www.quickflightclaim.com Open in urlscan Pro
2606:4700:3033::ac43:948d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://quickflightclaim.com/
Effective URL:
https://www.quickflightclaim.com/
Submission: On April 08 via automatic, source certstream-suspicious (April 8th 2022, 2:47:58 pm UTC) — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3033::ac43:948d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.quickflightclaim.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 8th 2022. Valid for: a year.

This is the only time www.quickflightclaim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700:303... 2606:4700:3033::ac43:948d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
6	2606:4700:303... 2606:4700:3035::6815:1d42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
19	7

3 2606:4700:3033::ac43:948d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

quickflightclaim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.quickflightclaim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3035::6815:1d42 (United States)

ASN13335 (CLOUDFLARENET, US)

www.quickflightclaim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	quickflightclaim.com 1 redirects quickflightclaim.com www.quickflightclaim.com	251 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	342 KB
4	google.com www.google.com — Cisco Umbrella Rank: 4	40 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 282	31 KB
19	4

	Domain	Requested by
8	www.quickflightclaim.com	www.quickflightclaim.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	www.quickflightclaim.com www.gstatic.com www.google.com
2	fonts.gstatic.com	www.google.com
1	ajax.googleapis.com	www.quickflightclaim.com
1	quickflightclaim.com	1 redirects
19	6

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-08` - `2023-04-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.quickflightclaim.com/
Frame ID: 0C0CB54367C922ECE705A026293D1827
Requests: 12 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeG3aUUAAAAAPwfblc7eGgitxlOPfcN01sUt9_O&co=aHR0cHM6Ly93d3cucXVpY2tmbGlnaHRjbGFpbS5jb206NDQz&hl=de&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=2cyu96n7st8u
Frame ID: 6499336E8323232AAF68879ECC89C1F7
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Quick Flight Claim – Flight Delay Compensationicon-yesarrowicon-yesarrow

Page URL History Show full URLs

https://quickflightclaim.com/ HTTP 301
https://www.quickflightclaim.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

19
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

6
Subdomains

7
IPs

2
Countries

664 kB
Transfer

1617 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://quickflightclaim.com/ HTTP 301
https://www.quickflightclaim.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.quickflightclaim.com/
Redirect Chain

https://quickflightclaim.com/
https://www.quickflightclaim.com/

41 KB
7 KB

614ms
595ms

Document
text/html

2606:4700:3033::ac43:948d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.quickflightclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:948d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a56bcb25f992932f4fe40fdff2dc502a50dc934f30af89d06109356c5e70951

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 6f8bccfb19d90f72-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 08 Apr 2022 14:47:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 08 Apr 2022 14:47:53 GMT
link: <https://www.quickflightclaim.com/wp-json/>; rel="https://api.w.org/" <https://www.quickflightclaim.com/wp-json/wp/v2/pages/79>; rel="alternate"; type="application/json" <https://www.quickflightclaim.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqqkfEpLpDhPEk19rW2l3D91XanqbrfFeNEFbdUjCnbd2LZ3DiBxkYqLGINbQGHVyAUklRKs1%2BfxYpQS9RPJBXOWguMpXE%2Fy3QI7eA6k3GUvSXZAwG1D8dlXJFBKedmJQk6WATjWS7RAvFVJI1QVK6wNPUthWos%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6f8bccfa58590f72-MXP
content-type: text/html
date: Fri, 08 Apr 2022 14:47:52 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://www.quickflightclaim.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqxdHmtA%2BpH8czJvqoqwH30PrkgK19R6EcV7sUZVk6qd9h3fxQKGnasEkFb3z4rvlgYI4BxyMHpqJzbTeZgyp4l0sp%2B5gyUNOMPlqyfCBbg3WhIFqTuvxYdB7BhPjaoaZtB7h5PBXNhLFWU%2FH%2Fsn4%2BdaJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
x-turbo-charged-by: LiteSpeed

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.quickflightclaim.com
URL: https://www.quickflightclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.quickflightclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 09:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Apr 2023 09:55:45 GMT

GET
H2 200 autoptimize_56225bed201b4a65d08ec0e10451a4f3.css
www.quickflightclaim.com/wp-content/cache/autoptimize/css/ 242 KB
37 KB 132ms
131ms Stylesheet
text/css 2606:4700:3033::ac43:948d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.quickflightclaim.com/wp-content/cache/autoptimize/css/autoptimize_56225bed201b4a65d08ec0e10451a4f3.css
Requested by: Host: www.quickflightclaim.com
URL: https://www.quickflightclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:948d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 806ce0fafd5c3449fd1619e086d8cdb76830720d2b8379589b96085bc9fec4f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.quickflightclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:47:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Jan 2022 14:03:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7nwKpp78G%2F3NIq%2BDI%2FQXCx%2F%2FqIYYHonKyPHUGTLghBZGnep8cUakyRWTNBaQ0RV0Wds4TLZz7j0prYWEzUjBSVAvBqVBj48%2B%2BZ8D1Wm6UbfBhChTWfoSZq5XgId0E9yKKNMzDMlc3P97eIDxXt8JXO9PeoKrXU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6f8bccfef95e0f72-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 29 Mar 2023 14:47:53 GMT

GET
H3 200 logo.svg
www.quickflightclaim.com/wp-content/themes/quick-flight-claim/images/ 10 KB
3 KB 1623ms
1623ms Image
image/svg+xml 2606:4700:3035::6815:1d42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.quickflightclaim.com/wp-content/themes/quick-flight-claim/images/logo.svg
Requested by: Host: www.quickflightclaim.com
URL: https://www.quickflightclaim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1d42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e13c5cb41ceefc8698254a65eb7e7137f899634610fd39d776f8b6ca82a2073

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.quickflightclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:47:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 May 2019 10:27:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CAaRUFCUZ4XrHQ9N8c2YvHURRKIFs5OrDxdDxCcrWXwfFMFChUYfLFnZap7U5p4DRjXSM7wl%2FEp6tZtfRZPnfvkPJDS2lMSa8i%2Br8r%2BX1VEA2mkv0hQ2lbZexCaU2EO24ciw%2BL5Gxp4uwtGbZafX0QGKaeR4%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6f8bccff7b6b5a25-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 15 Apr 2022 14:47:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
996 B 41ms
19ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeG3aUUAAAAAPwfblc7eGgitxlOPfcN01sUt9_O

Requested by

Host: www.quickflightclaim.com
URL: https://www.quickflightclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0ae8cb7824016d7efc0fd8d0ce067caad5d5592b369354142e56f56d074c3b06

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.quickflightclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:47:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Fri, 08 Apr 2022 14:47:53 GMT

GET
H3 200 autoptimize_eeb94be4d6a79d2daf584c5b98502288.js Show response
www.quickflightclaim.com/wp-content/cache/autoptimize/js/ 222 KB
67 KB 186ms
186ms Script
application/javascript 2606:4700:3035::6815:1d42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.quickflightclaim.com/wp-content/cache/autoptimize/js/autoptimize_eeb94be4d6a79d2daf584c5b98502288.js
Requested by: Host: www.quickflightclaim.com
URL: https://www.quickflightclaim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1d42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba949f26078b4f27a2ae544b6ca103f6c8fdac205a6eb5425d89ebb3cbaa565b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.quickflightclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:47:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 25 Oct 2021 13:11:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WljyFuntLDxe1mPyJMX9hzjxB3Xi%2Bu3GQElfeAosXkKQjTeoF7YuPR6ZtNMpYwKil0npDAxwcVLNgPp%2FiL9YnkmYtuNeFg2wiu%2BCah7m9ntrzaIoEF7DfuUdNkHNk8HTBHNV0%2BW7TZH062setB6fwfIAk6zaJyI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6f8bccffdc5b5a25-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 29 Mar 2023 14:47:53 GMT

GET
H3 200 bg.jpg
www.quickflightclaim.com/wp-content/themes/quick-flight-claim/images/ 87 KB
87 KB 3143ms
3143ms Image
image/jpeg 2606:4700:3035::6815:1d42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.quickflightclaim.com/wp-content/themes/quick-flight-claim/images/bg.jpg
Requested by: Host: www.quickflightclaim.com
URL: https://www.quickflightclaim.com/wp-content/cache/autoptimize/css/autoptimize_56225bed201b4a65d08ec0e10451a4f3.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1d42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd1a53c8965d5799da7575d473dcf297b7edb37d72c9012621cfc450f05a46b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.quickflightclaim.com/wp-content/cache/autoptimize/css/autoptimize_56225bed201b4a65d08ec0e10451a4f3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:47:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 88733
last-modified: Wed, 29 May 2019 10:27:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdw03P8YNvEIQ1ylDA%2FOdEBunSOVx6Qce3Ms936KvBAL8LhcIRdFV%2B7Y8JNVgCA1uAsSLR3rzYS8UjQIUvE4bZFUPNTJ%2BPEtHZXYwYsycDkuVYhOZPL91XjvZkHXgKqJViOLS9bF4uHYYwZ0yBrnhn8vBVQ6Kb0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f8bccffec855a25-MXP
expires: Fri, 15 Apr 2022 14:47:56 GMT

GET
H3 200 oxygen-v8-latin-700.woff2
www.quickflightclaim.com/wp-content/themes/quick-flight-claim/fonts/ 16 KB
16 KB 114ms
114ms Font
font/woff2 2606:4700:3035::6815:1d42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.quickflightclaim.com/wp-content/themes/quick-flight-claim/fonts/oxygen-v8-latin-700.woff2
Requested by: Host: www.quickflightclaim.com
URL: https://www.quickflightclaim.com/wp-content/cache/autoptimize/css/autoptimize_56225bed201b4a65d08ec0e10451a4f3.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1d42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5f9ecb6ce5cd13a976187541227e0246570ae91864d052b3e9cc0a4636dc8a2

Request headers

Referer: https://www.quickflightclaim.com/wp-content/cache/autoptimize/css/autoptimize_56225bed201b4a65d08ec0e10451a4f3.css
Origin: https://www.quickflightclaim.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:47:53 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16184
last-modified: Wed, 29 May 2019 10:27:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNk8S6llJ386rozgErURMkBZHGPOEVysUp39CrrIz5a%2FFL9zx3Tgu5RVWQsDhf%2BdncHUD07VztDq%2F0h%2B%2FIYNs5BmmeJRvGe2z9rah%2Fk5IXTLh83w8H6mw6RPR9HiOcah3i4Z8PR7TIPTF8GNNAvpm6NZKDqOSag%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=14400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f8bccffec905a25-MXP
expires: Fri, 08 Apr 2022 14:47:53 GMT

GET
H3 200 oxygen-v8-latin-300.woff2
www.quickflightclaim.com/wp-content/themes/quick-flight-claim/fonts/ 15 KB
16 KB 171ms
171ms Font
font/woff2 2606:4700:3035::6815:1d42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.quickflightclaim.com/wp-content/themes/quick-flight-claim/fonts/oxygen-v8-latin-300.woff2
Requested by: Host: www.quickflightclaim.com
URL: https://www.quickflightclaim.com/wp-content/cache/autoptimize/css/autoptimize_56225bed201b4a65d08ec0e10451a4f3.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1d42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0440b2a721be54a2b7bece2df875ab362344f9702a6578613a8e42ce084641fc

Request headers

Referer: https://www.quickflightclaim.com/wp-content/cache/autoptimize/css/autoptimize_56225bed201b4a65d08ec0e10451a4f3.css
Origin: https://www.quickflightclaim.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:47:53 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15788
last-modified: Wed, 29 May 2019 10:27:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=visRWR2xKW7MlAoI%2B3UtvJqfnq6bMlD6ICeDMzhFoULYlUIIq2a5w9Iy%2FGr4mcVG2qttSQK%2FehPMIef2EtlM4WlkmU1R7bxYs77ozoruY1l%2FfrFTv%2F0mkhG68yjtLsiogSxhpgU2aptGGBqZqNMw4y4bs8zaH%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=14400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f8bccffec925a25-MXP
expires: Fri, 08 Apr 2022 14:47:53 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ 362 KB
143 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeG3aUUAAAAAPwfblc7eGgitxlOPfcN01sUt9_O

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28867b3762818bd92ff0e14909775048d6ba38b5695e152a88ee402f569f1ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.quickflightclaim.com/
Origin: https://www.quickflightclaim.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 13:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145703
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 04:02:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 13:25:28 GMT

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 price-bg.png
www.quickflightclaim.com/wp-content/themes/quick-flight-claim/images/ 16 KB
17 KB 572ms
572ms Image
image/png 2606:4700:3035::6815:1d42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.quickflightclaim.com/wp-content/themes/quick-flight-claim/images/price-bg.png
Requested by: Host: www.quickflightclaim.com
URL: https://www.quickflightclaim.com/wp-content/cache/autoptimize/css/autoptimize_56225bed201b4a65d08ec0e10451a4f3.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1d42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f2bcc0cd3064110cc1f4ec3c2f93b7571ce876fa34df011f000d9cbfd8a0d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.quickflightclaim.com/wp-content/cache/autoptimize/css/autoptimize_56225bed201b4a65d08ec0e10451a4f3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:47:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16431
last-modified: Wed, 29 May 2019 10:27:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMKemg%2FhtbYvoXSVT3jGkvjIf3AT3r9IvtKxMU3ZuflHsN3XJ9DsdxW%2BgRai1t2SLp2IegWKGgY0IKbrUGl3iSeRHp65HKvock4kYFi8BAVbhehvRAW4qMq1M75x3Oe%2B8va2HG0JHmf2dV3dpvACXnd00RYkxs4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f8bcd000cf35a25-MXP
expires: Fri, 15 Apr 2022 14:47:54 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 6499 41 KB
21 KB 43ms
27ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeG3aUUAAAAAPwfblc7eGgitxlOPfcN01sUt9_O&co=aHR0cHM6Ly93d3cucXVpY2tmbGlnaHRjbGFpbS5jb206NDQz&hl=de&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=2cyu96n7st8u

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7b1e7f00e8ee6bf9b0b4a8b362c36d09fb41c44e2df8b3dec488e41af35842c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CXdV232h0PLyt/vcjnNEtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quickflightclaim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 21718
content-security-policy: script-src 'report-sample' 'nonce-CXdV232h0PLyt/vcjnNEtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 14:47:53 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ Frame 6499 51 KB
24 KB 24ms
10ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeG3aUUAAAAAPwfblc7eGgitxlOPfcN01sUt9_O&co=aHR0cHM6Ly93d3cucXVpY2tmbGlnaHRjbGFpbS5jb206NDQz&hl=de&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=2cyu96n7st8u

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 13:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 04:02:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 13:37:12 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ Frame 6499 362 KB
142 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28867b3762818bd92ff0e14909775048d6ba38b5695e152a88ee402f569f1ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 13:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145703
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 04:02:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 13:25:28 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6499 2 KB
2 KB 8ms
8ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 244085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 12 Apr 2022 18:59:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6499 15 KB
16 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 271788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 11:18:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6499 15 KB
15 KB 32ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 244085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 6499 102 B
132 B 16ms
16ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Y-cOIEkAqcfDdup_qnnmkxIC

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5bea0c70a9781c6017a4a666a69482c1a5a78635ce76c395f7ab74b6029571ec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeG3aUUAAAAAPwfblc7eGgitxlOPfcN01sUt9_O&co=aHR0cHM6Ly93d3cucXVpY2tmbGlnaHRjbGFpbS5jb206NDQz&hl=de&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=2cyu96n7st8u
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:47:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 1; mode=block
expires: Fri, 08 Apr 2022 14:47:53 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 6499 32 KB
18 KB 53ms
52ms XHR
application/json 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeG3aUUAAAAAPwfblc7eGgitxlOPfcN01sUt9_O

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

80407e35369de5744554527ae2e01103cadacb7fc69d64361fb6458776746e07

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeG3aUUAAAAAPwfblc7eGgitxlOPfcN01sUt9_O&co=aHR0cHM6Ly93d3cucXVpY2tmbGlnaHRjbGFpbS5jb206NDQz&hl=de&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=2cyu96n7st8u
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 08 Apr 2022 14:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18336
x-xss-protection: 1; mode=block
expires: Fri, 08 Apr 2022 14:47:54 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-20 06:29:41	Name: _GRECAPTCHA Value: 09AG0dS7v1OOAyfu9h2jZeFl6HU6m-P7zit8iQ3A0aKip2mBbl0EqvCMAyfGzd7-Dzws1XPssOK4oZu2_drPZeK_s

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.gstatic.com
quickflightclaim.com
www.google.com
www.gstatic.com
www.quickflightclaim.com
2606:4700:3033::ac43:948d
2606:4700:3035::6815:1d42
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:831::200a
0440b2a721be54a2b7bece2df875ab362344f9702a6578613a8e42ce084641fc
0ae8cb7824016d7efc0fd8d0ce067caad5d5592b369354142e56f56d074c3b06
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
28867b3762818bd92ff0e14909775048d6ba38b5695e152a88ee402f569f1ef5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bea0c70a9781c6017a4a666a69482c1a5a78635ce76c395f7ab74b6029571ec
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6a56bcb25f992932f4fe40fdff2dc502a50dc934f30af89d06109356c5e70951
7b1e7f00e8ee6bf9b0b4a8b362c36d09fb41c44e2df8b3dec488e41af35842c3
80407e35369de5744554527ae2e01103cadacb7fc69d64361fb6458776746e07
806ce0fafd5c3449fd1619e086d8cdb76830720d2b8379589b96085bc9fec4f1
8e13c5cb41ceefc8698254a65eb7e7137f899634610fd39d776f8b6ca82a2073
8f2bcc0cd3064110cc1f4ec3c2f93b7571ce876fa34df011f000d9cbfd8a0d59
ba949f26078b4f27a2ae544b6ca103f6c8fdac205a6eb5425d89ebb3cbaa565b
bd1a53c8965d5799da7575d473dcf297b7edb37d72c9012621cfc450f05a46b1
f5f9ecb6ce5cd13a976187541227e0246570ae91864d052b3e9cc0a4636dc8a2
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

www.quickflightclaim.com Open in urlscan Pro 2606:4700:3033::ac43:948d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

100 %IPv6

4 Domains

6 Subdomains

7 IPs

2 Countries

664 kBTransfer

1617 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

1 Cookies

Indicators

www.quickflightclaim.com Open in urlscan Pro
2606:4700:3033::ac43:948d Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

6
Subdomains

7
IPs

2
Countries

664 kB
Transfer

1617 kB
Size

1
Cookies

19 HTTP transactions
1 data transactions