www.tui.no Open in urlscan Pro
159.180.84.18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tui.no/
Effective URL:
https://www.tui.no/
Submission: On March 03 via manual (March 3rd 2020, 10:45:53 am UTC) from NO

Summary HTTP 96 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 22 IPs in 8 countries across 20 domains to perform 96 HTTP transactions. The main IP is 159.180.84.18, located in United States and belongs to INSTART, US. The main domain is www.tui.no.
TLS certificate: Issued by Thawte EV RSA CA 2018 on February 10th 2020. Valid for: 6 months.

This is the only time www.tui.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.223.92.242 91.223.92.242	56531 (FRITIDSRESOR) (FRITIDSRESOR)
37	159.180.84.18 159.180.84.18	33047 (INSTART) (INSTART)
6	192.33.31.80 192.33.31.80	33047 (INSTART) (INSTART)
1 5	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
5 10	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	147.75.102.239 147.75.102.239	54825 (PACKET) (PACKET)
17	52.50.142.228 52.50.142.228	16509 (AMAZON-02) (AMAZON-02)
6	40.127.196.56 40.127.196.56	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	206.51.242.1 206.51.242.1	40509 (FLY) (FLY)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	34.91.234.226 34.91.234.226	15169 (GOOGLE) (GOOGLE)
1 4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
1	35.204.13.78 35.204.13.78	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
1	94.245.88.159 94.245.88.159	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
96	22

1 91.223.92.242 (Uppsala, Sweden) 1 redirects

ASN56531 (FRITIDSRESOR, SE)

tui.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 159.180.84.18 (United States)

ASN33047 (INSTART, US)

www.tui.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.33.31.80 (Portola Valley, United States)

ASN33047 (INSTART, US)
PTR: a-sg01sl04.insnw.net

www.nanovisor.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fcps.nanovisor.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.16.134 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net

4619653.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.239 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress2

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 52.50.142.228 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-142-228.eu-west-1.compute.amazonaws.com

startourno.lekane.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 40.127.196.56 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tuinordic.humany.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.51.242.1 (Chicago, United States)

ASN40509 (FLY, US)
PTR: chgw.gravity4.com

script.e-space.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.234.226 (United States)

ASN15169 (GOOGLE, US)
PTR: 226.234.91.34.bc.googleusercontent.com

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:5:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.13.78 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 78.13.204.35.bc.googleusercontent.com

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az19942.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.245.88.159 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.raptorsmartadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	tui.no 1 redirects tui.no www.tui.no	911 KB
17	lekane.net startourno.lekane.net	68 KB
11	doubleclick.net 6 redirects 4619653.fls.doubleclick.net stats.g.doubleclick.net	2 KB
6	humany.net tuinordic.humany.net	262 KB
6	nanovisor.io www.nanovisor.io fcps.nanovisor.io	43 KB
5	google-analytics.com 1 redirects www.google-analytics.com	20 KB
4	facebook.com 1 redirects www.facebook.com	612 B
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	73 KB
3	facebook.net connect.facebook.net	255 KB
2	gstatic.com fonts.gstatic.com	51 KB
2	bing.com bat.bing.com	7 KB
1	raptorsmartadvisor.com t.raptorsmartadvisor.com	289 B
1	msecnd.net az19942.vo.msecnd.net	11 KB
1	criteo.com sslwidget.criteo.com	1 KB
1	googleapis.com ajax.googleapis.com	33 KB
1	atdmt.com cx.atdmt.com	432 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	190 B
1	e-space.se script.e-space.se	20 KB
1	criteo.net static.criteo.net	10 KB
96	20

	Domain	Requested by
37	www.tui.no	www.tui.no
17	startourno.lekane.net	www.tui.no
10	4619653.fls.doubleclick.net	5 redirects www.tui.no
6	tuinordic.humany.net	www.tui.no tuinordic.humany.net
5	www.google-analytics.com	1 redirects www.tui.no
4	www.facebook.com	1 redirects connect.facebook.net
4	www.nanovisor.io	www.tui.no
3	connect.facebook.net	www.tui.no
2	fonts.gstatic.com
2	bat.bing.com	www.tui.no
2	fcps.nanovisor.io	www.tui.no
1	t.raptorsmartadvisor.com
1	az19942.vo.msecnd.net	www.tui.no
1	sslwidget.criteo.com	www.tui.no
1	ajax.googleapis.com	www.tui.no
1	vars.hotjar.com	www.tui.no
1	cx.atdmt.com
1	script.hotjar.com	www.tui.no
1	www.google.de
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	script.e-space.se	www.tui.no
1	static.hotjar.com	www.tui.no
1	static.criteo.net	www.tui.no
1	tui.no	1 redirects
96	25

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
instagram.com

Subject Issuer	Validity	Valid
www.tui.no Thawte EV RSA CA 2018	`2020-02-10` - `2020-08-19`	6 months	crt.sh
ssl003.insnw.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-03-19` - `2020-03-19`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-12-03` - `2021-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.lekane.net DigiCert SHA2 Secure Server CA	`2017-07-03` - `2020-07-27`	3 years	crt.sh
*.humany.net Go Daddy Secure Certificate Authority - G2	`2019-11-14` - `2021-01-12`	a year	crt.sh
script.e-space.se Let's Encrypt Authority X3	`2020-02-14` - `2020-05-14`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-01-20` - `2020-04-19`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-12-05` - `2021-04-08`	a year	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh
*.raptorsmartadvisor.com RapidSSL RSA CA 2018	`2019-03-18` - `2021-03-17`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.tui.no/
Frame ID: 251B22ACF4CCF477ACB30D36AD5B16C4
Requests: 91 HTTP requests in this frame

Frame: https://4619653.fls.doubleclick.net/activityi;dc_pre=CO3bxYiQ_ucCFXjluwgdigMClA;src=4619653;type=tuito0;cat=start0;ord=1;num=984494956565;gtm=2wg2j0;auiddc=263856976.1583232337;u1=NO;~oref=https%3A%2F%2Fwww.tui.no%2F
Frame ID: C3CA0365BE361D5669F914F525460CA0
Requests: 1 HTTP requests in this frame

Frame: https://4619653.fls.doubleclick.net/activityi;dc_pre=CMXfxYiQ_ucCFbvkuwgdO2UEeQ;src=4619653;type=remar0;cat=mcall0;ord=8849714142224;gtm=2wg2j0;auiddc=263856976.1583232337;u1=undefined;u20=undefined;~oref=https%3A%2F%2Fwww.tui.no%2F
Frame ID: 1EF63ED3D6BCBC8DCAA2C658086DD38E
Requests: 1 HTTP requests in this frame

Frame: https://4619653.fls.doubleclick.net/activityi;dc_pre=CIfgxYiQ_ucCFffluwgdlSgC2g;src=4619653;type=remar0;cat=nordi0;ord=6052727393079;gtm=2wg2j0;auiddc=263856976.1583232337;u1=NO;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u17=undefined;u18=undefined;~oref=https%3A%2F%2Fwww.tui.no%2F
Frame ID: 420098D479A65FA7BF0EDE075F8BE4B4
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: BE2553C37F35D82A32CFA242D31EDE0B
Requests: 1 HTTP requests in this frame

Frame: https://4619653.fls.doubleclick.net/activityi;dc_pre=CMfQ-oqQ_ucCFcfjuwgd9kADnQ;src=4619653;type=inter0;cat=5seco000;ord=8490230025359;gtm=2wg2j0;auiddc=263856976.1583232337;~oref=https%3A%2F%2Fwww.tui.no%2F
Frame ID: 6592A73E9D52CE63E7BFE4BB1F73ED22
Requests: 1 HTTP requests in this frame

Frame: https://4619653.fls.doubleclick.net/activityi;dc_pre=CKrppY2Q_ucCFWFE5QodIZ0Gtg;src=4619653;type=inter0;cat=10sec000;ord=9389661230290;gtm=2wg2j0;auiddc=263856976.1583232337;~oref=https%3A%2F%2Fwww.tui.no%2F
Frame ID: 8ED5A3455587CEC022B053222312B6DC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://tui.no/ HTTP 301
https://www.tui.no/ Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

96
Requests

100 %
HTTPS

50 %
IPv6

20
Domains

25
Subdomains

22
IPs

8
Countries

1765 kB
Transfer

5221 kB
Size

7
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/TUINorge
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/TUINorge
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/tuinorge
Title:

Search URL Search Domain Scan URL

URL: https://instagram.com/TUINorge
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tui.no/ HTTP 301
https://www.tui.no/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://4619653.fls.doubleclick.net/activityi;src=4619653;type=tuito0;cat=start0;ord=1;num=984494956565;gtm=2wg2j0;auiddc=263856976.1583232337;u1=NO;~oref=https%3A%2F%2Fwww.tui.no%2F HTTP 302
https://4619653.fls.doubleclick.net/activityi;dc_pre=CO3bxYiQ_ucCFXjluwgdigMClA;src=4619653;type=tuito0;cat=start0;ord=1;num=984494956565;gtm=2wg2j0;auiddc=263856976.1583232337;u1=NO;~oref=https%3A%2F%2Fwww.tui.no%2F

Request Chain 37

https://4619653.fls.doubleclick.net/activityi;src=4619653;type=remar0;cat=mcall0;ord=8849714142224;gtm=2wg2j0;auiddc=263856976.1583232337;u1=undefined;u20=undefined;~oref=https%3A%2F%2Fwww.tui.no%2F HTTP 302
https://4619653.fls.doubleclick.net/activityi;dc_pre=CMXfxYiQ_ucCFbvkuwgdO2UEeQ;src=4619653;type=remar0;cat=mcall0;ord=8849714142224;gtm=2wg2j0;auiddc=263856976.1583232337;u1=undefined;u20=undefined;~oref=https%3A%2F%2Fwww.tui.no%2F

Request Chain 45

https://4619653.fls.doubleclick.net/activityi;src=4619653;type=remar0;cat=nordi0;ord=6052727393079;gtm=2wg2j0;auiddc=263856976.1583232337;u1=NO;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u17=undefined;u18=undefined;~oref=https%3A%2F%2Fwww.tui.no%2F HTTP 302
https://4619653.fls.doubleclick.net/activityi;dc_pre=CIfgxYiQ_ucCFffluwgdlSgC2g;src=4619653;type=remar0;cat=nordi0;ord=6052727393079;gtm=2wg2j0;auiddc=263856976.1583232337;u1=NO;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u17=undefined;u18=undefined;~oref=https%3A%2F%2Fwww.tui.no%2F

Request Chain 49

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=669818700&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.tui.no%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=Bestill%20dr%C3%B8mmeferien%20hos%20TUI%20-%20Pakkereiser%2C%20fly%2C%20hotell%20%26%20cruise&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=UA&ea=Enhanced%20Ecommercce&el=Promotion%20View&_u=aGBAAEAL~&jid=668213170&gjid=1896722335&cid=458796907.1583232337&tid=UA-7609377-2&_gid=424546577.1583232337&_r=1&gtm=2wg2j0BWK9&cd1=Startpage&cd21=default%20agent&cd33=Start%20page&cd34=NO%3ALive%3AContentful&cd35=GTM-BWK9%7C474&cd37=TUI%20NO%20Startpage&cd38=Startpage&cd39=startpage&cd46=promofragment%3Ana%3Bpromopage%3Astartpage%3Bpromoblockgroup%3Ahero%20cta%20button%3Bpromoblockposition%3A1%3Bpromotitle%3Ade%20beste%20hotellene%3Bpromoposition%3A1%3Bpromoispersonalized%3Afalse&cd61=Contentful&cd65=1583232337311&promo1nm=De%20beste%20hotellene&promo1ps=1&z=934976773 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7609377-2&cid=458796907.1583232337&jid=668213170&_gid=424546577.1583232337&gjid=1896722335&_v=j81&z=934976773 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7609377-2&cid=458796907.1583232337&jid=668213170&_v=j81&z=934976773 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7609377-2&cid=458796907.1583232337&jid=668213170&_v=j81&z=934976773&slf_rd=1&random=1612742624

Request Chain 55

https://www.facebook.com/tr/?id=147984635763714&ev=PageView&dl=https%3A%2F%2Fwww.tui.no%2F&rl=&if=false&ts=1583232337464&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1583232337434.586516718&it=1583232337378&coo=false&rqm=GET HTTP 302
https://cx.atdmt.com/?c=5314593875451893570&f=AYwF7Az4V3AzEdoaDyvNVjyIWVOcAvGHmd7bS8OsXdag9heit0R0aTGlKRJ1Xv1XNe6pPPZlcH93k7-uIiqc4DrM&id=147984635763714&l=3&v=0

Request Chain 92

https://4619653.fls.doubleclick.net/activityi;src=4619653;type=inter0;cat=5seco000;ord=8490230025359;gtm=2wg2j0;auiddc=263856976.1583232337;~oref=https%3A%2F%2Fwww.tui.no%2F HTTP 302
https://4619653.fls.doubleclick.net/activityi;dc_pre=CMfQ-oqQ_ucCFcfjuwgd9kADnQ;src=4619653;type=inter0;cat=5seco000;ord=8490230025359;gtm=2wg2j0;auiddc=263856976.1583232337;~oref=https%3A%2F%2Fwww.tui.no%2F

Request Chain 95

https://4619653.fls.doubleclick.net/activityi;src=4619653;type=inter0;cat=10sec000;ord=9389661230290;gtm=2wg2j0;auiddc=263856976.1583232337;~oref=https%3A%2F%2Fwww.tui.no%2F HTTP 302
https://4619653.fls.doubleclick.net/activityi;dc_pre=CKrppY2Q_ucCFWFE5QodIZ0Gtg;src=4619653;type=inter0;cat=10sec000;ord=9389661230290;gtm=2wg2j0;auiddc=263856976.1583232337;~oref=https%3A%2F%2Fwww.tui.no%2F

96 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tui.no/
Redirect Chain

http://tui.no/
https://www.tui.no/

161 KB
29 KB

159ms
77ms

Document
text/html

159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

openresty/1.13.6.2 /

Resource Hash

5955356b58d4ff3c4c7ba02e411e34fec79b4a1e86c7b479ecdfae17e8fcee20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.tui.no
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=utf-8
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: BIGipServer~Ecom~p_http_varnish_cms=3338816778.20480.0000; path=/; Httponly; Secure
last-modified: Tue, 03 Mar 2020 09:35:03 GMT
x-upstream: s3
x-cache-status: vsp2630 cached HIT 19
date: Tue, 03 Mar 2020 10:42:24 GMT
etag: W/"q6m2mf2zd7"
server: openresty/1.13.6.2
strict-transport-security: max-age=15768000; includeSubDomains
x-frame-options: SAMEORIGIN
x-server-name: 10.77.2.199
x-cache-backend: cms_nginx_2
x-cache-ttl: 300.000
age: 192
accept-ranges: bytes
x-varnish: 5134073 5325492
via: 1.1 varnish (Varnish/6.0)
x-instart-request-id: 2467374383736170704:YBA01-CPVNPPRY11:1583232336:0

Redirect headers

location: https://www.tui.no/
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2 200 tuitypelt-1.020-webfont.woff2
www.tui.no/cdn/fonts/type-1.020/ 59 KB
60 KB 37ms
35ms Font
application/octet-stream 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/cdn/fonts/type-1.020/tuitypelt-1.020-webfont.woff2

Requested by

Host: www.tui.no
URL: https://www.tui.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

54e3fa40e01fb915f0ba4d37cdec38523a6d081ec4fe73f5d4fe42902e88199d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
Origin: https://www.tui.no
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cache-ttl: 3600.000
strict-transport-security: max-age=15768000; includeSubDomains
via: 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-server-name: 10.77.2.119
age: 0
x-cache-status: vsp608 fetch MISS
status: 200
x-instart-cache-id: 9:5583375092683408837::1583072162
x-cache-backend: default
content-length: 60632
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Oct 2017 15:13:24 GMT
server: nginx/1.10.3 (Ubuntu)
date: Sun, 01 Mar 2020 14:16:02 GMT
x-frame-options: SAMEORIGIN
x-varnish: 23729632
access-control-allow-origin: *
cache-control: max-age=31536000
x-instart-request-id: 4159311361627542893:YBA01-CPVNPPRY11:1583232336:0
etag: "oxroyc1as8"
accept-ranges: bytes, bytes
content-type: application/octet-stream
expires: Mon, 01 Mar 2021 14:16:02 GMT

GET
H2 200 tuitypeltbd-1.020-webfont.woff2
www.tui.no/cdn/fonts/type-1.020/ 64 KB
64 KB 53ms
52ms Font
application/octet-stream 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/cdn/fonts/type-1.020/tuitypeltbd-1.020-webfont.woff2

Requested by

Host: www.tui.no
URL: https://www.tui.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

71afc4a66588bdb9664283f66103ae75582d689f60e5e8c14e621e62de143cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
Origin: https://www.tui.no
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cache-ttl: 3600.000
strict-transport-security: max-age=15768000; includeSubDomains
via: 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-server-name: 10.77.2.119
age: 0
x-cache-status: vsp608 fetch MISS
status: 200
x-instart-cache-id: 1:17519905469742514334::1583178373
x-cache-backend: default
content-length: 65632
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Oct 2017 15:13:24 GMT
server: nginx/1.10.3 (Ubuntu)
date: Mon, 02 Mar 2020 19:46:13 GMT
x-frame-options: SAMEORIGIN
x-varnish: 185157
access-control-allow-origin: *
cache-control: max-age=31536000
x-instart-request-id: 12192581237230804879:YBA01-CPVNPPRY11:1583232336:0
etag: "oxroyc1en4"
accept-ranges: bytes, bytes
content-type: application/octet-stream
expires: Tue, 02 Mar 2021 19:46:13 GMT

GET
H2 200 tuitypeltit-1.020-webfont.woff2
www.tui.no/cdn/fonts/type-1.020/ 45 KB
45 KB 59ms
57ms Font
application/octet-stream 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/cdn/fonts/type-1.020/tuitypeltit-1.020-webfont.woff2

Requested by

Host: www.tui.no
URL: https://www.tui.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

839173ceaab63f149a66e523c74a1c8ee234c61239110f3927cdf6470d95acd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
Origin: https://www.tui.no
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cache-ttl: 3600.000
strict-transport-security: max-age=15768000; includeSubDomains
via: 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-server-name: 10.77.2.119
age: 0
x-cache-status: vsp608 fetch MISS
status: 200
x-instart-cache-id: 25:13996032918405954083::1583106024
x-cache-backend: default
content-length: 45912
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Oct 2017 15:13:24 GMT
server: nginx/1.10.3 (Ubuntu)
date: Sun, 01 Mar 2020 23:40:24 GMT
x-frame-options: SAMEORIGIN
x-varnish: 23851045
access-control-allow-origin: *
cache-control: max-age=31536000
x-instart-request-id: 6623117272512754064:YBA01-CPVNPPRY11:1583232336:0
etag: "oxroyczfc"
accept-ranges: bytes, bytes
content-type: application/octet-stream
expires: Mon, 01 Mar 2021 23:40:24 GMT

GET
H2 200 startpage.css
www.tui.no/cdn/assets/v3.12.17/ 129 KB
20 KB 49ms
48ms Stylesheet
text/css 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/cdn/assets/v3.12.17/startpage.css

Requested by

Host: www.tui.no
URL: https://www.tui.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

instart/master /

Resource Hash

5d0be923e0afb7229ad5c628d2d460a39c2aeb5d2a5abef68405e27fb188be20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

x-cache-ttl: 3600.000
strict-transport-security: max-age=15768000
via: 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-server-name: 10.77.2.120
age: 57497
x-cache-status: vsp609 fetch MISS
status: 200
x-instart-cache-id: 22:371706951694618722::1583174839
content-encoding: br
x-cache-backend: default
content-length: 19562
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Feb 2020 08:17:31 GMT
server: instart/master
x-frame-options: SAMEORIGIN
date: Mon, 02 Mar 2020 18:47:19 GMT
vary: Accept-Encoding
x-varnish: 178480
cache-control: must-revalidate, max-age=2538526
x-instart-request-id: 1652977808435533829:SEN01-CPVNPPRY15:1583174839:0, 13957302046185024290:OEBGYV-QRCYBLZRAG-84SPOQQ895-CGMM8:1583174839:1, 11767251801842112328:YBA01-CPVNPPRY11:1583232336:0
etag: W/"q61lp72tt1"
content-type: text/css; charset=utf-8
expires: Wed, 01 Apr 2020 03:56:05 GMT

GET
H2 200 instart.js Show response
www.tui.no/i10c@p1/client/latest/auto/ 53 KB
18 KB 62ms
61ms Script
application/javascript 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Requested by

Host: www.tui.no
URL: https://www.tui.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

instart/master /

Resource Hash

0f0fc480bc287a485f28c9870ed373cd4d277bac0b29d3d6f6debf1225e46d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 08:35:16 GMT
content-encoding: br
x-instart-correlation-id: 1583221692:b950603b895975e0
age: 7820
status: 200
x-instart-cache-id: 6:14284413523246202236::1583224516
content-length: 17581
x-instart-via: 1.1 INSTART-FRA01-PCIACCEL13,1.0 INSTART-FRA01-PCIACCEL13, 1.1 Instart-nanovisor-service
last-modified: Thu, 30 Jan 2020 11:44:12 GMT
server: instart/master
strict-transport-security: max-age=15768000
content-type: application/javascript; charset=UTF-8
x-m0rph-dbg-iid: SEN01-ANABIVFBE01:100409
cache-control: public, max-age=43200
x-instart-request-id: 6704461874003576785:SEN01-CPVNPPRY13:1583224516:0, 3109358238524350317:OEBGYV-QRCYBLZRAG-84SPOQQ895-S6UUD:1583224516:1, 17459165540545366583:YBA01-CPVNPPRY11:1583232336:0
expires: Tue, 03 Mar 2020 20:35:16 GMT

GET
H2 200 app.css
www.tui.no/cdn/search/e0b695dac7696fc8e0bd/panel/js/ 69 KB
9 KB 59ms
58ms Stylesheet
text/css 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/cdn/search/e0b695dac7696fc8e0bd/panel/js/app.css

Requested by

Host: www.tui.no
URL: https://www.tui.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

instart/master /

Resource Hash

3ef6cca5f72a934dc93b0b3561bc8956b87bd85b73fc2ab37c9c6153db52c1e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

x-cache-ttl: 3600.000
strict-transport-security: max-age=15768000
via: 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-server-name: 10.77.2.119
age: 256121
x-cache-status: vsp608 cached HIT 1
status: 200
x-instart-cache-id: 26:10282308654240956684::1582976216
content-encoding: br
x-cache-backend: default
content-length: 8567
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Feb 2020 09:59:20 GMT
server: instart/master
x-frame-options: SAMEORIGIN
date: Sat, 29 Feb 2020 11:36:55 GMT
vary: Accept-Encoding
x-varnish: 20471741 21774870
cache-control: must-revalidate, max-age=2560243
x-instart-request-id: 7772943179046203097:SEN01-CPVNPPRY12:1582976215:0, 16633146720813433436:OEBGYV-QRCYBLZRAG-84SPOQQ895-EDTX7:1582976215:1, 18235691137197656784:YBA01-CPVNPPRY11:1583232336:0
etag: W/"q6cuew1i6u"
content-type: text/css; charset=utf-8
expires: Mon, 30 Mar 2020 02:47:38 GMT

GET
H2 200 chunk-vendors.js Show response
www.tui.no/cdn/search/e0b695dac7696fc8e0bd/panel/js/ 243 KB
69 KB 63ms
62ms Script
application/javascript 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/cdn/search/e0b695dac7696fc8e0bd/panel/js/chunk-vendors.js

Requested by

Host: www.tui.no
URL: https://www.tui.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

instart/master /

Resource Hash

ea64125dd1d9882b4aba247ffb7569c2d38af7ece5824e912a9df7c969441b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-cache-ttl: 3600.000
strict-transport-security: max-age=15768000
via: 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-server-name: 10.77.2.120
age: 129
x-cache-status: vsp609 cached HIT 1
status: 200
x-instart-cache-id: 12:4857483848805368941::1582876880
content-encoding: br
x-cache-backend: default
content-length: 70076
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Feb 2020 09:59:20 GMT
server: instart/master
date: Fri, 28 Feb 2020 08:01:19 GMT
x-frame-options: SAMEORIGIN
x-varnish: 20334090 20208415
vary: Accept-Encoding
cache-control: max-age=31536000
x-instart-request-id: 5192373464067190541:SEN01-CPVNPPRY17:1582876879:0, 12001563721049302598:OEBGYV-QRCYBLZRAG-84SPOQQ895-DPYW8:1582876879:1, 635863591352155973:YBA01-CPVNPPRY11:1583232336:0
etag: W/"q6cuew5bra"
content-type: application/javascript
expires: Sat, 27 Feb 2021 08:01:19 GMT

GET
H2 200 app.js Show response
www.tui.no/cdn/search/e0b695dac7696fc8e0bd/panel/js/ 150 KB
29 KB 60ms
59ms Script
application/javascript 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/cdn/search/e0b695dac7696fc8e0bd/panel/js/app.js

Requested by

Host: www.tui.no
URL: https://www.tui.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

instart/master /

Resource Hash

7ba893e5982bd53554b5b88ae672ff6b2d956c5b0db1b2ffc677b7e88c27b821

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-cache-ttl: 3600.000
strict-transport-security: max-age=15768000
via: 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-server-name: 10.77.2.119
age: 129
x-cache-status: vsp608 cached HIT 2
status: 200
x-instart-cache-id: 5:13471225919272059201::1583231499
content-encoding: br
x-cache-backend: default
content-length: 29728
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Feb 2020 09:59:20 GMT
server: instart/master
date: Tue, 03 Mar 2020 10:31:39 GMT
x-frame-options: SAMEORIGIN
x-varnish: 20471742 21275783
vary: Accept-Encoding
cache-control: max-age=31536000
x-instart-request-id: 12769122687279149485:SEN01-CPVNPPRY17:1583231499:0, 1000421944847151151:OEBGYV-QRCYBLZRAG-84SPOQQ895-EDTX7:1583231499:1, 5364974789320900749:YBA01-CPVNPPRY11:1583232336:0
etag: W/"q6cuew3ang"
content-type: application/javascript
expires: Wed, 03 Mar 2021 10:31:39 GMT

GET
H2 200 startpage-scripts.js Show response
www.tui.no/cdn/assets/v3.12.17/ 18 KB
6 KB 24ms
24ms Script
application/javascript 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/cdn/assets/v3.12.17/startpage-scripts.js

Requested by

Host: www.tui.no
URL: https://www.tui.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

instart/master /

Resource Hash

9dc9c1f9907f69012e07a474786b69040318ba9be1ee2816a735fada536a8593

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-cache-ttl: 3600.000
strict-transport-security: max-age=15768000
via: 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-server-name: 10.77.2.120
age: 0
x-cache-status: vsp609 fetch MISS
status: 200
x-instart-cache-id: 9:15156150354247454853::1583039649
content-encoding: br
x-cache-backend: default
content-length: 6010
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Feb 2020 08:17:31 GMT
server: instart/master
date: Sun, 01 Mar 2020 05:14:09 GMT
x-frame-options: SAMEORIGIN
x-varnish: 22419254
vary: Accept-Encoding
cache-control: max-age=31536000
x-instart-request-id: 12684169508195357659:SEN01-CPVNPPRY13:1583039649:0, 1827355193875278408:OEBGYV-QRCYBLZRAG-84SPOQQ895-OWT26:1583039649:1, 10597116617965515987:YBA01-CPVNPPRY11:1583232336:0
etag: W/"q61lp7ej9"
content-type: application/javascript
expires: Mon, 01 Mar 2021 05:14:09 GMT

GET
H2 200 nv-loaded.js Show response
www.tui.no/i10c@p1/botox/file/ 154 B
275 B 30ms
30ms Script
application/javascript 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tui.no/i10c@p1/botox/file/nv-loaded.js?status=loaded
Requested by: Host: www.tui.no
URL: https://www.tui.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.180.84.18 , United States, ASN33047 (INSTART, US),
Reverse DNS
Software: 1.14.0 /
Resource Hash: 0b53f33c309fba342a0667f011e6cdec11ab1b75ad2bd6f54010851cb6d1334c

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Tue, 03 Mar 2020 10:45:36 GMT
cache-control: no-cache, no-store
x-instart-request-id: 4788615986367732435:YBA01-CPVNPPRY11:1583232336:0
server: 1.14.0
content-type: application/javascript

GET
H2 200 svg-icons.svg
www.tui.no/cdn/svg/v37/ 90 KB
26 KB 33ms
33ms Other
image/svg+xml 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/cdn/svg/v37/svg-icons.svg

Requested by

Host: www.tui.no
URL: https://www.tui.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

instart/master /

Resource Hash

2d42c945d7f3269edb02d8830ca3f0a47cf64b9833c8bf40f84830a27314070c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-cache-ttl: 3600.000
strict-transport-security: max-age=15768000
via: 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-server-name: 10.77.2.119
age: 355457
x-cache-status: vsp608 cached HIT 2
status: 200
x-instart-cache-id: 9:11724640178913611366::1582876879
content-encoding: br
x-cache-backend: default
content-length: 26352
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Feb 2020 09:03:07 GMT
server: instart/master
date: Fri, 28 Feb 2020 08:01:19 GMT
x-frame-options: SAMEORIGIN
x-varnish: 20471740 20832396
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: must-revalidate, max-age=2591754
x-instart-request-id: 7142531658144266310:SEN01-CPVNPPRY15:1582876879:0, 12957286613826822642:OEBGYV-QRCYBLZRAG-84SPOQQ895-OWT26:1582876879:1, 14377092797057330958:YBA01-CPVNPPRY11:1583232336:0
etag: W/"q61nt71z9d"
content-type: image/svg+xml
expires: Sun, 29 Mar 2020 07:57:13 GMT

GET
H2 200 nanovisor Show response
www.nanovisor.io/i10c@p1/cenome/endpoint/ 72 KB
21 KB 103ms
47ms Fetch
application/javascript 192.33.31.80
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nanovisor.io/i10c@p1/cenome/endpoint/nanovisor?env.app=nanovisor&env.appVersion=10.10.2&env.instance=botox&req=www.tui.no

Requested by

Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.33.31.80 Portola Valley, United States, ASN33047 (INSTART, US),

Reverse DNS

a-sg01sl04.insnw.net

Software

1.14.0 /

Resource Hash

5a5e4db13e96c258f0d68ab8f8c65257ff83c9f670389b9a22b31b2ebbb1abb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.tui.no/
Origin: https://www.tui.no
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-encoding: gzip
x-instart-correlation-id: 1583232336:c4d14fd6655b8d3d
age: 0
x-instart-remote-addr: 82.102.19.133
x-instart-device-family: kDesktop
status: 200
x-instart-browser-version-micro: 3729
x-instart-config-index: 0
x-instart-geo-country-code: BE
x-instart-config-source: cache
vary: Accept-Encoding
x-instart-origin-status: 200
x-instart-browser-name: Chrome
access-control-allow-origin: *
cache-control: public, max-age=120, stale-while-revalidate=600, stale-if-error=604800
x-robots-tag: noindex, nofollow
x-instart-config-version: f418a160da4ab030430167567d1d44d2171a2c22
x-instart-config-type: optimal
date: Tue, 03 Mar 2020 10:45:36 GMT
x-instart-browser-version-minor: 0
x-instart-config-timestamp: 1582316229
x-instart-throughput-kbps: 57956
x-instart-config-correlationid: 1582312755_04870338558554259
x-instart-via: 2.0 INSTART-LON01-ACCEL32, 1.1 Instart-api-gateway
x-instart-client-ip: 82.102.19.133
x-instart-browser-version-major: 74
x-instart-config-reponame: cenome-data
server: 1.14.0
strict-transport-security: max-age=15768000
x-m0rph-dbg-iid: prabzr-freivpr-p1-sen01-2:8
x-instart-request-id: 14182204483808496957:YBA01-NPPRY32:1583232336:0
content-type: application/javascript

GET
H2 200 svg-concept-icons.svg
www.tui.no/cdn/svg/v37/ 17 KB
5 KB 34ms
34ms Other
image/svg+xml 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/cdn/svg/v37/svg-concept-icons.svg

Requested by

Host: www.tui.no
URL: https://www.tui.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

instart/master /

Resource Hash

e661f0f50cf45e1f599f38633c0ecc7f888f23e95a7e96a6cf5d641c78941264

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-cache-ttl: 3600.000
strict-transport-security: max-age=15768000
via: 1.1 varnish (Varnish/6.0)
etag: W/"q61nt7drn"
x-server-name: 10.77.2.120
age: 181445
x-cache-status: vsp609 cached HIT 2
status: 200
x-instart-cache-id: 13:12950774138106285980::1583050891
content-encoding: br
x-cache-backend: default
content-length: 5114
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Feb 2020 09:03:07 GMT
server: instart/master
x-frame-options: SAMEORIGIN
date: Sun, 01 Mar 2020 08:21:31 GMT
vary: Accept-Encoding
x-varnish: 22025880 7995295
access-control-allow-origin: *
cache-control: must-revalidate, max-age=2496999
x-instart-request-id: 11410842375818548143:SEN01-CPVNPPRY13:1583050891:0, 3975710377595810852:OEBGYV-QRCYBLZRAG-84SPOQQ895-MKJPU:1583050891:1, 8398301410057009524:YBA01-CPVNPPRY11:1583232336:0
content-type: image/svg+xml
x-content-type-options: nosniff
expires: Mon, 30 Mar 2020 05:58:10 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-icons.svg
www.tui.no/cdn/svg/v31/ 94 KB
26 KB 42ms
41ms Other
image/svg+xml 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/cdn/svg/v31/svg-icons.svg

Requested by

Host: www.tui.no
URL: https://www.tui.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

instart/master /

Resource Hash

f622095d6da0de26ad2f86a5bf8567497fdbf705d95e4d0fe6d8a8e1bf686a01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-cache-ttl: 3600.000
strict-transport-security: max-age=15768000
via: 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-server-name: 10.77.2.120
age: 355457
x-cache-status: vsp609 cached HIT 2
status: 200
x-instart-cache-id: 12:3026564256557889370::1582876879
content-encoding: br
x-cache-backend: default
content-length: 26185
x-xss-protection: 1; mode=block
last-modified: Mon, 08 Jul 2019 11:53:32 GMT
server: instart/master
date: Fri, 28 Feb 2020 08:01:19 GMT
x-frame-options: SAMEORIGIN
x-varnish: 22025868 22258272
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: must-revalidate, max-age=2591756
x-instart-request-id: 7092215879357562000:SEN01-CPVNPPRY16:1582876879:0, 11348488145372524077:OEBGYV-QRCYBLZRAG-84SPOQQ895-CGMM8:1582876879:1, 7996976177684935423:YBA01-CPVNPPRY11:1583232336:0
etag: W/"pubnp822c6"
content-type: image/svg+xml
expires: Sun, 29 Mar 2020 07:57:15 GMT

GET
H2 200 lang-nb-texts.js Show response
www.tui.no/search-package-web/js/ 7 KB
4 KB 287ms
286ms Script
application/javascript 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/search-package-web/js/lang-nb-texts.js?v=deac8814097ff1aa9944

Requested by

Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

nginx /

Resource Hash

1cd2b646c02410963457355d7145253e1c5cdd4c10a188f34deaf235e8aa3672

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 10:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
x-server-name: 10.74.55.45
status: 200
vary: Accept-Encoding
content-length: 3475
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tuesday, 03-Mar-2020 10:45:36 UTC
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-instart-request-id: 10881086463469717250:YBA01-CPVNPPRY11:1583232336:0
content-security-policy: default-src https:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:;
accept-ranges: bytes

GET
H2 200 HERO_3840x1020_week9_I_0248497_alcudia_NY.jpg
www.tui.no/cdn/contentfulimages/vgsg3tshxjhb/3DnAcEtzx0WKlu7rB5sWNk/d7559d5f40e5695c1d931fd3159eb7fc/ 71 KB
72 KB 30ms
29ms Image
image/webp 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tui.no/cdn/contentfulimages/vgsg3tshxjhb/3DnAcEtzx0WKlu7rB5sWNk/d7559d5f40e5695c1d931fd3159eb7fc/HERO_3840x1020_week9_I_0248497_alcudia_NY.jpg?fit=thumb&w=1920&h=480&q=65&fm=webp

Requested by

Host: www.tui.no
URL: https://www.tui.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

8bb19b4352ec695507ef6000b20a842b6d2491a232e00bb1c6a5958bb59797dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-cache-ttl: 3600.000
strict-transport-security: max-age=15768000; includeSubDomains
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-server-name: 10.77.2.120
age: 53251
x-cache-status: vsp609 fetch MISS
status: 200
x-instart-cache-id: 0:4898177567515409119::1583179085
x-cache-backend: default
content-length: 73092
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Feb 2020 12:03:22 GMT
server: nginx/1.10.3 (Ubuntu)
date: Mon, 02 Mar 2020 19:58:05 GMT
x-frame-options: SAMEORIGIN
x-varnish: 1023471
access-control-allow-origin: *
cache-control: must-revalidate, max-age=2591999
x-instart-request-id: 17102456958559443520:YBA01-CPVNPPRY11:1583232336:0
etag: "edbd89560d5172d696555ceb6fc35ea6"
x-amz-cf-pop: ARN1-C1
accept-ranges: bytes
content-type: image/webp
expires: Wed, 01 Apr 2020 19:58:04 GMT

GET
H2 200 i_0292417WebOriginalCompressed.jpg
www.tui.no/tuin-img/2017_8/23_13/ec6f7149-8f02-4b86-b2fa-a7d800da568b/ 117 KB
117 KB 32ms
31ms Image
image/webp 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tui.no/tuin-img/2017_8/23_13/ec6f7149-8f02-4b86-b2fa-a7d800da568b/i_0292417WebOriginalCompressed.jpg?crop=edges&fit=crop&w=768&h=432&q=65&fm=webp

Requested by

Host: www.tui.no
URL: https://www.tui.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

imgix /

Resource Hash

88f330577e10775563e78bdcda066dedca27ce4a00598395bb00a8aee8fbdd25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-cache-ttl: pass
strict-transport-security: max-age=15768000; includeSubDomains
via: 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff, nosniff
x-server-name: 10.77.2.244
age: 60155
x-cache-status: vsp1120 cached HIT 2 11833.412
x-cache: MISS, HIT
status: 200
x-instart-cache-id: 4:14248789228296813328::1583181589
x-imgix-id: c6322e7a7ab9f1e34c623f706ac1f58d29c0ccb6
x-cache-backend: imgix3
content-length: 119406
x-xss-protection: 1; mode=block
x-served-by: cache-lax8633-LAX, cache-bma1628-BMA
x-cache-rule: imgix
last-modified: Mon, 02 Mar 2020 17:22:49 GMT
server: imgix
date: Mon, 02 Mar 2020 18:03:01 GMT
x-frame-options: SAMEORIGIN
x-varnish: 2040344 463484
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2601407
x-instart-request-id: 2248160329410733828:YBA01-CPVNPPRY11:1583232336:0
accept-ranges: bytes
content-type: image/webp
cache: true
expires: Wed, 01 Apr 2020 20:39:48 GMT

GET
H2 200 variables.json Show response
www.tui.no/search-package-web/ 108 B
419 B 119ms
118ms XHR
application/json 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/search-package-web/variables.json?instart_disable_injection=true&format=json&market=no

Requested by

Host: www.tui.no
URL: https://www.tui.no/cdn/search/e0b695dac7696fc8e0bd/panel/js/chunk-vendors.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

nginx /

Resource Hash

267762708f66f05f49d0062a7910f90bc0a69b5cb2c1443346959e1439a35a33

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:;
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.tui.no/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Mar 2020 10:45:36 GMT
x-content-type-options: nosniff, nosniff
x-server-name: 10.74.55.45
status: 200
content-length: 108
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tuesday, 03-Mar-2020 10:45:36 UTC
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/json
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-instart-request-id: 2798345541774915962:YBA01-CPVNPPRY11:1583232336:0
content-security-policy: default-src https:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:;
accept-ranges: bytes

GET
H2 200 instart.js Show response
www.tui.no/i10c@p1/nanovisor/nv-10.10.2/async/ 45 KB
15 KB 62ms
62ms Script
application/javascript 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/i10c@p1/nanovisor/nv-10.10.2/async/instart.js?i10c.syncver=10.10.2&i10c.syncinstance=botox&i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Requested by

Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

instart/master /

Resource Hash

44766d6a71077829abe47f7d47d2fd87d75e3d4853236660c09433f9bc924db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 08:35:16 GMT
content-encoding: br
x-instart-correlation-id: 1583224250:23249e649cddf867
age: 7820
status: 200
x-instart-cache-id: 1:6223673891348855876::1583224517
content-length: 14968
x-instart-via: 1.1 INSTART-PAR01-PCIACCEL14,1.0 INSTART-FRA01-PCIACCEL12, 1.1 Instart-nanovisor-service
last-modified: Thu, 30 Jan 2020 11:44:11 GMT
server: instart/master
strict-transport-security: max-age=15768000
content-type: application/javascript; charset=UTF-8
x-m0rph-dbg-iid: SEN01-ANABIVFBE02:54334
cache-control: public, max-age=43200
x-instart-request-id: 15833715351519593820:SEN01-CPVNPPRY13:1583224516:0, 2048552185513334093:OEBGYV-QRCYBLZRAG-84SPOQQ895-CGMM8:1583224516:1, 11613584213509651098:YBA01-CPVNPPRY11:1583232336:0
expires: Tue, 03 Mar 2020 20:35:16 GMT

GET
H2 200 gtm.js Show response
www.tui.no/cdn/gtm/ 284 KB
73 KB 351ms
351ms Script
application/javascript 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/cdn/gtm/gtm.js?id=GTM-BWK9

Requested by

Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

e5f6b199958eac43ed5537fd5b531cd2b65d1f8dfba90b45ef7fef538bc13e06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0, 1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-cache-ttl: 30.000
date: Tue, 03 Mar 2020 10:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-name: 10.77.2.119
age: 30
accept-ranges: bytes
x-cache-status: vsp608 grace-while-fetching HIT 8
status: 200
last-modified: Tue, 03 Mar 2020 09:00:00 GMT
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0, 1; mode=block
access-control-allow-origin: http://www.googletagmanager.com
x-cache-backend: default
server: nginx/1.10.3 (Ubuntu)
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
x-varnish: 1277977 1246553
via: 1.1 varnish (Varnish/6.0)
cache-control: private, max-age=900
x-instart-request-id: 12308664850997933658:YBA01-CPVNPPRY11:1583232337:0
access-control-allow-credentials: true
content-type: application/javascript; charset=UTF-8
access-control-allow-headers: Cache-Control
expires: Tue, 03 Mar 2020 10:45:06 GMT

GET
H2 200 crisis-message.js Show response
www.tui.no/crisis/widgets/assets/ 2 KB
2 KB 340ms
340ms Script
application/javascript 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/crisis/widgets/assets/crisis-message.js

Requested by

Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

1.14.0 / Express

Resource Hash

f24caa519b391518b7dd4f0e69d4300fc4d2f42b5b9fc2e2063c6f70a479735e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-cache-ttl: 60.000
date: Tue, 03 Mar 2020 10:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-name: 10.77.2.199
age: 3
via: 1.1 varnish (Varnish/6.0)
x-powered-by: Express
x-cache-status: vsp2630 cached HIT 1
status: 200
x-cache-backend: crisis_frontend_0
content-length: 1345
x-xss-protection: 1; mode=block
last-modified: Fri, 06 Sep 2019 11:05:39 GMT
server: 1.14.0
x-frame-options: SAMEORIGIN
etag: W/"9f8-16d064047b8"
strict-transport-security: max-age=15768000; includeSubDomains
x-varnish: 5673778 1865693
x-upstream: crisis
vary: Accept-Encoding
cache-control: public, max-age=0
x-instart-request-id: 15469931943167023576:YBA01-CPVNPPRY11:1583232337:0
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8

GET
H2 200 modal.js Show response
www.tui.no/my-tui/ 8 KB
3 KB 365ms
364ms Script
application/javascript 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/my-tui/modal.js

Requested by

Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

nginx /

Resource Hash

d4f3405cf9439c050fb8f3d1cd68c8c78d680526aaaf8f20351cb3cf0c649008

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 10:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-name: 10.74.55.45
status: 200
x-instart-cache-id: 15:5934161252779378465::1583140150
vary: Accept-Encoding
content-length: 2607
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Mar 2020 08:46:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5e5cc7da-20a8"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
cache-control: max-age=900
x-instart-request-id: 17680468138289131955:YBA01-CPVNPPRY11:1583232337:0
accept-ranges: bytes
expires: Tue, 03 Mar 2020 10:41:45 GMT

GET
H2 200 customer.js Show response
www.tui.no/my-tui/ 2 KB
2 KB 175ms
174ms Script
application/javascript 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/my-tui/customer.js

Requested by

Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

nginx /

Resource Hash

be143d0a6e458536b363074a61f71d0927cacad3624ecd50cb95b260bb92a3c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 10:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-name: 10.74.55.45
status: 200
x-instart-cache-id: 15:16552732134973489353::1583140150
vary: Accept-Encoding
content-length: 1377
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Mar 2020 08:46:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5e5cc7da-8b0"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
cache-control: max-age=900
x-instart-request-id: 12756859940967459890:YBA01-CPVNPPRY11:1583232337:0
accept-ranges: bytes
expires: Tue, 03 Mar 2020 10:41:45 GMT

GET
H2 200 price-populator.js Show response
www.tui.no/widgets/assets/javascripts/ 41 KB
15 KB 351ms
351ms Script
application/javascript 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/widgets/assets/javascripts/price-populator.js

Requested by

Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

1.14.0 /

Resource Hash

81400e1fbaebe249f462c61bbd58d423edb888de660226edac47f714f474196a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-cache-ttl: 300.000
date: Tue, 03 Mar 2020 10:43:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-name: 10.77.2.199
age: 129
x-cache-status: vsp2630 cached HIT 39
status: 200
x-cache-backend: widget_framework_1
content-length: 15129
via: 1.1 varnish (Varnish/6.0)
access-control-allow-origin: *
last-modified: Thu, 27 Feb 2020 09:34:13 GMT
server: 1.14.0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000; includeSubDomains
x-varnish: 848202 1404876
x-upstream: wf
x-xss-protection: 1; mode=block
vary: Accept-Encoding
cache-control: max-age=0
x-instart-request-id: 7090299316231753097:YBA01-CPVNPPRY11:1583232337:0
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 nanovisor Show response
www.nanovisor.io/i10c@p1/cenome/endpoint/ 72 KB
21 KB 51ms
50ms Fetch
application/javascript 192.33.31.80
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nanovisor.io/i10c@p1/cenome/endpoint/nanovisor?env.app=nanovisor&env.appVersion=10.10.2&env.instance=async&req=www.tui.no&account=tuinordic

Requested by

Host: www.tui.no
URL: https://www.tui.no/i10c@p1/nanovisor/nv-10.10.2/async/instart.js?i10c.syncver=10.10.2&i10c.syncinstance=botox&i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.33.31.80 Portola Valley, United States, ASN33047 (INSTART, US),

Reverse DNS

a-sg01sl04.insnw.net

Software

1.14.0 /

Resource Hash

3e23d3a7c213646d3cfcec76442c40a93abe51fc6ebdf8715eac0ce63d9a5b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.tui.no/
Origin: https://www.tui.no
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-encoding: gzip
x-instart-correlation-id: 1583232336:7e1931abb3b5f233
age: 0
x-instart-remote-addr: 82.102.19.133
x-instart-device-family: kDesktop
status: 200
x-instart-browser-version-micro: 3729
x-instart-config-index: 0
x-instart-geo-country-code: BE
x-instart-config-source: cache
vary: Accept-Encoding
x-instart-origin-status: 200
x-instart-browser-name: Chrome
access-control-allow-origin: *
cache-control: public, max-age=120, stale-while-revalidate=600, stale-if-error=604800
x-robots-tag: noindex, nofollow
x-instart-config-version: f418a160da4ab030430167567d1d44d2171a2c22
x-instart-config-type: optimal
date: Tue, 03 Mar 2020 10:45:37 GMT
x-instart-browser-version-minor: 0
x-instart-config-timestamp: 1582316229
x-instart-throughput-kbps: 94444
x-instart-config-correlationid: 1582312755_04870338558554259
x-instart-via: 2.0 INSTART-LON01-ACCEL32, 1.1 Instart-api-gateway
x-instart-client-ip: 82.102.19.133
x-instart-browser-version-major: 74
x-instart-config-reponame: cenome-data
server: 1.14.0
strict-transport-security: max-age=15768000
x-m0rph-dbg-iid: prabzr-freivpr-p1-sen01-1:8
x-instart-request-id: 9086348336720900659:YBA01-NPPRY32:1583232337:0
content-type: application/javascript

GET
H2 200 abtests Show response
www.tui.no/search-package-api/ 517 B
697 B 235ms
235ms XHR
application/json 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/search-package-api/abtests?instart_disable_injection=true&format=json&market=no&cookie=

Requested by

Host: www.tui.no
URL: https://www.tui.no/cdn/search/e0b695dac7696fc8e0bd/panel/js/chunk-vendors.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

1.14.0 /

Resource Hash

4154db5925cf04a39cc28982b67c7c0a384371d41840ad2e14d0408261b471ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.tui.no/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
x-server-name: 10.74.55.45
status: 200
date: Tue, 03 Mar 2020 10:45:37 GMT
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-instart-request-id: 15304190222303974659:YBA01-CPVNPPRY11:1583232337:0
content-length: 517
x-xss-protection: 1; mode=block
server: 1.14.0

POST
H2 200 fabricmetric Show response
fcps.nanovisor.io/i10c@p1/clientprofiler/ 2 B
174 B 39ms
37ms Fetch
text/plain 192.33.31.80
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://fcps.nanovisor.io/i10c@p1/clientprofiler/fabricmetric

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.33.31.80 Portola Valley, United States, ASN33047 (INSTART, US),

Reverse DNS

a-sg01sl04.insnw.net

Software

1.14.0 /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.tui.no/
Origin: https://www.tui.no
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15768000
x-instart-correlation-id: 1583232337:c49d0f8ced5d814a
server: 1.14.0
age: 0
date: Tue, 03 Mar 2020 10:45:37 GMT
content-type: text/plain
status: 200
x-m0rph-dbg-iid: pyvragcebsvyre-78766oqoqp-aax5z:6
x-instart-request-id: 14167497100729614666:YBA01-NPPRY32:1583232337:0
x-robots-tag: noindex, nofollow
access-control-allow-origin: https://www.tui.no
content-length: 2
x-instart-via: 2.0 INSTART-LON01-ACCEL32, 1.1 Instart-clientprofiler

POST
H2 200 log Show response
www.nanovisor.io/i10c@p1/clientprofiler/ 2 B
225 B 36ms
36ms Fetch
text/plain 192.33.31.80
INSTART

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nanovisor.io/i10c@p1/clientprofiler/log
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/nanovisor/nv-10.10.2/async/instart.js?i10c.syncver=10.10.2&i10c.syncinstance=botox&i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.33.31.80 Portola Valley, United States, ASN33047 (INSTART, US),
Reverse DNS: a-sg01sl04.insnw.net
Software: 1.14.0 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.tui.no/
Origin: https://www.tui.no
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 03 Mar 2020 10:45:37 GMT
x-instart-correlation-id: 1583232337:17ae2773ad265a54
server: 1.14.0
age: 0
content-type: text/plain
status: 200
x-m0rph-dbg-iid: SEN01-PCF01:96571
x-instart-request-id: 1706344686599690836:YBA01-NPPRY32:1583232337:0
x-robots-tag: noindex, nofollow
access-control-allow-origin: https://www.tui.no
content-length: 2
x-instart-via: 2.0 INSTART-LON01-ACCEL32, 1.1 Instart-clientprofiler

GET
H2 200 / Show response
www.tui.no/crisis/widgets/tuino/crisismessage/ 37 B
325 B 227ms
226ms XHR
text/html 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/crisis/widgets/tuino/crisismessage/

Requested by

Host: www.tui.no
URL: https://www.tui.no/crisis/widgets/assets/crisis-message.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

1.14.0 / Express

Resource Hash

67a12fd699f4b5e342534f92264d80a9355461020f07f84739847740ca62e9a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

x-cache-ttl: 60.000
strict-transport-security: max-age=15768000; includeSubDomains
via: 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-server-name: 10.77.2.199
age: 67
x-powered-by: Express
x-cache-status: vsp2630 grace-while-fetching HIT 7
status: 200
x-cache-backend: crisis_frontend_1
content-length: 37
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: 1.14.0
date: Tue, 03 Mar 2020 10:44:29 GMT
x-frame-options: SAMEORIGIN
x-varnish: 5005607 5133803
x-upstream: crisis
vary: User-Agent
x-instart-request-id: 6943949379871316115:YBA01-CPVNPPRY11:1583232337:0
etag: W/"25-qGH3DjrpHZxzmjW+WLa2vZTvYC8"
accept-ranges: bytes
content-type: text/html; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 svg-icons.svg
www.tui.no/cdn/svg/v33/ 90 KB
26 KB 118ms
117ms Other
image/svg+xml 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/cdn/svg/v33/svg-icons.svg

Requested by

Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

instart/master /

Resource Hash

6c454f25e3fe2b914ed438cdb3c336e5d0bb6c4938c15de357a424358c1b6ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-cache-ttl: 3600.000
strict-transport-security: max-age=15768000
via: 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-server-name: 10.77.2.120
age: 355702
x-cache-status: vsp609 cached HIT 1
status: 200
x-instart-cache-id: 33:4715366076115808798::1582876636
content-encoding: br
x-cache-backend: default
content-length: 26292
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Oct 2019 10:52:42 GMT
server: instart/master
date: Fri, 28 Feb 2020 07:57:15 GMT
x-frame-options: SAMEORIGIN
x-varnish: 20334089 7995363
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: must-revalidate, max-age=2591656
x-instart-request-id: 7205741562587870982:SEN01-CPVNPPRY13:1582876635:0, 15165963289190865346:OEBGYV-QRCYBLZRAG-84SPOQQ895-OWT26:1582876635:1, 15209436693543840123:YBA01-CPVNPPRY11:1583232337:0
etag: W/"pzq0vu1z11"
content-type: image/svg+xml
expires: Sun, 29 Mar 2020 07:51:31 GMT

GET
H2 200 basedata Show response
www.tui.no/search-package-api/ 378 KB
80 KB 257ms
257ms XHR
application/json 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/search-package-api/basedata?instart_disable_injection=true&format=json&market=no

Requested by

Host: www.tui.no
URL: https://www.tui.no/cdn/search/e0b695dac7696fc8e0bd/panel/js/chunk-vendors.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

1.14.0 /

Resource Hash

f5a2d87c5ee854f66cbc8430828c11e5718ec78f173718fa07bee4ab6a3f2aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.tui.no/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Mar 2020 10:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-name: 10.74.55.45
status: 200
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-instart-request-id: 7579565055023840756:YBA01-CPVNPPRY11:1583232337:0
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: 1.14.0

GET
H2 200 departureairports Show response
www.tui.no/search-package-api/ 906 B
998 B 367ms
367ms XHR
application/json 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/search-package-api/departureairports?instart_disable_injection=true&format=json&market=no

Requested by

Host: www.tui.no
URL: https://www.tui.no/cdn/search/e0b695dac7696fc8e0bd/panel/js/chunk-vendors.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

1.14.0 /

Resource Hash

9e3f9dc2fee75e994084ac68f5a8444e4e60178cb2eebdc83cf18e3572955221

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.tui.no/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
x-server-name: 10.74.55.45
status: 200
date: Tue, 03 Mar 2020 10:45:37 GMT
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-instart-request-id: 8617479448155844130:YBA01-CPVNPPRY11:1583232337:0
content-length: 906
x-xss-protection: 1; mode=block
server: 1.14.0

GET
H2 200 lowestprice Show response
www.tui.no/widgets/api/search/ 910 B
1 KB 359ms
358ms Fetch
application/json 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/widgets/api/search/lowestprice?market=no&locations=%5B%7B%22geoId%22%3A%22G-000075%22%2C%22startDate%22%3A%222020-06-01%22%2C%22endDate%22%3A%222020-06-30%22%2C%22entryId%22%3A%2228t23gyoYJcITt8ACkG6es%22%2C%22durations%22%3A%2210%2C11%2C12%2C13%22%2C%22type%22%3A%22destination%22%7D%2C%7B%22geoId%22%3A%22G-000077%22%2C%22startDate%22%3A%222020-01-29%22%2C%22endDate%22%3A%222020-03-31%22%2C%22entryId%22%3A%225O8WUkAlGqTWPckUBuMmnx%22%2C%22durations%22%3A%227%2C8%2C14%2C15%22%2C%22type%22%3A%22destination%22%7D%2C%7B%22geoId%22%3A%22G-000077%22%2C%22startDate%22%3A%222020-10-18%22%2C%22endDate%22%3A%222021-04-01%22%2C%22entryId%22%3A%222VpEbME1oSVyYdwqYtSxwO%22%2C%22type%22%3A%22destination%22%7D%2C%7B%22geoId%22%3A%22G-000004%22%2C%22startDate%22%3A%222020-02-23%22%2C%22endDate%22%3A%222020-03-15%22%2C%22entryId%22%3A%225Yhge1tAwjgAW6VtdC69NQ%22%2C%22durations%22%3A%2214%2C15%22%2C%22type%22%3A%22country%22%7D%5D

Requested by

Host: www.tui.no
URL: https://www.tui.no/widgets/assets/javascripts/price-populator.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

1.14.0 /

Resource Hash

2a0661cf081bb316dee1b76ea2a5789f9922a7937e19a769405da9a85e6dd476

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

x-cache-ttl: 300.000
date: Tue, 03 Mar 2020 10:44:33 GMT
via: 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-server-name: 10.77.2.199
age: 64
x-cache-status: vsp2630 cached HIT 6
status: 200
x-upstream: wf
x-cache-backend: widget_framework_1
content-length: 910
x-xss-protection: 1; mode=block
x-response-time: 267.6
server: 1.14.0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000; includeSubDomains
x-varnish: 1865698 4147535
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
x-instart-request-id: 18313799942103223723:YBA01-CPVNPPRY11:1583232337:0
accept-ranges: bytes
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3206
date: Tue, 03 Mar 2020 09:52:11 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Tue, 03 Mar 2020 11:52:11 GMT

GET
H2

200

activityi;dc_pre=CO3bxYiQ_ucCFXjluwgdigMClA;src=4619653;type=tuito0;cat=start0;ord=1;num=984494956565;gtm=2wg2j0;auiddc=263856976.1583232337;u1=NO;~oref=https%3A%2F%2Fwww.tui.no%2F
4619653.fls.doubleclick.net/ Frame C3CA
Redirect Chain

https://4619653.fls.doubleclick.net/activityi;src=4619653;type=tuito0;cat=start0;ord=1;num=984494956565;gtm=2wg2j0;auiddc=263856976.1583232337;u1=NO;~oref=https%3A%2F%2Fwww.tui.no%2F?
https://4619653.fls.doubleclick.net/activityi;dc_pre=CO3bxYiQ_ucCFXjluwgdigMClA;src=4619653;type=tuito0;cat=start0;ord=1;num=984494956565;gtm=2wg2j0;auiddc=263856976.1583232337;u1=NO;~oref=https%3A...

0
0

45ms
45ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4619653.fls.doubleclick.net/activityi;dc_pre=CO3bxYiQ_ucCFXjluwgdigMClA;src=4619653;type=tuito0;cat=start0;ord=1;num=984494956565;gtm=2wg2j0;auiddc=263856976.1583232337;u1=NO;~oref=https%3A%2F%2Fwww.tui.no%2F?

Requested by

Host: www.tui.no
URL: https://www.tui.no/cdn/gtm/gtm.js?id=GTM-BWK9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4619653.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CO3bxYiQ_ucCFXjluwgdigMClA;src=4619653;type=tuito0;cat=start0;ord=1;num=984494956565;gtm=2wg2j0;auiddc=263856976.1583232337;u1=NO;~oref=https%3A%2F%2Fwww.tui.no%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.tui.no/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Tue, 03 Mar 2020 10:45:37 GMT
expires: Tue, 03 Mar 2020 10:45:37 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 332
x-xss-protection: 0
set-cookie: IDE=AHWqTUnr06Wi8hBMLNdpZ4VkvMZzlSbaAIjUKnq-zKVL0UVv8n1zrrTi-tNfvfxS; expires=Sun, 28-Mar-2021 10:45:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Tue, 03 Mar 2020 10:45:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4619653.fls.doubleclick.net/activityi;dc_pre=CO3bxYiQ_ucCFXjluwgdigMClA;src=4619653;type=tuito0;cat=start0;ord=1;num=984494956565;gtm=2wg2j0;auiddc=263856976.1583232337;u1=NO;~oref=https%3A%2F%2Fwww.tui.no%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 03-Mar-2020 11:00:37 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 28ms
27ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 10:45:36 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 21:01:31 GMT
x-msedge-ref: Ref A: 47AEDA0E79304A8A9755B4FFBDB3E5B3 Ref B: FRAEDGE0522 Ref C: 2020-03-03T10:45:37Z
access-control-allow-origin: *
etag: "8087c39c79d8d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7295

GET
H2

200

activityi;dc_pre=CMXfxYiQ_ucCFbvkuwgdO2UEeQ;src=4619653;type=remar0;cat=mcall0;ord=8849714142224;gtm=2wg2j0;auiddc=263856976.1583232337;u1=undefined;u20=undefined;~oref=https%3A%2F%2Fwww.tui.no%2F
4619653.fls.doubleclick.net/ Frame 1EF6
Redirect Chain

https://4619653.fls.doubleclick.net/activityi;src=4619653;type=remar0;cat=mcall0;ord=8849714142224;gtm=2wg2j0;auiddc=263856976.1583232337;u1=undefined;u20=undefined;~oref=https%3A%2F%2Fwww.tui.no%2F?
https://4619653.fls.doubleclick.net/activityi;dc_pre=CMXfxYiQ_ucCFbvkuwgdO2UEeQ;src=4619653;type=remar0;cat=mcall0;ord=8849714142224;gtm=2wg2j0;auiddc=263856976.1583232337;u1=undefined;u20=undefine...

0
0

41ms
41ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4619653.fls.doubleclick.net/activityi;dc_pre=CMXfxYiQ_ucCFbvkuwgdO2UEeQ;src=4619653;type=remar0;cat=mcall0;ord=8849714142224;gtm=2wg2j0;auiddc=263856976.1583232337;u1=undefined;u20=undefined;~oref=https%3A%2F%2Fwww.tui.no%2F?

Requested by

Host: www.tui.no
URL: https://www.tui.no/cdn/gtm/gtm.js?id=GTM-BWK9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4619653.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMXfxYiQ_ucCFbvkuwgdO2UEeQ;src=4619653;type=remar0;cat=mcall0;ord=8849714142224;gtm=2wg2j0;auiddc=263856976.1583232337;u1=undefined;u20=undefined;~oref=https%3A%2F%2Fwww.tui.no%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.tui.no/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Tue, 03 Mar 2020 10:45:37 GMT
expires: Tue, 03 Mar 2020 10:45:37 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 340
x-xss-protection: 0
set-cookie: IDE=AHWqTUknMoYnQseFxyvCqeRFwrh-QID0rvrEQiSRgToXLSkNK6o_qyiUK4lujf6F; expires=Sun, 28-Mar-2021 10:45:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Tue, 03 Mar 2020 10:45:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4619653.fls.doubleclick.net/activityi;dc_pre=CMXfxYiQ_ucCFbvkuwgdO2UEeQ;src=4619653;type=remar0;cat=mcall0;ord=8849714142224;gtm=2wg2j0;auiddc=263856976.1583232337;u1=undefined;u20=undefined;~oref=https%3A%2F%2Fwww.tui.no%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 03-Mar-2020 11:00:37 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 agents-no.js Show response
www.tui.no/widgets/assets/javascripts/ 3 KB
2 KB 341ms
341ms Script
application/javascript 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tui.no/widgets/assets/javascripts/agents-no.js

Requested by

Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

1.14.0 /

Resource Hash

16e10d709dc2aa29d7da1597f5e46d5b25f55c249df91322eec4023802a56298

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-cache-ttl: 300.000
date: Tue, 03 Mar 2020 10:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-name: 10.77.2.199
age: 111
x-cache-status: vsp2630 cached HIT 54
status: 200
x-cache-backend: widget_framework_0
content-length: 1459
via: 1.1 varnish (Varnish/6.0)
access-control-allow-origin: *
last-modified: Thu, 27 Feb 2020 09:34:13 GMT
server: 1.14.0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000; includeSubDomains
x-varnish: 848210 2024364
x-upstream: wf
x-xss-protection: 1; mode=block
vary: Accept-Encoding
cache-control: max-age=0
x-instart-request-id: 10658133829921240360:YBA01-CPVNPPRY11:1583232337:0
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 29 KB
10 KB 52ms
18ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 10:45:37 GMT
content-encoding: gzip
last-modified: Mon, 16 Dec 2019 15:00:50 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5df79c22-7533"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 04 Mar 2020 10:45:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: LTGPLhkTBqDmnpnyMNDYwvOVA8iLUp7OWluCNE9HtB11tHzs2fVp329KEWLoJzoOWYd9ADbFxLWfjUL4bZ/QhA==
x-fb-trip-id: 2047048586
date: Tue, 03 Mar 2020 10:45:37 GMT, Tue, 03 Mar 2020 10:45:37 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-9280.js Show response
static.hotjar.com/c/ 5 KB
2 KB 54ms
17ms Script
application/javascript 147.75.102.239
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-9280.js?sv=5

Requested by

Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.102.239 Central, Hong Kong, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress2

Software

Resource Hash

14f1f3098ef4f78b811387d326eaa5c9618d72fa524ca3e041d2af682d40083e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 10:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 77
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 1961
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/fd5ac5049a1f4783c82dd8f95df9fd32
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.080
accept-ranges: bytes
section-io-id: 209f4f750263e79d82741600f0a2aabe
section-origin-responded: true

GET
H/1.1 200
OK boot Show response
startourno.lekane.net/lekane/ 9 KB
4 KB 276ms
38ms Script
text/javascript 52.50.142.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://startourno.lekane.net/lekane/boot?ei=StarTourNo
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.142.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-142-228.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4863e6962c16202d675e81b4b09e27f1a9d1f68a67fe6e298b7b346b3fe9fe93

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: No-cache
Date: Tue, 03 Mar 2020 10:45:36 GMT
Content-Encoding: gzip
X-Lekane-Hostname: ptra025-euw1a
Server: Apache-Coyote/1.1
Vary: Accept-Encoding
P3P: CP="ALL DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONi HISa OUR IND UNI COM NAV INT"
Cache-Control: no-cache, max-age=3600, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 3683
Expires: Thu, 01 Jan 1970 02:00:00 EET

GET
H/1.1 200
OK embed.js Show response
tuinordic.humany.net/tui-floating-widget/ 103 KB
38 KB 268ms
40ms Script
text/javascript 40.127.196.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tuinordic.humany.net/tui-floating-widget/embed.js
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.127.196.56 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 77b3aaefd107b3de99f288caf833bedf91836dd6674062fd11f9fd02ec626d1a

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 03 Mar 2020 10:45:36 GMT
Content-Encoding: gzip
Expires: Tue, 03 Mar 2020 11:00:37 GMT
Last-Modified: Tue, 03 Mar 2020 10:45:37 GMT
Vary: Host,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Length: 38022
Request-Context: appId=cid-v1:831ee9a7-91cc-4475-975f-63abf1b59050

GET
H/1.1 200
OK tuinorge.min.js Show response
script.e-space.se/ 76 KB
20 KB 832ms
603ms Script
application/javascript 206.51.242.1
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://script.e-space.se/tuinorge.min.js
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 206.51.242.1 Chicago, United States, ASN40509 (FLY, US),
Reverse DNS: chgw.gravity4.com
Software: Fly.io (0845e87) / ARR/3.0, ASP.NET
Resource Hash: 9b8417d136b195f8fed34dad5d642be5df302a5960c3d46a6044c138354bb7d0

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 03 Mar 2020 10:45:36 GMT
Content-Encoding: gzip
Server: Fly.io (0845e87)
X-Powered-By: ARR/3.0, ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=600
Transfer-Encoding: chunked

GET
H2

200

activityi;dc_pre=CIfgxYiQ_ucCFffluwgdlSgC2g;src=4619653;type=remar0;cat=nordi0;ord=6052727393079;gtm=2wg2j0;auiddc=263856976.1583232337;u1=NO;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=...
4619653.fls.doubleclick.net/ Frame 4200
Redirect Chain

https://4619653.fls.doubleclick.net/activityi;src=4619653;type=remar0;cat=nordi0;ord=6052727393079;gtm=2wg2j0;auiddc=263856976.1583232337;u1=NO;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u...
https://4619653.fls.doubleclick.net/activityi;dc_pre=CIfgxYiQ_ucCFffluwgdlSgC2g;src=4619653;type=remar0;cat=nordi0;ord=6052727393079;gtm=2wg2j0;auiddc=263856976.1583232337;u1=NO;u2=undefined;u3=und...

0
0

38ms
37ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4619653.fls.doubleclick.net/activityi;dc_pre=CIfgxYiQ_ucCFffluwgdlSgC2g;src=4619653;type=remar0;cat=nordi0;ord=6052727393079;gtm=2wg2j0;auiddc=263856976.1583232337;u1=NO;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u17=undefined;u18=undefined;~oref=https%3A%2F%2Fwww.tui.no%2F?

Requested by

Host: www.tui.no
URL: https://www.tui.no/cdn/gtm/gtm.js?id=GTM-BWK9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4619653.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIfgxYiQ_ucCFffluwgdlSgC2g;src=4619653;type=remar0;cat=nordi0;ord=6052727393079;gtm=2wg2j0;auiddc=263856976.1583232337;u1=NO;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u17=undefined;u18=undefined;~oref=https%3A%2F%2Fwww.tui.no%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.tui.no/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Tue, 03 Mar 2020 10:45:37 GMT
expires: Tue, 03 Mar 2020 10:45:37 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 381
x-xss-protection: 0
set-cookie: IDE=AHWqTUnfoBDK66HwUCZqYG17HoGBFCL-yKwucPzigoJcQhI1EUAyZtJJOyPDTnHy; expires=Sun, 28-Mar-2021 10:45:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Tue, 03 Mar 2020 10:45:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4619653.fls.doubleclick.net/activityi;dc_pre=CIfgxYiQ_ucCFffluwgdlSgC2g;src=4619653;type=remar0;cat=nordi0;ord=6052727393079;gtm=2wg2j0;auiddc=263856976.1583232337;u1=NO;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u17=undefined;u18=undefined;~oref=https%3A%2F%2Fwww.tui.no%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 03-Mar-2020 11:00:37 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 09:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3441
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Tue, 03 Mar 2020 10:48:16 GMT

GET
H2 200 1420865864883511 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1420865864883511?v=2.9.15&r=stable

Requested by

Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5eb9da05d4a19f1af578d7f55680c1d7154271f72835a16424b199ea216e9596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 114919
x-xss-protection: 0
pragma: public
x-fb-debug: f9R2BryF7gcIzVan9z/62MBb01/M2//+sAzNgd14aig5wERQJC7JH1VMF3Rt0MoLU5tEo8oeVw1r/St5aMK8Sw==
x-fb-trip-id: 2047048586
date: Tue, 03 Mar 2020 10:45:37 GMT, Tue, 03 Mar 2020 10:45:37 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5441096&Ver=2&mid=f9c3c81f-d946-d50c-63f9-f5625594a574&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Bestill%20dr%C3%B8mmeferien%20hos%20TUI%20-%20Pakkereiser,%20fly,%20hotell%20%26%20cruise&p=https%3A%2F%2Fwww.tui.no%2F&r=&lt=788&evt=pageLoad&msclkid=N&rn=196670
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Tue, 03 Mar 2020 10:45:36 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 9969E71268C54FA6AE889B7E6CE233B0 Ref B: FRAEDGE0522 Ref C: 2020-03-03T10:45:37Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=669818700&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.tui.no%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=Bestill%20dr%C3%B8mmeferien%20hos%20TUI%20-%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7609377-2&cid=458796907.1583232337&jid=668213170&_gid=424546577.1583232337&gjid=1896722335&_v=j81&z=934976773
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7609377-2&cid=458796907.1583232337&jid=668213170&_v=j81&z=934976773
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7609377-2&cid=458796907.1583232337&jid=668213170&_v=j81&z=934976773&slf_rd=1&random=1612742624

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7609377-2&cid=458796907.1583232337&jid=668213170&_v=j81&z=934976773&slf_rd=1&random=1612742624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Mar 2020 10:45:37 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Mar 2020 10:45:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7609377-2&cid=458796907.1583232337&jid=668213170&_v=j81&z=934976773&slf_rd=1&random=1612742624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 7ms
6ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&aip=1&a=669818700&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.tui.no%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=Bestill%20dr%C3%B8mmeferien%20hos%20TUI%20-%20Pakkereiser%2C%20fly%2C%20hotell%20%26%20cruise&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=UA&ea=Enhanced%20Ecommercce&el=Promotion%20View&_u=aGDAAEAL~&jid=&gjid=&cid=458796907.1583232337&tid=UA-7609377-2&_gid=424546577.1583232337&gtm=2wg2j0BWK9&cd1=Startpage&cd21=default%20agent&cd33=Start%20page&cd34=NO%3ALive%3AContentful&cd35=GTM-BWK9%7C474&cd37=TUI%20NO%20Startpage&cd38=Startpage&cd39=startpage&cd46=promofragment%3Ana%3Bpromopage%3Astartpage%3Bpromoblockgroup%3Accg%20-%20startpage%20%3Bpromoblockposition%3A2%3Bpromotitle%3A4-stjerners%20dr%C3%B8mmeferie%3Bpromoposition%3A1%3Bpromoispersonalized%3Afalse&cd61=Contentful&cd65=1583232337319&promo1nm=4-stjerners%20dr%C3%B8mmeferie&promo1ps=1&z=1945807667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 01:19:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2366768
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
110 B 7ms
6ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&aip=1&a=669818700&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tui.no%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=Bestill%20dr%C3%B8mmeferien%20hos%20TUI%20-%20Pakkereiser%2C%20fly%2C%20hotell%20%26%20cruise&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAEAL~&jid=&gjid=&cid=458796907.1583232337&uid=7b5c6777-661b-4ee6-85ed-3d3e8316bd67&tid=UA-7609377-2&_gid=424546577.1583232337&gtm=2wg2j0BWK9&cd1=Startpage&cd21=default%20agent&cd23=7b5c6777-661b-4ee6-85ed-3d3e8316bd67&cd25=GMPc2787233-5e16-41ea-a8ca-1ac2718ba252&cd33=Start%20page&cd34=NO%3ALive%3AContentful&cd35=GTM-BWK9%7C474&cd37=TUI%20NO%20Startpage&cd38=Startpage&cd39=startpage&cd61=Contentful&cd65=1583232337331&z=2121814373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 01:19:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2366768
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.e483a7fd5848d79df4ee.js Show response
script.hotjar.com/ 401 KB
70 KB 130ms
22ms Script
application/javascript 34.91.234.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.e483a7fd5848d79df4ee.js
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.91.234.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 226.234.91.34.bc.googleusercontent.com
Software: /
Resource Hash: 4585112a2875bc18afb3fa188a407aefcd4dafa4b7b833fe3f873aece15429b1

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 10:45:37 GMT
content-encoding: br
content-type: application/javascript
age: 345913
status: 200
section-io-cache: Hit
content-length: 71460
last-modified: Fri, 28 Feb 2020 10:37:08 GMT
etag: "f0179ea5c6729cd6b8c9d565caabd69f"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.094
accept-ranges: bytes
section-io-id: aceb99d1168768b9d5a378ef1b71f132
section-origin-responded: true

GET
H2 200 147984635763714 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/147984635763714?v=2.9.15&r=stable

Requested by

Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7eda031e55b29a4ff7fbef3c4457050c0f2feb3b8c1762c524af1ee15e8ed5a4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 114942
x-xss-protection: 0
pragma: public
x-fb-debug: D123zSLSOcOpauVoS4v3rYVdE1BcuxFgCgqTVVToO18bbvNN0OqL2l07pTcZrx/DEu/mN3ajccF+OruzOG7J3g==
x-fb-trip-id: 2047048586
date: Tue, 03 Mar 2020 10:45:37 GMT, Tue, 03 Mar 2020 10:45:37 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
248 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1420865864883511&ev=PageView&dl=https%3A%2F%2Fwww.tui.no%2F&rl=&if=false&ts=1583232337434&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1583232337434.586516718&it=1583232337378&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 10:45:37 GMT, Tue, 03 Mar 2020 10:45:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 03 Mar 2020 10:45:37 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=147984635763714&ev=PageView&dl=https%3A%2F%2Fwww.tui.no%2F&rl=&if=false&ts=1583232337464&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1583232337434.586516718...
https://cx.atdmt.com/?c=5314593875451893570&f=AYwF7Az4V3AzEdoaDyvNVjyIWVOcAvGHmd7bS8OsXdag9heit0R0aTGlKRJ1Xv1XNe6pPPZlcH93k7-uIiqc4DrM&id=147984635763714&l=3&v=0

42 B
432 B

65ms
39ms

Image
image/gif

2a03:2880:f02d:5:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=5314593875451893570&f=AYwF7Az4V3AzEdoaDyvNVjyIWVOcAvGHmd7bS8OsXdag9heit0R0aTGlKRJ1Xv1XNe6pPPZlcH93k7-uIiqc4DrM&id=147984635763714&l=3&v=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 03 Mar 2020 10:45:37 GMT, Tue, 03 Mar 2020 10:45:37 GMT, Tue, 03 Mar 2020 10:45:37 GMT
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
alt-svc: h3-27=":443"; ma=3600
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 03 Mar 2020 10:45:37 GMT, Tue, 03 Mar 2020 10:45:37 GMT
server: proxygen-bolt
location: https://cx.atdmt.com/?c=5314593875451893570&f=AYwF7Az4V3AzEdoaDyvNVjyIWVOcAvGHmd7bS8OsXdag9heit0R0aTGlKRJ1Xv1XNe6pPPZlcH93k7-uIiqc4DrM&id=147984635763714&l=3&v=0
content-type: text/plain
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame BE25 0
0 77ms
21ms Document
text/html 35.204.13.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.204.13.78 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 78.13.204.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.tui.no/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.tui.no/

Response headers

status: 200
date: Tue, 03 Mar 2020 10:45:37 GMT
content-type: text/html
content-length: 851
last-modified: Thu, 27 Feb 2020 17:17:29 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.100
section-origin-responded: true
age: 403099
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 72657e3c95f14824654159604794f999

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 04 Feb 2020 04:46:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2440723
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 04:46:54 GMT

GET
H/1.1 200
OK DialogueConfig Show response
startourno.lekane.net/lekane/ 17 KB
6 KB 37ms
37ms Script
application/javascript 52.50.142.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://startourno.lekane.net/lekane/DialogueConfig?v=2f9d44dc7deec0073a76017832228f341f8a5e7c&entityId=StarTourNo
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.142.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-142-228.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e511af217cd459127f457de5fa593dae8faa13da18f28087e974d53a55a131aa

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: No-cache
Date: Tue, 03 Mar 2020 10:45:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Mar 2020 09:56:05 EET
Server: Apache-Coyote/1.1
ETag: W/"Ok1hjesp2KGPiQYu"
X-Lekane-Hostname: ptra021-euw1a
P3P: CP="ALL DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONi HISa OUR IND UNI COM NAV INT"
Cache-Control: no-cache, public, max-age=3600, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 5794
Expires: Thu, 01 Jan 1970 02:00:00 EET

GET
H/1.1 200
OK widgets.js Show response
tuinordic.humany.net/tui-floating-widget/ 280 KB
99 KB 47ms
47ms Script
text/javascript 40.127.196.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tuinordic.humany.net/tui-floating-widget/widgets.js?v=269208604
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.127.196.56 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4f9ce167651112a2f630512aa8f1cde8a7232e11466e34de27ed035ea61d524f

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 03 Mar 2020 10:45:37 GMT
Content-Encoding: gzip
Expires: Tue, 03 Mar 2020 11:00:37 GMT
Last-Modified: Tue, 03 Mar 2020 10:45:37 GMT
Vary: Host,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Transfer-Encoding: chunked
Request-Context: appId=cid-v1:831ee9a7-91cc-4475-975f-63abf1b59050

GET
H/1.1 200
OK widgets.css
tuinordic.humany.net/tui-floating-widget/ 247 KB
39 KB 113ms
38ms Stylesheet
text/css 40.127.196.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tuinordic.humany.net/tui-floating-widget/widgets.css?v=269208604
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.127.196.56 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3a962fcc4d86e9e21c82ca41ff74ff00082c34cd312f8235b1a3cfe5d6f3e5ff

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 03 Mar 2020 10:45:37 GMT
Content-Encoding: gzip
Expires: Tue, 03 Mar 2020 11:00:37 GMT
Last-Modified: Tue, 03 Mar 2020 10:45:37 GMT
Vary: Host,Accept-Encoding
Content-Type: text/css; charset=utf-8
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Length: 39427
Request-Context: appId=cid-v1:831ee9a7-91cc-4475-975f-63abf1b59050

GET
H/1.1 200
OK font-awesome.min.css
tuinordic.humany.net/ClientLibraries/Supplementary/font-awesome-4.7.0/css/ 30 KB
7 KB 132ms
35ms Stylesheet
text/css 40.127.196.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tuinordic.humany.net/ClientLibraries/Supplementary/font-awesome-4.7.0/css/font-awesome.min.css?v=269208604
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.127.196.56 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 03 Mar 2020 10:45:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Feb 2020 10:46:32 GMT
ETag: "0b4eb2da4e8d51:0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Accept-Ranges: bytes
Content-Length: 6995
Request-Context: appId=cid-v1:831ee9a7-91cc-4475-975f-63abf1b59050

GET
H2 200 event Show response
sslwidget.criteo.com/ 1 KB
1 KB 57ms
23ms Script
application/x-javascript 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://sslwidget.criteo.com/event?a=17305&v=5.5.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=tui.no&dtycbr=809
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad4985eb0d6afbc3072c856b79c46a95f0190b430343c15c6a4bfbd69616b590

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Tue, 03 Mar 2020 10:45:37 GMT
content-encoding: gzip
content-type: application/x-javascript
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
status: 200
cache-control: no-cache
timing-allow-origin: *
content-length: 863
expires: 0

GET
H/1.1 200
OK DialogueResource Show response
startourno.lekane.net/lekane/ 6 KB
4 KB 41ms
41ms Script
application/javascript 52.50.142.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://startourno.lekane.net/lekane/DialogueResource?type=plain&v=2f9d44dc7deec0073a76017832228f341f8a5e7c&path=dialogue/scripts/ext/jquery.tmpl.min.js
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.142.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-142-228.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 1d5ca93ff5ffa56f7a57c8b7fe360c51801a0cb641b5c5ac56f466d38026c61a

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: No-cache
Date: Tue, 03 Mar 2020 10:45:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Mar 2020 10:07:51 EET
Server: Apache-Coyote/1.1
ETag: W/"p75I/e8m+XCN4uxe"
X-Lekane-Hostname: ptra026-euw1a
P3P: CP="ALL DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONi HISa OUR IND UNI COM NAV INT"
Cache-Control: no-cache, public, max-age=3600, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 3474
Expires: Thu, 01 Jan 1970 02:00:00 EET

GET
H/1.1 200
OK DialogueResource Show response
startourno.lekane.net/lekane/ 11 KB
6 KB 38ms
38ms Script
application/javascript 52.50.142.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://startourno.lekane.net/lekane/DialogueResource?type=plain&v=2f9d44dc7deec0073a76017832228f341f8a5e7c&path=dialogue/scripts/ext/combined-libs.js
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.142.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-142-228.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 1664ff420d3a901c4aeeb3f4eb0d5787c47301820606584bc4c529ced63f271b

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: No-cache
Date: Tue, 03 Mar 2020 10:45:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Mar 2020 09:59:55 EET
Server: Apache-Coyote/1.1
ETag: W/"fjyaM8VTQrrab5UM"
X-Lekane-Hostname: ptra022-euw1a
P3P: CP="ALL DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONi HISa OUR IND UNI COM NAV INT"
Cache-Control: no-cache, public, max-age=3600, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 5174
Expires: Thu, 01 Jan 1970 02:00:00 EET

GET
H/1.1 200
OK DialogueResource Show response
startourno.lekane.net/lekane/ 4 KB
2 KB 37ms
36ms Script
application/javascript 52.50.142.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://startourno.lekane.net/lekane/DialogueResource?type=plain&v=2f9d44dc7deec0073a76017832228f341f8a5e7c&path=dialogue/scripts/dialogue-offers-actions.js
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.142.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-142-228.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 25596bff0a1e30d37b5c9ebca24588e6978d051ce9634ccc3e1f98793f191e13

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: No-cache
Date: Tue, 03 Mar 2020 10:45:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Mar 2020 09:59:55 EET
Server: Apache-Coyote/1.1
ETag: W/"26tNhNtko8Hxo9V5"
X-Lekane-Hostname: ptra022-euw1a
P3P: CP="ALL DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONi HISa OUR IND UNI COM NAV INT"
Cache-Control: no-cache, public, max-age=3600, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 1139
Expires: Thu, 01 Jan 1970 02:00:00 EET

GET
H/1.1 200
OK config Show response
tuinordic.humany.net/floating-faq-no/ 8 KB
4 KB 136ms
41ms Fetch
application/json 40.127.196.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tuinordic.humany.net/floating-faq-no/config?client=8b6a07c5-36fe-8429-4b4f-9d60c7f8419a&funnel=floating-faq-no&site=http%3A%2F%2Fwww.tui.no%2F
Requested by: Host: tuinordic.humany.net
URL: https://tuinordic.humany.net/tui-floating-widget/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.127.196.56 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7ff5dc30aa2bb071bdd4cb975c4bf56ae1ff96d10dc659f342e54eed91a68ce5

Request headers

Referer: https://www.tui.no/
Origin: https://www.tui.no
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Mar 2020 10:45:37 GMT
Content-Encoding: gzip
ETag: "694868da-c489-4275-a243-2b41a74c7e50"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: max-age=900
Transfer-Encoding: chunked
Request-Context: appId=cid-v1:831ee9a7-91cc-4475-975f-63abf1b59050

GET
H2 200 raptor-2.1.0.js Show response
az19942.vo.msecnd.net/script/ 34 KB
11 KB 26ms
6ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az19942.vo.msecnd.net/script/raptor-2.1.0.js
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FBA) /
Resource Hash: 30a2332eba5fc644d6dec704b5a5063524c79ff1b86f04aea5e2ae59735c5634

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Mar 2020 10:45:37 GMT
content-encoding: gzip
content-md5: IB+cyu1ZPqAusmUxE0KWiQ==
age: 235564
x-cache: HIT
status: 200
content-length: 10805
x-ms-lease-status: unlocked
last-modified: Wed, 31 Oct 2018 15:48:13 GMT
server: ECAcc (frc/8FBA)
etag: 0x8D63F48442983DD
vary: Accept-Encoding
content-type: application/x-javascript
x-ms-request-id: c33f7c75-801e-0049-3424-ef47d0000000
cache-control: public,max-age=259200
x-ms-version: 2009-09-19

GET
H/1.1 200
OK DialogueResource Show response
startourno.lekane.net/lekane/ 7 KB
3 KB 37ms
36ms Script
application/javascript 52.50.142.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://startourno.lekane.net/lekane/DialogueResource?type=plain&v=2f9d44dc7deec0073a76017832228f341f8a5e7c&path=dialogue/scripts/dialogue-ga.js
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.142.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-142-228.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 3e766b1842f1496d5942857a91b2adc925dee3fa0376bda358a6efc77bd60b50

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: No-cache
Date: Tue, 03 Mar 2020 10:45:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Mar 2020 10:07:51 EET
Server: Apache-Coyote/1.1
ETag: W/"CfxEXkw8t7xdDk9o"
X-Lekane-Hostname: ptra026-euw1a
P3P: CP="ALL DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONi HISa OUR IND UNI COM NAV INT"
Cache-Control: no-cache, public, max-age=3600, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 2157
Expires: Thu, 01 Jan 1970 02:00:00 EET

GET
H2 200 5326.rsa
t.raptorsmartadvisor.com/ 35 B
289 B 112ms
45ms Image
image/gif 94.245.88.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.raptorsmartadvisor.com/5326.rsa?p1=visit&p2=&p3=&p4=&p5=&p6=&sid=D4005138-81CF-F18C-3D7B-B79D739E5AF7&coid=E3E9554E-9043-3C74-47AE-172DB4F2F9A5&am=&v=2.1.17&xuid=&ruid=&reaid=&ts=05982
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.245.88.159 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 03 Mar 2020 10:45:37 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
status: 200
cache-control: no-cache
content-length: 35
expires: -1

GET
H/1.1 200
OK DialogueResource Show response
startourno.lekane.net/lekane/ 25 KB
6 KB 38ms
38ms Script
application/javascript 52.50.142.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://startourno.lekane.net/lekane/DialogueResource?type=plain&v=2f9d44dc7deec0073a76017832228f341f8a5e7c&path=dialogue/scripts/dialogue-core.js
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.142.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-142-228.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 2c1ff5e410bc24834ab61be2874e43ff3248a101dca3971b4bea3620decf5d24

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: No-cache
Date: Tue, 03 Mar 2020 10:45:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Mar 2020 10:07:51 EET
Server: Apache-Coyote/1.1
ETag: W/"W293dcmiO3jEhbKi"
X-Lekane-Hostname: ptra026-euw1a
P3P: CP="ALL DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONi HISa OUR IND UNI COM NAV INT"
Cache-Control: no-cache, public, max-age=3600, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 5469
Expires: Thu, 01 Jan 1970 02:00:00 EET

POST
H2 200 /
www.facebook.com/tr/ 0
45 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tui.no/
Origin: https://www.tui.no
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryTuoIqwzAs8vVFZh1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://www.tui.no
date: Tue, 03 Mar 2020 10:45:37 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK DialogueResource Show response
startourno.lekane.net/lekane/ 4 KB
2 KB 37ms
37ms Script
application/javascript 52.50.142.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://startourno.lekane.net/lekane/DialogueResource?type=plain&v=2f9d44dc7deec0073a76017832228f341f8a5e7c&path=dialogue/scripts/dialogue-chatservice.js
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.142.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-142-228.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 27ab60ab786543eb0f1310e08932910f985705c05d20bdd1bac82730635b8fb3

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: No-cache
Date: Tue, 03 Mar 2020 10:45:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Mar 2020 09:59:55 EET
Server: Apache-Coyote/1.1
ETag: W/"cnS4zWNL8HV5XbW+"
X-Lekane-Hostname: ptra022-euw1a
P3P: CP="ALL DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONi HISa OUR IND UNI COM NAV INT"
Cache-Control: no-cache, public, max-age=3600, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 1192
Expires: Thu, 01 Jan 1970 02:00:00 EET

POST
H2 200 /
www.facebook.com/tr/ 0
30 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tui.no/
Origin: https://www.tui.no
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarypjz0Kxw9z6NA46Xm

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://www.tui.no
date: Tue, 03 Mar 2020 10:45:37 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK DialogueResource Show response
startourno.lekane.net/lekane/ 13 KB
3 KB 39ms
39ms Script
application/javascript 52.50.142.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://startourno.lekane.net/lekane/DialogueResource?type=plain&v=2f9d44dc7deec0073a76017832228f341f8a5e7c&path=dialogue/scripts/dialogue-devtools.js
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.142.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-142-228.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 5a1c07a276b5632b5bee4506601cb8f284c87418f447425323fb76bbfe1fe85f

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: No-cache
Date: Tue, 03 Mar 2020 10:45:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Mar 2020 10:07:51 EET
Server: Apache-Coyote/1.1
ETag: W/"JzXpRFaAZYBTvjdU"
X-Lekane-Hostname: ptra026-euw1a
P3P: CP="ALL DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONi HISa OUR IND UNI COM NAV INT"
Cache-Control: no-cache, public, max-age=3600, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 2888
Expires: Thu, 01 Jan 1970 02:00:00 EET

GET
H2 200 10_day_trips_DSC6597_plakias_1920x1080.jpg
www.tui.no/cdn/contentfulimages/vgsg3tshxjhb/adaHxtwKZRVlfLmLNtEOQ/85e576d8ec23ccac68bb202e787c6fe4/ 22 KB
22 KB 60ms
59ms Image
image/webp 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tui.no/cdn/contentfulimages/vgsg3tshxjhb/adaHxtwKZRVlfLmLNtEOQ/85e576d8ec23ccac68bb202e787c6fe4/10_day_trips_DSC6597_plakias_1920x1080.jpg?fit=thumb&w=400&h=225&q=65&fm=webp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

b7882529c619a9804897ed2f44a9fd2f7dcdc8102bcc44fb15cecdbc7fe55de7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-cache-ttl: 3600.000
strict-transport-security: max-age=15768000; includeSubDomains
via: 1.1 4bade328d3b2aa91384925c67cd91548.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-server-name: 10.77.2.120
age: 356375
x-cache-status: vsp609 cached HIT 2
status: 200
x-instart-cache-id: 0:213336582868303225::1582878676
x-cache-backend: default
content-length: 22102
x-xss-protection: 1; mode=block
last-modified: Mon, 24 Feb 2020 12:13:55 GMT
server: nginx/1.10.3 (Ubuntu)
date: Fri, 28 Feb 2020 07:46:03 GMT
x-frame-options: SAMEORIGIN
x-varnish: 22259154 7995306
access-control-allow-origin: *
cache-control: must-revalidate, max-age=2594712
x-instart-request-id: 770981552392727229:YBA01-CPVNPPRY11:1583232338:0
etag: "cfc7c4816e56d2cf9c6d3b6035d25733"
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-type: image/webp
expires: Sun, 29 Mar 2020 08:31:15 GMT

GET
H2 200 1920x1080.jpg
www.tui.no/cdn/contentfulimages/vgsg3tshxjhb/JYhtqTgwQHlqlMsxzfTZT/5f2bee962ca13e6daca204f257125b22/ 6 KB
6 KB 60ms
59ms Image
image/webp 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tui.no/cdn/contentfulimages/vgsg3tshxjhb/JYhtqTgwQHlqlMsxzfTZT/5f2bee962ca13e6daca204f257125b22/1920x1080.jpg?fit=thumb&w=400&h=225&q=65&fm=webp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

f9a4d00b348cd51abae760df9a3e35ade3f932f99e8f04b201048e3d94be6a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-cache-ttl: 3600.000
strict-transport-security: max-age=15768000; includeSubDomains
via: 1.1 cc493ed59590651c91f2b3884a8bc9f6.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-server-name: 10.77.2.119
age: 100258
x-cache-status: vsp608 fetch MISS
status: 200
x-instart-cache-id: 0:14590684334527644382::1583132080
x-cache-backend: default
content-length: 5814
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Feb 2020 09:25:02 GMT
server: nginx/1.10.3 (Ubuntu)
date: Mon, 02 Mar 2020 06:54:40 GMT
x-frame-options: SAMEORIGIN
x-varnish: 23977740
access-control-allow-origin: *
cache-control: must-revalidate, max-age=2591999
x-instart-request-id: 11961692047852996009:YBA01-CPVNPPRY11:1583232338:0
etag: "440c2e18d01c16564368d733d24f2849"
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-type: image/webp
expires: Wed, 01 Apr 2020 06:54:39 GMT

GET
H2 200 hellas-tui-0287882-1920x1080.jpg
www.tui.no/cdn/contentfulimages/vgsg3tshxjhb/9g0DgTdR9ZnAmX8BUq8QC/105c0ff3a5e3cb9c88677709cba4ea91/ 14 KB
15 KB 59ms
58ms Image
image/webp 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tui.no/cdn/contentfulimages/vgsg3tshxjhb/9g0DgTdR9ZnAmX8BUq8QC/105c0ff3a5e3cb9c88677709cba4ea91/hellas-tui-0287882-1920x1080.jpg?fit=thumb&w=400&h=225&q=65&fm=webp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

bdb36d3c0f973eb0e117a48d30559ca0baf730398828c9a2c9330515ad4fb32f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-cache-ttl: 3600.000
strict-transport-security: max-age=15768000; includeSubDomains
via: 1.1 bfd79d6123e7d49fe3019b17aabecba5.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-server-name: 10.77.2.119
age: 54808
x-cache-status: vsp608 fetch MISS
status: 200
x-instart-cache-id: 0:8467585922223559714::1583211871
x-cache-backend: default
content-length: 14794
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Feb 2020 16:02:11 GMT
server: nginx/1.10.3 (Ubuntu)
date: Tue, 03 Mar 2020 05:04:31 GMT
x-frame-options: SAMEORIGIN
x-varnish: 96857
access-control-allow-origin: *
cache-control: must-revalidate, max-age=2626340
x-instart-request-id: 9841299837704483735:YBA01-CPVNPPRY11:1583232338:0
etag: "012afbc8089815a0ab860a1e884d6abe"
x-amz-cf-pop: ARN1-C1
accept-ranges: bytes
content-type: image/webp
expires: Thu, 02 Apr 2020 14:36:51 GMT

GET
H2 200 i_0301144WebOriginalCompressed.jpg
www.tui.no/tuin-img/2017_8/22_4/11114eab-030a-4fec-9808-a7d7004e7269/ 18 KB
19 KB 60ms
59ms Image
image/webp 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tui.no/tuin-img/2017_8/22_4/11114eab-030a-4fec-9808-a7d7004e7269/i_0301144WebOriginalCompressed.jpg?crop=edges&fit=crop&w=400&h=225&q=65&fm=webp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

imgix /

Resource Hash

05e11c48e1e7c7aba9cf660a58161dc739ac60bfbf2bbec85e0291bd4407bfff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-cache-ttl: pass
strict-transport-security: max-age=15768000; includeSubDomains
via: 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff, nosniff
x-server-name: 10.77.2.244
age: 88992
x-cache-status: vsp1120 fetch MISS 0 669661.000
x-cache: MISS, HIT
status: 200
x-instart-cache-id: 13:4250131447825208528::1583143346
x-imgix-id: 31fd17aeb19311fa68051bb6d89122f848b2b069
x-cache-backend: imgix2
content-length: 18912
x-xss-protection: 1; mode=block
x-served-by: cache-lax8641-LAX, cache-bma1636-BMA
x-cache-rule: imgix
last-modified: Sun, 23 Feb 2020 16:01:40 GMT
server: imgix
date: Mon, 02 Mar 2020 10:02:26 GMT
x-frame-options: SAMEORIGIN
x-varnish: 7628742
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2591999
x-instart-request-id: 178487247819752376:YBA01-CPVNPPRY11:1583232338:0
accept-ranges: bytes
content-type: image/webp
cache: true
expires: Wed, 01 Apr 2020 10:02:25 GMT

GET
H2 200 beste-voksenhotell-i-sommer-tui-1920x1080.jpg
www.tui.no/cdn/contentfulimages/vgsg3tshxjhb/5UaYGtkF0pgp1Hnf6OPlOQ/583820ae30f302ec160b98fd289fce71/ 13 KB
14 KB 61ms
60ms Image
image/webp 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tui.no/cdn/contentfulimages/vgsg3tshxjhb/5UaYGtkF0pgp1Hnf6OPlOQ/583820ae30f302ec160b98fd289fce71/beste-voksenhotell-i-sommer-tui-1920x1080.jpg?fit=thumb&w=400&h=225&q=65&fm=webp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

6d77857f5fc34e8b750adbfe65123bccb8d2a5fe4168ac30596594d195e0bdf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-cache-ttl: 3600.000
strict-transport-security: max-age=15768000; includeSubDomains
via: 1.1 b91a90a28488c8f64670c4717a942dad.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-server-name: 10.77.2.119
age: 136904
x-cache-status: vsp608 fetch MISS
status: 200
x-instart-cache-id: 25:14589833691116535432::1583095434
x-cache-backend: default
content-length: 13676
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Feb 2020 15:01:30 GMT
server: nginx/1.10.3 (Ubuntu)
date: Sun, 01 Mar 2020 20:43:54 GMT
x-frame-options: SAMEORIGIN
x-varnish: 23650940
access-control-allow-origin: *
cache-control: must-revalidate, max-age=2591999
x-instart-request-id: 10133257809027128096:YBA01-CPVNPPRY11:1583232338:0
etag: "e109d201ef357f120a1c097d188eb3f5"
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-type: image/webp
expires: Tue, 31 Mar 2020 20:43:53 GMT

GET
H2 200 marylanza-tui-topp-hotell-033044-1920x1080.jpg
www.tui.no/cdn/contentfulimages/vgsg3tshxjhb/6dZQBbcw7em0ikyMo0ggig/8d2d6d880da0fd8317086d09071afbc4/ 15 KB
15 KB 67ms
66ms Image
image/webp 159.180.84.18
INSTART

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tui.no/cdn/contentfulimages/vgsg3tshxjhb/6dZQBbcw7em0ikyMo0ggig/8d2d6d880da0fd8317086d09071afbc4/marylanza-tui-topp-hotell-033044-1920x1080.jpg?fit=thumb&w=400&h=225&q=65&fm=webp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.180.84.18 , United States, ASN33047 (INSTART, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

3a5127fbb263830009c522c15e0cfcfc66ce9f58600379329c7b5b57ece6605f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-cache-ttl: 3600.000
strict-transport-security: max-age=15768000; includeSubDomains
via: 1.1 57af23226116253ff93e917fe6898ea3.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-server-name: 10.77.2.120
age: 348848
x-cache-status: vsp609 fetch MISS
status: 200
x-instart-cache-id: 24:10116122711784061283::1582883490
x-cache-backend: default
content-length: 15236
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 13:53:11 GMT
server: nginx/1.10.3 (Ubuntu)
date: Fri, 28 Feb 2020 09:51:30 GMT
x-frame-options: SAMEORIGIN
x-varnish: 22029376
access-control-allow-origin: *
cache-control: must-revalidate, max-age=2591999
x-instart-request-id: 15918053885718600541:YBA01-CPVNPPRY11:1583232338:0
etag: "5f162e40e100d47fb8dc58ed8084095e"
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-type: image/webp
expires: Sun, 29 Mar 2020 09:51:29 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
tuinordic.humany.net/ClientLibraries/Supplementary/font-awesome-4.7.0/fonts/ 75 KB
76 KB 47ms
46ms Font
font/woff2 40.127.196.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tuinordic.humany.net/ClientLibraries/Supplementary/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.127.196.56 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://tuinordic.humany.net/ClientLibraries/Supplementary/font-awesome-4.7.0/css/font-awesome.min.css?v=269208604
Origin: https://www.tui.no
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Mar 2020 10:45:37 GMT
Last-Modified: Fri, 21 Feb 2020 10:46:32 GMT
ETag: "0b4eb2da4e8d51:0"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Accept-Ranges: bytes
Content-Length: 77160
Request-Context: appId=cid-v1:831ee9a7-91cc-4475-975f-63abf1b59050

GET
H2 200 1YwB1sO8YE1Lyjf12WNiUA.woff2
fonts.gstatic.com/s/lato/v11/ 26 KB
26 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v11/1YwB1sO8YE1Lyjf12WNiUA.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a3e3b64cffe3ff820ebe554ac4df940da5ed469eaddbbc13bdd3b0b1eb4479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tuinordic.humany.net/tui-floating-widget/widgets.css?v=269208604
Origin: https://www.tui.no
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 02:20:56 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Oct 2014 20:40:01 GMT
server: sffe
age: 2449482
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 26144
x-xss-protection: 0
expires: Wed, 03 Feb 2021 02:20:56 GMT

GET
H2 200 EsvMC5un3kjyUhB9ZEPPwg.woff2
fonts.gstatic.com/s/lato/v11/ 25 KB
25 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v11/EsvMC5un3kjyUhB9ZEPPwg.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cdbdefa15fa3f220eaf225d2e769adbb8ae81800204b39959c79239f4f4fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tuinordic.humany.net/tui-floating-widget/widgets.css?v=269208604
Origin: https://www.tui.no
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Feb 2020 19:22:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Oct 2014 20:38:21 GMT
server: sffe
age: 660168
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 25408
x-xss-protection: 0
expires: Tue, 23 Feb 2021 19:22:50 GMT

GET
H/1.1 200
OK DialogueResource Show response
startourno.lekane.net/lekane/ 38 KB
11 KB 39ms
39ms Script
application/javascript 52.50.142.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://startourno.lekane.net/lekane/DialogueResource?type=plain&v=2f9d44dc7deec0073a76017832228f341f8a5e7c&path=dialogue/scripts/dialogue-offers.js
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.142.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-142-228.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 34042ca2c3e09cd103c05376ceac5a309b2bdec42385aee6dc70a88c2f041e09

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: No-cache
Date: Tue, 03 Mar 2020 10:45:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Mar 2020 10:03:55 EET
Server: Apache-Coyote/1.1
ETag: W/"VzprHg5/v1viDy/l"
X-Lekane-Hostname: ptra025-euw1a
P3P: CP="ALL DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONi HISa OUR IND UNI COM NAV INT"
Cache-Control: no-cache, public, max-age=3600, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 11215
Expires: Thu, 01 Jan 1970 02:00:00 EET

GET
H/1.1 200
OK DialogueResource Show response
startourno.lekane.net/lekane/ 995 B
962 B 37ms
37ms Script
application/javascript 52.50.142.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://startourno.lekane.net/lekane/DialogueResource?type=plain&v=2f9d44dc7deec0073a76017832228f341f8a5e7c&path=dialogue/scripts/dialogue-command.js
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.142.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-142-228.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 2b9233872066f465813c7ad535fe375981e721fc1dace27ec9bb8cc4dd2b73b8

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: No-cache
Date: Tue, 03 Mar 2020 10:45:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Mar 2020 10:07:51 EET
Server: Apache-Coyote/1.1
ETag: W/"A5/vLp9E9hcL23OV"
X-Lekane-Hostname: ptra026-euw1a
P3P: CP="ALL DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONi HISa OUR IND UNI COM NAV INT"
Cache-Control: no-cache, public, max-age=3600, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 426
Expires: Thu, 01 Jan 1970 02:00:00 EET

GET
H/1.1 200
OK DialogueResource Show response
startourno.lekane.net/lekane/ 3 KB
2 KB 37ms
36ms Script
application/javascript 52.50.142.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://startourno.lekane.net/lekane/DialogueResource?type=plain&v=2f9d44dc7deec0073a76017832228f341f8a5e7c&path=dialogue/scripts/dialogue-feedback.js
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.142.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-142-228.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4cc02bc404eb6ffc7df7566c5a83bbba158b1809be8a5420cd89a6eba3d42147

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: No-cache
Date: Tue, 03 Mar 2020 10:45:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Mar 2020 09:59:55 EET
Server: Apache-Coyote/1.1
ETag: W/"fVXoFe5ggkB/fHHl"
X-Lekane-Hostname: ptra022-euw1a
P3P: CP="ALL DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONi HISa OUR IND UNI COM NAV INT"
Cache-Control: no-cache, public, max-age=3600, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 1185
Expires: Thu, 01 Jan 1970 02:00:00 EET

GET
H/1.1 200
OK DialogueResource Show response
startourno.lekane.net/lekane/ 6 KB
2 KB 37ms
37ms Script
application/javascript 52.50.142.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://startourno.lekane.net/lekane/DialogueResource?type=plain&v=2f9d44dc7deec0073a76017832228f341f8a5e7c&path=dialogue/scripts/overrides/StarTourNo/dialogue-offers-actions.js
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.142.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-142-228.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 1697ce963060debab700acf430bc0d0235c87918d4ca25a3e01fbbceb34bd3d9

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: No-cache
Date: Tue, 03 Mar 2020 10:45:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Mar 2020 09:55:47 EET
Server: Apache-Coyote/1.1
ETag: W/"vQmi27cP2AKVBvYy"
X-Lekane-Hostname: ptra021-euw1a
P3P: CP="ALL DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONi HISa OUR IND UNI COM NAV INT"
Cache-Control: no-cache, public, max-age=3600, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 1435
Expires: Thu, 01 Jan 1970 02:00:00 EET

GET
H/1.1 200
OK dialogue-tracking.js Show response
startourno.lekane.net/lekane/ 15 KB
6 KB 39ms
39ms Script
text/javascript 52.50.142.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://startourno.lekane.net/lekane/dialogue-tracking.js?v=2f9d44dc7deec0073a76017832228f341f8a5e7c&ei=StarTourNo
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.142.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-142-228.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 37587f6840850140870f2b0252423c2d32178e85894fb268898488ee03779d55

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: No-cache
Date: Tue, 03 Mar 2020 10:45:37 GMT
Content-Encoding: gzip
X-Lekane-Hostname: ptra021-euw1a
Server: Apache-Coyote/1.1
Vary: Accept-Encoding
P3P: CP="ALL DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONi HISa OUR IND UNI COM NAV INT"
Cache-Control: no-cache, private, max-age=3600, must-revalidate
Connection: keep-alive
Content-Type: text/javascript ;charset=UTF-8
Content-Length: 5056
Expires: Thu, 01 Jan 1970 02:00:00 EET

GET
H/1.1 200
OK DialogueResource
startourno.lekane.net/lekane/dialogue/css/ 13 KB
3 KB 39ms
37ms Stylesheet
text/css 52.50.142.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://startourno.lekane.net/lekane/dialogue/css/DialogueResource?type=css&path=%2Fdialogue%2Fcss%2Fdialogue-base.css&ei=StarTourNo
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.142.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-142-228.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4211c97314259a4cb388953292ee686d6dd5d916c063ffbd343ae5ca3b5fc757

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Pragma: No-cache
Date: Tue, 03 Mar 2020 10:45:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Mar 2020 10:00:08 EET
Server: Apache-Coyote/1.1
ETag: W/"J2PyeI0CgSCo5dN4"
X-Lekane-Hostname: ptra022-euw1a
P3P: CP="ALL DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONi HISa OUR IND UNI COM NAV INT"
Cache-Control: no-cache, public, max-age=3600, must-revalidate
Connection: keep-alive
Content-Type: text/css
Content-Length: 2730
Expires: Thu, 01 Jan 1970 02:00:00 EET

GET
H/1.1 200
OK DialogueResource
startourno.lekane.net/lekane/dialogue/css/ 54 KB
7 KB 77ms
38ms Stylesheet
text/css 52.50.142.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://startourno.lekane.net/lekane/dialogue/css/DialogueResource?type=css&path=%2Fdialogue%2Fcss%2FStarTourNo.css&ei=StarTourNo
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.142.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-142-228.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: d71be79d33ce89683158c26a5e2bcc8598c5af78009323ad9d0e1d61d86068df

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Pragma: No-cache
Date: Tue, 03 Mar 2020 10:45:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Mar 2020 10:04:13 EET
Server: Apache-Coyote/1.1
ETag: W/"BUfZFvAK5sn4gU7d"
X-Lekane-Hostname: ptra025-euw1a
P3P: CP="ALL DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONi HISa OUR IND UNI COM NAV INT"
Cache-Control: no-cache, public, max-age=3600, must-revalidate
Connection: keep-alive
Content-Type: text/css
Content-Length: 6956
Expires: Thu, 01 Jan 1970 02:00:00 EET

GET
H/1.1 200
OK / Show response
startourno.lekane.net/lekane/tr/ 47 B
830 B 144ms
91ms Script
text/javascript 52.50.142.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://startourno.lekane.net/lekane/tr/?callback=_jqjsp&t=ENTRY&gid=7c1yHOdpe0lnOQjILXRfN4syFabvPJid&pid=YOaKBuV22yiqEMoCGSNcFJ3BGEAwhylJ&sid=16b4e455&ei=StarTourNo&p=58cec1&uid=1ebf2649e8914fd4e5a7868005239b9ec0408645&ct=1583232338247&bc=true&purl=https%3A//www.tui.no/&ref=&q=-&pt=Bestill%20dr%F8mmeferien%20hos%20TUI%20-%20Pakkereiser%2C%20fly%2C%20hotell%20%26%20cruise&ban=Netscape&bp=Linux%20x86_64&bl=en-US&bj=false&bf=false&cs=UTF-8&dd=%7B%7D&_1583232338286=
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/client/latest/auto/instart.js?i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.142.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-142-228.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 012bc2ea62aef5924777ea2e9bc1e12c772de0388c18acff41afb4ad7e8ed112

Request headers

Referer: https://www.tui.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: No-cache
Date: Tue, 03 Mar 2020 10:45:37 GMT
Server: Apache-Coyote/1.1
X-Lekane-Hostname: ptra025-euw1a
P3P: CP="ALL DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONi HISa OUR IND UNI COM NAV INT"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript ;charset=UTF-8
Content-Length: 47
Expires: Thu, 01 Jan 1970 02:00:00 EET

GET
H2

200

activityi;dc_pre=CMfQ-oqQ_ucCFcfjuwgd9kADnQ;src=4619653;type=inter0;cat=5seco000;ord=8490230025359;gtm=2wg2j0;auiddc=263856976.1583232337;~oref=https%3A%2F%2Fwww.tui.no%2F
4619653.fls.doubleclick.net/ Frame 6592
Redirect Chain

https://4619653.fls.doubleclick.net/activityi;src=4619653;type=inter0;cat=5seco000;ord=8490230025359;gtm=2wg2j0;auiddc=263856976.1583232337;~oref=https%3A%2F%2Fwww.tui.no%2F?
https://4619653.fls.doubleclick.net/activityi;dc_pre=CMfQ-oqQ_ucCFcfjuwgd9kADnQ;src=4619653;type=inter0;cat=5seco000;ord=8490230025359;gtm=2wg2j0;auiddc=263856976.1583232337;~oref=https%3A%2F%2Fwww...

0
0

39ms
39ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4619653.fls.doubleclick.net/activityi;dc_pre=CMfQ-oqQ_ucCFcfjuwgd9kADnQ;src=4619653;type=inter0;cat=5seco000;ord=8490230025359;gtm=2wg2j0;auiddc=263856976.1583232337;~oref=https%3A%2F%2Fwww.tui.no%2F?

Requested by

Host: www.tui.no
URL: https://www.tui.no/cdn/gtm/gtm.js?id=GTM-BWK9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4619653.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMfQ-oqQ_ucCFcfjuwgd9kADnQ;src=4619653;type=inter0;cat=5seco000;ord=8490230025359;gtm=2wg2j0;auiddc=263856976.1583232337;~oref=https%3A%2F%2Fwww.tui.no%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.tui.no/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnr06Wi8hBMLNdpZ4VkvMZzlSbaAIjUKnq-zKVL0UVv8n1zrrTi-tNfvfxS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Tue, 03 Mar 2020 10:45:42 GMT
expires: Tue, 03 Mar 2020 10:45:42 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 325
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Tue, 03 Mar 2020 10:45:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4619653.fls.doubleclick.net/activityi;dc_pre=CMfQ-oqQ_ucCFcfjuwgd9kADnQ;src=4619653;type=inter0;cat=5seco000;ord=8490230025359;gtm=2wg2j0;auiddc=263856976.1583232337;~oref=https%3A%2F%2Fwww.tui.no%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 fabricmetric Show response
fcps.nanovisor.io/i10c@p1/clientprofiler/ 2 B
146 B 37ms
36ms Fetch
text/plain 192.33.31.80
INSTART

General

Check archive.org

Show headers Download Go to

Full URL

https://fcps.nanovisor.io/i10c@p1/clientprofiler/fabricmetric

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.33.31.80 Portola Valley, United States, ASN33047 (INSTART, US),

Reverse DNS

a-sg01sl04.insnw.net

Software

1.14.0 /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.tui.no/
Origin: https://www.tui.no
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15768000
x-instart-correlation-id: 1583232347:a9b95415c39b2d7c
server: 1.14.0
age: 0
date: Tue, 03 Mar 2020 10:45:47 GMT
content-type: text/plain
status: 200
x-m0rph-dbg-iid: pyvragcebsvyre-78766oqoqp-aax5z:6
x-instart-request-id: 12229898715554065788:YBA01-NPPRY32:1583232347:0
x-robots-tag: noindex, nofollow
access-control-allow-origin: https://www.tui.no
content-length: 2
x-instart-via: 2.0 INSTART-LON01-ACCEL32, 1.1 Instart-clientprofiler

POST
H2 200 log Show response
www.nanovisor.io/i10c@p1/clientprofiler/ 2 B
148 B 38ms
38ms Fetch
text/plain 192.33.31.80
INSTART

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nanovisor.io/i10c@p1/clientprofiler/log
Requested by: Host: www.tui.no
URL: https://www.tui.no/i10c@p1/nanovisor/nv-10.10.2/async/instart.js?i10c.syncver=10.10.2&i10c.syncinstance=botox&i10c.nv.bucket=pci&i10c.nv.host=www.tui.no&i10c.opts=botox&bcb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.33.31.80 Portola Valley, United States, ASN33047 (INSTART, US),
Reverse DNS: a-sg01sl04.insnw.net
Software: 1.14.0 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.tui.no/
Origin: https://www.tui.no
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 03 Mar 2020 10:45:47 GMT
x-instart-correlation-id: 1583232347:dedaab46cead514f
server: 1.14.0
age: 0
content-type: text/plain
status: 200
x-m0rph-dbg-iid: SEN01-PCF03:52402
x-instart-request-id: 16058335741946450255:YBA01-NPPRY32:1583232347:0
x-robots-tag: noindex, nofollow
access-control-allow-origin: https://www.tui.no
content-length: 2
x-instart-via: 2.0 INSTART-LON01-ACCEL32, 1.1 Instart-clientprofiler

GET
H2

200

activityi;dc_pre=CKrppY2Q_ucCFWFE5QodIZ0Gtg;src=4619653;type=inter0;cat=10sec000;ord=9389661230290;gtm=2wg2j0;auiddc=263856976.1583232337;~oref=https%3A%2F%2Fwww.tui.no%2F
4619653.fls.doubleclick.net/ Frame 8ED5
Redirect Chain

https://4619653.fls.doubleclick.net/activityi;src=4619653;type=inter0;cat=10sec000;ord=9389661230290;gtm=2wg2j0;auiddc=263856976.1583232337;~oref=https%3A%2F%2Fwww.tui.no%2F?
https://4619653.fls.doubleclick.net/activityi;dc_pre=CKrppY2Q_ucCFWFE5QodIZ0Gtg;src=4619653;type=inter0;cat=10sec000;ord=9389661230290;gtm=2wg2j0;auiddc=263856976.1583232337;~oref=https%3A%2F%2Fwww...

0
0

37ms
37ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4619653.fls.doubleclick.net/activityi;dc_pre=CKrppY2Q_ucCFWFE5QodIZ0Gtg;src=4619653;type=inter0;cat=10sec000;ord=9389661230290;gtm=2wg2j0;auiddc=263856976.1583232337;~oref=https%3A%2F%2Fwww.tui.no%2F?

Requested by

Host: www.tui.no
URL: https://www.tui.no/cdn/gtm/gtm.js?id=GTM-BWK9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4619653.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKrppY2Q_ucCFWFE5QodIZ0Gtg;src=4619653;type=inter0;cat=10sec000;ord=9389661230290;gtm=2wg2j0;auiddc=263856976.1583232337;~oref=https%3A%2F%2Fwww.tui.no%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.tui.no/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Tue, 03 Mar 2020 10:45:47 GMT
expires: Tue, 03 Mar 2020 10:45:47 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 326
x-xss-protection: 0
set-cookie: IDE=AHWqTUmO7Pu9eZbPKdI3xnc56yj7c3e5fnVfyxhjVrwx5_UMyLMcMGVzgrbkXKmK; expires=Sun, 28-Mar-2021 10:45:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Tue, 03 Mar 2020 10:45:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4619653.fls.doubleclick.net/activityi;dc_pre=CKrppY2Q_ucCFWFE5QodIZ0Gtg;src=4619653;type=inter0;cat=10sec000;ord=9389661230290;gtm=2wg2j0;auiddc=263856976.1583232337;~oref=https%3A%2F%2Fwww.tui.no%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 03-Mar-2020 11:00:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Verdicts & Comments Add Verdict or Comment

211 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tui.no/	1970-01-19 16:32:48	Name: i10c.uservisit Value: 2
.tui.no/	1970-01-19 16:32:48	Name: i10c.uid Value: 1583232336504:7054
www.tui.no/	1969-12-31 23:59:59	Name: BIGipServer~Ecom~p_haproxy-ingress-prod-lb Value: 758598154.47873.0000
.tui.no/	1969-12-31 23:59:59	Name: i10c.bdddb Value: c2-f0103ZLNqAeI3BH6yYOfG7TZlRtCrMwzKDQfPMtvESnCuVjBtyWlHvfkrSxKopswxForPHdkESNCtx04RiOfGqfIlRUHto11KDQfPM5sESnCuVjBUyWeI2ZkQMtH21svP8rIOHdKESnP6soBo01iBvEfqRGYGjxvKEOkKMDfJSHSoxo6uXSaGVZkqbY6cYZqPDllxNefJ2iHtKyxlkKaGvZlOPoHQjxvmSOa4HdkETLFoxO6tznnBvefrzrCqOsvPY9fPMYlrVlCtXjBtLEy2TFfqRoIOnsvz8qkoyTfJSiIRstkozT5QKu7HMtHlpVqPDqfPzbfJSiHTsoB9JhaGvZlOMtHqmsv2BlkPHdKESna9I66tzOgoqekqMtuqjxvKIRfPwYkJlZpUZP6tzOgotZkQMtHFBsvP8rIKMdfJTiHusoBoz3aGv4ulRtCrMsvP8tJOPeoESNGw2r6tZSiN1ZkQQxIsjxVOHuoKMDjNZpCtXnGt2OfqujntMtrpt30KDQjVLifM3iHtsolozT7WqeklSRFloXqPDHZHCUfJSiIRvjBTuTfQeKKYMtHlpVtKDQfPM2uESnCuVm6ya
.tui.no/	1969-12-31 23:59:59	Name: _aa7988 Value: 1x2e3a
.tui.no/	1969-12-31 23:59:59	Name: i10c.ss Value: 1583232336503
www.tui.no/	1969-12-31 23:59:59	Name: BIGipServer~Ecom~p_http_varnish_cms Value: 3338816778.20480.0000

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.tui.no/(Line 1905) Message: FlipDown 0.2.2 (Theme: dark)
console-api	log	URL: https://www.tui.no/cdn/search/e0b695dac7696fc8e0bd/panel/js/app.js(Line 1) Message: Global error in VUE app TypeError: Cannot read property 'getItem' of null data()
console-api	log	URL: https://www.tui.no/cdn/search/e0b695dac7696fc8e0bd/panel/js/app.js(Line 1) Message: Global error in VUE app TypeError: Cannot read property 'length' of undefined render
console-api	log	URL: https://www.tui.no/cdn/search/e0b695dac7696fc8e0bd/panel/js/app.js(Line 1) Message: Global error in VUE app TypeError: Cannot read property 'getItem' of null created hook (Promise/async)
console-api	log	(Line 1) Message: Site data collection v1.18 initialized
console-api	log	(Line 1) Message: Site data collection v1.18 initialized
console-api	log	URL: https://startourno.lekane.net/lekane/boot?ei=StarTourNo(Line 1) Message: shouldProxyResponseToParent=false
console-api	log	(Line 1) Message: hac:false, hcanc:false

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4619653.fls.doubleclick.net
ajax.googleapis.com
az19942.vo.msecnd.net
bat.bing.com
connect.facebook.net
cx.atdmt.com
fcps.nanovisor.io
fonts.gstatic.com
script.e-space.se
script.hotjar.com
sslwidget.criteo.com
startourno.lekane.net
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
t.raptorsmartadvisor.com
tui.no
tuinordic.humany.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.nanovisor.io
www.tui.no
147.75.102.239
159.180.84.18
172.217.16.134
178.250.2.151
192.33.31.80
206.51.242.1
2606:2800:133:206e:1315:22a5:2006:24fd
2620:1ec:c11::200
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::200a
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9b
2a02:2638::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
34.91.234.226
35.204.13.78
40.127.196.56
52.50.142.228
91.223.92.242
94.245.88.159
012bc2ea62aef5924777ea2e9bc1e12c772de0388c18acff41afb4ad7e8ed112
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05e11c48e1e7c7aba9cf660a58161dc739ac60bfbf2bbec85e0291bd4407bfff
0b53f33c309fba342a0667f011e6cdec11ab1b75ad2bd6f54010851cb6d1334c
0f0fc480bc287a485f28c9870ed373cd4d277bac0b29d3d6f6debf1225e46d87
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f1f3098ef4f78b811387d326eaa5c9618d72fa524ca3e041d2af682d40083e
1664ff420d3a901c4aeeb3f4eb0d5787c47301820606584bc4c529ced63f271b
1697ce963060debab700acf430bc0d0235c87918d4ca25a3e01fbbceb34bd3d9
16e10d709dc2aa29d7da1597f5e46d5b25f55c249df91322eec4023802a56298
1cd2b646c02410963457355d7145253e1c5cdd4c10a188f34deaf235e8aa3672
1d5ca93ff5ffa56f7a57c8b7fe360c51801a0cb641b5c5ac56f466d38026c61a
25596bff0a1e30d37b5c9ebca24588e6978d051ce9634ccc3e1f98793f191e13
267762708f66f05f49d0062a7910f90bc0a69b5cb2c1443346959e1439a35a33
27ab60ab786543eb0f1310e08932910f985705c05d20bdd1bac82730635b8fb3
2a0661cf081bb316dee1b76ea2a5789f9922a7937e19a769405da9a85e6dd476
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b9233872066f465813c7ad535fe375981e721fc1dace27ec9bb8cc4dd2b73b8
2c1ff5e410bc24834ab61be2874e43ff3248a101dca3971b4bea3620decf5d24
2d42c945d7f3269edb02d8830ca3f0a47cf64b9833c8bf40f84830a27314070c
30a2332eba5fc644d6dec704b5a5063524c79ff1b86f04aea5e2ae59735c5634
34042ca2c3e09cd103c05376ceac5a309b2bdec42385aee6dc70a88c2f041e09
37587f6840850140870f2b0252423c2d32178e85894fb268898488ee03779d55
3a5127fbb263830009c522c15e0cfcfc66ce9f58600379329c7b5b57ece6605f
3a962fcc4d86e9e21c82ca41ff74ff00082c34cd312f8235b1a3cfe5d6f3e5ff
3e23d3a7c213646d3cfcec76442c40a93abe51fc6ebdf8715eac0ce63d9a5b1b
3e766b1842f1496d5942857a91b2adc925dee3fa0376bda358a6efc77bd60b50
3ef6cca5f72a934dc93b0b3561bc8956b87bd85b73fc2ab37c9c6153db52c1e0
4154db5925cf04a39cc28982b67c7c0a384371d41840ad2e14d0408261b471ed
4211c97314259a4cb388953292ee686d6dd5d916c063ffbd343ae5ca3b5fc757
44766d6a71077829abe47f7d47d2fd87d75e3d4853236660c09433f9bc924db7
4585112a2875bc18afb3fa188a407aefcd4dafa4b7b833fe3f873aece15429b1
47a3e3b64cffe3ff820ebe554ac4df940da5ed469eaddbbc13bdd3b0b1eb4479
4863e6962c16202d675e81b4b09e27f1a9d1f68a67fe6e298b7b346b3fe9fe93
49cdbdefa15fa3f220eaf225d2e769adbb8ae81800204b39959c79239f4f4fb3
4cc02bc404eb6ffc7df7566c5a83bbba158b1809be8a5420cd89a6eba3d42147
4f9ce167651112a2f630512aa8f1cde8a7232e11466e34de27ed035ea61d524f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54e3fa40e01fb915f0ba4d37cdec38523a6d081ec4fe73f5d4fe42902e88199d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5955356b58d4ff3c4c7ba02e411e34fec79b4a1e86c7b479ecdfae17e8fcee20
5a1c07a276b5632b5bee4506601cb8f284c87418f447425323fb76bbfe1fe85f
5a5e4db13e96c258f0d68ab8f8c65257ff83c9f670389b9a22b31b2ebbb1abb0
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5d0be923e0afb7229ad5c628d2d460a39c2aeb5d2a5abef68405e27fb188be20
5eb9da05d4a19f1af578d7f55680c1d7154271f72835a16424b199ea216e9596
67a12fd699f4b5e342534f92264d80a9355461020f07f84739847740ca62e9a9
6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c454f25e3fe2b914ed438cdb3c336e5d0bb6c4938c15de357a424358c1b6ebb
6d77857f5fc34e8b750adbfe65123bccb8d2a5fe4168ac30596594d195e0bdf2
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
71afc4a66588bdb9664283f66103ae75582d689f60e5e8c14e621e62de143cce
77b3aaefd107b3de99f288caf833bedf91836dd6674062fd11f9fd02ec626d1a
7ba893e5982bd53554b5b88ae672ff6b2d956c5b0db1b2ffc677b7e88c27b821
7eda031e55b29a4ff7fbef3c4457050c0f2feb3b8c1762c524af1ee15e8ed5a4
7ff5dc30aa2bb071bdd4cb975c4bf56ae1ff96d10dc659f342e54eed91a68ce5
81400e1fbaebe249f462c61bbd58d423edb888de660226edac47f714f474196a
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839173ceaab63f149a66e523c74a1c8ee234c61239110f3927cdf6470d95acd6
88f330577e10775563e78bdcda066dedca27ce4a00598395bb00a8aee8fbdd25
89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7
8bb19b4352ec695507ef6000b20a842b6d2491a232e00bb1c6a5958bb59797dd
9b8417d136b195f8fed34dad5d642be5df302a5960c3d46a6044c138354bb7d0
9dc9c1f9907f69012e07a474786b69040318ba9be1ee2816a735fada536a8593
9e3f9dc2fee75e994084ac68f5a8444e4e60178cb2eebdc83cf18e3572955221
ad4985eb0d6afbc3072c856b79c46a95f0190b430343c15c6a4bfbd69616b590
b7882529c619a9804897ed2f44a9fd2f7dcdc8102bcc44fb15cecdbc7fe55de7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdb36d3c0f973eb0e117a48d30559ca0baf730398828c9a2c9330515ad4fb32f
be143d0a6e458536b363074a61f71d0927cacad3624ecd50cb95b260bb92a3c3
d4f3405cf9439c050fb8f3d1cd68c8c78d680526aaaf8f20351cb3cf0c649008
d71be79d33ce89683158c26a5e2bcc8598c5af78009323ad9d0e1d61d86068df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e511af217cd459127f457de5fa593dae8faa13da18f28087e974d53a55a131aa
e5f6b199958eac43ed5537fd5b531cd2b65d1f8dfba90b45ef7fef538bc13e06
e661f0f50cf45e1f599f38633c0ecc7f888f23e95a7e96a6cf5d641c78941264
ea64125dd1d9882b4aba247ffb7569c2d38af7ece5824e912a9df7c969441b88
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24caa519b391518b7dd4f0e69d4300fc4d2f42b5b9fc2e2063c6f70a479735e
f5a2d87c5ee854f66cbc8430828c11e5718ec78f173718fa07bee4ab6a3f2aa2
f622095d6da0de26ad2f86a5bf8567497fdbf705d95e4d0fe6d8a8e1bf686a01
f9a4d00b348cd51abae760df9a3e35ade3f932f99e8f04b201048e3d94be6a35

www.tui.no Open in urlscan Pro 159.180.84.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

96 Requests

100 %HTTPS

50 %IPv6

20 Domains

25 Subdomains

22 IPs

8 Countries

1765 kBTransfer

5221 kBSize

7 Cookies

4 Outgoing links

Page URL History

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tui.no Open in urlscan Pro
159.180.84.18 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

100 %
HTTPS

50 %
IPv6

20
Domains

25
Subdomains

22
IPs

8
Countries

1765 kB
Transfer

5221 kB
Size

7
Cookies

96 HTTP transactions
1 data transactions