www.ethiopianairlines.com Open in urlscan Pro
23.77.208.176 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ethiopianairlines.com/
Submission: On December 19 via manual (December 19th 2019, 9:49:33 pm UTC) from US

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 18 domains to perform 55 HTTP transactions. The main IP is 23.77.208.176, located in Netherlands and belongs to AKAMAI-ASN1, US. The main domain is www.ethiopianairlines.com.
TLS certificate: Issued by DigiCert ECC Extended Validation Serv... on July 9th 2018. Valid for: 2 years.

This is the only time www.ethiopianairlines.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	23.77.208.176 23.77.208.176	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE - Google LLC)
1	99.84.87.211 99.84.87.211	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:20:... 2606:4700:20::681a:92c	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f0f... 2a03:2880:f0ff:1a:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2600:9000:20c... 2600:9000:20c3:a000:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	3.122.5.123 3.122.5.123	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	23.62.118.129 23.62.118.129	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	143.204.98.34 143.204.98.34	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	143.204.101.54 143.204.101.54	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
55	19

16 23.77.208.176 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-77-208-176.deploy.static.akamaitechnologies.com

www.ethiopianairlines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.87.211 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-99-84-87-211.muc50.r.cloudfront.net

d16fk4ms6rqz1v.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:92c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f0ff:1a:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 1 redirects

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c3:a000:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.5.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-122-5-123.eu-central-1.compute.amazonaws.com

apps.mypurecloud.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.62.118.129 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-62-118-129.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.34 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-34.fra50.r.cloudfront.net

dhqbrvplips7x.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.54 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-54.fra50.r.cloudfront.net

journey-snippets.mypurecloud.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	ethiopianairlines.com www.ethiopianairlines.com	244 KB
6	google-analytics.com www.google-analytics.com ssl.google-analytics.com	58 KB
3	facebook.net connect.facebook.net	168 KB
2	facebook.com www.facebook.com	395 B
2	mypurecloud.de apps.mypurecloud.de journey-snippets.mypurecloud.de api.mypurecloud.de Failed	35 KB
2	creativecdn.com 1 redirects creativecdn.com ams.creativecdn.com	465 B
2	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net Failed	2 KB
2	cloudfront.net d16fk4ms6rqz1v.cloudfront.net dhqbrvplips7x.cloudfront.net	45 KB
1	bkrtx.com tags.bkrtx.com	10 KB
1	dwin1.com www.dwin1.com	9 KB
1	ipapi.co ipapi.co	719 B
1	googleadservices.com www.googleadservices.com	10 KB
1	googleapis.com fonts.googleapis.com	564 B
1	googletagmanager.com www.googletagmanager.com	49 KB
1	jquery.com code.jquery.com	30 KB
0	atdmt.com Failed cx.atdmt.com Failed
0	google.de Failed www.google.de Failed
0	google.com Failed www.google.com Failed
55	18

	Domain	Requested by
16	www.ethiopianairlines.com	www.ethiopianairlines.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.ethiopianairlines.com
3	connect.facebook.net	www.ethiopianairlines.com connect.facebook.net
2	www.facebook.com	www.ethiopianairlines.com
2	googleads.g.doubleclick.net	www.googleadservices.com
1	journey-snippets.mypurecloud.de	apps.mypurecloud.de
1	dhqbrvplips7x.cloudfront.net	apps.mypurecloud.de
1	tags.bkrtx.com	www.ethiopianairlines.com
1	apps.mypurecloud.de	www.ethiopianairlines.com
1	www.dwin1.com	www.googletagmanager.com
1	ams.creativecdn.com	www.googletagmanager.com
1	creativecdn.com	1 redirects
1	ipapi.co	code.jquery.com
1	ssl.google-analytics.com	www.googletagmanager.com www.ethiopianairlines.com
1	d16fk4ms6rqz1v.cloudfront.net	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	fonts.googleapis.com	www.ethiopianairlines.com
1	www.googletagmanager.com	www.ethiopianairlines.com
1	code.jquery.com	www.ethiopianairlines.com
0	api.mypurecloud.de Failed	apps.mypurecloud.de
0	cx.atdmt.com Failed	www.ethiopianairlines.com
0	www.google.de Failed	www.ethiopianairlines.com
0	www.google.com Failed	www.ethiopianairlines.com
0	stats.g.doubleclick.net Failed	www.ethiopianairlines.com
55	24

This site contains no links.

Subject Issuer	Validity	Valid
ethiopianairlines.com DigiCert ECC Extended Validation Server CA	`2018-07-09` - `2020-07-08`	2 years	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-13` - `2020-10-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-12-06` - `2020-03-05`	3 months	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.dwin1.com Amazon	`2019-01-30` - `2020-02-29`	a year	crt.sh
mypurecloud.de Amazon	`2019-07-25` - `2020-08-25`	a year	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2018-12-03` - `2020-03-03`	a year	crt.sh

This page contains 2 frames:

Frame: https://www.ethiopianairlines.com/de
Frame ID: B48B3BE296C6B7B905AD4FF6672C2A7F
Requests: 58 HTTP requests in this frame

Frame: https://ams.creativecdn.com/tags?id=pr_WoP4066wXlu6zl3mWwMT&tc=1
Frame ID: F88B496CB17DC548363D8C786C3678FC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

55
Requests

75 %
HTTPS

56 %
IPv6

18
Domains

24
Subdomains

19
IPs

5
Countries

662 kB
Transfer

2382 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://creativecdn.com/tags?id=pr_WoP4066wXlu6zl3mWwMT HTTP 302
https://ams.creativecdn.com/tags?id=pr_WoP4066wXlu6zl3mWwMT&tc=1

55 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.ethiopianairlines.com/ 7 KB
5 KB 321ms
131ms Document
text/html 23.77.208.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.77.208.176 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-77-208-176.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e0d7ec276fdf6dd132c33dba33197f8011bd090a68feb34b48beb3e8008c8a06

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com tagmanager.google.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' tagmanager.google.com 'unsafe-eval' .googleapis.com .gstatic.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org code.jquery.com ipapi.co .upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com tagmanager.google.com https://d6tizftlrpuof.cloudfront.net; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com www.google-analytics.com tagmanager.google.com https://d6tizftlrpuof.cloudfront.net; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com tagmanager.google.com; img-src 'self' https://upgrade-cdn.plusgrade.com .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com www.google-analytics.com https://d6tizftlrpuof.cloudfront.net; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://.dec.sitefinity.com .mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.ethiopianairlines.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
cache-control: no-cache
pragma: no-cache
content-length: 2925
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-security-policy: default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com tagmanager.google.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' tagmanager.google.com 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org code.jquery.com ipapi.co *.upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com tagmanager.google.com https://d6tizftlrpuof.cloudfront.net; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com www.google-analytics.com tagmanager.google.com https://d6tizftlrpuof.cloudfront.net; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com tagmanager.google.com; img-src 'self' https://upgrade-cdn.plusgrade.com *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com www.google-analytics.com https://d6tizftlrpuof.cloudfront.net; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://*.dec.sitefinity.com *.mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a9d403f9-3388-4772-9522-b21134fc6733
access-control-expose-headers: Request-Context
x-powered-by: ASP.NET
date: Thu, 19 Dec 2019 21:48:56 GMT
set-cookie: ASP.NET_SessionId=uqv0xyznsenda0jnnw3tf4qu; path=/; HttpOnly ASP.NET_SessionId=uqv0xyznsenda0jnnw3tf4qu; path=/; HttpOnly ARRAffinity=2a1d67b93a46eacf7bbbcc50548ca9fbd5150f6df2a43c2b292f55d141a97d02;Path=/;HttpOnly;Domain=www.ethiopianairlines.com

GET
H2 200 jquery-ui.min.css
www.ethiopianairlines.com/Content/ 38 KB
9 KB 26ms
26ms Stylesheet
text/css 23.77.208.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ethiopianairlines.com/Content/jquery-ui.min.css?package=Ethiopian

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.77.208.176 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-77-208-176.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

450218a5411b60a2f38f8f0bd3cbd520095a6998640275662b5dd50542980496

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org code.jquery.com ipapi.co .upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://.dec.sitefinity.com .mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org code.jquery.com ipapi.co *.upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://*.dec.sitefinity.com *.mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
content-encoding: gzip
vary: Accept-Encoding
x-powered-by: ASP.NET
status: 200
date: Thu, 19 Dec 2019 21:48:56 GMT
content-length: 7726
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a9d403f9-3388-4772-9522-b21134fc6733
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 23 Oct 2019 09:27:04 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
etag: "0e4fc78489d51:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
access-control-expose-headers: Request-Context
cache-control: max-age=51927
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 bootstrap.min.css
www.ethiopianairlines.com/Content/lib/ 152 KB
25 KB 33ms
30ms Stylesheet
text/css 23.77.208.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ethiopianairlines.com/Content/lib/bootstrap.min.css?package=Ethiopian

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.77.208.176 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-77-208-176.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org code.jquery.com ipapi.co .upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://.dec.sitefinity.com .mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org code.jquery.com ipapi.co *.upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://*.dec.sitefinity.com *.mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
content-encoding: gzip
vary: Accept-Encoding
x-powered-by: ASP.NET
status: 200
date: Thu, 19 Dec 2019 21:48:56 GMT
content-length: 23258
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a9d403f9-3388-4772-9522-b21134fc6733
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Sep 2019 05:49:13 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
etag: "8092e34ed266d51:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
access-control-expose-headers: Request-Context
cache-control: max-age=51925
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 fontawesome.min.css
www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/css/ 55 KB
14 KB 42ms
40ms Stylesheet
text/css 23.77.208.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/css/fontawesome.min.css?package=Ethiopian

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.77.208.176 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-77-208-176.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org code.jquery.com ipapi.co .upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://.dec.sitefinity.com .mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org code.jquery.com ipapi.co *.upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://*.dec.sitefinity.com *.mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
content-encoding: gzip
vary: Accept-Encoding
x-powered-by: ASP.NET
status: 200
date: Thu, 19 Dec 2019 21:48:56 GMT
content-length: 12166
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a9d403f9-3388-4772-9522-b21134fc6733
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 29 Jul 2019 05:57:34 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
etag: "09b2884d245d51:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
access-control-expose-headers: Request-Context
cache-control: max-age=54233
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 ethiopian.css
www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/css/ 5 KB
3 KB 47ms
45ms Stylesheet
text/css 23.77.208.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/css/ethiopian.css?package=Ethiopian

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.77.208.176 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-77-208-176.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f7cdf91fc7b9b99b5472aa17592b5e8225bfcc3060b344a34bcf14663e238b56

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org code.jquery.com ipapi.co .upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://.dec.sitefinity.com .mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org code.jquery.com ipapi.co *.upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://*.dec.sitefinity.com *.mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
content-encoding: gzip
vary: Accept-Encoding
x-powered-by: ASP.NET
status: 200
date: Thu, 19 Dec 2019 21:48:56 GMT
content-length: 1412
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a9d403f9-3388-4772-9522-b21134fc6733
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 30 Oct 2019 12:28:42 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
etag: "0f997901d8fd51:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
access-control-expose-headers: Request-Context
cache-control: max-age=58851
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 datepicker.css
www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/css/ 8 KB
4 KB 48ms
45ms Stylesheet
text/css 23.77.208.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/css/datepicker.css?package=Ethiopian

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.77.208.176 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-77-208-176.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

178eea84de6b35757ff86e648c1dc460c9bfb04915d166a54cddc842d3b508e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org code.jquery.com ipapi.co .upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://.dec.sitefinity.com .mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org code.jquery.com ipapi.co *.upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://*.dec.sitefinity.com *.mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
content-encoding: gzip
vary: Accept-Encoding
x-powered-by: ASP.NET
status: 200
date: Thu, 19 Dec 2019 21:48:56 GMT
content-length: 1825
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a9d403f9-3388-4772-9522-b21134fc6733
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Oct 2019 09:20:42 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
etag: "051fed03983d51:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
access-control-expose-headers: Request-Context
cache-control: max-age=39257
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 et-sitev2.css
www.ethiopianairlines.com/Content/ 26 KB
8 KB 49ms
47ms Stylesheet
text/css 23.77.208.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ethiopianairlines.com/Content/et-sitev2.css?package=Ethiopian

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.77.208.176 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-77-208-176.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d718810706465f7b5225e6ef42bf0e39199e663ef9e86941e4fb167472aaa4d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com tagmanager.google.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' tagmanager.google.com 'unsafe-eval' .googleapis.com .gstatic.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org code.jquery.com ipapi.co .upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com tagmanager.google.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com www.google-analytics.com tagmanager.google.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com tagmanager.google.com; img-src 'self' https://upgrade-cdn.plusgrade.com .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://.dec.sitefinity.com .mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com tagmanager.google.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' tagmanager.google.com 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org code.jquery.com ipapi.co *.upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com tagmanager.google.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com www.google-analytics.com tagmanager.google.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com tagmanager.google.com; img-src 'self' https://upgrade-cdn.plusgrade.com *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://*.dec.sitefinity.com *.mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
content-encoding: gzip
vary: Accept-Encoding
x-powered-by: ASP.NET
status: 200
date: Thu, 19 Dec 2019 21:48:56 GMT
content-length: 6609
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a9d403f9-3388-4772-9522-b21134fc6733
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Nov 2019 15:29:23 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
etag: "872175cba498d51:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
access-control-expose-headers: Request-Context
cache-control: max-age=49083
accept-ranges: bytes
x-content-type-options: nosniff

GET
H/1.1 200
OK jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 47ms
18ms Script
application/javascript 2001:4de0:ac19::1:b:1a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Dec 2019 21:48:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 May 2019 21:14:27 GMT
Server: nginx
ETag: W/"5cca0c33-15851"
Vary: Accept-Encoding
X-HW: 1576792136.dop008.fr8.shc,1576792136.dop008.fr8.t,1576792136.cds121.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30638

GET
H2 200 jquery-3.2.1.min.js Show response
www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/js/ 85 KB
31 KB 52ms
50ms Script
application/x-javascript 23.77.208.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/js/jquery-3.2.1.min.js

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.77.208.176 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-77-208-176.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org code.jquery.com ipapi.co .upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://.dec.sitefinity.com .mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org code.jquery.com ipapi.co *.upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://*.dec.sitefinity.com *.mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
content-encoding: gzip
vary: Accept-Encoding
x-powered-by: ASP.NET
status: 200
date: Thu, 19 Dec 2019 21:48:56 GMT
content-length: 30217
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a9d403f9-3388-4772-9522-b21134fc6733
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Oct 2019 11:50:56 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
etag: "090c1cd4e83d51:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: max-age=51973
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 modernizr-custom.min.js Show response
www.ethiopianairlines.com/Content/lib/ 3 KB
3 KB 59ms
57ms Script
application/x-javascript 23.77.208.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ethiopianairlines.com/Content/lib/modernizr-custom.min.js

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.77.208.176 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-77-208-176.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

4cf58add82f4294b2c1cc381eccd5168a37eb0c98dcbf57b586f579d4d202a2d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org code.jquery.com ipapi.co .upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://.dec.sitefinity.com .mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org code.jquery.com ipapi.co *.upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://*.dec.sitefinity.com *.mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
content-encoding: gzip
vary: Accept-Encoding
x-powered-by: ASP.NET
status: 200
date: Thu, 19 Dec 2019 21:48:56 GMT
content-length: 1509
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a9d403f9-3388-4772-9522-b21134fc6733
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 31 Oct 2019 17:59:08 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
etag: "03e39e41490d51:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: max-age=52728
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 jquery-ui.min.js Show response
www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/js/ 247 KB
68 KB 59ms
58ms Script
application/x-javascript 23.77.208.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/js/jquery-ui.min.js

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.77.208.176 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-77-208-176.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

aceed8280006fb1cce8d1d395885d057ca4c70e4838efe7ab412ecdddbb784b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org code.jquery.com ipapi.co .upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://.dec.sitefinity.com .mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org code.jquery.com ipapi.co *.upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://*.dec.sitefinity.com *.mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
content-encoding: gzip
vary: Accept-Encoding
x-powered-by: ASP.NET
status: 200
date: Thu, 19 Dec 2019 21:48:56 GMT
content-length: 67779
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a9d403f9-3388-4772-9522-b21134fc6733
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 23 Oct 2019 09:23:59 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
etag: "8021b8998389d51:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: max-age=52953
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 popper.min.js Show response
www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/js/ 20 KB
9 KB 68ms
66ms Script
application/x-javascript 23.77.208.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/js/popper.min.js?package=Ethiopian

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.77.208.176 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-77-208-176.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

cc41677b202887ca83e2c6de0234822ef1332fe943afab84c12bb7b20a275e1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org code.jquery.com ipapi.co .upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://.dec.sitefinity.com .mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org code.jquery.com ipapi.co *.upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://*.dec.sitefinity.com *.mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
content-encoding: gzip
vary: Accept-Encoding
x-powered-by: ASP.NET
status: 200
date: Thu, 19 Dec 2019 21:48:56 GMT
content-length: 7323
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a9d403f9-3388-4772-9522-b21134fc6733
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Jul 2019 07:53:59 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
etag: "805e41dbe42d51:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: max-age=82483
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 bootstrap.min.js Show response
www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/js/ 48 KB
15 KB 70ms
69ms Script
application/x-javascript 23.77.208.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/js/bootstrap.min.js?package=Ethiopian

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.77.208.176 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-77-208-176.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

65f97dab23e8383e4f9e5b07722014f704b9cb5dc820086014ec715c55e75e33

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org code.jquery.com ipapi.co .upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://.dec.sitefinity.com .mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org code.jquery.com ipapi.co *.upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://*.dec.sitefinity.com *.mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
content-encoding: gzip
vary: Accept-Encoding
x-powered-by: ASP.NET
status: 200
date: Thu, 19 Dec 2019 21:48:56 GMT
content-length: 13085
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a9d403f9-3388-4772-9522-b21134fc6733
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2019 07:32:52 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
etag: "02aeb77e05bd51:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: max-age=52415
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 ethiopian-v3.js Show response
www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/js/ 59 KB
13 KB 72ms
71ms Script
application/x-javascript 23.77.208.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/js/ethiopian-v3.js

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.77.208.176 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-77-208-176.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

bd792e9e454bbc1e8b2bf0d57c910c8f4d074fcc73b4971ebab57563822e4350

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com tagmanager.google.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' tagmanager.google.com 'unsafe-eval' .googleapis.com .gstatic.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org code.jquery.com ipapi.co .upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com tagmanager.google.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com www.google-analytics.com tagmanager.google.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com tagmanager.google.com; img-src 'self' https://upgrade-cdn.plusgrade.com .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://.dec.sitefinity.com .mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com tagmanager.google.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' tagmanager.google.com 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org code.jquery.com ipapi.co *.upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com tagmanager.google.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com www.google-analytics.com tagmanager.google.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com tagmanager.google.com; img-src 'self' https://upgrade-cdn.plusgrade.com *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://*.dec.sitefinity.com *.mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
content-encoding: gzip
vary: Accept-Encoding
x-powered-by: ASP.NET
status: 200
date: Thu, 19 Dec 2019 21:48:56 GMT
content-length: 11684
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a9d403f9-3388-4772-9522-b21134fc6733
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Nov 2019 09:40:45 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
etag: "e4f685933da4d51:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: max-age=59616
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 datepicker.js Show response
www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/js/ 110 KB
32 KB 76ms
75ms Script
application/x-javascript 23.77.208.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/js/datepicker.js

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.77.208.176 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-77-208-176.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

6aad97adf901af51f369c6df06d5d727092944d14ba2c7ca104f04e910cbf683

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org code.jquery.com ipapi.co .upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://.dec.sitefinity.com .mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org code.jquery.com ipapi.co *.upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com www.google-analytics.com; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com; img-src 'self' https://upgrade-cdn.plusgrade.com *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com www.google-analytics.com; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://*.dec.sitefinity.com *.mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
content-encoding: gzip
vary: Accept-Encoding
x-powered-by: ASP.NET
status: 200
date: Thu, 19 Dec 2019 21:48:56 GMT
content-length: 30795
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a9d403f9-3388-4772-9522-b21134fc6733
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Oct 2019 08:54:40 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
etag: "62b560ad9185d51:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: max-age=61251
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 WebResource.axd Show response
www.ethiopianairlines.com/ 2 KB
3 KB 264ms
263ms Script
application/x-javascript 23.77.208.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ethiopianairlines.com/WebResource.axd?d=yAZznlIeaGQJz8qTi4uqDTBGZePrXyVtnwXGlc70okm5jHQB0Eu2zTWI0THli4YkCKLwtTBv1NHrgGLogPldsi0SxUNVoG42NdqZMoD0yiA0m3nkT1Yj4IWJOruncMhF_8cD2cng1VlkviVpPNHDQ5f1E2kNNrgmMVxb9MUCKeU1&t=637057669219609231

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.77.208.176 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-77-208-176.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

920fad988c1a4e9a03c12a34438fd9b0371def689cc9786eec15b5844e2b23fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com tagmanager.google.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' tagmanager.google.com 'unsafe-eval' .googleapis.com .gstatic.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org code.jquery.com ipapi.co .upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com tagmanager.google.com https://d6tizftlrpuof.cloudfront.net; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com www.google-analytics.com tagmanager.google.com https://d6tizftlrpuof.cloudfront.net; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com tagmanager.google.com; img-src 'self' https://upgrade-cdn.plusgrade.com .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com www.google-analytics.com https://d6tizftlrpuof.cloudfront.net; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://.dec.sitefinity.com .mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com tagmanager.google.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' tagmanager.google.com 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org code.jquery.com ipapi.co *.upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com tagmanager.google.com https://d6tizftlrpuof.cloudfront.net; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com www.google-analytics.com tagmanager.google.com https://d6tizftlrpuof.cloudfront.net; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com tagmanager.google.com; img-src 'self' https://upgrade-cdn.plusgrade.com *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com www.google-analytics.com https://d6tizftlrpuof.cloudfront.net; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://*.dec.sitefinity.com *.mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
content-encoding: gzip
x-content-type-options: nosniff
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
vary: *, Accept-Encoding
content-length: 1023
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a9d403f9-3388-4772-9522-b21134fc6733
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Oct 2019 06:22:01 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
date: Thu, 19 Dec 2019 21:48:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public
expires: Wed, 16 Dec 2020 06:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 301 KB
49 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:80b::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53GR48

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7774ef286ac0247dd55ddf1f40f6b8d9d7f919cce791a8c0877e66f3d18ab768

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 21:48:56 GMT
content-encoding: br
last-modified: Thu, 19 Dec 2019 21:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 50219
x-xss-protection: 0
expires: Thu, 19 Dec 2019 21:48:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
564 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400&display=swap

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

648b7ff9a487fa29daebcc2cdb1ac3a46a2185b59dfd080e59e09ef05f8fe416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 19 Dec 2019 21:48:56 GMT
server: ESF
access-control-allow-origin: *
date: Thu, 19 Dec 2019 21:48:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Thu, 19 Dec 2019 21:48:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53GR48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4519
date: Thu, 19 Dec 2019 20:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Thu, 19 Dec 2019 22:33:37 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 32ms
32ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53GR48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

77ce0ec2a02b410eee12285bd7487b2599970ac39b6ff58c0b748b6e2df36f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 21:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9933
x-xss-protection: 0
server: cafe
etag: 9795501548502167919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Dec 2019 21:48:56 GMT

GET
H/1.1 200
OK ethiopianairlines.js Show response
d16fk4ms6rqz1v.cloudfront.net/capture/ 127 KB
44 KB 159ms
45ms Script
application/javascript 99.84.87.211
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://d16fk4ms6rqz1v.cloudfront.net/capture/ethiopianairlines.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53GR48

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.84.87.211 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-99-84-87-211.muc50.r.cloudfront.net

Software

nginx/1.10.1 /

Resource Hash

1fde1a47b6f120f809e5df149af92b09ea0b4f24f17957d66f93be8d5c8dbe6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=60; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 18 Dec 2019 08:04:40 GMT
Server: nginx/1.10.1
Age: 166
ETag: "5df9dd98-1fcd6"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 ac90d46be219b2aa8a23e6982405715d.cloudfront.net (CloudFront)
Date: Thu, 19 Dec 2019 21:05:54 GMT
X-Amz-Cf-Pop: MUC50-C1
Connection: keep-alive
X-Amz-Cf-Id: Ns4yKz6VV5iJ6TKPx1aOb-3n755CdWGhoZ71eSJNuW7YUmO9Eu_fUg==

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53GR48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4493
date: Thu, 19 Dec 2019 20:34:03 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17168
expires: Thu, 19 Dec 2019 22:34:03 GMT

GET
H2 200 /
ipapi.co/json/ 703 B
719 B 443ms
408ms XHR
application/json 2606:4700:20::681a:92c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json/?key=185f0fbd5ca1368bc0a0edc31057ad1b944311b9

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ethiopianairlines.com/
Origin: https://www.ethiopianairlines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 19 Dec 2019 21:48:56 GMT
content-encoding: br
allow: GET, HEAD, OPTIONS, OPTIONS, POST
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Origin
content-type: application/json
access-control-allow-origin: https://www.ethiopianairlines.com
cf-ray: 547c9562f8465a00-VIE

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 59 KB
22 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-T4XF7NP&t=gtm5&cid=1247933273.1576792136

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83b222badffd574ec5ec3a06a01e8f38d9b1db0c5f73d13686ba7e7972cc1146

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 21:48:56 GMT
content-encoding: br
last-modified: Thu, 19 Dec 2019 21:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 22594
x-xss-protection: 0
expires: Thu, 19 Dec 2019 21:48:56 GMT

GET __utm.gif
ssl.google-analytics.com/r/ 0
0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1017929605/ 2 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1017929605/?random=1576792136181&cv=9&fst=1576792136181&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ethiopianairlines.com%2F&tiba=Welcome%20to%20Ethiopian%20Airlines%20Official%20Website&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

df5705c2ff59dea581ec5d5728977eb0794deaf752b439a9a7afaf8c3a3e45dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Dec 2019 21:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1015
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/828485618/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/828485618/?random=1576792136184&cv=9&fst=1576792136184&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ethiopianairlines.com%2F&tiba=Welcome%20to%20Ethiopian%20Airlines%20Official%20Website&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

5e636989c3eeba6690ae0691c2f8151af5d05e49032b61a5abb77e0705a0109d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Dec 2019 21:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1014
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET collect
stats.g.doubleclick.net/r/ 0
0

GET /
www.google.com/pagead/1p-user-list/828485618/ 0
0

GET /
www.google.de/pagead/1p-user-list/828485618/ 0
0

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 21:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 499
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Thu, 19 Dec 2019 22:40:37 GMT

GET /
www.google.com/pagead/1p-user-list/1017929605/ 0
0

GET /
www.google.de/pagead/1p-user-list/1017929605/ 0
0

GET collect
www.google-analytics.com/r/ 0
0

GET
H2 200 collect
www.google-analytics.com/ 35 B
100 B 7ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=930567064&t=pageview&cu=USD&_s=2&dl=https%3A%2F%2Fwww.ethiopianairlines.com%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Ethiopian%20Airlines%20Official%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=70865348.1247933273.1576792136.1576792136.1576792136.1&_utmz=70865348.1576792136.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1576792136227&_u=aGDCCEALR~&jid=&gjid=&cid=1247933273.1576792136&tid=UA-3069395-3&_gid=827467854.1576792136&gtm=2wgc6153GR48&cd3=Booked&cd6=Booking&cd7=1247933273.1576792136&cd8=&cd9=online&cd15=No%20promo%20code%20used&z=1401385231

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Nov 2019 01:16:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2579564
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 15ms
15ms Image
image/gif 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=930567064&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ethiopianairlines.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Ethiopian%20Airlines%20Official%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=70865348.1247933273.1576792136.1576792136.1576792136.1&_utmz=70865348.1576792136.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1576792136231&_u=aGDCCEALR~&jid=1905977005&gjid=1862687294&cid=1247933273.1576792136&tid=UA-3069395-15&_gid=827467854.1576792136&_r=1&gtm=2wgc6153GR48&z=146076816

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Dec 2019 21:48:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET collect
stats.g.doubleclick.net/r/ 0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 12ms
12ms Script
application/x-javascript 2a03:2880:f0ff:1a:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f0ff:1a:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30426
x-xss-protection: 0
pragma: public
x-fb-debug: apqcNDpntTqDNBw/KJCEEt4Z7Rx6kinNASrfFl7SEMX1YnDFqknsWVuZKNrxFUZtIgRHZ3x3V0xujuSomWrLog==
date: Thu, 19 Dec 2019 21:48:56 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

tags
ams.creativecdn.com/ Frame F88B
Redirect Chain

https://creativecdn.com/tags?id=pr_WoP4066wXlu6zl3mWwMT
https://ams.creativecdn.com/tags?id=pr_WoP4066wXlu6zl3mWwMT&tc=1

0
0

24ms
23ms

Document
text/html

185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://ams.creativecdn.com/tags?id=pr_WoP4066wXlu6zl3mWwMT&tc=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53GR48
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: ams.creativecdn.com
:scheme: https
:path: /tags?id=pr_WoP4066wXlu6zl3mWwMT&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.ethiopianairlines.com/
accept-encoding: gzip, deflate, br
cookie: u=6JrYXmDJp0reMmmI93gW; ts=1576792136
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ethiopianairlines.com/

Response headers

status: 200
date: Thu, 19 Dec 2019 21:48:56 GMT Thu, 19 Dec 2019 21:48:56 GMT
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding, User-Agent
content-encoding: gzip
content-length: 196

Redirect headers

status: 302
date: Thu, 19 Dec 2019 21:48:56 GMT
set-cookie: u=6JrYXmDJp0reMmmI93gW;Path=/;Domain=.creativecdn.com;Expires=Fri, 18-Dec-2020 21:48:56 GMT;Max-Age=31536000;SameSite=None ts=1576792136;Path=/;Domain=.creativecdn.com;Expires=Fri, 18-Dec-2020 21:48:56 GMT;Max-Age=31536000;SameSite=None
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ams.creativecdn.com/tags?id=pr_WoP4066wXlu6zl3mWwMT&tc=1
content-length: 0

GET
H2 200 / Show response
www.ethiopianairlines.com/Sitefinity/Public/Services/Statistics/Log.svc/ 4 B
2 KB 118ms
118ms XHR
application/json 23.77.208.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ethiopianairlines.com/Sitefinity/Public/Services/Statistics/Log.svc/?pageNodeId=a7a52bb4-3637-4837-b119-a8e06a4c4caa&trackingId=e06bc95c-ebd5-44fb-a394-e5a022268ff3&referrer=&pageUrl=https://www.ethiopianairlines.com/

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/WebResource.axd?d=yAZznlIeaGQJz8qTi4uqDTBGZePrXyVtnwXGlc70okm5jHQB0Eu2zTWI0THli4YkCKLwtTBv1NHrgGLogPldsi0SxUNVoG42NdqZMoD0yiA0m3nkT1Yj4IWJOruncMhF_8cD2cng1VlkviVpPNHDQ5f1E2kNNrgmMVxb9MUCKeU1&t=637057669219609231

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.77.208.176 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-77-208-176.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com tagmanager.google.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' tagmanager.google.com 'unsafe-eval' .googleapis.com .gstatic.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org code.jquery.com ipapi.co .upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com tagmanager.google.com https://d6tizftlrpuof.cloudfront.net; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com www.google-analytics.com tagmanager.google.com https://d6tizftlrpuof.cloudfront.net; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com tagmanager.google.com; img-src 'self' https://upgrade-cdn.plusgrade.com .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com www.google-analytics.com https://d6tizftlrpuof.cloudfront.net; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://.dec.sitefinity.com .mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com tagmanager.google.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' tagmanager.google.com 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org code.jquery.com ipapi.co *.upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com tagmanager.google.com https://d6tizftlrpuof.cloudfront.net; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com www.google-analytics.com tagmanager.google.com https://d6tizftlrpuof.cloudfront.net; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com tagmanager.google.com; img-src 'self' https://upgrade-cdn.plusgrade.com *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com www.google-analytics.com https://d6tizftlrpuof.cloudfront.net; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://*.dec.sitefinity.com *.mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
content-encoding: gzip
x-content-type-options: nosniff
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 122
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a9d403f9-3388-4772-9522-b21134fc6733
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
date: Thu, 19 Dec 2019 21:48:56 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private

GET
H2 200 18266.js Show response
www.dwin1.com/ 16 KB
9 KB 41ms
13ms Script
application/javascript 2600:9000:20c3:a000:f:8ce2:fb80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/18266.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53GR48
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20c3:a000:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 321893c0cbaa5a7f812ce7bcc7442918beb0406a3adcd88e41ad0faf8aca8d1b

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: SsMvSvWZZHekZBYaTfcBxDGxY2nS8JDH
content-encoding: gzip
age: 456
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
via: 1.1 39ed76664123c3090231ff0882467152.cloudfront.net (CloudFront)
last-modified: Tue, 17 Sep 2019 14:22:09 GMT
server: AmazonS3
date: Thu, 19 Dec 2019 21:41:21 GMT
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600,s-maxage=3600
x-amz-cf-pop: MUC50-C1
x-amz-cf-id: sr7zGeJC5yREAee56VjvS1HEVo4emKFChSDOMkh45z8jwq-84P2rEg==

GET collect
www.google-analytics.com/r/ 0
0

GET
H/1.1 200
OK ac.js
apps.mypurecloud.de/journey/sdk/js/web/v1/ 100 KB
34 KB 411ms
318ms Script
text/javascript 3.122.5.123
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.de/journey/sdk/js/web/v1/ac.js

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.122.5.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-3-122-5-123.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Dec 2019 21:48:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Dec 2019 09:52:09 GMT
Server: nginx
x-amz-request-id: A1D51032CFA7E9BC
ETag: "1e12c0730d39cddf73fda97aaf97c634"
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age: 600
x-amz-version-id: z7UVblgdi9RhoppKKkqPkrnPldr6TBQm
Connection: keep-alive
Content-Length: 34494
x-amz-id-2: uTbTs/v3YuVnvegw5h9zkPYpPib6Mpk9pXzlClxqIJbVIL4jVJazywkRmboDjK7GHfFZh8F9y4E=

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 27 KB
10 KB 20ms
20ms Script
text/javascript 23.62.118.129
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bkrtx.com/js/bk-coretag.js
Requested by: Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.62.118.129 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-62-118-129.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5cc280e965102224e1c7c0bd1df536c524c3a6fc9762205f4d7f7b345382c724

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Dec 2019 21:48:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Aug 2019 15:56:57 GMT
Server: Apache
ETag: "31600f9-6afc-590a29f6f4dd4"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9603
Expires: Thu, 26 Dec 2019 21:48:56 GMT

GET collect
stats.g.doubleclick.net/r/ 0
0

GET
H2 200 131681254116141 Show response
connect.facebook.net/signals/config/ 100 KB
25 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f0ff:1a:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/131681254116141?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f0ff:1a:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

daa6bd0f235c5832343cc69bc2be80bb00b6208987e704b7f9595cc148306c04

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 25011
x-xss-protection: 0
pragma: public
x-fb-debug: /DyekMDRFgABhLUGyL9XUeZzRVD0XjRW0rImsiLeCxkmuoZ9maD+K0oZka55Ccd4Qnz75gbLS+OQRLy29wkT3A==
date: Thu, 19 Dec 2019 21:48:56 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 571471686532548 Show response
connect.facebook.net/signals/config/ 449 KB
113 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f0ff:1a:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/571471686532548?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f0ff:1a:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

99f84bcaa2a0b45caf644e70f59a22f56cf0ba08da45e92ce4593cff43b396a8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 115989
x-xss-protection: 0
pragma: public
x-fb-debug: 0jSX42Je57kZxbBS52twlhJ3YCjaHx9/zBx8pNgcy4ftH+pX09hq79GHUi8PQXO1jV9IOf6mP0T2lcHRPRWI6g==
date: Thu, 19 Dec 2019 21:48:56 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
249 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=131681254116141&ev=PageView&dl=https%3A%2F%2Fwww.ethiopianairlines.com%2F&rl=&if=false&ts=1576792136485&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=28&fbp=fb.1.1576792136485.860223205&it=1576792136458&coo=false&rqm=GET

Requested by

Host: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 21:48:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Thu, 19 Dec 2019 21:48:56 GMT

GET /
www.facebook.com/tr/ 0
0

GET /
cx.atdmt.com/ 0
0

GET de
www.ethiopianairlines.com/ 0
0

GET
H/1.1 200
OK 479e83acfb0ad529286e.common.js
dhqbrvplips7x.cloudfront.net/journey/sdk/346-346/js/web/v1/ 892 B
1 KB 102ms
25ms Script
text/javascript 143.204.98.34
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dhqbrvplips7x.cloudfront.net/journey/sdk/346-346/js/web/v1/479e83acfb0ad529286e.common.js
Requested by: Host: apps.mypurecloud.de
URL: https://apps.mypurecloud.de/journey/sdk/js/web/v1/ac.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.34 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-34.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Dec 2019 09:53:39 GMT
Via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
Age: 561317
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 892
Last-Modified: Thu, 12 Dec 2019 10:23:14 GMT
Server: AmazonS3
ETag: "2cf4fc4ee9feeb2f98d393b1a0aeafba"
x-amz-version-id: TImdtpCGJrHvLqo4LXYfSWP1IZsx.QoN
Cache-Control: max-age=31556926
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Type: text/javascript
X-Amz-Cf-Id: zLJ11T3lcytVc1i_1ZZDIr9Ne_3dRt93u-IQawnR5Cy6xEQd92GTnA==

GET
H/1.1 200
OK atm.js
journey-snippets.mypurecloud.de/77bfd710-5ed5-40a3-a005-e8c21e20ca75/ 4 B
557 B 152ms
64ms Script
application/javascript 143.204.101.54
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://journey-snippets.mypurecloud.de/77bfd710-5ed5-40a3-a005-e8c21e20ca75/atm.js
Requested by: Host: apps.mypurecloud.de
URL: https://apps.mypurecloud.de/journey/sdk/js/web/v1/ac.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.54 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-54.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: RQ9eNOAG786NDT4DMNTVu0TEliP6sk5i
Via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
ETag: "350fd6ef6446635f7a8f608434a405ec"
Last-Modified: Wed, 13 Nov 2019 13:27:49 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
x-amz-server-side-encryption: AES256
X-Cache: Error from cloudfront
Content-Type: application/javascript
Date: Thu, 19 Dec 2019 21:48:57 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4
X-Amz-Cf-Id: wFqxjNrRjMydiTAlziw9IsT-zApeXYE-qfi4Uu71qD3Yf9woweo7_w==

GET ping
api.mypurecloud.de/api/v2/journey/websites/77bfd710-5ed5-40a3-a005-e8c21e20ca75/customers/858d8dc6-9fbb-4f0c-b7bc-be564c66346b/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=571471686532548&ev=Microdata&dl=https%3A%2F%2Fwww.ethiopianairlines.com%2F&rl=&if=false&ts=1576792137031&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtWelcome%20to%20Ethiopian%20Airlines%20Official%20Website%5Cn%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Welcome%20to%20Ethiopian%20Airlines%20Official%20Website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.ethiopianairlines.com%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22Default%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1576792136485.860223205&it=1576792136458&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ethiopianairlines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 21:48:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Thu, 19 Dec 2019 21:48:57 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ssl.google-analytics.com
URL: https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1049834994&utmhn=www.ethiopianairlines.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Welcome%20to%20Ethiopian%20Airlines%20Official%20Website&utmhid=930567064&utmr=-&utmp=%2F&utmht=1576792136177&utmac=UA-3069395-3&utmgtm=2wgc6153GR48&utmcc=__utma%3D70865348.1247933273.1576792136.1576792136.1576792136.1%3B%2B__utmz%3D70865348.1576792136.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2135389666&utmredir=1&utmu=qmAgAABAAAGBAAAAAgABAAAE~

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3069395-3&cid=1247933273.1576792136&jid=2135389666&_v=5.7.2&z=1049834994

Domain: www.google.com
URL: https://www.google.com/pagead/1p-user-list/828485618/?random=1576792136184&cv=9&fst=1576789200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fwww.ethiopianairlines.com%2F&tiba=Welcome%20to%20Ethiopian%20Airlines%20Official%20Website&async=1&fmt=3&is_vtc=1&random=301525284&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/828485618/?random=1576792136184&cv=9&fst=1576789200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fwww.ethiopianairlines.com%2F&tiba=Welcome%20to%20Ethiopian%20Airlines%20Official%20Website&async=1&fmt=3&is_vtc=1&random=301525284&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain: www.google.com
URL: https://www.google.com/pagead/1p-user-list/1017929605/?random=1576792136181&cv=9&fst=1576789200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fwww.ethiopianairlines.com%2F&tiba=Welcome%20to%20Ethiopian%20Airlines%20Official%20Website&async=1&fmt=3&is_vtc=1&random=2128430204&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/1017929605/?random=1576792136181&cv=9&fst=1576789200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fwww.ethiopianairlines.com%2F&tiba=Welcome%20to%20Ethiopian%20Airlines%20Official%20Website&async=1&fmt=3&is_vtc=1&random=2128430204&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/r/collect?v=1&_v=j79&a=930567064&t=pageview&cu=USD&_s=1&dl=https%3A%2F%2Fwww.ethiopianairlines.com%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Ethiopian%20Airlines%20Official%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=70865348.1247933273.1576792136.1576792136.1576792136.1&_utmz=70865348.1576792136.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1576792136223&_u=aGDCAEALQ~&jid=662980656&gjid=18382488&cid=1247933273.1576792136&tid=UA-3069395-3&_gid=827467854.1576792136&_r=1&gtm=2wgc6153GR48&cd3=Booked&cd6=Booking&cd7=1247933273.1576792136&cd8=&cd9=online&cd15=No%20promo%20code%20used&z=1384974801

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3069395-3&cid=1247933273.1576792136&jid=662980656&_gid=827467854.1576792136&gjid=18382488&_v=j79&z=1384974801

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/r/collect?v=1&_v=j79&a=930567064&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.ethiopianairlines.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Ethiopian%20Airlines%20Official%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Multi-channel&ea=Direct&el=%2F&_utma=70865348.1247933273.1576792136.1576792136.1576792136.1&_utmz=70865348.1576792136.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1576792136434&_u=aGDCCEALR~&jid=1119735992&gjid=1442000368&cid=1247933273.1576792136&tid=UA-3069395-3&_gid=827467854.1576792136&_r=1&gtm=2wgc6153GR48&cd10=Direct&z=864408660

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3069395-3&cid=1247933273.1576792136&jid=1119735992&_gid=827467854.1576792136&gjid=1442000368&_v=j79&z=864408660

Domain: www.facebook.com
URL: https://www.facebook.com/tr/?id=571471686532548&ev=PageView&dl=https%3A%2F%2Fwww.ethiopianairlines.com%2F&rl=&if=false&ts=1576792136528&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1576792136485.860223205&par[0]=%7B%22extractorID%22%3A%222629099693872218%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22441254143220477%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&it=1576792136458&coo=false&rqm=GET

Domain: cx.atdmt.com
URL: https://cx.atdmt.com/?c=8679224552944003819&f=AYzbjsfROFw3AyNIL7LTTUCBCHOaCx2DfQjOMlD7C-KN2Ueo2E7K2cZ9oyuxIDrG_XE14zxkUt6bveg31yXUIrV_&id=571471686532548&l=3&v=0

Domain: www.ethiopianairlines.com
URL: https://www.ethiopianairlines.com/de

Domain: api.mypurecloud.de
URL: https://api.mypurecloud.de/api/v2/journey/websites/77bfd710-5ed5-40a3-a005-e8c21e20ca75/customers/858d8dc6-9fbb-4f0c-b7bc-be564c66346b/ping?visitId=d8c7b1ea-938e-4683-b3ca-5a33d8a0065d&_v=0.0.0&tid=77bfd710-5ed5-40a3-a005-e8c21e20ca75&t=1576792136872&callback=_ac_ping_6W0q7M&dt=Welcome%20to%20Ethiopian%20Airlines%20Official%20Website

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/js/jquery-3.2.1.min.js(Line 2) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at HTMLDocument.<anonymous> (https://www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/js/ethiopian-v3.js:103:63) at j (https://www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/js/jquery-3.2.1.min.js:2:29999) at k (https://www.ethiopianairlines.com/ResourcePackages/Ethiopian/assets/dist/js/jquery-3.2.1.min.js:2:30313) undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' upgrade-cdn.plusgrade.com https://d7auu4t966f9r.cloudfront.net www.google-analytics.com tagmanager.google.com; script-src https: http://code.jquery.com 'self' 'unsafe-inline' tagmanager.google.com 'unsafe-eval' .googleapis.com .gstatic.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org code.jquery.com ipapi.co .upgrade.plusgrade.com apps.mypurecloud.de www.google-analytics.com tagmanager.google.com https://d6tizftlrpuof.cloudfront.net; style-src 'self' https://upgrade-cdn.plusgrade.com 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com www.google-analytics.com tagmanager.google.com https://d6tizftlrpuof.cloudfront.net; font-src 'self' https://d7auu4t966f9r.cloudfront.net fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: www.google-analytics.com tagmanager.google.com; img-src 'self' https://upgrade-cdn.plusgrade.com .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com www.google-analytics.com https://d6tizftlrpuof.cloudfront.net; media-src 'self' data: blob: www.google-analytics.com; frame-src https: www.google-analytics.com; connect-src 'self' accounts.google.com https://.dec.sitefinity.com .mktoresp.com ipapi.co *.cloudfront.net www.google-analytics.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ams.creativecdn.com
api.mypurecloud.de
apps.mypurecloud.de
code.jquery.com
connect.facebook.net
creativecdn.com
cx.atdmt.com
d16fk4ms6rqz1v.cloudfront.net
dhqbrvplips7x.cloudfront.net
fonts.googleapis.com
googleads.g.doubleclick.net
ipapi.co
journey-snippets.mypurecloud.de
ssl.google-analytics.com
stats.g.doubleclick.net
tags.bkrtx.com
www.dwin1.com
www.ethiopianairlines.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
api.mypurecloud.de
cx.atdmt.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.ethiopianairlines.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
143.204.101.54
143.204.98.34
172.217.16.130
185.184.8.30
2001:4de0:ac19::1:b:1a
23.62.118.129
23.77.208.176
2600:9000:20c3:a000:f:8ce2:fb80:93a1
2606:4700:20::681a:92c
2a00:1450:4001:808::2008
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:821::2002
2a03:2880:f0ff:1a:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.122.5.123
99.84.87.211
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
178eea84de6b35757ff86e648c1dc460c9bfb04915d166a54cddc842d3b508e3
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
1fde1a47b6f120f809e5df149af92b09ea0b4f24f17957d66f93be8d5c8dbe6a
321893c0cbaa5a7f812ce7bcc7442918beb0406a3adcd88e41ad0faf8aca8d1b
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
450218a5411b60a2f38f8f0bd3cbd520095a6998640275662b5dd50542980496
4cf58add82f4294b2c1cc381eccd5168a37eb0c98dcbf57b586f579d4d202a2d
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5cc280e965102224e1c7c0bd1df536c524c3a6fc9762205f4d7f7b345382c724
5e636989c3eeba6690ae0691c2f8151af5d05e49032b61a5abb77e0705a0109d
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
648b7ff9a487fa29daebcc2cdb1ac3a46a2185b59dfd080e59e09ef05f8fe416
65f97dab23e8383e4f9e5b07722014f704b9cb5dc820086014ec715c55e75e33
6aad97adf901af51f369c6df06d5d727092944d14ba2c7ca104f04e910cbf683
7774ef286ac0247dd55ddf1f40f6b8d9d7f919cce791a8c0877e66f3d18ab768
77ce0ec2a02b410eee12285bd7487b2599970ac39b6ff58c0b748b6e2df36f3c
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b222badffd574ec5ec3a06a01e8f38d9b1db0c5f73d13686ba7e7972cc1146
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
920fad988c1a4e9a03c12a34438fd9b0371def689cc9786eec15b5844e2b23fc
99f84bcaa2a0b45caf644e70f59a22f56cf0ba08da45e92ce4593cff43b396a8
aceed8280006fb1cce8d1d395885d057ca4c70e4838efe7ab412ecdddbb784b4
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bd792e9e454bbc1e8b2bf0d57c910c8f4d074fcc73b4971ebab57563822e4350
cc41677b202887ca83e2c6de0234822ef1332fe943afab84c12bb7b20a275e1f
d718810706465f7b5225e6ef42bf0e39199e663ef9e86941e4fb167472aaa4d9
daa6bd0f235c5832343cc69bc2be80bb00b6208987e704b7f9595cc148306c04
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
df5705c2ff59dea581ec5d5728977eb0794deaf752b439a9a7afaf8c3a3e45dd
e0d7ec276fdf6dd132c33dba33197f8011bd090a68feb34b48beb3e8008c8a06
f7cdf91fc7b9b99b5472aa17592b5e8225bfcc3060b344a34bcf14663e238b56

www.ethiopianairlines.com Open in urlscan Pro 23.77.208.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

55 Requests

75 %HTTPS

56 %IPv6

18 Domains

24 Subdomains

19 IPs

5 Countries

662 kBTransfer

2382 kBSize

0 Cookies

0 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ethiopianairlines.com Open in urlscan Pro
23.77.208.176 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

75 %
HTTPS

56 %
IPv6

18
Domains

24
Subdomains

19
IPs

5
Countries

662 kB
Transfer

2382 kB
Size

0
Cookies

55 HTTP transactions
4 data transactions