response
c.amazon-adsystem.com/aat/ 15 KB
5 KB 255ms
20ms Script
application/javascript 18.66.22.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aat/amzn.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCFQX99
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.22.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-22-14.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 444cce830b002eaa3818a04cacae1ef610ff92731bd09cde38569e6c6bfa5b3c

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: w3ZlLhfNo7N4bX56rDpUygstuXwz.QmS
content-encoding: gzip
via: 1.1 c02017c0568f69fe11bb53b10d46e1fc.cloudfront.net (CloudFront), 1.1 7813cdcdfb1cffa9f5c7d09f66440476.cloudfront.net (CloudFront)
date: Wed, 17 Jul 2024 19:50:40 GMT
last-modified: Tue, 25 Jun 2024 20:22:01 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P2, VIE50-P1
x-amz-server-side-encryption: AES256
etag: W/"80ab7880afb96eda347a4379270430b7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-cf-id: 90vL0pzcVhEcyIwa3tmhElauFY8ob8sZVdcxZ4ZfXargtV0N_IBZ1Q==

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 210 KB
76 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-13757512&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCFQX99

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6138ee172d6b203e9b3d9e2d1cd0a4e58a3c15c712c48f6c2a707bfdf5f164b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77385
x-xss-protection: 0
last-modified: Thu, 18 Jul 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Jul 2024 08:19:51 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 210 KB
76 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-14198057&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCFQX99

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c40f61c8432426dadd4f7932a01069c8006b5278b2c7a993832c2b0808f5fdea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77385
x-xss-protection: 0
last-modified: Thu, 18 Jul 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Jul 2024 08:19:51 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 239ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/center/4/reservations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 18 Jul 2024 08:19:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=14, mss=1328, tbw=2802, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 6F7GvIKkCKpXRb0kiKxkqFICVUyWwOODcB9kmt1yg5YyJGeuAkOX3ijWYOMKSQ9v4q3XYPn2JnCQvB2Ib+xf9w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 50 KB
21 KB 253ms
22ms Script
application/javascript 3.163.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/center/4/reservations
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: ecb40da21fc7cc5714e324dcb4cd72ec7143ceb03cd846fb6bff7e95f5314ead

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:51 GMT
content-encoding: gzip
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 21457
x-amz-cf-id: sUdRRKSsjMDeXzr9zc6YjDOQsIBs-5gZEF9cFt-YeBTj-Cw7WL-2NA==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 149ms
131ms Script
application/javascript 23.36.162.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCD5I03C77U3OVB1C9UG&lib=ttq
Requested by: Host: tribu.groupenordik.com
URL: https://tribu.groupenordik.com/center/4/reservations
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-210.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 580c3bcd100a32ea23dfdeb18a407ce1247620ace29f95c39f5bc96ace8303af

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 54188fa2.6a528e42
date: Thu, 18 Jul 2024 08:19:51 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2407180819515C54553205D3E3B7E24B-050017BE64A0C39B-00
x-cache: TCP_MISS from a23-206-213-210.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
x-parent-response-time: 105,23.206.213.210
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=11, inner; dur=1
content-length: 1934
pragma: no-cache
server: nginx
x-tt-logid: 202407180819515C54553205D3E3B7E24B
x-cache-remote: TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.220.104.19
x-tt-trace-host: 01ca5754d83224ad6ee886f811f6500308816f9f31be93950d36a2c7ed8fd69426fdddb79bc9c46398f27aed5c04a44e23254f304642466053d9d0194f160d02e6e9b8d6063d247dbf5cdab22398501088614e7b8f0915a51e716fc8764e29826e03a27969c99278302a6b0ff8ad0f8987
expires: Thu, 18 Jul 2024 08:19:51 GMT

OPTIONS
H2 204 log
log-api.groupenordik.com/ Frame 0
0 484ms
99ms Preflight 54.174.199.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://log-api.groupenordik.com/log
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.199.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-199-219.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,tribu-source,winston-session
Access-Control-Request-Method: POST
Origin: https://tribu.groupenordik.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,Tribu-Source,Winston-Session,Source
access-control-allow-methods: GET,POST
access-control-allow-origin: https://tribu.groupenordik.com
access-control-max-age: 3600
date: Thu, 18 Jul 2024 08:19:51 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H/1.1 204
No Content advisory
tribu-api.groupenordik.com/v3.1/ Frame 0
0 112ms
112ms Preflight 34.233.109.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tribu-api.groupenordik.com/v3.1/advisory?StatusId=153&CenterId=4&startDate=2024-07-18&endDate=2024-07-18
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.233.109.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-109-105.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,tribu-source,winston-session
Access-Control-Request-Method: GET
Origin: https://tribu.groupenordik.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Tribu-Source, Winston-Session, source
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Origin: https://tribu.groupenordik.com
Access-Control-Expose-Headers: Content-Range, Authorization
Connection: keep-alive
Date: Thu, 18 Jul 2024 08:19:51 GMT
Server: nginx
X-Powered-By: Express

OPTIONS
H2 204 log
log-api.groupenordik.com/ Frame 0
0 380ms
100ms Preflight 54.174.199.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://log-api.groupenordik.com/log
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.199.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-199-219.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,tribu-source,winston-session
Access-Control-Request-Method: POST
Origin: https://tribu.groupenordik.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,Tribu-Source,Winston-Session,Source
access-control-allow-methods: GET,POST
access-control-allow-origin: https://tribu.groupenordik.com
access-control-max-age: 3600
date: Thu, 18 Jul 2024 08:19:51 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 204 log
log-api.groupenordik.com/ Frame 0
0 336ms
100ms Preflight 54.174.199.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://log-api.groupenordik.com/log
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.199.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-199-219.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,tribu-source,winston-session
Access-Control-Request-Method: POST
Origin: https://tribu.groupenordik.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,Tribu-Source,Winston-Session,Source
access-control-allow-methods: GET,POST
access-control-allow-origin: https://tribu.groupenordik.com
access-control-max-age: 3600
date: Thu, 18 Jul 2024 08:19:51 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 onsite Show response
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 1009 B
2 KB 167ms
143ms XHR
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=UNeZWk

Requested by

Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

9cb5acfc5b0b4b62300a30487738dcc46254f28b729727c3675dc1eacf3b7d01

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
Strict-Transport-Security	max-age=900

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
via: 1.1 varnish, 1.1 varnish
date: Thu, 18 Jul 2024 08:19:51 GMT
strict-transport-security: max-age=900
age: 0
x-cache: MISS, MISS
content-length: 1009
x-served-by: cache-bos4682-BOS, cache-fra-etou8220082-FRA
server: nginx
allow: GET, HEAD, OPTIONS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-language: en-us
cache-control: max-age=10
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
vary: Accept-Language, Cookie
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 0, 0

GET
H2 200 full-forms Show response
static-forms.klaviyo.com/forms/api/v7/UNeZWk/ 5 KB
2 KB 49ms
7ms XHR
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-forms.klaviyo.com/forms/api/v7/UNeZWk/full-forms
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b28859796bdaa8699d2e979d8518fb4ae9101467278f08806b5ca5e6eeb824a0

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 9Wt2P.8c9QemDE1VIwlk3pGm3oQNoSqT
content-encoding: gzip
via: 1.1 varnish
date: Thu, 18 Jul 2024 08:19:51 GMT
x-amz-request-id: 2D56ASZ1XKPMDAFF
age: 156386
x-amz-server-side-encryption: AES256
x-cache: HIT
client-geo-continent: EU
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/UNeZWk custom-fonts/UNeZWk
content-length: 1465
x-amz-id-2: 3ACullhOM7Dtzvxy1n7qRUzHJZOrApj9xXRzN/cvooBjmRHn4pH5lSV3BsDqX7WiehC12l6Z+LA=
x-served-by: cache-fra-etou8220084-FRA
client-geo-country: DE
last-modified: Tue, 16 Jul 2024 12:50:05 GMT
server: AmazonS3
x-timer: S1721290791.451371,VS0,VE1
etag: "5c7ace1ca5d9c10191cd20c55ce85d9f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: client-geo-continent, client-geo-country
cache-control: max-age=5
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

activityi;dc_pre=CL-HxPGTsIcDFQWbjggdoD0Nmg;src=13757512;type=websi0;cat=rtg_w00;ord=5356858396238;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1619186311;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw...
13757512.fls.doubleclick.net/ Frame FF7B
Redirect Chain

https://13757512.fls.doubleclick.net/activityi;src=13757512;type=websi0;cat=rtg_w00;ord=5356858396238;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1619186311;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
https://13757512.fls.doubleclick.net/activityi;dc_pre=CL-HxPGTsIcDFQWbjggdoD0Nmg;src=13757512;type=websi0;cat=rtg_w00;ord=5356858396238;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1619186311;uaa=;u...

0
0

186ms
185ms

Document
text/html

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://13757512.fls.doubleclick.net/activityi;dc_pre=CL-HxPGTsIcDFQWbjggdoD0Nmg;src=13757512;type=websi0;cat=rtg_w00;ord=5356858396238;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1619186311;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9190650653z879233041za201zb79233041;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-13757512&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 372
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jul 2024 08:19:51 GMT
expires: Thu, 18 Jul 2024 08:19:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jul 2024 08:19:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://13757512.fls.doubleclick.net/activityi;dc_pre=CL-HxPGTsIcDFQWbjggdoD0Nmg;src=13757512;type=websi0;cat=rtg_w00;ord=5356858396238;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1619186311;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9190650653z879233041za201zb79233041;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CNqExPGTsIcDFXK0jggdoPYNng;src=13757512;type=websi0;cat=rtg_w000;ord=6081938662335;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1941420988;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;ua...
13757512.fls.doubleclick.net/ Frame 7E68
Redirect Chain

https://13757512.fls.doubleclick.net/activityi;src=13757512;type=websi0;cat=rtg_w000;ord=6081938662335;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1941420988;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=...
https://13757512.fls.doubleclick.net/activityi;dc_pre=CNqExPGTsIcDFXK0jggdoPYNng;src=13757512;type=websi0;cat=rtg_w000;ord=6081938662335;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1941420988;uaa=;...

0
0

173ms
171ms

Document
text/html

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://13757512.fls.doubleclick.net/activityi;dc_pre=CNqExPGTsIcDFXK0jggdoPYNng;src=13757512;type=websi0;cat=rtg_w000;ord=6081938662335;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1941420988;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9190650653z879233041za201zb79233041;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-13757512&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 367
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jul 2024 08:19:51 GMT
expires: Thu, 18 Jul 2024 08:19:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jul 2024 08:19:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://13757512.fls.doubleclick.net/activityi;dc_pre=CNqExPGTsIcDFXK0jggdoPYNng;src=13757512;type=websi0;cat=rtg_w000;ord=6081938662335;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1941420988;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9190650653z879233041za201zb79233041;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=13757512;type=websi0;cat=rtg_w00;ord=5356858396238;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1619186311;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noap...
ad.doubleclick.net/ 0
23 B 209ms
160ms Image
image/png 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=13757512;type=websi0;cat=rtg_w00;ord=5356858396238;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1619186311;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9190650653z879233041za201zb79233041;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 08:19:51 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"13777843038868297961"}],"aggregatable_trigger_data":[{"filters":[{"14":["41207987"]}],"key_piece":"0xb7aea1a9d34ad07c","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xd62232879c847767","not_filters":{"14":["41207987"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"3985581941259722281","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"13777843038868297961","filters":[{"14":["41207987"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"13777843038868297961","filters":[{"14":["41207987"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"13777843038868297961","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"13777843038868297961","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["13757512"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activity;register_conversion=1;src=13757512;type=websi0;cat=rtg_w000;ord=6081938662335;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1941420988;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noa...
ad.doubleclick.net/ 0
23 B 209ms
161ms Image
image/png 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=13757512;type=websi0;cat=rtg_w000;ord=6081938662335;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1941420988;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9190650653z879233041za201zb79233041;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 08:19:51 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"15897756978595586808"}],"aggregatable_trigger_data":[{"filters":[{"14":["41207669"]}],"key_piece":"0xa8bcfe78deb7f9f","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xfdd725e8b95dcce5","not_filters":{"14":["41207669"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"2112864137184042858","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"15897756978595586808","filters":[{"14":["41207669"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"15897756978595586808","filters":[{"14":["41207669"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"15897756978595586808","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"15897756978595586808","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["13757512"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect Show response
metrics.thermea.com/g/ 65 B
245 B 337ms
254ms XHR
text/plain 2a00:1450:4001:80b::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.thermea.com/g/collect?v=2&tid=G-YDKSW2PHQG&gtm=45je47h0v9177707951z879233041za200zb79233041&_p=1721290790846&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=362528601.1721290792&ecid=1248096727&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-HE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1721290790846&sst.ude=0&_s=1&sid=1721290791&sct=1&seg=0&dl=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations&dt=Online%20Reservation%20%7C%20Nordik%20Spa-Nature%20%7C%20Whitby&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3995&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YDKSW2PHQG&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:51 GMT
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://tribu.groupenordik.com
cache-control: no-cache
access-control-allow-credentials: true
x-accel-buffering: no

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 280 KB
18 KB 110ms
110ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=657556&settings_type=1&vn=7.0&exc=39
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-ac8701a1ac1f94912bd75a261983ffe8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: eb79fe255fa8e502e6590fe58f89c07af75e459aeece4164a6df776623463e78

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:51 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1721229965"
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 211ms
21ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3W2K69CWPQ&gtm=45je47h0v871099146z879233041za200zb79233041&_p=1721290790846&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=362528601.1721290792&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1721290791&sct=1&seg=0&dl=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations&dt=Online%20Reservation%20%7C%20Nordik%20Spa-Nature%20%7C%20Whitby&en=page_view&_fv=1&_ss=1&tfd=4070&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3W2K69CWPQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 08:19:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tribu.groupenordik.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 211ms
21ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3W2K69CWPQ&cid=362528601.1721290792&gtm=45je47h0v871099146z879233041za200zb79233041&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3W2K69CWPQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 08:19:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tribu.groupenordik.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 230ms
49ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3W2K69CWPQ&cid=362528601.1721290792&gtm=45je47h0v871099146z879233041za200zb79233041&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=374503824

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 08:19:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CL_t0vGTsIcDFe2EjggdKPgG0g;src=14198057;type=invmedia;cat=rp-wh0;ord=8205314742102;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1607207372;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;ua...
14198057.fls.doubleclick.net/ Frame 04CC
Redirect Chain

https://14198057.fls.doubleclick.net/activityi;src=14198057;type=invmedia;cat=rp-wh0;ord=8205314742102;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1607207372;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=...
https://14198057.fls.doubleclick.net/activityi;dc_pre=CL_t0vGTsIcDFe2EjggdKPgG0g;src=14198057;type=invmedia;cat=rp-wh0;ord=8205314742102;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1607207372;uaa=;...

0
0

186ms
185ms

Document
text/html

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14198057.fls.doubleclick.net/activityi;dc_pre=CL_t0vGTsIcDFe2EjggdKPgG0g;src=14198057;type=invmedia;cat=rp-wh0;ord=8205314742102;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1607207372;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9190789782z879233041za201zb79233041;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14198057&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 368
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jul 2024 08:19:52 GMT
expires: Thu, 18 Jul 2024 08:19:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jul 2024 08:19:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://14198057.fls.doubleclick.net/activityi;dc_pre=CL_t0vGTsIcDFe2EjggdKPgG0g;src=14198057;type=invmedia;cat=rp-wh0;ord=8205314742102;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1607207372;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9190789782z879233041za201zb79233041;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=14198057;type=invmedia;cat=rp-wh0;ord=8205314742102;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1607207372;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noa...
ad.doubleclick.net/ 0
24 B 174ms
173ms Image
image/png 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=14198057;type=invmedia;cat=rp-wh0;ord=8205314742102;npa=1;auiddc=829548731.1721290791;ps=1;pcor=1607207372;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9190789782z879233041za201zb79233041;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 08:19:51 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"2064357412686268501"}],"aggregatable_trigger_data":[{"filters":[{"14":["73854728"]}],"key_piece":"0xa2ef55f6d19fedc2","source_keys":["12","13","14","15","16","17","18","19","20","21","628648724","628648725","628648726","628648727","628733824","628733825","628733826","628733827"]},{"key_piece":"0x45f7a2fbff1b7f75","not_filters":{"14":["73854728"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628648724","628648725","628648726","628648727","628733824","628733825","628733826","628733827"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628648724":32,"628648725":32,"628648726":32,"628648727":3177,"628733824":65,"628733825":65,"628733826":65,"628733827":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"13251042961310859345","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"2064357412686268501","filters":[{"14":["73854728"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"2064357412686268501","filters":[{"14":["73854728"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"2064357412686268501","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"2064357412686268501","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14198057"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
720 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ceb044fbea6e5616887f79557f76fe8b1053593d01b862aa3d50f986d9ac272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jul 2024 08:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jul 2024 08:12:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jul 2024 08:19:51 GMT

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iu3?pid=891a8382-f459-40b4-8456-bf24f1fae046&event=PageView&gtmVersion=3.3&ts=1721290791762
https://s.amazon-adsystem.com/iu3?pid=891a8382-f459-40b4-8456-bf24f1fae046&event=PageView&gtmVersion=3.3&ts=1721290791762&dcc=t

0
0

115ms
115ms

Fetch
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.amazon-adsystem.com/iu3?pid=891a8382-f459-40b4-8456-bf24f1fae046&event=PageView&gtmVersion=3.3&ts=1721290791762&dcc=t
Protocol: HTTP/1.1
Server: 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Thu, 18 Jul 2024 08:19:52 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FDTPYQMG4PXXEQ3Z5K5D
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?pid=891a8382-f459-40b4-8456-bf24f1fae046&event=PageView&gtmVersion=3.3&ts=1721290791762&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 663387520990328 Show response
connect.facebook.net/signals/config/ 61 KB
12 KB 240ms
236ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/663387520990328?v=2.9.162&r=stable&domain=tribu.groupenordik.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e3cc65576aba9381861c11420fcbc9ac845c019b49df3e59e997352ce80b267

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 18 Jul 2024 08:19:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=65, mss=1328, tbw=64235, tp=-1, tpl=-1, uplat=222, ullat=0
pragma: public
x-fb-debug: K4dprlvsMgNGgykW7mHkUYJ9F126e5PFL6IVUSpeBLtX6aBW7tbR84gjXAuQpeWuRqZwsGLuoklLDO9YzUqxdA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.e4b2dc39f985f11fb1e4.js Show response
script.hotjar.com/ 223 KB
56 KB 32ms
8ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2739394.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Jul 2024 08:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 1469324
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56291
last-modified: Mon, 01 Jul 2024 08:10:34 GMT
etag: "ca025d2d8ae4b3dc51e058b782590501"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: IxxfRNPsFB0lUKQ7KkVHWlrXeg9-Bm1RFyrihenRVA7_N8T6XRLhTg==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
0 0ms
0ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:09:13 GMT
x-content-type-options: nosniff
age: 213037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Jul 2025 21:09:13 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
0 2ms
2ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:09:13 GMT
x-content-type-options: nosniff
age: 213037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Jul 2025 21:09:13 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
0 0ms
0ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tribu.groupenordik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 21:09:13 GMT
x-content-type-options: nosniff
age: 213037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Jul 2025 21:09:13 GMT

GET
H2 200 1b4da0f6-d00b-4123-b46d-58ca777904eb.json Show response
tr.snapchat.com/config/com/ 117 B
406 B 200ms
118ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/1b4da0f6-d00b-4123-b46d-58ca777904eb.json?v=3.22.2-2407162351

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

fc740a7dd685e149ac9c20befb93b7e127249aa2d260a3b5f6b0ab696051e8a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept: application/json
Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
observe-browsing-topics: ?1
content-type: application/json
access-control-allow-origin: https://tribu.groupenordik.com
x-envoy-upstream-service-time: 96
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117

GET
H2 200 i
tr.snapchat.com/cm/ Frame 5415 0
0 95ms
21ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=1b4da0f6-d00b-4123-b46d-58ca777904eb&u_scsid=1da18328-5e14-439b-93da-b5344d850d98&u_sclid=aa196920-6ac5-4424-85ef-8303304e3222

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://tribu.groupenordik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 18 Jul 2024 08:19:51 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 187026033.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 37ms
32ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187026033.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

24eee40f1d6233af9486327d43e75de211707b783e2df534019086d9ac60366b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Thu, 18 Jul 2024 08:19:51 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AA58A52D06D645D99C270672A1AB6E4D Ref B: FRA31EDGE0713 Ref C: 2024-07-18T08:19:51Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 200 main.MWY4NzUyNDJiMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 342 KB
98 KB 46ms
44ms Script
application/javascript 23.36.162.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY4NzUyNDJiMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCD5I03C77U3OVB1C9UG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-210.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7524d3814c73c9f38883170328cc9be33ff3dc66fefcafeadabbb1fdbe4a5c33

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 6a529214
date: Thu, 18 Jul 2024 08:19:51 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240711142859B151F242C672E7600B5A
x-tt-trace-id: 00-240711142859B151F242C672E7600B5A-317B7F379B8E0A84-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-206-213-210.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0155365542f4c99f1c278b818271cbaf6dc4c75e43bb7e3be048a14f5634b64ebe6789e4e46c96258a0f38dcb12924bc414919380c132e01b637f829cd9cbd04f7becd9ab93fa4f4e0eb23d0471f9da81adbaa60c95c7f06f5d6441dcc51c988a8
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=16
content-length: 99726

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 193ms
101ms XHR
application/json 34.252.158.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=2739394&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.252.158.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-158-105.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d4dbbf0196780f8aba92ee0f4cb337ed35c242c0dc692573c33bda7c7c435ea7

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 18 Jul 2024 08:19:52 GMT
content-length: 56
access-control-max-age: 86400
content-type: application/json

GET
H2 200 187026033 Show response
www.clarity.ms/tag/uet/ 817 B
1 KB 392ms
344ms Script
application/x-javascript 2620:1ec:bdf::73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/187026033
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/187026033.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::73 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 72fd49f7f81d9c2e8fe3151d4ed99b83266cefa1d09bd34bac3b37eb54320c77

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Thu, 18 Jul 2024 08:19:52 GMT
x-azure-ref: 20240718T081952Z-17c86fbf54dt9hnp8n2nknrdt800000007w000000000gdmm
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 817
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 204 0
bat.bing.com/action/ 0
179 B 38ms
37ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187026033&tm=gtm002&Ver=2&mid=40fc2706-fac9-402e-a189-9dc35e9310e2&gtm_tag_source=1&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Online%20Reservation%20%7C%20Nordik%20Spa-Nature%20%7C%20Whitby&p=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations&r=&lt=2098&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=642519

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Jul 2024 08:19:51 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1BE880441E26490A9C8BEC6CFCDEBE60 Ref B: FRA31EDGE0713 Ref C: 2024-07-18T08:19:52Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
122 B 43ms
43ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187026033&tm=gtm002&Ver=2&mid=40fc2706-fac9-402e-a189-9dc35e9310e2&gtm_tag_source=ua_e&gc=CAD&tpp=1&ea=gtm.js&en=Y&p=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations&sw=1600&sh=1200&sc=24&evt=custom&asc=D&cdb=AQAY&rn=227229

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Jul 2024 08:19:51 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 59360E2DE6DB4B328BC93D523034F03A Ref B: FRA31EDGE0713 Ref C: 2024-07-18T08:19:52Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 p
tr.snapchat.com/ 0
15 B 39ms
21ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 18 Jul 2024 08:19:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://tribu.groupenordik.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 identify_a19ff03d.js Show response
analytics.tiktok.com/i18n/pixel/static/ 147 KB
39 KB 28ms
24ms Script
application/javascript 23.36.162.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_a19ff03d.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY4NzUyNDJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-210.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 075218352b10c9bbed538be75caf73f1011075caed59512ee8749889376a78ab

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 6a5293ea
date: Thu, 18 Jul 2024 08:19:52 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240711142901C8C978E2DA65085FB5A9
x-tt-trace-id: 00-240711142901C8C978E2DA65085FB5A9-4B7772C3A858C5BA-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-206-213-210.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 019813cfdade8cb0a74825bb697e01bcd733528475b617c80e7d0f1759fa49596a7e49e1ea50af761fb9141901d6878720189c6b3d79b2cdd62a2d0458989142e9499c5aaab8a689fd5cdb98445980c7861ecb467508e296ebc618bd64b1179ade
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 39769

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
842 B 153ms
151ms Ping
text/plain 23.36.162.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY4NzUyNDJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-210.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 29a11b60.6a529413
date: Thu, 18 Jul 2024 08:19:52 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240718081952C242E55FAE6F305DDE19-7BF31F9E76A4942B-00
x-cache: TCP_MISS from a23-206-213-210.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
x-parent-response-time: 123,23.206.213.210
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=34, inner; dur=31
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240718081952C242E55FAE6F305DDE19
x-cache-remote: TCP_MISS from a23-48-200-72.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 34,23.48.200.72
x-tt-trace-host: 01ca5754d83224ad6ee886f811f6500308816f9f31be93950d36a2c7ed8fd694269ceabd14c0672db16f788761308116815d9b119571d9fd1b7a2bcd1c33ab7f77645dc214904957913ff849aee9e924a33e3b2d7ee4d1d42acf1620dbec0f5f0821398059325704cb9081a7d25de65e5b
access-control-allow-headers: Authorization,*
expires: Thu, 18 Jul 2024 08:19:52 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 26ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=663387520990328&ev=PageView&dl=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations&rl=&if=false&ts=1721290792120&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721290792119.238821717690041&ler=empty&cdl=API_unavailable&it=1721290791793&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1328, tbw=2808, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 18 Jul 2024 08:19:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 208ms
190ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=663387520990328&ev=PageView&dl=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations&rl=&if=false&ts=1721290792120&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721290792119.238821717690041&ler=empty&cdl=API_unavailable&it=1721290791793&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x4275b0c16dc824c9","source_keys":["1","2"]},{"key_piece":"0x097cf931c5d30e80","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 18 Jul 2024 08:19:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7392887658820570906", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1328, tbw=3125, tp=-1, tpl=-1, uplat=181, ullat=0
pragma: no-cache
x-fb-debug: tD16e0A/UH9fYwHF3r3SuE7nzIEbYzIWy0EDmL3YqF8QCtbyfXpFfZstQ6sMhxC3NTqCvnzP+O6tdkQM9vbKuQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7392887658820570906"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 collect Show response
metrics.thermea.com/g/ 65 B
125 B 178ms
178ms XHR
text/plain 2a00:1450:4001:80b::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.thermea.com/g/collect?v=2&tid=G-YDKSW2PHQG&gtm=45je47h0v9177707951za200zb79233041&_p=1721290790846&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=362528601.1721290792&ecid=1248096727&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-HE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1721290790846&sst.sp=1&sst.em_event=1&sst.ude=0&_s=2&sid=1721290791&sct=1&seg=0&dl=https%3A%2F%2Ftribu.groupenordik.com%2Fcenter%2F4%2Freservations&dt=Online%20Reservation%20%7C%20Nordik%20Spa-Nature%20%7C%20Whitby&en=scroll&epn.percent_scrolled=90&_et=99&tfd=4621&richsstsse

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY4NzUyNDJiMQ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:52 GMT
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://tribu.groupenordik.com
cache-control: no-cache
access-control-allow-credentials: true
x-accel-buffering: no

POST
H2 200 p
tr6.snapchat.com/ 0
192 B 55ms
18ms Ping
text/plain 2600:1901:0:7628::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7628:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 18 Jul 2024 08:19:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
703 B 150ms
149ms Ping
text/plain 23.36.162.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY4NzUyNDJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-210.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6a5295d7
date: Thu, 18 Jul 2024 08:19:52 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240718081952298E8B5E936640BD6ED7-494F058765458E25-00
x-cache: TCP_MISS from a23-206-213-210.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
server-timing: inner; dur=21, cdn-cache; desc=MISS, edge; dur=12, origin; dur=129
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240718081952298E8B5E936640BD6ED7
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 129,23.206.213.210
x-tt-trace-host: 01ca5754d83224ad6ee886f811f6500308816f9f31be93950d36a2c7ed8fd694261bdf0ca7f4830b6418c47125481e0fcdccf517ffbe9ad7133d90c120aa4ff2a9008a98dfb75f925e81265128786a69e5c4f0fdac5268b35223b165fdc1180207
access-control-allow-headers: Authorization,*
expires: Thu, 18 Jul 2024 08:19:52 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 25ms
22ms Script
application/javascript 2620:1ec:bdf::73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/187026033
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::73 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 08:19:52 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240718T081952Z-17c86fbf54dt9hnp8n2nknrdt800000007w000000000gdnp
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 461e6d15-601e-0050-1940-d8ec8b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6B616163EBC34D62AB63E598BB15941C&RedC=c.clarity.ms&MXFR=37FAEA9D72D26763049EFE5D76D26920
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6B616163EBC34D62AB63E598BB15941C&MUID=0DA9DF3ED8716DFC057FCBFED9DD6C19

42 B
443 B

30ms
30ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6B616163EBC34D62AB63E598BB15941C&MUID=0DA9DF3ED8716DFC057FCBFED9DD6C19
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 08:19:51 GMT
last-modified: Tue, 25 Jun 2024 19:30:12 GMT
server: Microsoft-IIS/10.0
etag: "7473f1936c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 18 Jul 2024 08:19:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 16305FA4024242F3B86FD3238EECB402 Ref B: FRA31EDGE0713 Ref C: 2024-07-18T08:19:52Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6B616163EBC34D62AB63E598BB15941C&MUID=0DA9DF3ED8716DFC057FCBFED9DD6C19
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H3 200 p
tr.snapchat.com/ 0
15 B 20ms
19ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 18 Jul 2024 08:19:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://tribu.groupenordik.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
286 B 445ms
238ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY4NzUyNDJiMQ.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://tribu.groupenordik.com
Date: Thu, 18 Jul 2024 08:19:52 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H3 200 p
tr6.snapchat.com/ 0
13 B 22ms
21ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://tribu.groupenordik.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 18 Jul 2024 08:19:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST collect
r.clarity.ms/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: r.clarity.ms
URL: https://r.clarity.ms/collect

Domain: r.clarity.ms
URL: https://r.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 22:09:37	Name: X-AB Value: daac293c92e3434aa7e5036c16493fe8
www.google.com/recaptcha	1970-01-21 02:27:22	Name: _GRECAPTCHA Value: 09AJAWQKkYe15mdSbEYGwPQx83BahqMlE_jczC1Mmdg6-Qlys53p5UwXmBMOT1tNqIsf_yFiLQ62RXeLFZJHJA00M
.tribu.groupenordik.com/	1970-01-21 06:55:13	Name: _vwo_uuid_v2 Value: D6D164463945141349C22DB9749B11530\|51b5c83006c7bbc8a69778633784bca8
.groupenordik.com/	1970-01-21 00:17:46	Name: _gcl_au Value: 1.1.829548731.1721290791
.groupenordik.com/	1970-01-21 00:32:10	Name: _vis_opt_s Value: 1%7C
.groupenordik.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.groupenordik.com/	1970-01-21 07:44:10	Name: _vwo_uuid Value: D6D164463945141349C22DB9749B11530
.groupenordik.com/	1970-01-21 00:17:46	Name: _vwo_ds Value: 3%241721290790%3A44.39797421%3A%3A
.groupenordik.com/	1970-01-20 22:08:12	Name: _vwo_sn Value: 0%3A1
.groupenordik.com/	1970-01-21 07:44:10	Name: _ga Value: GA1.1.362528601.1721290792
.tiktok.com/	1970-01-21 07:29:46	Name: _ttp Value: 2jPZhZrgMRxuntcdhyx3F2WH1JJ
.groupenordik.com/	1970-01-21 07:44:10	Name: _ga_YDKSW2PHQG Value: GS1.1.1721290791.1.0.1721290791.0.0.1248096727
.groupenordik.com/	1970-01-21 07:44:10	Name: _ga_3W2K69CWPQ Value: GS1.1.1721290791.1.0.1721290791.60.0.0
.doubleclick.net/	1970-01-20 22:51:22	Name: ar_debug Value: 1
tribu.groupenordik.com/	1970-01-21 07:44:10	Name: __kla_id Value: eyJjaWQiOiJNbVkwT1RBMllUQXRZMkZtT0MwMFptTTJMV0V4WXpJdFpqTTNPRFU1T1RRNE4yVXkiLCIkcmVmZXJyZXIiOnsidHMiOjE3MjEyOTA3OTIsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vdHJpYnUuZ3JvdXBlbm9yZGlrLmNvbS9jZW50ZXIvNC9yZXNlcnZhdGlvbnMifSwiJGxhc3RfcmVmZXJyZXIiOnsidHMiOjE3MjEyOTA3OTIsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vdHJpYnUuZ3JvdXBlbm9yZGlrLmNvbS9jZW50ZXIvNC9yZXNlcnZhdGlvbnMifX0=
.groupenordik.com/	1970-01-21 07:37:57	Name: _scid Value: f76eb7d9-7679-42d6-93a9-e5276cac7ac8
.groupenordik.com/	1970-01-21 07:37:57	Name: _scid_r Value: f76eb7d9-7679-42d6-93a9-e5276cac7ac8
.groupenordik.com/	1970-01-21 06:53:46	Name: _hjSessionUser_2739394 Value: eyJpZCI6ImI0NTc5ZTFiLTJiODQtNTY0NS05OTA3LWRhZWRmM2JmOGI3YiIsImNyZWF0ZWQiOjE3MjEyOTA3OTE5MzUsImV4aXN0aW5nIjp0cnVlfQ==
.doubleclick.net/	1970-01-21 02:27:22	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 07:29:46	Name: IDE Value: AHWqTUmcOXOJzfEIVQqAYBlrSab5gQkP7By_kE4RcOfD0noSpSJPjcekEzQKlJLHTbg
.groupenordik.com/	1970-01-20 22:08:12	Name: _hjSession_2739394 Value: eyJpZCI6IjkzZjUyYzc3LTA5MTYtNDVkYy1iOWM5LWM1ODNlNWNlNTQxMiIsImMiOjE3MjEyOTA3OTE5MzksInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.groupenordik.com/	1970-01-21 07:29:46	Name: _tt_enable_cookie Value: 1
.groupenordik.com/	1970-01-21 07:29:46	Name: _ttp Value: eS6wowUTRDzqlIG90XLNTZcT9aL
.groupenordik.com/	1970-01-20 22:18:15	Name: _ScCbts Value: %5B%5D
.groupenordik.com/	1970-01-21 00:17:46	Name: _fbp Value: fb.1.1721290792119.238821717690041
.amazon-adsystem.com/	1970-01-21 04:18:15	Name: ad-id Value: A_aAFm8MBkphga1-s8nMcHo
.amazon-adsystem.com/	1970-01-21 07:44:10	Name: ad-privacy Value: 0
www.clarity.ms/	1970-01-21 06:53:46	Name: CLID Value: 893e576ad3524a92b2bb4c877b5461d6.20240718.20250718
.bing.com/	1970-01-21 07:29:46	Name: MUID Value: 0DA9DF3ED8716DFC057FCBFED9DD6C19
.c.bing.com/	1970-01-20 22:18:15	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:29:46	Name: SRM_B Value: 0DA9DF3ED8716DFC057FCBFED9DD6C19
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:29:46	Name: MUID Value: 0DA9DF3ED8716DFC057FCBFED9DD6C19
.c.clarity.ms/	1970-01-20 22:18:15	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 22:08:11	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13757512.fls.doubleclick.net
14198057.fls.doubleclick.net
ad.doubleclick.net
analytics.tiktok.com
bat.bing.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
cdn.gladly.com
cdn.groupenordik.com
cdnjs.cloudflare.com
connect.facebook.net
content.hotjar.io
dev.visualwebsiteoptimizer.com
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
i5.createsend1.com
log-api.groupenordik.com
metrics.thermea.com
r.clarity.ms
region1.analytics.google.com
s.amazon-adsystem.com
sc-static.net
script.hotjar.com
spoppe-b.azureedge.net
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.hotjar.com
static.klaviyo.com
static2.sharepointonline.com
stats.g.doubleclick.net
tr.snapchat.com
tr6.snapchat.com
tribu-api.groupenordik.com
tribu.groupenordik.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
r.clarity.ms
108.156.60.79
108.157.188.87
13.32.27.54
13.74.129.1
142.250.186.134
151.101.130.133
151.101.2.133
172.217.23.102
18.245.175.16
18.66.22.14
20.119.174.243
2001:4860:4802:34::36
23.36.162.210
2600:1901:0:7628::
2600:9000:25a2:1600:c:2652:1440:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6811:190e
2620:1ec:bdf::73
2620:1ec:c11::237
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2013
2a00:1450:4001:81d::200a
2a00:1450:4001:827::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9c
2a02:26f0:7100:7a8::33e7
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.163.248.4
3.165.206.18
34.233.109.105
34.252.158.105
34.96.102.137
35.190.43.134
52.46.130.91
54.174.199.219
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
075218352b10c9bbed538be75caf73f1011075caed59512ee8749889376a78ab
182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56
1a0ea2e4a021e29bdc3c30c4ce30158bacf1343ede1f4d04cc7277939ec5c445
1a3a93ea34d0b0b1fd5855609b12a0910f8ac6e183f793fc78431df8caa0c5ce
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
20df2c1c2170ba0eb77de27df09eee23ec72623191fb14da51646ec5d0fe1982
21070a9162abb1b3856867407478e1e88d3c3846f63c1b542c37b6fd253623bc
2222a907ad2fb7ba41f4a997ef171321add118fc95f14be074debc3290e1ac59
224609cf094659ccdbecbb42d69479991c7a99fb3b48c07fd582af5b3865b327
24eee40f1d6233af9486327d43e75de211707b783e2df534019086d9ac60366b
2ceb044fbea6e5616887f79557f76fe8b1053593d01b862aa3d50f986d9ac272
31d91027f955b76a9620ed4ce170dce41c8b4188ff24ee7b69c2233ec3e50cac
3a7e28167d5600d93f17a2d4a5c3f5358922344b9eb5caff879e7bd30946dc74
3d907143e8808f3b855db9de4d37994ebbb3276578f67298d44e83eb1cf2dbe6
3f8806a5cec3e0781edae5bc62564ea885236a84341e4401cbe279ff6deba1d7
43c551ea819a83b1100f566ecf6bd70db5a019f165d221200af2df11c4448627
43f84fc07ca84521ccdd33195be1d62cbe8b43720aecc3e26d859b15061c3b30
444cce830b002eaa3818a04cacae1ef610ff92731bd09cde38569e6c6bfa5b3c
4493f2d434419a1707b0c4ae9aa4941eefaee9dd5b5a0b65c1aae9f564fdb91a
49670d3dccd8c4fc5d3548d71705d19a1106dba8a827946bc0299e3d264ede36
4c0a447243e5abfa93df3a976bec1464981af21eac1a9f188c89952c62c452aa
4c4b37e1a1a629c838a519652ddb794ff357eb469ea309904b70831a37541f26
4c61a1cff50857d8166a02a383862bc8420f0cf38117552044037e9d76de51be
4e3cc65576aba9381861c11420fcbc9ac845c019b49df3e59e997352ce80b267
4e55be984fa65654a00a393579c8b9544656bb7d0a2eb49ab2629022ac6cd41f
580c3bcd100a32ea23dfdeb18a407ce1247620ace29f95c39f5bc96ace8303af
5b62d90f178240da918f5ade4d5626116bc5ba1508d9ae4310c3ea4edb479820
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
6138ee172d6b203e9b3d9e2d1cd0a4e58a3c15c712c48f6c2a707bfdf5f164b4
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
627fc97d8b151ca60c2b8b6446ebd96374ac208bca51cdd4ba7538c29b1163f4
62862828b35915aad09a58a8121bc41660c0670c8b93fbef59aac06f991720ca
72fd49f7f81d9c2e8fe3151d4ed99b83266cefa1d09bd34bac3b37eb54320c77
7524d3814c73c9f38883170328cc9be33ff3dc66fefcafeadabbb1fdbe4a5c33
7752a73d9188c4899446711c59a7ce7acc537b346f4ea359e2bb3ed8cdb7f897
775c867eab5b4d79380568e5d6a3c02603cb19fc6995baebd229950f4381ff35
7ab79db892f8aa8c064ee59e3d89c83b3bc57af4ade1e3f82b52db24f7b4558b
7caa7ea71906bf87ec15a6c606555ea4eba0681344e339f3cad56bf8e81bdb0f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8961772183e69c3f47f069eb2a50016126dde6ffa7d0c180cb8cf7e42c19efad
898d72fa7765c3ef19a2d9ca839befaffab3bbe899ec6887e2abf84efad7c53f
914f159ab6f0a08a1cec049c6ed2b02c6dce9a3c6a5d7103c1028baf5c6ddfcd
949aefabdd6bf11cc0668f785f907bbc5389fa60f77fc861cb7910576418fe31
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
96d715821d79f29e15ed8399d28692157edd63f1a966c84a2316acc0da1619a0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cb5acfc5b0b4b62300a30487738dcc46254f28b729727c3675dc1eacf3b7d01
a4eff49008ae499712c5aef82be66b2427a5868692af2a70cfeb1f69f8aec276
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
ae7d0c61b67ea048362a9945b083551066861aa6bdbd613ca2e9969b814ee5b5
b28859796bdaa8699d2e979d8518fb4ae9101467278f08806b5ca5e6eeb824a0
b404f67b7cc814d8324dea98af99f7406bdc58ccf3951d53c0dd136c097d9faa
b4f459599d92979623b52c45d6b3775486f92cb00db55621b43799cfd91bf98f
b75e15ca879986ee6664885fd67fcdb0c7f3fe0a2a484dc0584ff7e350e30c6a
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c0a9caf662f6ac36c25690c76124101ec7ee0d8937734ddf35ffa89dfb7120ad
c2c1df6aa01c24cb27ba50327cd1e8ff3c3fa258a6ab18e8c44a97f88c9a0d81
c40f61c8432426dadd4f7932a01069c8006b5278b2c7a993832c2b0808f5fdea
c44f17e3f9e18f43708713c4e665f31a38cbd9b2a7757c7039e96bb0cf8eed34
d13e7c9f15c8d65d447a77f8a42a9500d7a5296eb836142cb7d23a3c4ff3ef09
d4dbbf0196780f8aba92ee0f4cb337ed35c242c0dc692573c33bda7c7c435ea7
e076b2a21de75325ae18a6e6605cea109773f8ab9046f9ba3d7b4400044e4a56
e264bc369fb6d4162ddcbe4daeb03fa7697d9eeb3cf0889196ec428d6b32670d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e9e66265637cbe60961f95a0a557873b5e4afb75ca31bd8915c9344bf44eeb07
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
eb79fe255fa8e502e6590fe58f89c07af75e459aeece4164a6df776623463e78
eb937d2c4cd6e9eb7c68cacbbcba87b78fb312bfb53e16601f475309a5ba7b5f
ecb40da21fc7cc5714e324dcb4cd72ec7143ceb03cd846fb6bff7e95f5314ead
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f402960c64438d20ad4b5a0e643373d4a2350af4e80e4ae5562ca622688d7ed2
f7a0e77bdd23f98968210e79d1f2c9a08b2fc19de758a4b32ffdcc02ab0207fc
f85870622e9de4c829336adf8b1d3a43f06f1a934e5ab59f98cc3e01418af8f4
fc740a7dd685e149ac9c20befb93b7e127249aa2d260a3b5f6b0ab696051e8a0
ffac5dac16efbd1798b571450bb83c12a7cba52556fd05c0ad6601dd2d19b7f8

tribu.groupenordik.com Open in urlscan Pro 3.165.206.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

133 Requests

93 %HTTPS

47 %IPv6

25 Domains

42 Subdomains

39 IPs

4 Countries

4415 kBTransfer

8395 kBSize

35 Cookies

4 Outgoing links

Page URL History

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tribu.groupenordik.com Open in urlscan Pro
3.165.206.18 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

93 %
HTTPS

47 %
IPv6

25
Domains

42
Subdomains

39
IPs

4
Countries

4415 kB
Transfer

8395 kB
Size

35
Cookies

133 HTTP transactions
0 data transactions