airlinestravel.ro Open in urlscan Pro
2606:4700:3034::ac43:b6b5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://airlinestravel.ro/
Effective URL:
https://airlinestravel.ro/
Submission: On February 22 via manual (February 22nd 2021, 10:32:37 am UTC) from CH

Summary HTTP 111 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 40 IPs in 5 countries across 29 domains to perform 111 HTTP transactions. The main IP is 2606:4700:3034::ac43:b6b5, located in United States and belongs to . The main domain is airlinestravel.ro.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 29th 2020. Valid for: a year.

This is the only time airlinestravel.ro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	2606:4700:303... 2606:4700:3034::ac43:b6b5	() ()
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::6815:280b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	104.79.89.16 104.79.89.16	16625 (AKAMAI-AS) (AKAMAI-AS)
1 15	2606:4700:20:... 2606:4700:20::ac43:4597	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.26.7.39 104.26.7.39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2600:9000:214... 2600:9000:214f:cc00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:7200:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2620:1ec:bdf::19 2620:1ec:bdf::19	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	54.220.104.217 54.220.104.217	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:485f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::6815:5471	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:cf:... 2a02:26f0:cf:295::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20d... 2600:9000:20d7:da00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	148.69.64.109 148.69.64.109	12353 (VODAFONE-...) (VODAFONE-PT Vodafone Portugal)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1	184.31.88.106 184.31.88.106	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	184.30.25.51 184.30.25.51	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1 1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:62::7	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:21:... 2606:4700:21::681b:ce5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
111	40

17 2606:4700:3034::ac43:b6b5 (United States) 1 redirects

ASN- ()

airlinestravel.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:280b (United States)

ASN13335 (CLOUDFLARENET, US)

htintpa.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.79.89.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-16.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:20::ac43:4597 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logs.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.26.7.39 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csync.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags-videos.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:214f:cc00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:7200:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:bdf::19 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.104.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-104-217.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:485f (United States)

ASN13335 (CLOUDFLARENET, US)

clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:5471 (United States)

ASN13335 (CLOUDFLARENET, US)

palibs.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:cf:295::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20d7:da00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.69.64.109 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: host-109.clevernetwork.pt

ui.clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.88.106 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-31-88-106.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.25.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-51.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:62::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5e6nsk.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:21::681b:ce5c (United States)

ASN13335 (CLOUDFLARENET, US)

clt.vliplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	airlinestravel.ro 1 redirects airlinestravel.ro	683 KB
15	vlitag.com 1 redirects services.vlitag.com tag.vlitag.com assets.vlitag.com logs.vlitag.com media.vlitag.com	870 KB
7	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net pubads.g.doubleclick.net	129 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	159 KB
6	gstatic.com fonts.gstatic.com	61 KB
6	google-analytics.com 1 redirects ssl.google-analytics.com www.google-analytics.com	36 KB
6	smilewanted.com tags.smilewanted.com csync.smilewanted.com tags-videos.smilewanted.com prebid.smilewanted.com static.smilewanted.com	13 KB
6	teads.tv a.teads.tv s8t.teads.tv sync.teads.tv t.teads.tv	192 KB
5	googleapis.com fonts.googleapis.com imasdk.googleapis.com	115 KB
5	clarity.ms www.clarity.ms	21 KB
5	facebook.net connect.facebook.net	159 KB
4	consensu.org quantcast.mgr.consensu.org test.quantcast.mgr.consensu.org	111 KB
3	facebook.com www.facebook.com	471 B
3	google.com 1 redirects adservice.google.com www.google.com analytics.google.com	1 KB
3	google.de adservice.google.de www.google.de	1 KB
2	googlevideo.com 1 redirects redirector.googlevideo.com r2---sn-4g5e6nsk.googlevideo.com	933 B
2	taboola.com cdn.taboola.com	129 KB
2	clevernt.com clevernt.com ui.clevernt.com	49 KB
2	googletagservices.com www.googletagservices.com	47 KB
2	googletagmanager.com www.googletagmanager.com	105 KB
1	vliplatform.com clt.vliplatform.com	716 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	quantcount.com rules.quantcount.com	357 B
1	palibs.tech palibs.tech	118 KB
1	cpx.to p.cpx.to	2 KB
1	quantserve.com secure.quantserve.com	9 KB
1	googleadservices.com partner.googleadservices.com	645 B
1	onesignal.com cdn.onesignal.com	3 KB
1	htintpa.tech htintpa.tech	2 KB
111	29

	Domain	Requested by
17	airlinestravel.ro	1 redirects airlinestravel.ro
10	assets.vlitag.com	tag.vlitag.com airlinestravel.ro
6	fonts.gstatic.com	fonts.googleapis.com
5	www.clarity.ms	airlinestravel.ro www.clarity.ms
5	connect.facebook.net	airlinestravel.ro connect.facebook.net
5	pagead2.googlesyndication.com	airlinestravel.ro pagead2.googlesyndication.com tpc.googlesyndication.com
4	fonts.googleapis.com	airlinestravel.ro tags.smilewanted.com
4	www.google-analytics.com	airlinestravel.ro www.google-analytics.com
3	www.facebook.com	airlinestravel.ro connect.facebook.net
3	t.teads.tv	airlinestravel.ro
3	quantcast.mgr.consensu.org	airlinestravel.ro quantcast.mgr.consensu.org
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	cdn.taboola.com	palibs.tech cdn.taboola.com
2	www.google.de	airlinestravel.ro
2	stats.g.doubleclick.net	1 redirects www.googletagmanager.com
2	ssl.google-analytics.com	1 redirects airlinestravel.ro
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	tags.smilewanted.com	airlinestravel.ro tags.smilewanted.com
2	services.vlitag.com	airlinestravel.ro tag.vlitag.com
2	www.googletagservices.com	airlinestravel.ro pagead2.googlesyndication.com
2	securepubads.g.doubleclick.net	airlinestravel.ro www.googletagservices.com
2	www.googletagmanager.com	airlinestravel.ro
1	clt.vliplatform.com	tag.vlitag.com
1	r2---sn-4g5e6nsk.googlevideo.com	airlinestravel.ro
1	redirector.googlevideo.com	1 redirects
1	media.vlitag.com	1 redirects
1	static.smilewanted.com	airlinestravel.ro
1	logs.vlitag.com	airlinestravel.ro
1	cdn.jsdelivr.net	assets.vlitag.com
1	sync.teads.tv	s8t.teads.tv
1	imasdk.googleapis.com	tag.vlitag.com
1	ui.clevernt.com	airlinestravel.ro
1	rules.quantcount.com	secure.quantserve.com
1	tag.vlitag.com	services.vlitag.com
1	s8t.teads.tv	a.teads.tv
1	palibs.tech	htintpa.tech
1	analytics.google.com	www.googletagmanager.com
1	clevernt.com	airlinestravel.ro
1	p.cpx.to	tags.smilewanted.com
1	prebid.smilewanted.com	tags.smilewanted.com
1	pubads.g.doubleclick.net	tags.smilewanted.com
1	tags-videos.smilewanted.com	tags.smilewanted.com
1	csync.smilewanted.com	tags.smilewanted.com
1	test.quantcast.mgr.consensu.org	airlinestravel.ro
1	secure.quantserve.com	airlinestravel.ro
1	www.google.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.onesignal.com	airlinestravel.ro
1	a.teads.tv	airlinestravel.ro
1	htintpa.tech	airlinestravel.ro
111	52

This site contains links to these domains. Also see Links.

Domain
valueimpression.com
instagram.com
www.facebook.com
youtube.com
www.euautopiese.ro
en.airlinestravel.ro
fr.airlinestravel.ro
de.airlinestravel.ro
it.airlinestravel.ro
pt.airlinestravel.ro
ru.airlinestravel.ro
es.airlinestravel.ro
tr.airlinestravel.ro

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
teads.tv R3	`2021-02-18` - `2021-05-19`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
www.clarity.ms DigiCert SHA2 Secure Server CA	`2020-09-03` - `2021-09-03`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-02` - `2022-02-02`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.clevernt.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-02` - `2021-03-02`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-02-09` - `2021-04-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://airlinestravel.ro/
Frame ID: C26AE562DC942B03697F22FF2EC173F3
Requests: 113 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html
Frame ID: 92F027FF199DA627FAD4412355BA06E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9240484188506222&output=html&adk=1812271804&adf=3025194257&lmt=1613989938&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fairlinestravel.ro%2F&ea=0&flash=0&pra=5&wgl=1&dt=1613989937836&bpp=118&bdt=77&idt=346&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2175648398614&frm=20&pv=2&ga_vid=1902455286.1613989938&ga_sid=1613989938&ga_hid=1312215705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069710&oid=3&pvsid=2507115709408966&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=372
Frame ID: 1820690F643CF8734422E703C249FE29
Requests: 1 HTTP requests in this frame

Frame: https://pubads.g.doubleclick.net/gampad/adx?iu=/275831643/pixel_dar_test&sz=1x1&t=sw_domain_name%3Dairlinestravel_ro_656d249&1613989938344
Frame ID: 15A56B3C1EBC96A88E4AFB2B010B6F4F
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 83640222FFF1BC7DFA281A8A960757A8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 834A8D55415BEAA7CD785FCDE6675698
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://airlinestravel.ro/ HTTP 301
https://airlinestravel.ro/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

111
Requests

100 %
HTTPS

78 %
IPv6

29
Domains

52
Subdomains

40
IPs

5
Countries

3016 kB
Transfer

15582 kB
Size

17
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://valueimpression.com/?ref=airlinestravel.ro
Title: Valueimpression

Search URL Search Domain Scan URL

URL: https://instagram.com/airlines_travel
Title: Followers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AirlinesTravel
Title: Likes

Search URL Search Domain Scan URL

URL: https://youtube.com/channel/UC0O4MGuGHpHU6GUJunKKDNg?view_as=subscriber
Title: Subscribers

Search URL Search Domain Scan URL

URL: http://www.euautopiese.ro/
Title: www.euautopiese.ro

Search URL Search Domain Scan URL

URL: https://en.airlinestravel.ro/

Search URL Search Domain Scan URL

URL: https://fr.airlinestravel.ro/

Search URL Search Domain Scan URL

URL: https://de.airlinestravel.ro/

Search URL Search Domain Scan URL

URL: https://it.airlinestravel.ro/

Search URL Search Domain Scan URL

URL: https://pt.airlinestravel.ro/

Search URL Search Domain Scan URL

URL: https://ru.airlinestravel.ro/

Search URL Search Domain Scan URL

URL: https://es.airlinestravel.ro/

Search URL Search Domain Scan URL

URL: https://tr.airlinestravel.ro/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://airlinestravel.ro/ HTTP 301
https://airlinestravel.ro/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=89283493&utmhn=airlinestravel.ro&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Aviatie%20si%20Turism%20pentru%20pasionatii%20de%20zboruri%20si%20calatorii&utmhid=1312215705&utmr=-&utmp=%2F&utmht=1613989938225&utmac=UA-6522374-6&utmcc=__utma%3D118944921.1902455286.1613989938.1613989938.1613989938.1%3B%2B__utmz%3D118944921.1613989938.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1397185478&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6522374-6&cid=1902455286.1613989938&jid=1397185478&_v=5.7.2&z=89283493 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6522374-6&cid=1902455286.1613989938&jid=1397185478&_v=5.7.2&z=89283493 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6522374-6&cid=1902455286.1613989938&jid=1397185478&_v=5.7.2&z=89283493&slf_rd=1&random=555782118

Request Chain 102

https://media.vlitag.com/vid/?id=5aWbsTPK-_0&t=y HTTP 302
https://redirector.googlevideo.com/videoplayback?expire=1614011535&ei=L4gzYOeNKd6C6dsP2vqk-A4&ip=45.159.22.70&id=o-AAnWpVwikZYWFWwpYPNYQOWHaELrVVYFcyuMyfwguQMr&itag=22&source=youtube&requiressl=yes&mh=sg&mm=31%2C29&mn=sn-5hnednlr%2Csn-5hne6ns6&ms=au%2Crdu&mv=u&mvi=2&pl=24&vprv=1&mime=video%2Fmp4&ns=a-bsnS6VrMFcDx7K411efKQF&ratebypass=yes&dur=312.331&lmt=1567965288795412&mt=1613989056&fvip=2&c=WEB&txp=2216222&n=OyFztJxMlhInUeGK&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRAIgc0elrYWatH0SJ49Mi5FjY4Z_Bo7Cs-PDzjTXNwooRGgCIGxqVw_yHOxwktVMn2bBLAqnlI8oxSdDdfqaPYYG8ElD&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgXhJQqRYs7bCphQP9ckG5MggmhvUCsZ6C3xsg7PQV6gYCIQCw1ZbXnrdBbqolnCWDwVmiSgwuwOTNIf9eJC4Mdb_KTg%3D%3D HTTP 302
https://r2---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1614011535&ei=L4gzYOeNKd6C6dsP2vqk-A4&ip=45.159.22.70&id=o-AAnWpVwikZYWFWwpYPNYQOWHaELrVVYFcyuMyfwguQMr&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=a-bsnS6VrMFcDx7K411efKQF&ratebypass=yes&dur=312.331&lmt=1567965288795412&fvip=2&c=WEB&txp=2216222&n=OyFztJxMlhInUeGK&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRAIgc0elrYWatH0SJ49Mi5FjY4Z_Bo7Cs-PDzjTXNwooRGgCIGxqVw_yHOxwktVMn2bBLAqnlI8oxSdDdfqaPYYG8ElD&cms_redirect=yes&mh=sg&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6nsk&ms=au&mt=1613989718&mv=m&mvi=2&pl=41&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgU6qU434JLfIgeBjUSeEE9aGUUBbT9bKc3-2Yz_6wTbwCICmGOacHFRv-ofQHC7ivligWBIpc73dieV4bmrPIIWQz

111 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
airlinestravel.ro/
Redirect Chain

http://airlinestravel.ro/
https://airlinestravel.ro/

205 KB
28 KB

638ms
622ms

Document
text/html

2606:4700:3034::ac43:b6b5

General

Check archive.org

Show headers Download Go to

Full URL

https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b6b5 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e1e6a56ad6df95a186e79d0049ac91360adfd48ef444e07101e4f3559a0f65

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: airlinestravel.ro
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d2a837372a34895af2c37e8fae27955fa1613989937
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:17 GMT
content-type: text/html; charset=UTF-8
cf-edge-cache: cache,platform=wordpress
link: <https://airlinestravel.ro/wp-json/>; rel="https://api.w.org/", <https://airlinestravel.ro/wp-json/wp/v2/pages/26916>; rel="alternate"; type="application/json", <https://airlinestravel.ro/>; rel=shortlink
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
cf-request-id: 086ae517f0000032503ab26000000001
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vxwuaBcq0hCMsxTDXMgF%2BPoIGqdwVai86EAxmuZpSiHdbkhuYLI3gHjr4hzzVqxjJ1mPgzyTG9jBUeReCQFufBqaMkQwkjFi8S5peCwMDHZjhEs2AWNqc3gaGMybTg%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 62580ad3191b3250-FRA
content-encoding: br

Redirect headers

Date: Mon, 22 Feb 2021 10:32:17 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d2a837372a34895af2c37e8fae27955fa1613989937; expires=Wed, 24-Mar-21 10:32:17 GMT; path=/; domain=.airlinestravel.ro; HttpOnly; SameSite=Lax
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
location: https://airlinestravel.ro/
CF-Cache-Status: DYNAMIC
cf-request-id: 086ae517c300003240843b9000000001
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EZhE3FjPUYsdRdpwFo9MeSvVYIg0rzJ3AnNAK18fvhDO8v4znIyiuWT6JW3RpJ64hjIQp6Gwez%2FfZyPdo3EL6JYN4FCMJqjM1HU4AtuB9y%2BM6dL23I3%2FwvV3oQicCw%3D%3D"}],"group":"cf-nel"}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 62580ad2cbd73240-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
48 KB 44ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98567bd04ab50827410d3ce270d74fb4af57e111ad2f82726f7757779fe53291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 48583
x-xss-protection: 0
server: cafe
etag: 7051586374547090474
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Feb 2021 10:32:17 GMT

GET
H2 200 hybd6.css
airlinestravel.ro/wp-content/cache/wpfc-minified/qu95lx0p/ 1 MB
157 KB 73ms
72ms Stylesheet
text/css 2606:4700:3034::ac43:b6b5

General

Check archive.org

Show headers Download Go to

Full URL

https://airlinestravel.ro/wp-content/cache/wpfc-minified/qu95lx0p/hybd6.css

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b6b5 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

446fb9533fa582c2587801ab7142f5c88aa297ab151c21cd7106c59541d19c17

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 Feb 2021 10:27:36 GMT
server: cloudflare
date: Mon, 22 Feb 2021 10:32:17 GMT
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding,User-Agent
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vJoCoyZSLdQiq8zjqkoY4MRYIRyjSSG4dORbzHontW0C%2FVO1%2BBilvxabigNDuR6QRxVTEBDXW6I%2FuwPez5OEWG0vMlxgqOlQQstcxR1Il8LsIS0AzQ%2FW%2B0t%2Fwn6Dgg%3D%3D"}]}
content-type: text/css
cache-control: max-age=10368000
cf-request-id: 086ae51a690000325004a35000000001
cf-ray: 62580ad70e0b3250-FRA
expires: max-age=A10368000, public

GET
H2 200 hy9ii.css
airlinestravel.ro/wp-content/cache/wpfc-minified/dve379lz/ 797 KB
100 KB 113ms
113ms Stylesheet
text/css 2606:4700:3034::ac43:b6b5

General

Check archive.org

Show headers Download Go to

Full URL

https://airlinestravel.ro/wp-content/cache/wpfc-minified/dve379lz/hy9ii.css

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b6b5 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

368be574e8c6be679f65d001ca18c0fe462226645ae7b0cdce4b37ee04441c1e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 Feb 2021 10:17:36 GMT
server: cloudflare
date: Mon, 22 Feb 2021 10:32:17 GMT
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding,User-Agent
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gKUzzKnh2rcwXlA%2BYoeXB%2BuDGPd6z8%2F%2B9SrrIgszYJX2tfojEnVUHzbvhGxvIz8e5XXYXbCPFG4q5tsiURTb5TUEHdKu57IpQ5yNbH8s8aOQn46oaZSKcWZfrXEb%2FA%3D%3D"}]}
content-type: text/css
cache-control: max-age=10368000
cf-request-id: 086ae51a6b0000325004a36000000001
cf-ray: 62580ad70e0c3250-FRA
expires: max-age=A10368000, public

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 136 KB
52 KB 28ms
25ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-44ZBSRP01X

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aee00889e56a79f166f02213be23ed0ab57d7554fef9b05c1abf0c1743460a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53503
x-xss-protection: 0
expires: Mon, 22 Feb 2021 10:32:17 GMT

GET
H2 200 logo-airlinestravel-1.png
airlinestravel.ro/wp-content/uploads/2015/11/ 5 KB
6 KB 38ms
35ms Image
image/png 2606:4700:3034::ac43:b6b5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://airlinestravel.ro/wp-content/uploads/2015/11/logo-airlinestravel-1.png

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b6b5 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

faa22611121c8f2432fe6bab22c7e11b9dbf3df753e171f651946bfe156ce3d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:17 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 5569
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 24 May 2019 01:10:24 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hQQouymRs4viHDY7TPdxtkv7ktnCfV4%2ByCNp6yca7cgYB9bQ2%2BlQt81zi%2F1gPfOO9UVov4WHX%2F635FSER3VLV9xCR7Xn33CVR8UB86cJbHgRvpeZSRyt%2BMY3f4n3FQ%3D%3D"}]}
content-type: image/png
cache-control: max-age=10368000
content-security-policy: upgrade-insecure-requests
cf-request-id: 086ae51b100000325066113000000001
accept-ranges: bytes
cf-ray: 62580ad81fed3250-FRA
expires: max-age=A10368000, public

GET
H2 200 blank.gif
airlinestravel.ro/wp-content/plugins/wp-fastest-cache-premium/pro/images/ 43 B
599 B 43ms
41ms Image
image/gif 2606:4700:3034::ac43:b6b5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://airlinestravel.ro/wp-content/plugins/wp-fastest-cache-premium/pro/images/blank.gif

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b6b5 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:17 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Jan 2021 20:38:36 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yoJXLP4EJ5zlLLn1SkqVw2qS4Flyk%2BfjkQDMQSM8M%2F%2BoytnOLUACObDCfislqvCvZXHQvU1mfZLBFLHSgPvFcxuRuP7YMcnZdbkMTLEqTnY9AlRm5CRKZWDDp%2FdJEQ%3D%3D"}]}
content-type: image/gif
cache-control: max-age=10368000
content-security-policy: upgrade-insecure-requests
cf-request-id: 086ae51b1100003250af0ed000000001
accept-ranges: bytes
cf-ray: 62580ad81fee3250-FRA
expires: max-age=A10368000, public

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 57 KB
19 KB 169ms
78ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

b8ecf6ab36725bb698223f226a89362d1b4036247d8fa8fe8c303ad433e49169

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "791 / 832 of 1000 / last-modified: 1613776162"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19524
x-xss-protection: 0
expires: Mon, 22 Feb 2021 10:32:18 GMT

GET
H2 200 airlinestravel.js Show response
htintpa.tech/c/ 4 KB
2 KB 56ms
25ms Script
application/javascript 2606:4700:3035::6815:280b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htintpa.tech/c/airlinestravel.js
Requested by: Host: airlinestravel.ro
URL: https://airlinestravel.ro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:280b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28d108f28fc05ed223e6bf22bb2e6c80141a356dfe0c773163f75fc44b5670c2

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:17 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1464
cf-ray: 62580ad84b1c2bca-FRA
content-length: 1415
x-amz-id-2: AxlxKLcXsrp4DQGMrUJW0qUQWl4QHKnl+cOn1vr3jM6mlQD8cRSz+AfIQs9sD+4ED1r3RWNgooY=
last-modified: Tue, 04 Aug 2020 12:54:42 GMT
server: cloudflare
etag: "290278c3b05edfa1f514b82a49869c56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0poBjH7A8UvbWZMCb9Joq%2FjCfSeZ3FS3JhC88MFcLvE52Z0szdgMbQPT17kXQ1h8XHRPLimQglOKSshkpUh4xEC0cBwkVOvwtcLKekTzqItoeWMINhpBp7Q%3D"}],"max_age":604800}
x-amz-request-id: EBBC7CE2C45414C0
cache-control: max-age=14400
cf-request-id: 086ae51b2d00002bcab799b000000001
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 57 KB
19 KB 62ms
42ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a06af446be30cdc4a1b9c4481b813722163853b764fe4f1dcff1468662edaddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "791 / 632 of 1000 / last-modified: 1613776162"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19523
x-xss-protection: 0
expires: Mon, 22 Feb 2021 10:32:17 GMT

GET
H2 200 i7vc.js Show response
airlinestravel.ro/wp-content/cache/wpfc-minified/1ngkbgxq/ 354 KB
84 KB 77ms
77ms Script
application/javascript 2606:4700:3034::ac43:b6b5

General

Check archive.org

Show headers Download Go to

Full URL

https://airlinestravel.ro/wp-content/cache/wpfc-minified/1ngkbgxq/i7vc.js

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b6b5 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ecfccd9f6564e66db45b35fbebbe7f5067f1ca627e02da67f02990888e71cbbd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Feb 2021 15:15:08 GMT
server: cloudflare
date: Mon, 22 Feb 2021 10:32:17 GMT
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding,User-Agent
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d0JTtZOsY6wjYID4O37Lz0abvAQvnmIgo9n1iBykfhiHS0yAjcimqEoDWAPkgLiI%2F3y2dhpcIc1ANfHkGEo%2FtKhGgW6Rk0oYZSIQ2GUhESVgUXA6JvilTiyj%2B97qOw%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=10368000
cf-request-id: 086ae51acf000032509c934000000001
cf-ray: 62580ad7bf1f3250-FRA
expires: max-age=A10368000, public

GET
H2 200 tag Show response
a.teads.tv/page/94707/ 5 KB
2 KB 161ms
71ms Script
application/javascript 104.79.89.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/94707/tag
Requested by: Host: airlinestravel.ro
URL: https://airlinestravel.ro/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.89.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-89-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: aaad864db2ee36546982ed4eb0a38db3ea951fda706298bf3c3dc597f4a8d004

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 1366
expires: Mon, 22 Feb 2021 11:32:18 GMT

GET
H2 200 i7vc.js Show response
airlinestravel.ro/wp-content/cache/wpfc-minified/96mh054d/ 1 KB
1012 B 37ms
37ms Script
application/javascript 2606:4700:3034::ac43:b6b5

General

Check archive.org

Show headers Download Go to

Full URL

https://airlinestravel.ro/wp-content/cache/wpfc-minified/96mh054d/i7vc.js

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b6b5 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ddf7bbcae1fd497b5722c7e505e964f7d11e3e1c7fe991bf3052b2fa6f92e990

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Feb 2021 15:15:08 GMT
server: cloudflare
date: Mon, 22 Feb 2021 10:32:17 GMT
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding,User-Agent
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ibn75j%2BAEBWS4uNH0bbebNEtEsNaOoEIVqp6XPKe89gcICFXMOaQ6MLC%2Fw3bpNZlhr6CV5rKwupmldxUp0DgN79j1K22zOPBM5IGrX3I%2FjeSrO8d42C%2B%2FvyZoNpUGQ%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=10368000
cf-request-id: 086ae51af900003250c0378000000001
cf-ray: 62580ad7ffbe3250-FRA
expires: max-age=A10368000, public

GET
H2 200 / Show response
services.vlitag.com/adv1/ 381 B
1 KB 142ms
123ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/adv1/?q=aa3b4adf2707894774f8727be4c028b6

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6466f71faef0171a670fbc29616620b0337dfcf14cb6a37feaba7f782e6df437

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086ae51b2100002b41fbaac000000001
pragma: no-cache
last-modified: Mon, 22 Feb 2021 05:32:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-sv: 157.114
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=foDxsabfMdQrSKI3jvkXIzK2C78TAHR5YJJZlb4yP1J8F3J1Te%2Bnbc8PgZNi1IaxVX49YGZ22%2B5rGmlAA9GcRV3iNSukTurykd6wFHlyYyRhpYEIvqFQODKeUrbBtLB8"}],"group":"cf-nel"}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 62580ad83fbd2b41-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 31ms
12ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=93ac36974087e91febb8b9067f58556e
Requested by: Host: airlinestravel.ro
URL: https://airlinestravel.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17f03942e210bdf9fdfdcd76549c9c962b2c103f4eb9ac27f3b227ffa6631848

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:17 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 70
etag: W/"b952f25ea8995726c8678b65dfe57a51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 62580ad83b7d1f2d-FRA
cf-request-id: 086ae51b2100001f2da6393000000001
expires: Mon, 22 Feb 2021 11:32:17 GMT

GET
H2 200 i7vp.js Show response
airlinestravel.ro/wp-content/cache/wpfc-minified/d38w7a85/ 274 KB
76 KB 65ms
62ms Script
application/javascript 2606:4700:3034::ac43:b6b5

General

Check archive.org

Show headers Download Go to

Full URL

https://airlinestravel.ro/wp-content/cache/wpfc-minified/d38w7a85/i7vp.js

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b6b5 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ca61c96bf27197c422346b422fe02898f8e8c7391ccf702ebcee040ce6046205

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Feb 2021 15:15:11 GMT
server: cloudflare
date: Mon, 22 Feb 2021 10:32:17 GMT
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding,User-Agent
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x13iWAQ5tSXUNQhl0DHicPiaimXg%2BYBAjl2zuHMAQMHZbz%2BYef5SPOUum1CDhTqa8G%2B4UOg7saWbZ9PoI409bOZxC6Zxl%2BpIChUI2GeyAeBsg3hR7qkmsgJsPvJcrQ%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=10368000
cf-request-id: 086ae51b1000003250f1a70000000001
cf-ray: 62580ad81fec3250-FRA
expires: max-age=A10368000, public

GET
H2 200 airlinestravel_ro_656d249 Show response
tags.smilewanted.com/formats/infeed/ 19 KB
6 KB 82ms
36ms Script
application/javascript 104.26.7.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.smilewanted.com/formats/infeed/airlinestravel_ro_656d249
Requested by: Host: airlinestravel.ro
URL: https://airlinestravel.ro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a9528d5f8db7da21c637eaee0fc7c639dbe839c7646f424fd6b20297acdb021

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 5482
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pkd7K%2FACOw29rGlnnd7LGAyk9QazjyOLeGcY0T5YpRMcbt8QNmf3Aqk7VqCE%2FNDvaWopwVDzgLVLSD%2BUNeHtbvyOKiqCm%2BkhYQ8GnCdBmsTTyPqQzQ%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 62580ad86cb27373-CPH
cf-request-id: 086ae51b4500007373ff845000000001

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/ 227 KB
86 KB 70ms
52ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9240484188506222&plah=airlinestravel.ro&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fee2a3e4db0a9b907550346569920e7ea79a4b855260d5c9d063aebd408ce52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87061
x-xss-protection: 0
server: cafe
etag: 9039926254773515089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 Feb 2021 10:32:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/ Frame 92F0 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210211/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://airlinestravel.ro/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://airlinestravel.ro/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Feb 2021 06:34:06 GMT
expires: Mon, 08 Mar 2021 06:34:06 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 14291
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fontawesome-webfont.woff2
airlinestravel.ro/wp-content/plugins/better-adsmanager/includes/libs/better-framework/assets/fonts/ 75 KB
76 KB 38ms
38ms Font
application/font-woff2 2606:4700:3034::ac43:b6b5

General

Check archive.org

Show headers Download Go to

Full URL

https://airlinestravel.ro/wp-content/plugins/better-adsmanager/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/wp-content/cache/wpfc-minified/qu95lx0p/hybd6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b6b5 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://airlinestravel.ro
Referer: https://airlinestravel.ro/wp-content/cache/wpfc-minified/qu95lx0p/hybd6.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Jan 2021 20:33:17 GMT
server: cloudflare
date: Mon, 22 Feb 2021 10:32:18 GMT
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding,User-Agent
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=olwJxlnfUjZYPDfic27IecAZl%2FTBZ8uhIrhqNaNnrAXfcsf9qDTN9rr0Efc11LvxHZjwlOUC%2FlJkwlDyjpf8%2BKHv95J5irgK%2FDPw%2BwK6pZ2tRtlpxiIcFHMfsX6NTQ%3D%3D"}]}
content-type: application/font-woff2
cache-control: max-age=10368000
cf-request-id: 086ae51b48000032504d161000000001
cf-ray: 62580ad8783e3250-FRA
expires: max-age=A10368000, public

GET
H2 200 bs-icons.woff
airlinestravel.ro/wp-content/plugins/better-adsmanager/includes/libs/better-framework/assets/fonts/ 14 KB
14 KB 42ms
42ms Font
x-font/woff 2606:4700:3034::ac43:b6b5

General

Check archive.org

Show headers Download Go to

Full URL

https://airlinestravel.ro/wp-content/plugins/better-adsmanager/includes/libs/better-framework/assets/fonts/bs-icons.woff

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/wp-content/cache/wpfc-minified/qu95lx0p/hybd6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b6b5 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://airlinestravel.ro
Referer: https://airlinestravel.ro/wp-content/cache/wpfc-minified/qu95lx0p/hybd6.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Jan 2021 20:33:17 GMT
server: cloudflare
date: Mon, 22 Feb 2021 10:32:18 GMT
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding,User-Agent
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D9U5AtTuZqtYKHi7viwi4jvDOCWTLqQajhJ218thOxdfj4ePMSIcmsBRwNi89ANxtI69vNhJ2Kvd3DOTyAG5zpoLjhJIgsTvRycuw0Tq%2FTvRI80BfQvo745XhJ3yWg%3D%3D"}]}
content-type: x-font/woff
cache-control: max-age=28800
cf-request-id: 086ae51b49000032507d35f000000001
cf-ray: 62580ad878413250-FRA
expires: max-age=A10368000, public

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5020
date: Mon, 22 Feb 2021 09:08:38 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 22 Feb 2021 11:08:38 GMT

GET
H3-Q050 200 pubads_impl_2021021101.js Show response
securepubads.g.doubleclick.net/gpt/ 289 KB
101 KB 142ms
92ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

a533e6ac10f159c258a7737b2a63378e910622fcc61e6c90be14d6d95328fb64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 09:38:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103545
x-xss-protection: 0
expires: Mon, 22 Feb 2021 10:32:18 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 207 B
645 B 138ms
65ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=airlinestravel.ro&callback=_gfp_s_&client=ca-pub-9240484188506222

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9240484188506222&plah=airlinestravel.ro&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ab72b4b78f84b6b1b2c27f79b2e92639c9a155d0db5839b9dfb38ad0ca6d3606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 34ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=airlinestravel.ro

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 47ms
28ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=airlinestravel.ro

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1820 19 KB
2 KB 61ms
60ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9240484188506222&output=html&adk=1812271804&adf=3025194257&lmt=1613989938&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fairlinestravel.ro%2F&ea=0&flash=0&pra=5&wgl=1&dt=1613989937836&bpp=118&bdt=77&idt=346&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2175648398614&frm=20&pv=2&ga_vid=1902455286.1613989938&ga_sid=1613989938&ga_hid=1312215705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069710&oid=3&pvsid=2507115709408966&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=372

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ed0b786a027adf226b4e2b9685ab73fb697c9247dc2bfdf0f5ec49236b61dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9240484188506222&output=html&adk=1812271804&adf=3025194257&lmt=1613989938&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fairlinestravel.ro%2F&ea=0&flash=0&pra=5&wgl=1&dt=1613989937836&bpp=118&bdt=77&idt=346&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2175648398614&frm=20&pv=2&ga_vid=1902455286.1613989938&ga_sid=1613989938&ga_hid=1312215705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069710&oid=3&pvsid=2507115709408966&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=372
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://airlinestravel.ro/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://airlinestravel.ro/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 22 Feb 2021 10:32:18 GMT
server: cafe
content-length: 1737
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 22-Feb-2021 10:47:18 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Feb 2021 10:32:18 GMT
cache-control: private

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 65ms
52ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ce8006f3571742a6891ba13084c53ec56bddb61d338b733847b1736da9456ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613767901381048"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28346
x-xss-protection: 0
expires: Mon, 22 Feb 2021 10:32:18 GMT

GET
H3-Q050

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=89283493&utmhn=airlinestravel.ro&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Avia...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6522374-6&cid=1902455286.1613989938&jid=1397185478&_v=5.7.2&z=89283493
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6522374-6&cid=1902455286.1613989938&jid=1397185478&_v=5.7.2&z=89283493
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6522374-6&cid=1902455286.1613989938&jid=1397185478&_v=5.7.2&z=89283493&slf_rd=1&random=555782118

42 B
483 B

47ms
33ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6522374-6&cid=1902455286.1613989938&jid=1397185478&_v=5.7.2&z=89283493&slf_rd=1&random=555782118

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Feb 2021 10:32:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Feb 2021 10:32:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6522374-6&cid=1902455286.1613989938&jid=1397185478&_v=5.7.2&z=89283493&slf_rd=1&random=555782118
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 29ms
13ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: airlinestravel.ro
URL: https://airlinestravel.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: gzip
etag: "/D8P7qgiWm3WmfjhiS2eTg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 01 Mar 2021 10:32:18 GMT

GET
H2 200 all.js Show response
connect.facebook.net/ro_RO/ 3 KB
3 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ro_RO/all.js

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

467a9fff952c0849b764b8562511324c93cff18c5ffd324e4ff492f6b7df9415

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: h4oqwFTjZP4MR1TcTA8d9g==
cross-origin-resource-policy: cross-origin
expires: Mon, 22 Feb 2021 10:34:06 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: LT3aZobp+NJF3XUFJZ1a2Gwlu7YBNxmnzV1MpSRM/x3e/XkSTKtISbNBsPybCgi/SqbVUNEL7kW+Sg0s0uVF1Q==
x-fb-trip-id: 686109401
x-fb-content-md5: ec15d07a68926c48fccb7f112a1f3059
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 22 Feb 2021 10:32:18 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
etag: "d558ce4729ad0257e55cb2170b98e748"
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/LK-SsSGWCQaYw/airlinestravel.ro/ 4 KB
2 KB 34ms
11ms Script
application/javascript 2600:9000:214f:cc00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/LK-SsSGWCQaYw/airlinestravel.ro/choice.js
Requested by: Host: airlinestravel.ro
URL: https://airlinestravel.ro/wp-content/cache/wpfc-minified/1ngkbgxq/i7vc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:cc00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9953110ab7f7a1049af1c6d7c0cbfb37699ca4c44d20df7d5d4c31aec6e89421

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: gzip
etag: W/"80ade5f9c981a36332b6eecccafeaa0d"
last-modified: Wed, 10 Feb 2021 18:12:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: RXjPCF9hxIfwHidGEbi5qivyq7TI0HmYsk7aypNGQW_0fZCNwUohXA==

GET
H2 200 vendor-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 223 KB
32 KB 32ms
6ms XHR
application/json 2600:9000:2057:7200:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: airlinestravel.ro
URL: https://airlinestravel.ro/wp-content/cache/wpfc-minified/1ngkbgxq/i7vc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7200:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29a8a740d9ec07d2d8945d8c857cc27ca3178edc5b91c382f703331e29337460

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 03:00:34 GMT
content-encoding: gzip
age: 27105
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Mon, 22 Feb 2021 03:00:31 GMT
server: AmazonS3
etag: W/"64770ebc35b122fb48f94e90998790fa"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: u1Jetex20IBekoqFd0y5exwn1969Caqg
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA6-C1
content-type: application/json
x-amz-cf-id: GmFPkdxOkdjcjAay3gY881X5Ir_19knj4ARCjfhHmvfDzFZZ3TayzQ==

GET
H2 403 noniab-vendorlist.json Show response
quantcast.mgr.consensu.org/choice/LK-SsSGWCQaYw/airlinestravel.ro/.well-known/ 0
502 B 26ms
11ms XHR
text/html 2600:9000:214f:cc00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/LK-SsSGWCQaYw/airlinestravel.ro/.well-known/noniab-vendorlist.json?timestamp=1613989938267
Requested by: Host: airlinestravel.ro
URL: https://airlinestravel.ro/wp-content/cache/wpfc-minified/1ngkbgxq/i7vc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:cc00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:30:34 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
age: 730
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
access-control-max-age: 3000
content-length: 0
last-modified: Thu, 21 May 2020 21:03:42 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Origin
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: https://airlinestravel.ro
cache-control: public, max-age=7200
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: PFbVRH8DEmJqs22PDqML0A23IDMwVq-17UvzDzCeUdV3IUQ-QXgHJA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: IDXrGHpjOqlenX9EJTB808AMZCVmm6L6M0YF0G52XQS4QgRdCgIfh5hFeuiY1Q5BoEUL3F+SuwoBscEqkTftAw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 22 Feb 2021 10:32:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5ho2hrdh6z Show response
www.clarity.ms/tag/ 816 B
1 KB 132ms
107ms Script
application/x-javascript 2620:1ec:bdf::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/5ho2hrdh6z
Requested by: Host: airlinestravel.ro
URL: https://airlinestravel.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 868eaae82261b3318b8713fbfc6206a7af581a5ccc87670e90f3aeabfd9c1e1c

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:17 GMT
content-encoding: gzip
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache, no-store
x-azure-ref: 0MogzYAAAAADhSE9+jMTnRohF9Ps+sGsBRlJBRURHRTEwMTgANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
expires: -1

GET
H2 200 / Show response
csync.smilewanted.com/ 4 KB
2 KB 60ms
53ms Script
text/html 104.26.7.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/infeed/airlinestravel_ro_656d249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9424b0f8d0a1b192da49336c55a7043211379878f3f30fca89e6f8725791774

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DheabHFRmQbuggM%2FJfgTFUGsTX%2FZKNvlTczybp3%2FcICO4sUEskjvnVCV2B0DNQNfCm2Btdoa6CaobVhHTCkVuP99ihCn6bMXkwviksxOIYRHJ363eU4%3D"}],"max_age":604800}
access-control-allow-credentials: true
cf-ray: 62580adab8ea7373-CPH
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-request-id: 086ae51cb50000737335225000000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2701
date: Mon, 22 Feb 2021 09:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Mon, 22 Feb 2021 11:47:17 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 136 KB
53 KB 45ms
31ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8JXZBSX4H&l=sw_gtag_data_layer

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dff3ac05dd1a05e3640da8095f2204115407ade60374203c432708d3bc1a271c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53492
x-xss-protection: 0
expires: Mon, 22 Feb 2021 10:32:18 GMT

GET
H2 200 config_infeed.php Show response
tags-videos.smilewanted.com/ 3 KB
1 KB 163ms
155ms Script
application/javascript 104.26.7.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags-videos.smilewanted.com/config_infeed.php?domaine=airlinestravel_ro_656d249&true_domaine=airlinestravel.ro&device=desktop&url_path=/&consent_string=undefined
Requested by: Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/infeed/airlinestravel_ro_656d249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05b75ebd9f0faa5bd7cb6a78f9dbe62dbcc624e13c4b2edddb0a57366c916175

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 086ae51cb900007373408b0000000001
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
date: Mon, 22 Feb 2021 10:32:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=crvTgOcEWHsTkpur3p9xCm5oG7oidWGFD6DEuMkuqoExSJ%2FG7pEALavUXIoWSmn5j2m%2B91MOUys1X0fWH%2F26L9p9Zweje5J8RalAeri2Yx6gSSTji0nziyEs6X0%3D"}],"max_age":604800}
content-type: application/javascript
cf-ray: 62580adac8f67373-CPH

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ Frame 15A5 0
586 B 73ms
71ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/275831643/pixel_dar_test&sz=1x1&t=sw_domain_name%3Dairlinestravel_ro_656d249&1613989938344

Requested by

Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/infeed/airlinestravel_ro_656d249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pubads.g.doubleclick.net
:scheme: https
:path: /gampad/adx?iu=/275831643/pixel_dar_test&sz=1x1&t=sw_domain_name%3Dairlinestravel_ro_656d249&1613989938344
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://airlinestravel.ro/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://airlinestravel.ro/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
google-lineitem-id: -2
google-creative-id: -2
google-mediationgroup-id: -2
google-mediationtag-id: -2
date: Mon, 22 Feb 2021 10:32:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: IDE=AHWqTUm9zD4ZbrvRnrSFkJMuV4Ieh3HwZRyBNeR8PKrt9RXJ955sWfzX3B_wHPH3; expires=Sat, 19-Mar-2022 10:32:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 adcall.php Show response
prebid.smilewanted.com/track/analytics/ 0
808 B 212ms
169ms XHR
text/html 104.26.7.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/track/analytics/adcall.php?id_site=9247&id_format=18&id_device=1
Requested by: Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/infeed/airlinestravel_ro_656d249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://airlinestravel.ro
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8HCMPHr4dFQAyB1rbOzvpq5TSpBztl%2BYrH2d0uh9rp8DvvT9WzBrB2mFuglv7n3EY4gQ%2BA6qwvBk9etAwcdoVgoFDtp6jPd0h3GuC636VW8c%2BCggNO8F"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 62580adafe4f10eb-CPH
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-request-id: 086ae51cde000010ebb004d000000001

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12357/ 2 KB
2 KB 211ms
49ms Script
application/javascript 54.220.104.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12357/px.js
Requested by: Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/infeed/airlinestravel_ro_656d249
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.104.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-104-217.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a094ec0e395aaf1ec3fdc994a5b27be1da0d59b00b0a03c00432c7811db50f65

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 10:32:18 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 1631
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 17c387703e1ba3a7b7c6201c36740dc8.min.js Show response
clevernt.com/scripts/ 118 KB
48 KB 42ms
20ms Script
text/javascript 2606:4700:20::ac43:485f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clevernt.com/scripts/17c387703e1ba3a7b7c6201c36740dc8.min.js?20210104=1613989938348
Requested by: Host: airlinestravel.ro
URL: https://airlinestravel.ro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:485f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47bf970b61f6046d135e93de2477a6b5b608311d1a6b743864d16f80e8b0b600

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1666
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 5441921818DA12F1
x-amz-id-2: qENgsuMrfRPsV1GJx1D8voPQkhdBdHcHniCeTHD1XcPvEigEayL2cmXNLYT+TzsL6UsSzSAZiww=
last-modified: Mon, 22 Feb 2021 10:03:37 GMT
server: cloudflare
etag: W/"d429b5da8c97ef36ae737ff31be780de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X5lu5JKBW%2BfgVLM98z6U7UKcl6Xuc%2Br3ldbruB4TTOJoORc9NQU5iheLTvx9rMR2cuDCn1%2Ben4UgXju7hLwjYKPMSrR9aP8nD95Uc776Ac3RBW72EfObL9w%3D"}]}
content-type: text/javascript
cache-control: max-age=1800
cf-request-id: 086ae51cc4000096e0cd9c3000000001
cf-ray: 62580adad84796e0-FRA

GET
H2 200 css
fonts.googleapis.com/ 2 KB
580 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

506a739ef41c5daac26b30b2e9f3ec20ebbac4a5fa4a81d13076d1a1ed532de0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 10:32:18 GMT
server: ESF
date: Mon, 22 Feb 2021 10:32:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Feb 2021 10:32:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
891 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc335171a36c7b4ffa6293b20fef23b830d9944b6fccc54e76cb9b78ac1f2f67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 10:22:07 GMT
server: ESF
date: Mon, 22 Feb 2021 10:32:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Feb 2021 10:32:18 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
73 B 13ms
13ms Other
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-44ZBSRP01X&gtm=2oe2a1&_p=1312215705&sr=1600x1200&_gaz=1&ul=en-us&cid=1902455286.1613989938&_s=1&dl=https%3A%2F%2Fairlinestravel.ro%2F&dr=&dt=Aviatie%20si%20Turism%20pentru%20pasionatii%20de%20zboruri%20si%20calatorii&sid=1613989938&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-44ZBSRP01X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Feb 2021 10:32:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://airlinestravel.ro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
73 B 14ms
14ms Other
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-44ZBSRP01X&cid=1902455286.1613989938&gtm=2oe2a1&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-44ZBSRP01X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Feb 2021 10:32:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://airlinestravel.ro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-44ZBSRP01X&cid=1902455286.1613989938&gtm=2oe2a1&aip=1&z=1029379854

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Feb 2021 10:32:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 projectagora.min.js Show response
palibs.tech/libs/ 406 KB
118 KB 50ms
13ms Script
application/javascript 2606:4700:3030::6815:5471
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://palibs.tech/libs/projectagora.min.js
Requested by: Host: htintpa.tech
URL: https://htintpa.tech/c/airlinestravel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d610bb745fafc428753f59669a38c638f4f234c8995ed0201f93c4c5a3a227b

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 12
cf-ray: 62580adb6bb3c2d6-FRA
content-length: 119431
x-amz-id-2: fBy5GzU5Pux8UV6VJfkG1s8rzY/WbnelAcV8ToZ4I+6NwIGXJuWQN9gzy8aVrH+vEvWkQQ8i4Ws=
last-modified: Mon, 15 Feb 2021 09:33:17 GMT
server: cloudflare
etag: "704eaf2536b8e1f280ca3b8d26056c5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W%2FMlcB1sM%2B0ehT%2BlgvDtKM25bFK0RCmGU32oPKV%2BEODVTQSjhOtoZ02JJsZU65Il%2BWq1dZ9LkVF84cxprEZVEIq%2B%2F89SY7L72gNRg%2FA6uLl%2BRCFaaZVKag%3D%3D"}],"max_age":604800}
x-amz-request-id: 65B0CE8EB43FEE5C
cache-control: max-age=14400
cf-request-id: 086ae51d200000c2d63fbcc000000001
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 708 KB
190 KB 49ms
14ms Script
text/javascript 2a02:26f0:cf:295::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/94707/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:cf:295::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 108e6c130632f774f46ea4cd14064cff4645bce1ec436f26c5db19b0be62af5c

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 3G7T7Q9N0MAX2KBY
content-length: 193374
x-amz-id-2: dEb4PKPbFJnumwWgkkJXDrQ/KLhuo+BhUAdqs/H6XSd2n77pxGHzIO82C9Phwz1bJT+W+FVKHZk=
last-modified: Fri, 19 Feb 2021 10:19:33 GMT
etag: "5d02d7b2e677306242c1844c608148be"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 6
accept-ranges: bytes
access-control-allow-headers: *
expires: Mon, 22 Feb 2021 11:02:18 GMT

GET
H2 200 / Show response
tag.vlitag.com/v3/1613986107/ 509 KB
108 KB 30ms
29ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/v3/1613986107/?q=aa3b4adf2707894774f8727be4c028b6&n=

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=aa3b4adf2707894774f8727be4c028b6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f97ba2802abd5690ca0c7b266e50a6a1f0b230245129e21051bd6a970d8dce1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3767
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yrrgs3e8U7h4uNE99EaCdoh1q%2BthrJ58kBNfDNb%2BES2pNxV63GFNw7ZX2ozwumWU8J%2FSoHCO8pOmlLtIqaa4nN9lLGUYwjqraNGQa2j5uDfg6dK9kVzOC8l0Ow%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
x-sv: 157.114
cache-control: public, max-age=31536000, immutable
cf-request-id: 086ae51d0700002b41f283a000000001
cf-ray: 62580adb3c7c2b41-FRA

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://airlinestravel.ro
Referer: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 04:25:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 281199
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 19 Feb 2022 04:25:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://airlinestravel.ro
Referer: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:52:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 275984
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sat, 19 Feb 2022 05:52:34 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://airlinestravel.ro
Referer: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 07:56:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
age: 268524
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Sat, 19 Feb 2022 07:56:54 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://airlinestravel.ro
Referer: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 06:30:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 187313
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Sun, 20 Feb 2022 06:30:25 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 8 KB
8 KB 33ms
20ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4f45c63e7192b1c9fb64be19be7a03084e16dc33b4dcfedabb44cb390c25a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://airlinestravel.ro
Referer: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 09:18:13 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:45 GMT
server: sffe
age: 350045
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7924
x-xss-protection: 0
expires: Fri, 18 Feb 2022 09:18:13 GMT

GET
H3-Q050 200 S6uyw4BMUTPHjxAwXiWtFCfQ7A.woff2
fonts.gstatic.com/s/lato/v17/ 3 KB
3 KB 28ms
19ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjxAwXiWtFCfQ7A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dec2ba3a35b2d878329a4687f5061f4a62030ad69bd0ebb2ca61c4fda102f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://airlinestravel.ro
Referer: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 09:18:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:51 GMT
server: sffe
age: 350034
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2888
x-xss-protection: 0
expires: Fri, 18 Feb 2022 09:18:24 GMT

GET
H2 200 all.js Show response
connect.facebook.net/ro_RO/ 191 KB
58 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ro_RO/all.js?hash=a9f3ead41991a05595ea479197e8d652&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ro_RO/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

30fb04a5d4aa32805788250bdc2ca85796ab63c3b8575bcdf3992cc3ed247f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://airlinestravel.ro
Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ahS4GqiV9f3ocDdV9FmAoA==
cross-origin-resource-policy: cross-origin
expires: Tue, 22 Feb 2022 09:34:00 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 58546
x-fb-rlafr: 0
x-fb-debug: rICYjZhIuSEjVEfrCDk64eKhK3IYZo42TgGz5jU7nhRyh91vFecexRO0ijD5EgQ4PlMV9S24zICA/Gi6F38egg==
x-fb-trip-id: 686109401
x-fb-content-md5: 83d2e3c57f63e96ac66ab2833f427bab
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 22 Feb 2021 10:32:18 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
etag: "9780d82b0d5a02e92f80b65e468e3fb3"
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 rules-p-LK-SsSGWCQaYw.js Show response
rules.quantcount.com/ 3 B
357 B 498ms
447ms Script
application/x-javascript 2600:9000:20d7:da00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-LK-SsSGWCQaYw.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:da00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:31:57 GMT
via: 1.1 375ffc8f2a15d6fd2fa731e1cdf5a737.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 24
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
cache-control: max-age=300
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: IYG0bWDOJJOPSqmzPr98FR2ctNwJuM2NW5M1BHEjiX7U1SHn8pJUYQ==

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.33

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-fb-rlafr: 0
pragma: public
x-fb-debug: kZF0Xrm6EdJRMdtT5ecoxhvLthFcSdUi3rJ2W+GmIcvU3As7bypm+0A2KgDXqNanSKCa91gfKVzOcpDsAVlfAw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 22 Feb 2021 10:32:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1141575692961630 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 55ms
54ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1141575692961630?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68d623d4ff381f56168e5190a51336952f268f853b0da0223abcf1385e065c14

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: 05Pxm1Bo8vYazStaSzLEwk4ppjaE06BTvulKY6g+kVNY8jkoKeUFIkM1GzZYXDKMAYkD2107eYXrqgjh3mtwdg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 22 Feb 2021 10:32:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 2081838843
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 279 KB
77 KB 7ms
7ms Script
text/javascript 2600:9000:214f:cc00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=airlinestravel.ro
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/LK-SsSGWCQaYw/airlinestravel.ro/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:cc00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a26d3c6cb3587b7b0efdf53803a2cd42a0173de68fff4055156aff2f8b309117

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 22 Feb 2021 10:32:09 GMT
content-encoding: gzip
last-modified: Thu, 18 Feb 2021 16:53:03 GMT
server: AmazonS3
age: 9
etag: W/"4c466673ce0de425c51cdc36d1b899a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: Bqkqf9KixpkHtuIADtBXMTx3Abt0mS3duO1G0V0m6R_VXOAhxLZVTA==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 13ms
12ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=1312215705&t=pageview&_s=1&dl=https%3A%2F%2Fairlinestravel.ro%2F&ul=en-us&de=UTF-8&dt=Aviatie%20si%20Turism%20pentru%20pasionatii%20de%20zboruri%20si%20calatorii&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=118944921.1902455286.1613989938.1613989938.1613989938.1&_utmz=118944921.1613989938.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1613989938722&_u=YADCAAABAAAAAC~&jid=2145067478&gjid=161127693&cid=1902455286.1613989938&tid=UA-116494254-21&_gid=1893187837.1613989939&_r=1&_slc=1&z=1185846238

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Feb 2021 10:32:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://airlinestravel.ro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&aip=1&a=1312215705&t=event&_s=2&dl=https%3A%2F%2Fairlinestravel.ro%2F&ul=en-us&de=UTF-8&dt=Aviatie%20si%20Turism%20pentru%20pasionatii%20de%20zboruri%20si%20calatorii&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Source%20Traffic&ea=airlinestravel_ro_656d249&el=infeed&_utma=118944921.1902455286.1613989938.1613989938.1613989938.1&_utmz=118944921.1613989938.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1613989938728&_u=YADCAAABAAAAAC~&jid=&gjid=&cid=1902455286.1613989938&tid=UA-116494254-21&_gid=1893187837.1613989939&z=650435858

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Feb 2021 00:16:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36952
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Boeing-a-recomandat-retinerea-la-sol-a-128-de-aeronave-777-cu-motor-PW-1-750x430.jpg
airlinestravel.ro/wp-content/uploads/2021/02/ 43 KB
43 KB 47ms
45ms Image
image/jpeg 2606:4700:3034::ac43:b6b5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://airlinestravel.ro/wp-content/uploads/2021/02/Boeing-a-recomandat-retinerea-la-sol-a-128-de-aeronave-777-cu-motor-PW-1-750x430.jpg

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b6b5 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

bc9409b083bf3c1e399dc122572155cc5c94d7e5cf696bce66bb157f061a4156

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 43585
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 Feb 2021 10:17:40 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6JAm0tDk%2FGemM73J%2FnSBH%2BQBzo7p0UaRcHrMQTGyGOG4wowclJhZG123z4rGwSCvdLTMlKODCXK4B%2FfTE2dypEr1QYGEhtfpWr%2FC%2B0pJo6w4nojAobb8PQpQRNRAQw%3D%3D"}]}
content-type: image/jpeg
cache-control: max-age=10368000
content-security-policy: upgrade-insecure-requests
cf-request-id: 086ae51e700000325055a72000000001
accept-ranges: bytes
cf-ray: 62580add7da73250-FRA
expires: max-age=A10368000, public

GET
H2 200 22-februarie-in-aviatie-un-Antonov-An-24RV-se-prabuseste-in-apropiere-de-Baia-Mare-750x430.jpg
airlinestravel.ro/wp-content/uploads/2021/02/ 40 KB
40 KB 52ms
50ms Image
image/jpeg 2606:4700:3034::ac43:b6b5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://airlinestravel.ro/wp-content/uploads/2021/02/22-februarie-in-aviatie-un-Antonov-An-24RV-se-prabuseste-in-apropiere-de-Baia-Mare-750x430.jpg

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b6b5 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

fd1c7602f7028837756ddefacff2034c9df1e239c076bb7428e87801104097cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 40761
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Feb 2021 12:30:23 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=egbpL7H8HCVfWq4e9F%2BN%2BT1T9zrqon3vdQ9w035v8xIGTW%2F1Q6gVUSdJHmm%2FLUVS8ZSQah%2BYgqIqyrZVsUWevkcYHg9%2Bn1cEz2FuN8thIebAc25Kyb651Jc59Ntynw%3D%3D"}]}
content-type: image/jpeg
cache-control: max-age=10368000
content-security-policy: upgrade-insecure-requests
cf-request-id: 086ae51e73000032508a355000000001
accept-ranges: bytes
cf-ray: 62580add7da93250-FRA
expires: max-age=A10368000, public

GET
H2 200 21-februarie-in-aviatie-dirijabilul-Rome-se-prabuseste-ucigand-34-de-persoane-1-357x210.jpg
airlinestravel.ro/wp-content/uploads/2021/02/ 15 KB
15 KB 48ms
46ms Image
image/jpeg 2606:4700:3034::ac43:b6b5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://airlinestravel.ro/wp-content/uploads/2021/02/21-februarie-in-aviatie-dirijabilul-Rome-se-prabuseste-ucigand-34-de-persoane-1-357x210.jpg

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b6b5 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

db08c96fb2df93b89a543310fb98961c8b3998870af37f9ff93bbff977206ce3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 15475
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Feb 2021 11:19:11 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7Ji6ieJGxWAMfEIx%2BmrtFeHCLrRMyziCH4Ycypb%2B4SMUnzVscSVvdwvifzizZ9agSKdnldQAdqRLYntTzOHHWGJNoY4seyHq555PuCFUdx4LXs2kU9UVNidlYmwcAA%3D%3D"}]}
content-type: image/jpeg
cache-control: max-age=10368000
content-security-policy: upgrade-insecure-requests
cf-request-id: 086ae51e70000032500a800000000001
accept-ranges: bytes
cf-ray: 62580add8daa3250-FRA
expires: max-age=A10368000, public

GET
H2 200 ukraine-international-airlines-reia-zborurile-1-martie-357x210.jpg
airlinestravel.ro/wp-content/uploads/2021/02/ 19 KB
19 KB 50ms
48ms Image
image/jpeg 2606:4700:3034::ac43:b6b5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://airlinestravel.ro/wp-content/uploads/2021/02/ukraine-international-airlines-reia-zborurile-1-martie-357x210.jpg

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b6b5 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ebfcad37490fd4aad06c80eb74abf187dfd60ac4fe531a8668c45f2bd30ac712

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 19555
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 20 Feb 2021 23:37:53 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QcnJJvvnuSuHkfaBr4FCgMsAydmaxpoGuudCmjgw4D8STipYCwxJN0vEcKdbvWZaHv%2BuxymwnkpjnXw2xbpAjEjmKg7%2FWpZlo9%2B7EouPEgGlsyWYkitV25JHsmS5qA%3D%3D"}]}
content-type: image/jpeg
cache-control: max-age=10368000
content-security-policy: upgrade-insecure-requests
cf-request-id: 086ae51e7100003250488c7000000001
accept-ranges: bytes
cf-ray: 62580add8dab3250-FRA
expires: max-age=A10368000, public

GET
H2 200 accident-747-400-pale-motor-cazute-olanda-1-357x210.jpg
airlinestravel.ro/wp-content/uploads/2021/02/ 15 KB
15 KB 42ms
40ms Image
image/jpeg 2606:4700:3034::ac43:b6b5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://airlinestravel.ro/wp-content/uploads/2021/02/accident-747-400-pale-motor-cazute-olanda-1-357x210.jpg

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b6b5 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4baccd5660604060155fd20d5fe6c6ac29c9a24de36716f5f99413aa47b6b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 14911
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 20 Feb 2021 23:01:22 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vychEUC3ZXJTyTQyBEZZBOnIU%2Fjr1LZ4%2Fv630O7X6jb%2B1Rn5rBuPdjRo9YlyJsbl%2BNrSrvS%2BHmK3f3Bor%2B0hImuoXhzB6KGHaMfcOugxC%2F3pNfAsBBVjE03sXWKEfA%3D%3D"}]}
content-type: image/jpeg
cache-control: max-age=10368000
content-security-policy: upgrade-insecure-requests
cf-request-id: 086ae51e71000032502eab9000000001
accept-ranges: bytes
cf-ray: 62580add8dac3250-FRA
expires: max-age=A10368000, public

GET
H2 200 accident-aviatic-statele-unite-motor-flacari-1-357x210.jpg
airlinestravel.ro/wp-content/uploads/2021/02/ 7 KB
7 KB 36ms
34ms Image
image/jpeg 2606:4700:3034::ac43:b6b5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://airlinestravel.ro/wp-content/uploads/2021/02/accident-aviatic-statele-unite-motor-flacari-1-357x210.jpg

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b6b5 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

94835757f001a3c05380b4d2a2105b9430487f5f569a4773774bec2e72704cd0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 6657
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 20 Feb 2021 22:10:08 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7lIFnMH5tiGHmEPEu%2BhTbWeeoLpHoLbbWNWr6e%2FP7DBW%2BOuT6QGAOI7E39S2AdFublOaPjKEVSQMG1AzSKUkM9Yysw0XXr1xeXJgDguc%2BShmshfn4nKND%2FoTGCz9Tg%3D%3D"}]}
content-type: image/jpeg
cache-control: max-age=10368000
content-security-policy: upgrade-insecure-requests
cf-request-id: 086ae51e710000325076a53000000001
accept-ranges: bytes
cf-ray: 62580add8dad3250-FRA
expires: max-age=A10368000, public

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.4/ 44 KB
19 KB 111ms
110ms Script
application/javascript 2620:1ec:bdf::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.4/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/5ho2hrdh6z
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 2b24df50b72b38943149ec4d19403020d47a0cceba6128f5dac216607042c3bb

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:17 GMT
content-encoding: br
etag: "1d6ff48e8a7bd02"
last-modified: Wed, 10 Feb 2021 01:06:06 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=86400
x-azure-ref: 0MogzYAAAAAC7SIyG/shDRYOPw9QMUGBIRlJBRURHRTEwMTgANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 docallbackinfo9aad0df41b54468b903a24f1c13f47fd.js Show response
ui.clevernt.com/ 694 B
1021 B 236ms
82ms Script
text/javascript 148.69.64.109
VODAFONE-PT Vodaf...

General

Check archive.org

Show headers Download Go to

Full URL

https://ui.clevernt.com/docallbackinfo9aad0df41b54468b903a24f1c13f47fd.js

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.69.64.109 Porto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),

Reverse DNS

host-109.clevernetwork.pt

Software

nginx /

Resource Hash

294c5ab87ed1861b2f671f15da8e2a08e9c157a7f9d51a00e2ed334339bb72c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: cache
date: Mon, 22 Feb 2021 10:32:19 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
strict-transport-security: max-age=15768000
expires: Mon, 22 Feb 2021 11:32:19 GMT

GET
H2 200 style.css
tags.smilewanted.com/formats/config_formats/infeed/airlinestravel_ro_656d249/ 4 KB
1 KB 36ms
33ms Stylesheet
text/css 104.26.7.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.smilewanted.com/formats/config_formats/infeed/airlinestravel_ro_656d249/style.css
Requested by: Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/infeed/airlinestravel_ro_656d249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8cff2a7074e50e565d9a41f95095cfb21727f350643e7ee3e24bfd4682c2d89

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 5478
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PDSNP2Q5B8%2FaxdoTpPzMTQ1RUfPJkADQqmTagK4rynZ%2BjW69fuICIOiIE4vQ2nosB%2Bj67woZopi7VKmn11DP8LgIMQuDcs01fudVvQb4Twi0bVBeRg%3D%3D"}],"max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=3600
cf-ray: 62580adddea77373-CPH
cf-request-id: 086ae51eaa00007373dc111000000001

GET
H2 200 page_status Show response
services.vlitag.com/ 19 B
727 B 136ms
118ms XHR
application/json 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/page_status?url=https%3A%2F%2Fairlinestravel.ro%2F

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1613986107/?q=aa3b4adf2707894774f8727be4c028b6&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41ef556b0a4f4bdd486a106c3c90f6b5b89889c3f5040af4028e81c9837994ec

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-sv: 157.114
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5Vsz3WP8B3CuTiY5My%2BohVAbaPfvy4JoGSBrhfVw%2BNsM558suNebwTuPGu99VvR%2BJa%2Bx9CwtNsqyunufkNCJ0UILUFIjfZn04vIkBtkbgFwAbL3QJbA2tugZILHO0b5O"}],"group":"cf-nel"}
content-type: application/json
access-control-allow-origin: https://airlinestravel.ro
x-xss-protection: 1; mode=block
cf-ray: 62580addfd6c4ed9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19
cf-request-id: 086ae51ebe00004ed974163000000001

GET
H2 200 prebid-v4.24.0.js Show response
assets.vlitag.com/prebid/default/ 382 KB
108 KB 32ms
30ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/prebid/default/prebid-v4.24.0.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1613986107/?q=aa3b4adf2707894774f8727be4c028b6&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57a72cc0bb0e27083090874f0b03240ebd96eabf5a8515abdfa4defcfa7acbda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1102741
cf-polished: origSize=390907
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086ae51eb400002b41983ed000000001
x-robots-tag: noindex, nofollow
last-modified: Tue, 09 Feb 2021 16:13:11 GMT
server: cloudflare
etag: W/"6022b497-5f6fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Hvp%2FOJP4v%2B2p%2Fyke9n2no1Z2rH%2BqI%2Bb%2Ft590hMa%2BZAGJlbPlzexI03NeMo6LRfjVst0gIt3SZswYemPD3PehgDKGlWyhVMVcrcYo5H2Mv%2BpgiPh6TZeB%2FJ3VJHRdig%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 62580adde85a2b41-FRA
expires: Tue, 09 Feb 2021 16:43:17 GMT

GET
H2 200 viPlayer_v42.min.js Show response
assets.vlitag.com/plugins/vlPlayer/ 13 KB
5 KB 13ms
12ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/vlPlayer/viPlayer_v42.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1613986107/?q=aa3b4adf2707894774f8727be4c028b6&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 524424
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086ae51eb400002b41f2853000000001
x-robots-tag: noindex, nofollow
last-modified: Thu, 26 Nov 2020 03:46:23 GMT
server: cloudflare
etag: W/"5fbf250f-33d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b1pdo2lwVQ8dt0osfAHTPEkaeAw4A4mlj3yFwim7gT5y47zeoi1z5o8WfDzk95vpln5NdNmJUn0Kw%2Fjj0YAic%2Fp8iClYP5Q1nKM97xXqMhGCOGo748Fi4jy4xVjT8g%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 62580adde8582b41-FRA
expires: Tue, 16 Feb 2021 09:21:54 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 326 KB
113 KB 44ms
22ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1613986107/?q=aa3b4adf2707894774f8727be4c028b6&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fdc8d6e8ae6ab8c71d6c0efc802ec9eec8c9cbd50dfda8e0924684f1da0b51b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114825
x-xss-protection: 0
expires: Mon, 22 Feb 2021 10:32:18 GMT

GET
H2 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
16 KB 22ms
21ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1613986107/?q=aa3b4adf2707894774f8727be4c028b6&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 524424
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 086ae51eb400002b41fa90c000000001
x-robots-tag: noindex, nofollow
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
etag: W/"5dbbbcf2-9806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Cttp3JTeUEcpZyMbGvjk0aCz0baLcdE25R%2BE9nyjyDP1%2FqkFziHhJs1y36evsSfX73Q9tBUcKxKXIvi10Pc3L%2BqMoTzVM4KOmtZT4XSEjKMm47hKaHPxoHomL0u0zg%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 62580adde85b2b41-FRA
expires: Tue, 16 Feb 2021 09:21:54 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/airlinestravelro-p14532643/ 127 KB
21 KB 102ms
35ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/airlinestravelro-p14532643/loader.js
Requested by: Host: palibs.tech
URL: https://palibs.tech/libs/projectagora.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdd8c5342652ac04e9489b1eb44ff245c8ce953b69bd8759d5c414ed33e51f16

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: BAQDj14XerP.CIfKb8pcBYuP_dneuAzv
content-encoding: gzip
etag: "723c5599000b9bb298201e5bcc57f623"
age: 10198
x-cache: HIT
content-length: 21449
x-amz-id-2: Cl1CoZcVFP2tPE6MjI8isZumRpDd0mzokNzYvoV5OaiQnrgZbk25rVcoZ3OokRGmgLNhnRMYIqI=
x-served-by: cache-hhn11561-HHN
last-modified: Mon, 22 Feb 2021 07:41:50 GMT
server: AmazonS3
x-timer: S1613989939.020245,VS0,VE0
date: Mon, 22 Feb 2021 10:32:19 GMT
vary: Accept-Encoding
x-amz-request-id: B07D34750A433816
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 76
x-cache-hits: 5

GET
H2 200 wigo-no-slot Show response
sync.teads.tv/ Frame 8364 325 B
486 B 127ms
62ms Document
text/html 184.31.88.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/wigo-no-slot
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.88.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-31-88-106.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash: d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /wigo-no-slot
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://airlinestravel.ro/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cs=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://airlinestravel.ro/

Response headers

content-type: text/html; charset=UTF-8
server: akka-http/10.1.9
content-length: 325
expires: Mon, 22 Feb 2021 10:32:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 22 Feb 2021 10:32:19 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 153ms
76ms Image
image/gif 184.30.25.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=debug-bts&fv=666&ts=1613989938992&env=js-web&pageId=94707&pid=102541&auctid=acdf893a-e4e4-43a5-9168-8cf10cd93c8e&f=1&debug_metadata=wb&referer=https%3A%2F%2Fairlinestravel.ro%2F
Requested by: Host: airlinestravel.ro
URL: https://airlinestravel.ro/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:19 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
113 B 151ms
75ms Image
image/gif 184.30.25.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=acdf893a-e4e4-43a5-9168-8cf10cd93c8e&pageId=94707&pid=102541&debug_metadata=LNjKpVN3kG&fv=666&ts=1613989938995&f=1&referer=https%3A%2F%2Fairlinestravel.ro%2F
Requested by: Host: airlinestravel.ro
URL: https://airlinestravel.ro/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:19 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 152ms
76ms Image
image/gif 184.30.25.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=noSlot-selector&env=js-web&auctid=acdf893a-e4e4-43a5-9168-8cf10cd93c8e&pageId=94707&pid=102541&fv=666&ts=1613989939004&f=1&referer=https%3A%2F%2Fairlinestravel.ro%2F
Requested by: Host: airlinestravel.ro
URL: https://airlinestravel.ro/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:19 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H3-Q050 200 css
fonts.googleapis.com/ 6 KB
1 KB 42ms
28ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700

Requested by

Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/config_formats/infeed/airlinestravel_ro_656d249/style.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d94ed7d8a6c7ebc74ee7f0c9484e3ea0d2574a2c45eaa151e2e2bc67b9c9b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tags.smilewanted.com/formats/config_formats/infeed/airlinestravel_ro_656d249/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 09:51:01 GMT
server: ESF
date: Mon, 22 Feb 2021 10:32:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Feb 2021 10:32:19 GMT

GET
H3-Q050 200 icon
fonts.googleapis.com/ 574 B
392 B 43ms
29ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: tags.smilewanted.com
URL: https://tags.smilewanted.com/formats/config_formats/infeed/airlinestravel_ro_656d249/style.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

56a1f3f1d9126dc75234aa77231107d7bea8e11bd4ad988ab48b3b9e8f3da49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tags.smilewanted.com/formats/config_formats/infeed/airlinestravel_ro_656d249/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 10:32:19 GMT
server: ESF
date: Mon, 22 Feb 2021 10:32:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Feb 2021 10:32:19 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 23ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1141575692961630&ev=PageView&dl=https%3A%2F%2Fairlinestravel.ro%2F&rl=&if=false&ts=1613989939502&sw=1600&sh=1200&v=2.9.33&r=stable&a=wordpress-5.6.1-3.0.4&ec=0&o=30&fbp=fb.1.1613989939500.2078587379&it=1613989938668&coo=false&rqm=GET

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 22 Feb 2021 10:32:19 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 37ms
36ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=682714668426649&input_token&origin=1&redirect_uri=https%3A%2F%2Fairlinestravel.ro%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ro_RO/all.js?hash=a9f3ead41991a05595ea479197e8d652&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: rxW8diaoajbE6Uhe+qD+/l87jXV1oGw+4yd/rS2M0zdEjB7PMiM/Qlb1Ed+e0Yf/flUauimGODplbkT93c4vAg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Mon, 22 Feb 2021 10:32:19 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://airlinestravel.ro
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 impl.20210221-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ 465 KB
107 KB 36ms
35ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210221-3-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/airlinestravelro-p14532643/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: cd5844a01a38bc4b6ba9b1ade25de60b3e12e3326589b5ba5c58389dea3177a6

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: S.OlOqpr7HhxW8duaoyYW7Mix1iPeY04
content-encoding: br
etag: "8794d10625cd1499892d92e265096ec5"
age: 5503
x-cache: HIT
content-length: 109719
x-amz-id-2: 7x7m+MjJ8VZ3ZBWrChUIBseyPuAGpn8FfQrUPjxdk+p9tYbaE5YCdYMlgqcbtqIz9HJdiGP+YqI=
x-served-by: cache-hhn11561-HHN
last-modified: Sun, 21 Feb 2021 08:58:25 GMT
server: AmazonS3-br
x-timer: S1613989940.663355,VS0,VE0
date: Mon, 22 Feb 2021 10:32:19 GMT
vary: Accept-Encoding
x-amz-request-id: 3B03527642E70C89
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 48
x-cache-hits: 39011

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
1 KB 20ms
6ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210222

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.24.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c03c82e7087dfd663e33c2ec3f207f7594551b7e686abd7011d4ebc582fcda9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 41529
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 756
etag: W/"53e-xFnJ2QmjcnuJEPGby5cY38HJ7Jw"
x-served-by: cache-fra19149-FRA, cache-hhn4077-HHN
date: Mon, 22 Feb 2021 10:32:19 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 74 KB
75 KB 13ms
12ms Image
image/webp 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 397741
cf-polished: qual=85, origFmt=jpeg, origSize=103053
content-disposition: inline; filename="1592801729.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75514
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Mon, 22 Jun 2020 04:55:29 GMT
server: cloudflare
etag: "5ef039c1-1928d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mc2ta2o%2BXcvE3DDcsi0zRqKzkid%2F0Rv%2B4gQT4nOra5pYywvrWNM5OpUobK3axCXRN63P87Ly3G0xBPUqPAScXN%2BBT7cYu%2BUF7r55ty52lXut2isIVbulNoQjcD1q7A%3D%3D"}],"group":"cf-nel"}
content-type: image/webp
expires: Wed, 17 Feb 2021 20:33:18 GMT
cache-control: max-age=16070400
cf-request-id: 086ae521ef00002b41b231e000000001
accept-ranges: bytes
cf-ray: 62580ae31fb62b41-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 /
logs.vlitag.com/sub/ 0
293 B 113ms
112ms Image
image/jpeg 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logs.vlitag.com/sub/?d=airlinestravel.ro&h=airlinestravel.ro
Requested by: Host: airlinestravel.ro
URL: https://airlinestravel.ro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:19 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RhXnyJ22vPFYK%2Fq%2F6FvK14djAwlj0gwqqWVWrUe8Lw0RWr1EwdbSG0lGtrlpD3UlnAYQdeA8GbMgTldOuQOD8SO%2Bg44ZG80sOHcd6cTSlvGJfK%2Biq94IHabTns4%3D"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-ray: 62580ae31fb82b41-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 086ae521ef00002b41fa93a000000001

GET
H2 200 native_link.svg
static.smilewanted.com/img/ 1 KB
1 KB 43ms
34ms Image
image/svg+xml 104.26.7.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.smilewanted.com/img/native_link.svg

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.39 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 518129
vary: Accept-Encoding
cf-request-id: 086ae52213000073730eb5d000000001
referrer-policy: strict-origin
last-modified: Tue, 06 Nov 2018 12:52:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5be18e88-5b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2Bea2OHaOjaOanL7mGCskTTBEqC6yjQjGgMYmy8Xk8T12Fh4395G5KayDhMdb4Ncc4RjmWlblKSJPquFKVCG9ypZAxn67Z8gS5P31BX4DlXq%2F4BDMUhK"}],"max_age":604800}
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=315360000
cf-ray: 62580ae358927373-CPH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 7ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&aip=1&a=1312215705&t=event&_s=3&dl=https%3A%2F%2Fairlinestravel.ro%2F&ul=en-us&de=UTF-8&dt=Aviatie%20si%20Turism%20pentru%20pasionatii%20de%20zboruri%20si%20calatorii&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Position%20Infeed%20non%20presente&ea=airlinestravel_ro_656d249&el=infeed&_utma=118944921.1902455286.1613989938.1613989938.1613989938.1&_utmz=118944921.1613989938.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1613989939711&_u=aADCAAABAAAAAC~&jid=&gjid=&cid=1902455286.1613989938&tid=UA-116494254-21&_gid=1893187837.1613989939&z=1838233299

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Feb 2021 00:16:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36953
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1596163502.jpg
assets.vlitag.com/widget/2020/07/30/ 104 KB
105 KB 16ms
14ms Image
image/webp 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/07/30/1596163502.jpg

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 355124
cf-polished: qual=85, origFmt=jpeg, origSize=140376
content-disposition: inline; filename="1596163502.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 106784
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Fri, 31 Jul 2020 02:45:02 GMT
server: cloudflare
etag: "5f2385ae-22458"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y7KUOcyVgX4LhgToX25mAysWX2ILALyPnXJ52mC68csUnpVuSBIBXkv0jX59y%2FwUui9DOLGK%2FlNuOl6fB6iE5l9qT3%2FGNgN7NElb5kyVeGTH1jzmw3xM4COl4ggUZQ%3D%3D"}],"group":"cf-nel"}
content-type: image/webp
expires: Thu, 18 Feb 2021 08:23:35 GMT
cache-control: max-age=16070400
cf-request-id: 086ae5222500002b41c4865000000001
accept-ranges: bytes
cf-ray: 62580ae368522b41-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1572962767.jpg
assets.vlitag.com/widget/2019/11/05/ 46 KB
47 KB 13ms
11ms Image
image/webp 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2019/11/05/1572962767.jpg

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94a1096d4ddd1232128b8a52859680031fd1aa9df3bec2a6e25e7cf4ffd95282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 550602
cf-polished: qual=85, origFmt=jpeg, origSize=78339
content-disposition: inline; filename="1572962767.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47174
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 05 Nov 2019 14:06:07 GMT
server: cloudflare
etag: "5dc181cf-13203"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j6kKm48Yf4saQxr0Jbz2U30KF%2BvJR1w6MNTjhtlzinMmSMUOK4vxkKfJIKW3fImZDCPhgKzqdViP6VU7hjZLdghPTOHbJwvLyxPeCoiu2sYhB3dRJxBV%2BIFJXqX%2F4A%3D%3D"}],"group":"cf-nel"}
content-type: image/webp
expires: Tue, 16 Feb 2021 02:05:37 GMT
cache-control: max-age=16070400
cf-request-id: 086ae5222500002b41a4add000000001
accept-ranges: bytes
cf-ray: 62580ae368532b41-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1572962788.jpg
assets.vlitag.com/widget/2019/11/05/ 83 KB
83 KB 14ms
13ms Image
image/webp 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2019/11/05/1572962788.jpg

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

268d81a69a9e1910b84cf74017fba73517adac9e466f83ba8f264da82e07e74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 524421
cf-polished: qual=85, origFmt=jpeg, origSize=111413
content-disposition: inline; filename="1572962788.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 84586
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 05 Nov 2019 14:06:28 GMT
server: cloudflare
etag: "5dc181e4-1b335"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nloZzlnmKeryu6Ulc9iFL7xKfdOgksvzMIpn1vrhf3YvBJ8qcYXJj74J1OSf0TRZxF43ksyN8NAYyCcafzouihbs7zY56U2vb8NaIV9Ooo7Pbf0AbnxjI%2B4nO1ALbA%3D%3D"}],"group":"cf-nel"}
content-type: image/webp
expires: Tue, 16 Feb 2021 09:21:58 GMT
cache-control: max-age=16070400
cf-request-id: 086ae5222600002b41a6993000000001
accept-ranges: bytes
cf-ray: 62580ae368542b41-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1572962830.jpg
assets.vlitag.com/widget/2019/11/05/ 192 KB
192 KB 18ms
17ms Image
image/jpeg 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 524211
cf-polished: degrade=85, origSize=227959, status=webp_bigger
expires: Tue, 16 Feb 2021 09:25:28 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 196267
cf-request-id: 086ae5222600002b417e13f000000001
x-robots-tag: noindex, nofollow
last-modified: Tue, 05 Nov 2019 14:07:11 GMT
server: cloudflare
etag: "5dc1820f-37a77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8rYUJZbZg6j9h8u9e9iCPJncDv13Ifmw33gCmgS7FEtOh1cAi5Jvfic2GSr2RrGuLBuM0RDat8CLaAGFULpI1tvQBs8yCI7I383Mf9%2FTgjjIQHabR%2BFTWaeOCKSSdg%3D%3D"}],"group":"cf-nel"}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 62580ae368552b41-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1592294784.jpg
assets.vlitag.com/widget/2020/06/16/ 20 KB
21 KB 18ms
17ms Image
image/webp 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/06/16/1592294784.jpg

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a9f4a4cc23bbe232be7f4ca796c9cf6f5edeabb85c1332a077df626c084cf4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 449730
cf-polished: qual=85, origFmt=jpeg, origSize=26122
content-disposition: inline; filename="1592294784.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20188
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 16 Jun 2020 08:06:24 GMT
server: cloudflare
etag: "5ee87d80-660a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qqUiDNf3uCeqtbZVKxAwNfcp4RmQJ3bTL8FJSGRJXrOf2aUGKaYvLfTjqC5h99GYfqwgUpGYfeJA%2BNonsLNhi57rvAuPhdCoxdmVyKnHZ%2FzEULfB4K4sKgtPTfbtYw%3D%3D"}],"group":"cf-nel"}
content-type: image/webp
expires: Wed, 17 Feb 2021 06:06:49 GMT
cache-control: max-age=16070400
cf-request-id: 086ae5222600002b419801d000000001
accept-ranges: bytes
cf-ray: 62580ae368562b41-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1572962870.jpg
assets.vlitag.com/widget/2019/11/05/ 107 KB
107 KB 18ms
17ms Image
image/webp 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2019/11/05/1572962870.jpg

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 97220
cf-polished: qual=85, origFmt=jpeg, origSize=151033
content-disposition: inline; filename="1572962870.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 109336
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 05 Nov 2019 14:07:50 GMT
server: cloudflare
etag: "5dc18236-24df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TszxbxiO%2FUKfOXOJqMXYVvSGzPaaUrh9vamavGQ5hs84qwKtPnw4V16TuBro5kd9XDomvvuBdl%2Bsv9htuPUaDAoqOir6gIsgls4ZNjIsl4IMs2uD%2Bb19%2BBLVaYU8PQ%3D%3D"}],"group":"cf-nel"}
content-type: image/webp
expires: Sun, 21 Feb 2021 08:01:59 GMT
cache-control: max-age=16070400
cf-request-id: 086ae5222600002b41f0383000000001
accept-ranges: bytes
cf-ray: 62580ae368582b41-FRA
cf-bgj: imgq:85,h2pri

GET
H3-Q050

206

videoplayback
r2---sn-4g5e6nsk.googlevideo.com/
Redirect Chain

https://media.vlitag.com/vid/?id=5aWbsTPK-_0&t=y
https://redirector.googlevideo.com/videoplayback?expire=1614011535&ei=L4gzYOeNKd6C6dsP2vqk-A4&ip=45.159.22.70&id=o-AAnWpVwikZYWFWwpYPNYQOWHaELrVVYFcyuMyfwguQMr&itag=22&source=youtube&requiressl=yes...
https://r2---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1614011535&ei=L4gzYOeNKd6C6dsP2vqk-A4&ip=45.159.22.70&id=o-AAnWpVwikZYWFWwpYPNYQOWHaELrVVYFcyuMyfwguQMr&itag=22&source=youtube&requires...

6 MB
0

17ms
7ms

Media
video/mp4

2a00:1450:4001:62::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1614011535&ei=L4gzYOeNKd6C6dsP2vqk-A4&ip=45.159.22.70&id=o-AAnWpVwikZYWFWwpYPNYQOWHaELrVVYFcyuMyfwguQMr&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=a-bsnS6VrMFcDx7K411efKQF&ratebypass=yes&dur=312.331&lmt=1567965288795412&fvip=2&c=WEB&txp=2216222&n=OyFztJxMlhInUeGK&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRAIgc0elrYWatH0SJ49Mi5FjY4Z_Bo7Cs-PDzjTXNwooRGgCIGxqVw_yHOxwktVMn2bBLAqnlI8oxSdDdfqaPYYG8ElD&cms_redirect=yes&mh=sg&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6nsk&ms=au&mt=1613989718&mv=m&mvi=2&pl=41&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgU6qU434JLfIgeBjUSeEE9aGUUBbT9bKc3-2Yz_6wTbwCICmGOacHFRv-ofQHC7ivligWBIpc73dieV4bmrPIIWQz

Requested by

Host: airlinestravel.ro
URL: https://airlinestravel.ro/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:62::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 08 Sep 2019 17:54:48 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-60993565/60993566
client-protocol: quic
cache-control: private, max-age=21295
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 60993566
expires: Mon, 22 Feb 2021 10:32:20 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Feb 2021 10:32:20 GMT
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r2---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1614011535&ei=L4gzYOeNKd6C6dsP2vqk-A4&ip=45.159.22.70&id=o-AAnWpVwikZYWFWwpYPNYQOWHaELrVVYFcyuMyfwguQMr&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=a-bsnS6VrMFcDx7K411efKQF&ratebypass=yes&dur=312.331&lmt=1567965288795412&fvip=2&c=WEB&txp=2216222&n=OyFztJxMlhInUeGK&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRAIgc0elrYWatH0SJ49Mi5FjY4Z_Bo7Cs-PDzjTXNwooRGgCIGxqVw_yHOxwktVMn2bBLAqnlI8oxSdDdfqaPYYG8ElD&cms_redirect=yes&mh=sg&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6nsk&ms=au&mt=1613989718&mv=m&mvi=2&pl=41&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgU6qU434JLfIgeBjUSeEE9aGUUBbT9bKc3-2Yz_6wTbwCICmGOacHFRv-ofQHC7ivligWBIpc73dieV4bmrPIIWQz
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1119
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 196 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd882c134a0d98ed3b6a87eb94b3e4e4b3c7787ee153518f9f75482e9ff10094

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 516 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 634123ee29b1f3ea68a9dd4b8f7e38808766984516bb97202ef7186784ba995e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 243 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 /
www.facebook.com/tr/ 0
62 B 11ms
10ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryU4QlDu2hhjQ1ryYB

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 22 Feb 2021 10:32:20 GMT
content-type: text/plain
access-control-allow-origin: https://airlinestravel.ro
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 49ms
36ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210211&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f3f744c7b3889d640e127156b26f7c20f70e8ebd7bbef0a97c3f1831449b3d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Feb 2021 10:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6454
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 36ms
16ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Mon, 22 Feb 2021 10:32:20 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 834A 12 KB
5 KB 34ms
20ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://airlinestravel.ro/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://airlinestravel.ro/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Mon, 22 Feb 2021 10:06:08 GMT
expires: Tue, 22 Feb 2022 10:06:08 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1572
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 dfZxd03ctMAtOzJA0awyJ9FYXT3-SPE4vneR-Lkp6e0.js Show response
pagead2.googlesyndication.com/bg/ Frame 834A 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dfZxd03ctMAtOzJA0awyJ9FYXT3-SPE4vneR-Lkp6e0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75f671774ddcb4c02d3b3240d1ac3227d1585d3dfe48f138be7791f8b929e9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 08:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 8355
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6227
x-xss-protection: 0
expires: Tue, 22 Feb 2022 08:13:05 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 40ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210211&jk=2507115709408966&bg=!MDOlM3DNAAXRs2QT0TsAKQB2-DxaCwwh_I8aCm5wvYH7y0tDt1nIwGjwoDyqnlLwOBB6S6p17dZlAgAAAIJSAAAAEmgBBwoA5Gjb0Mp36nJckJXq26FnU6Od3bZs91MLGfBnPobE72ytpeRppxOr-xBYE7R8El4wNqAtoglL1XAH680JIdnaPDHntDNXJhxD3d1TZiHitKDIDzF1_PQB3lvQFYxafZOYbmmOo8aOEYA6Bq2aJ_GfbhgA78gxS7Ovm5EhsPKHcUDXfym3vB9K5r3b7rmAW8kGUUHp4iCrUArVCHMTsEPaluBHTJJjOOGNQF201XeOtNgBqMKNkPeuvdn0A9LMI1SDj-7uiCdWqaFL6ZLxuiAX06QjrRV0BwdlP2rHGdA2sWptzNjagZkB1RcrgVTNv_AnCZK08o-0RqHnGZ3lUmyaIzD7AW4M0q5_NclWFUTYQM1HYzcaKzh72JlNMqWCAc87SfHVjz32P3rFmIU73fJBKmP5fAVAXnKgyhojtaUHprreiSHyqjXtNjDn9HMgDE4viP_A42ihl9eFWDhx1bLwBlqS6VeEW7uJ_LRHlgbyEghDp52fNOfv2QxKbARW_BJZaTqRs09bdnr3W8dfi-0hvPTbH6iLuxFHhyioAxrBRuGEHYRDpeXkNZPSNdO2JuJMhlH8zhOzEh0nalla9ZgUZGF6f-e02P6Di3q5XaBFwUq027_PC3Bm_YMaFl8z_09WhLK4v4s9csRympLAz4LT10aWXD3xwo4ydvgQRD5KMNva0sqEQvGGZmn15KwugF3lsqyzl5ILFmvX_r6rPJYS7Ejuj83ijgaRDwxkLR6IuNWj9Y2Z7aGj1wq7gu3JlKAugZYfjhsd9Uvzd3ywhDQb0T5OfUhcT2teysb48O_6dWpwbxqI3VS_TGKYRgor6qSdXnJfpUmEgxyZScMiXRjCO619IdIJJFPBtGc5vy7LHIP-u3YEgHgyzmZ48mh3bJfOiZCOe8KFXE12tXGPed_b3kQCxBjQYvrJGFK0Qzw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Feb 2021 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 a Show response
clt.vliplatform.com/ 0
716 B 713ms
681ms XHR
text/plain 2606:4700:21::681b:ce5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clt.vliplatform.com/a

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1613986107/?q=aa3b4adf2707894774f8727be4c028b6&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 22 Feb 2021 10:32:21 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FKuLOXyGKYseEbLQttjUkOyiQaWqJN3ymespl6Ht%2F6SnZVo3xvM1CsyyzUUBMp3IrxAVXWNSsBTfoauFd7ZNM7hFoj3%2F770YOAI1jOI2Z5sGEV8oARLzGvtWF%2F2zTyQq"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://airlinestravel.ro
x-robots-tag: noindex, nofollow
cf-request-id: 086ae526ab00004c5bb7088000000001
cf-ray: 62580aeaaaf34c5b-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
www.clarity.ms/eus2/ 7 B
258 B 119ms
103ms XHR
text/plain 2620:1ec:bdf::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.4/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 22 Feb 2021 10:32:22 GMT
content-encoding: br
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
x-azure-ref: 0NogzYAAAAACd/78aCxnNSY6ydVnCWELgRlJBRURHRTEwMjAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
content-length: 11
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H2 200 collect Show response
www.clarity.ms/eus2/ 7 B
160 B 123ms
106ms XHR
text/plain 2620:1ec:bdf::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.4/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 22 Feb 2021 10:32:25 GMT
content-encoding: br
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
x-azure-ref: 0OYgzYAAAAADiPhSC/6YuR6fdiMvaaWumRlJBRURHRTEwMjAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H2 200 collect Show response
www.clarity.ms/eus2/ 7 B
152 B 109ms
108ms XHR
text/plain 2620:1ec:bdf::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.4/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer: https://airlinestravel.ro/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 22 Feb 2021 10:32:29 GMT
content-encoding: br
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
x-azure-ref: 0PYgzYAAAAACPmv2qK39XQKiiTaU19zQqRlJBRURHRTEwMjAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Verdicts & Comments Add Verdict or Comment

396 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.teads.tv/	1970-01-19 17:03:01	Name: cs Value: 1
airlinestravel.ro/	1970-01-19 19:58:49	Name: hstpconfig Value: eyJJRCI6IjkxNjAwNjYzdWk2MDMzODgzMzAyZTZkIiwiQ1RSIjoiREsiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6Ik1hY09TWCIsIk1vYmlsZSI6MCwiQm90IjowLCJyZW1vdGVfYWRkciI6MTM4MjQyMTczOSwiTGFzdFVwZGF0ZSI6MTYxMzk4OTkzOSwibm9jYWNoZSI6dHJ1ZX0%3D
.airlinestravel.ro/	1970-01-19 18:29:25	Name: _fbp Value: fb.1.1613989939500.2078587379
airlinestravel.ro/	1970-01-19 16:19:57	Name: __vliIPL Value: {"value":["2a01:4f8:192:5414::2"],"expiredAt":1613997138861}
.airlinestravel.ro/	1970-01-19 16:21:16	Name: _gid Value: GA1.2.1893187837.1613989939
.airlinestravel.ro/	1970-01-20 09:51:01	Name: _ga Value: GA1.2.1902455286.1613989938
.airlinestravel.ro/	1970-01-19 16:19:50	Name: __utmt Value: 1
.airlinestravel.ro/	1970-01-19 16:19:49	Name: _gat_smile_infeed Value: 1
.airlinestravel.ro/	1970-01-20 01:41:25	Name: __gads Value: ID=980bf94d38c56c89-225878318cba0027:T=1613989938:RT=1613989938:S=ALNI_MYgNikt9d32iHOIuPpn1CKtFgjISQ
.doubleclick.net/	1970-01-20 01:41:25	Name: IDE Value: AHWqTUm9zD4ZbrvRnrSFkJMuV4Ieh3HwZRyBNeR8PKrt9RXJ955sWfzX3B_wHPH3
.airlinestravel.ro/	1970-01-19 20:42:37	Name: __utmz Value: 118944921.1613989938.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.airlinestravel.ro/	1969-12-31 23:59:59	Name: __utmc Value: 118944921
.airlinestravel.ro/	1970-01-20 09:51:01	Name: __utma Value: 118944921.1902455286.1613989938.1613989938.1613989938.1
.airlinestravel.ro/	1970-01-19 17:03:01	Name: __cfduid Value: d2a837372a34895af2c37e8fae27955fa1613989937
.airlinestravel.ro/	1970-01-20 09:51:01	Name: _ga_44ZBSRP01X Value: GS1.1.1613989938.1.0.1613989938.60
airlinestravel.ro/	1970-01-20 01:05:25	Name: _clck Value: c85dcc
.airlinestravel.ro/	1970-01-19 16:19:51	Name: __utmb Value: 118944921.1.10.1613989938

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://airlinestravel.ro/wp-content/cache/wpfc-minified/1ngkbgxq/i7vc.js(Line 7) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=93ac36974087e91febb8b9067f58556e(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	error	URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=airlinestravel.ro(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://assets.vlitag.com/prebid/default/prebid-v4.24.0.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
adservice.google.com
adservice.google.de
airlinestravel.ro
analytics.google.com
assets.vlitag.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.taboola.com
clevernt.com
clt.vliplatform.com
connect.facebook.net
csync.smilewanted.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
htintpa.tech
imasdk.googleapis.com
logs.vlitag.com
media.vlitag.com
p.cpx.to
pagead2.googlesyndication.com
palibs.tech
partner.googleadservices.com
prebid.smilewanted.com
pubads.g.doubleclick.net
quantcast.mgr.consensu.org
r2---sn-4g5e6nsk.googlevideo.com
redirector.googlevideo.com
rules.quantcount.com
s8t.teads.tv
secure.quantserve.com
securepubads.g.doubleclick.net
services.vlitag.com
ssl.google-analytics.com
static.smilewanted.com
stats.g.doubleclick.net
sync.teads.tv
t.teads.tv
tag.vlitag.com
tags-videos.smilewanted.com
tags.smilewanted.com
test.quantcast.mgr.consensu.org
tpc.googlesyndication.com
ui.clevernt.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
104.26.7.39
104.79.89.16
142.250.185.162
148.69.64.109
184.30.25.51
184.31.88.106
199.232.137.44
216.58.212.130
2600:9000:2057:7200:3:a4cd:8380:93a1
2600:9000:20d7:da00:6:44e3:f8c0:93a1
2600:9000:214f:cc00:9:46dc:4700:93a1
2606:4700:20::ac43:4597
2606:4700:20::ac43:485f
2606:4700:21::681b:ce5c
2606:4700:3030::6815:5471
2606:4700:3034::ac43:b6b5
2606:4700:3035::6815:280b
2606:4700::6812:e134
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:bdf::19
2a00:1450:4001:62::7
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9b
2a02:26f0:cf:295::26e5
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::621
54.220.104.217
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05b75ebd9f0faa5bd7cb6a78f9dbe62dbcc624e13c4b2edddb0a57366c916175
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
108e6c130632f774f46ea4cd14064cff4645bce1ec436f26c5db19b0be62af5c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645
17f03942e210bdf9fdfdcd76549c9c962b2c103f4eb9ac27f3b227ffa6631848
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1ed0b786a027adf226b4e2b9685ab73fb697c9247dc2bfdf0f5ec49236b61dc4
268d81a69a9e1910b84cf74017fba73517adac9e466f83ba8f264da82e07e74d
28d108f28fc05ed223e6bf22bb2e6c80141a356dfe0c773163f75fc44b5670c2
294c5ab87ed1861b2f671f15da8e2a08e9c157a7f9d51a00e2ed334339bb72c1
29a8a740d9ec07d2d8945d8c857cc27ca3178edc5b91c382f703331e29337460
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b24df50b72b38943149ec4d19403020d47a0cceba6128f5dac216607042c3bb
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78
30fb04a5d4aa32805788250bdc2ca85796ab63c3b8575bcdf3992cc3ed247f59
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
368be574e8c6be679f65d001ca18c0fe462226645ae7b0cdce4b37ee04441c1e
3a9528d5f8db7da21c637eaee0fc7c639dbe839c7646f424fd6b20297acdb021
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3dec2ba3a35b2d878329a4687f5061f4a62030ad69bd0ebb2ca61c4fda102f38
41ef556b0a4f4bdd486a106c3c90f6b5b89889c3f5040af4028e81c9837994ec
446fb9533fa582c2587801ab7142f5c88aa297ab151c21cd7106c59541d19c17
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
467a9fff952c0849b764b8562511324c93cff18c5ffd324e4ff492f6b7df9415
47bf970b61f6046d135e93de2477a6b5b608311d1a6b743864d16f80e8b0b600
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
506a739ef41c5daac26b30b2e9f3ec20ebbac4a5fa4a81d13076d1a1ed532de0
56a1f3f1d9126dc75234aa77231107d7bea8e11bd4ad988ab48b3b9e8f3da49f
57a72cc0bb0e27083090874f0b03240ebd96eabf5a8515abdfa4defcfa7acbda
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a4baccd5660604060155fd20d5fe6c6ac29c9a24de36716f5f99413aa47b6b4
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d610bb745fafc428753f59669a38c638f4f234c8995ed0201f93c4c5a3a227b
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
5fee2a3e4db0a9b907550346569920e7ea79a4b855260d5c9d063aebd408ce52
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
634123ee29b1f3ea68a9dd4b8f7e38808766984516bb97202ef7186784ba995e
6466f71faef0171a670fbc29616620b0337dfcf14cb6a37feaba7f782e6df437
68d623d4ff381f56168e5190a51336952f268f853b0da0223abcf1385e065c14
6a9f4a4cc23bbe232be7f4ca796c9cf6f5edeabb85c1332a077df626c084cf4e
6c03c82e7087dfd663e33c2ec3f207f7594551b7e686abd7011d4ebc582fcda9
6ce8006f3571742a6891ba13084c53ec56bddb61d338b733847b1736da9456ac
75f671774ddcb4c02d3b3240d1ac3227d1585d3dfe48f138be7791f8b929e9ed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
868eaae82261b3318b8713fbfc6206a7af581a5ccc87670e90f3aeabfd9c1e1c
8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c
8d94ed7d8a6c7ebc74ee7f0c9484e3ea0d2574a2c45eaa151e2e2bc67b9c9b25
8f3f744c7b3889d640e127156b26f7c20f70e8ebd7bbef0a97c3f1831449b3d6
94835757f001a3c05380b4d2a2105b9430487f5f569a4773774bec2e72704cd0
94a1096d4ddd1232128b8a52859680031fd1aa9df3bec2a6e25e7cf4ffd95282
98567bd04ab50827410d3ce270d74fb4af57e111ad2f82726f7757779fe53291
9953110ab7f7a1049af1c6d7c0cbfb37699ca4c44d20df7d5d4c31aec6e89421
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9f97ba2802abd5690ca0c7b266e50a6a1f0b230245129e21051bd6a970d8dce1
9fdc8d6e8ae6ab8c71d6c0efc802ec9eec8c9cbd50dfda8e0924684f1da0b51b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a06af446be30cdc4a1b9c4481b813722163853b764fe4f1dcff1468662edaddd
a094ec0e395aaf1ec3fdc994a5b27be1da0d59b00b0a03c00432c7811db50f65
a26d3c6cb3587b7b0efdf53803a2cd42a0173de68fff4055156aff2f8b309117
a533e6ac10f159c258a7737b2a63378e910622fcc61e6c90be14d6d95328fb64
a7e1e6a56ad6df95a186e79d0049ac91360adfd48ef444e07101e4f3559a0f65
aaad864db2ee36546982ed4eb0a38db3ea951fda706298bf3c3dc597f4a8d004
ab72b4b78f84b6b1b2c27f79b2e92639c9a155d0db5839b9dfb38ad0ca6d3606
ac4f45c63e7192b1c9fb64be19be7a03084e16dc33b4dcfedabb44cb390c25a2
aee00889e56a79f166f02213be23ed0ab57d7554fef9b05c1abf0c1743460a91
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
b8ecf6ab36725bb698223f226a89362d1b4036247d8fa8fe8c303ad433e49169
b9424b0f8d0a1b192da49336c55a7043211379878f3f30fca89e6f8725791774
bc9409b083bf3c1e399dc122572155cc5c94d7e5cf696bce66bb157f061a4156
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca61c96bf27197c422346b422fe02898f8e8c7391ccf702ebcee040ce6046205
cd5844a01a38bc4b6ba9b1ade25de60b3e12e3326589b5ba5c58389dea3177a6
cdd8c5342652ac04e9489b1eb44ff245c8ce953b69bd8759d5c414ed33e51f16
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
db08c96fb2df93b89a543310fb98961c8b3998870af37f9ff93bbff977206ce3
dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112
dc335171a36c7b4ffa6293b20fef23b830d9944b6fccc54e76cb9b78ac1f2f67
ddf7bbcae1fd497b5722c7e505e964f7d11e3e1c7fe991bf3052b2fa6f92e990
dff3ac05dd1a05e3640da8095f2204115407ade60374203c432708d3bc1a271c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ebfcad37490fd4aad06c80eb74abf187dfd60ac4fe531a8668c45f2bd30ac712
ecfccd9f6564e66db45b35fbebbe7f5067f1ca627e02da67f02990888e71cbbd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8cff2a7074e50e565d9a41f95095cfb21727f350643e7ee3e24bfd4682c2d89
faa22611121c8f2432fe6bab22c7e11b9dbf3df753e171f651946bfe156ce3d3
fd1c7602f7028837756ddefacff2034c9df1e239c076bb7428e87801104097cb
fd882c134a0d98ed3b6a87eb94b3e4e4b3c7787ee153518f9f75482e9ff10094

airlinestravel.ro Open in urlscan Pro 2606:4700:3034::ac43:b6b5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

100 %HTTPS

78 %IPv6

29 Domains

52 Subdomains

40 IPs

5 Countries

3016 kBTransfer

15582 kBSize

17 Cookies

13 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

airlinestravel.ro Open in urlscan Pro
2606:4700:3034::ac43:b6b5 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

100 %
HTTPS

78 %
IPv6

29
Domains

52
Subdomains

40
IPs

5
Countries

3016 kB
Transfer

15582 kB
Size

17
Cookies

111 HTTP transactions
8 data transactions