URL: https://biletaime.al/
Submission: On August 14 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 47 HTTP transactions. The main IP is 2606:4700:3031::ac43:8561, located in United States and belongs to CLOUDFLARENET, US. The main domain is biletaime.al.
TLS certificate: Issued by WE1 on August 14th 2024. Valid for: 3 months.
This is the only time biletaime.al was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
25 biletaime.al
biletaime.al
1 MB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
92e06e091b68bb53603e6f5308fdf0c6.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
20 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
region1.google-analytics.com — Cisco Umbrella Rank: 3123
21 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
148 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
165 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
113 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641
fonts.googleapis.com — Cisco Umbrella Rank: 110
35 KB
1 autoeurope.com
booking.autoeurope.com
1 uniontravel.al
www.uniontravel.al
1 golibe.com
union.golibe.com
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 353
32 KB
0 securitymetrics.com Failed
www.securitymetrics.com Failed
47 12
Domain Requested by
25 biletaime.al biletaime.al
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 securepubads.g.doubleclick.net www.googletagservices.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com biletaime.al
www.googletagmanager.com
2 code.jquery.com biletaime.al
1 92e06e091b68bb53603e6f5308fdf0c6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 booking.autoeurope.com biletaime.al
1 www.uniontravel.al biletaime.al
1 union.golibe.com biletaime.al
1 fonts.googleapis.com biletaime.al
1 www.googletagservices.com biletaime.al
1 ajax.googleapis.com biletaime.al
0 www.securitymetrics.com Failed biletaime.al
47 16
Subject Issuer Validity Valid
biletaime.al
WE1
2024-08-14 -
2024-11-12
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.g.doubleclick.net
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
golibe.com
R11
2024-07-27 -
2024-10-25
3 months crt.sh
uniontravel.al
R10
2024-08-10 -
2024-11-08
3 months crt.sh
booking.autoeurope.com
R11
2024-06-21 -
2024-09-19
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh

This page contains 6 frames:

Primary Page: https://biletaime.al/
Frame ID: 22CBE9E6C9E6FAD10B39BF340DE8AE58
Requests: 42 HTTP requests in this frame

Frame: https://union.golibe.com/iframe
Frame ID: 88D3FFB1CB0C8488D727217CC4177FF2
Requests: 1 HTTP requests in this frame

Frame: https://www.uniontravel.al/frame/
Frame ID: F97CDAD3B593F05629EDDCB690F58C36
Requests: 1 HTTP requests in this frame

Frame: https://booking.autoeurope.com/?aff=UNIONTRAVEL
Frame ID: 875801BEA8C621203BDAD5FBCB3091C3
Requests: 1 HTTP requests in this frame

Frame: https://92e06e091b68bb53603e6f5308fdf0c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 51680B6367665BB7377B27589B66A47C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 90D3D617567500EF8A90AA4EEA270E69
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Rreth Nesh :: Bileta Avioni Online - BiletaIme.al

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

47
Requests

96 %
HTTPS

79 %
IPv6

12
Domains

16
Subdomains

15
IPs

3
Countries

1909 kB
Transfer

3180 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
biletaime.al/
12 KB
4 KB
Document
General
Full URL
https://biletaime.al/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24531f4aebb1b2fd6c14e6f7d31937623e0125305249ea9c5cb2fd70a9fe6c1c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b300f4f3b0e18cb-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 14 Aug 2024 09:53:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vavxZkrmdiYMXYGF1ZpqnYe3CX%2BB4yIVcprF7MuMbmZ6vCx36pCXovK7ZN%2FCHtCB%2BpAs4oJgTGLFm9UkY3KtCRCsPE%2BnyguRofb%2B%2BIVZT1cc0BNPKMwoBRynAK7t%2FsXd9DMkETuCgwQ3XYM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/
91 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: biletaime.al
URL: https://biletaime.al/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 15:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33621
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 15:02:11 GMT
jquery-ui.js
code.jquery.com/ui/1.9.1/
438 KB
107 KB
Script
General
Full URL
https://code.jquery.com/ui/1.9.1/jquery-ui.js
Requested by
Host: biletaime.al
URL: https://biletaime.al/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b57bb2b666a44ed5dee8d08382878f05788a7b5801f95037c51bf206cfecabde

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1855301
x-cache
HIT, HIT
content-length
109667
x-served-by
cache-lga21928-LGA, cache-fra-etou8220100-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1723629228.501926,VS0,VE0
etag
W/"28feccc0-6d74b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
4428, 59
prettify.js
biletaime.al/assets/js/
13 KB
6 KB
Script
General
Full URL
https://biletaime.al/assets/js/prettify.js
Requested by
Host: biletaime.al
URL: https://biletaime.al/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e576e3bc607cd179ff511947010f645d3441a35313aec0dbd06c4437f83b77

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 09:38:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2395250
etag
W/"616fe3a5-3540"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kLQ8ST3VAd4GG3J8it7JiEIhkGpH2fT%2By%2BxB914BfXBvhCr6w%2BBu4e4nXQP7aUanL9n8JsMS4kR6p7XdoAlv05UW86pS%2F9qquhc5Zisa4mtRPAxU%2FYHy4lddaTs1gTFpWYnekH3oCd5Szhw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
8b300f4f9bd418cb-FRA
alt-svc
h3=":443"; ma=86400
kickstart.js
biletaime.al/assets/js/
67 KB
21 KB
Script
General
Full URL
https://biletaime.al/assets/js/kickstart.js
Requested by
Host: biletaime.al
URL: https://biletaime.al/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e43fe4a20099c5abdf00f2736d9908947072ae5a2fad18edc158750325fbd69

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 09:39:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"616fe3cc-10baf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9tWGuxD22L1sLllCucSIf73LRryef0L0YWLFuTsd78C%2B%2FrIcz%2F4y9knHTzsKLbIVfY5E87JJIWCGrk7xl%2BzI31aabTPhRIGfqr1r2Lw9OGlt%2B8C3yE%2BEGDvKWBcTodoioEDu%2Bk09pS9ntYM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
8b300f4f9bd718cb-FRA
alt-svc
h3=":443"; ma=86400
jquery-ui.css
code.jquery.com/ui/1.9.1/themes/excite-bike/
30 KB
6 KB
Stylesheet
General
Full URL
https://code.jquery.com/ui/1.9.1/themes/excite-bike/jquery-ui.css
Requested by
Host: biletaime.al
URL: https://biletaime.al/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ebfa598c35102becef4d08dff4fbfa77d9e030ef90ce2d8c5a394cf4814ce6c

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1644778
x-cache
HIT, HIT
content-length
5744
x-served-by
cache-lga21931-LGA, cache-fra-etou8220100-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1723629228.501986,VS0,VE1
etag
W/"28feccc0-78b7"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
54, 0
kickstart.css
biletaime.al/assets/css/
12 KB
4 KB
Stylesheet
General
Full URL
https://biletaime.al/assets/css/kickstart.css
Requested by
Host: biletaime.al
URL: https://biletaime.al/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d2ffe3b3270205058b7cfcfbe657ab49d7f0792acbebde796eaf4955f434569

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 09:40:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"616fe3f5-31f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aGKInWtd9NQhjPMY4SzM%2Fj3%2BPWVN33rUlrFLIrC48U%2BNkwlzSuSIFzCAuW2X%2Fgb7WFuY2Bm%2BDa7labOlxQsb5LDur3Aoufask%2FHA%2BNuAN84NicXQi3sqW7k9X1YYOqH7jVY9UzVgvTijdvE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
8b300f4f9bcc18cb-FRA
alt-svc
h3=":443"; ma=86400
teNdryshme.css
biletaime.al/assets/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://biletaime.al/assets/css/teNdryshme.css
Requested by
Host: biletaime.al
URL: https://biletaime.al/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e2fb053a4a0bccf4fe901a2494d1f5dbe950973a9ce6e337a4e01f3d93ea600

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Dec 2021 08:22:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"61af19cb-12cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Px0B26oLd1QdVIPzexgOyX1bGlsKIrlKY5JTn9dqsQlu4Xq45yck4DnR4UXl15spKQfB3BWXlmlrDYWw%2BfOrjrPDy5ff%2BlOt9dGcDzOCLjJfuZyRuh9ZHnvedrt24G5qGIrykm2eMB42FbA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
8b300f4f9bd218cb-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
210 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-187449949-3
Requested by
Host: biletaime.al
URL: https://biletaime.al/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
63423c66ecdba921980a0734f444a2220efe455f6ae201a344b6fc4c29ffde94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77192
x-xss-protection
0
last-modified
Wed, 14 Aug 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Aug 2024 09:53:47 GMT
gpt.js
www.googletagservices.com/tag/js/
104 KB
32 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: biletaime.al
URL: https://biletaime.al/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bc959b1f3d97e85af749b6f755571b08d802642f02da2794267b5a88e80797e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32395
x-xss-protection
0
server
cafe
etag
17 / 19949 / m202408080101 / config-hash: 1342855959641898508
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 14 Aug 2024 09:53:47 GMT
logo-biletaime2.png
biletaime.al/assets/img/
5 KB
5 KB
Image
General
Full URL
https://biletaime.al/assets/img/logo-biletaime2.png
Requested by
Host: biletaime.al
URL: https://biletaime.al/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
780aa8dd99c3e37a551454a3b7055a0f98c9b5211a752b417e11318d2e1de3d4

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 09:42:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"616fe493-122c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LlJIaRjE7FnHElxheNJuRWoPtUBdq4adWC2%2BT9TKMIEsary3%2Bo5uqemy5B9T13Rpvzx%2Fl%2B%2BqGAB7cmsbpnUQk3vMYfDrsluX39JvSc%2BxZmqgR%2F%2Bf3XYBRMFG4vKGT5ssVG3U%2Fx%2BF3AJyAaw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8b300f4f9bd818cb-FRA
alt-svc
h3=":443"; ma=86400
content-length
4652
biletaime-app.png
biletaime.al/assets/img/
69 KB
70 KB
Image
General
Full URL
https://biletaime.al/assets/img/biletaime-app.png
Requested by
Host: biletaime.al
URL: https://biletaime.al/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23b12de0818bc4ea6466c6382307f8e61704951a5575b6a5f07de46b67e24f6d

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 09:44:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"616fe512-114ce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ryDI2L3dG%2FwQlYHOzRd%2F0k53gzCCHkM36OqC3GNdl1%2B%2F4WuLGFQJalz%2FAe%2Fcp3p88V%2BQ%2BUx91lNsVznuiVa6LS9B0X2STUpezcKOikzNQQ0XfPCmk7m47kdzBv4MRB%2BG2GHeIlll2%2FLYpZA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8b300f4f9bd918cb-FRA
alt-svc
h3=":443"; ma=86400
content-length
70862
logo_union_verdhe.png
biletaime.al/assets/img/
76 KB
76 KB
Image
General
Full URL
https://biletaime.al/assets/img/logo_union_verdhe.png
Requested by
Host: biletaime.al
URL: https://biletaime.al/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04d22879c7b93a6e5d6f7e767c70cd270fcfaac9b4f129af02145ee7bae943c9

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 09:45:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"616fe528-12f16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pSgTxBluKxroeFhWfyEMxjDe8Sx9Y3RTAxzvnED%2FQQJzGz9Qw2FhwneOgHUYqLbQkgnROyKJQCygXCnjyyA85PTJOVNZZe%2BbAg82Hu%2F4R8Ngnv11o1elyjGAZr8xFrWfeOH3vyT8ijBkUuA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8b300f4fecd7972a-FRA
alt-svc
h3=":443"; ma=86400
content-length
77590
41.jpg
biletaime.al/banners/
411 KB
412 KB
Image
General
Full URL
https://biletaime.al/banners/41.jpg
Requested by
Host: biletaime.al
URL: https://biletaime.al/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
810a4f2f2a22829196d3c075115c3608ed9e38abb15223931143fd794e9bc20d

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 10:09:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"616fead8-66d99"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zw197ohOKc%2FvH2roN4oLstnq58Wx8xqecSWqPfkswPRB6XDlDhz42dDK3rCqT2%2BIt8TVyntrAUiKNJkX8X8Hyn2vDF8FhOvHsZeFHAiR5lMfT%2BRbuKyIPeKANIDwrElM24coWwxINUBWUvE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8b300f500d0a972a-FRA
alt-svc
h3=":443"; ma=86400
content-length
421273
ut-pay_online.gif
biletaime.al/banners/
76 KB
77 KB
Image
General
Full URL
https://biletaime.al/banners/ut-pay_online.gif
Requested by
Host: biletaime.al
URL: https://biletaime.al/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f016013c2c24636d6c20fe8c8b870bc65fc235d4fd097617b9c8e600d155a1d

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Dec 2021 08:22:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2226268
etag
"61af19cb-13158"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rlCQhEjZx1VYLRPV8JV9EDcSBcrRTw0Fo9Im9WLC7vgoQmvgVd34j62ssuhQE93ecdMxZUaA9oDCe18o6rOPqy7PRCbxscVRF%2BygXJ4VGrtnVhSNZ7JCMZX%2FF4d0McY4nhEJSkeg8tOQdHs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8b300f50bdf5972a-FRA
alt-svc
h3=":443"; ma=86400
content-length
78168
42.jpg
biletaime.al/banners/
127 KB
128 KB
Image
General
Full URL
https://biletaime.al/banners/42.jpg
Requested by
Host: biletaime.al
URL: https://biletaime.al/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ef628db1116fab36a17526fbdfbfbc5b5f415b0ef534d008a9911a3550f77bb

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 11:25:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"616ffc93-1fde1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nul86tJGf7TyEr1M8UPFJsl%2FaRQ9fm2KWVXvv0fnmemrGafeVxuYd3myeentdsQyPwKZH1Dftl8FIVjvUNuO3xP13SYgnoun9mH%2FFR4ChGsB967238Gv%2FzwBulNIbwHBv1Qmi%2B74YQiat4w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8b300f518f3e972a-FRA
alt-svc
h3=":443"; ma=86400
content-length
130529
32.jpg
biletaime.al/banners/
70 KB
70 KB
Image
General
Full URL
https://biletaime.al/banners/32.jpg
Requested by
Host: biletaime.al
URL: https://biletaime.al/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5ff77c2ef7665e7b883a2ba29008a15d3d68ed782057f7f91d6b28e6f367e57

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 11:24:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"616ffc56-116ce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2FDkik3ArwfESOHB1lheTxia80uSA7R6axTx9JMf7P2QQVowddNgwZJSt2%2BWnkR7K0ip7R37F%2BHeQO0OimVqBzw1S%2BSrUJCJtvOyMwiKdRDeTg6ftH0VrTlDompUcWE2aQSaYy3I60tPxcw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8b300f518f40972a-FRA
alt-svc
h3=":443"; ma=86400
content-length
71374
Credit_Card_Safe_blue.2.png
www.securitymetrics.com/static/apps/super/assets/img/
0
0

kickstart-buttons.css
biletaime.al/assets/css/
19 KB
3 KB
Stylesheet
General
Full URL
https://biletaime.al/assets/css/kickstart-buttons.css
Requested by
Host: biletaime.al
URL: https://biletaime.al/assets/css/kickstart.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83ebece7772df67320ad18e1ce2eee2bf216742d5369b02f2fb77c3eeded2689

Request headers

Referer
https://biletaime.al/assets/css/kickstart.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 09:59:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"616fe889-4b57"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xbd%2FRY6jLfV3Sq%2FtzCR6p4hKKNDxBEhokO94cj%2Fl8KRDq%2Bllu8mjsjTBph0p3RieJB15Kack7qq3c55pTs6JD2iY1jAUq7Fi%2FZVvyIhBi8Gp3i6RTpJqN%2FxhPMeWV5DixyZT5bzim%2BFXyD8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
8b300f507d9e972a-FRA
alt-svc
h3=":443"; ma=86400
kickstart-forms.css
biletaime.al/assets/css/
10 KB
3 KB
Stylesheet
General
Full URL
https://biletaime.al/assets/css/kickstart-forms.css
Requested by
Host: biletaime.al
URL: https://biletaime.al/assets/css/kickstart.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
890fa4185feeebd72e8d763fa9dddd8d1fb3e2ff85af20c2601672125fc6db7e

Request headers

Referer
https://biletaime.al/assets/css/kickstart.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 09:59:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"616fe882-26f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ujAewveGdCMDMyQzrBunFQ7Q9FKJvJ8jZft0k0E8LgOz2aPqDjm4ZGqqMaoBClryNfAfq%2BhsD%2FYYpyDI%2BHSpVwnZAoJ3j4cEhrOUzHKLg%2FuzwHl4eiFMg4Cy2GDAwdRlnl3I%2Be7CC9m0JE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
8b300f507d9f972a-FRA
alt-svc
h3=":443"; ma=86400
kickstart-menus.css
biletaime.al/assets/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://biletaime.al/assets/css/kickstart-menus.css
Requested by
Host: biletaime.al
URL: https://biletaime.al/assets/css/kickstart.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76cfff165454e23e346bd95a80fd9628a6d9e28c66ae501d4f7c5ca2c1e9fdb8

Request headers

Referer
https://biletaime.al/assets/css/kickstart.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 09:59:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"616fe884-14f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UlQm9yoTNjbTXCcOqaz4ok%2FRvflty83b5EbSgWyuGS4npvOSJT%2Bqyc3IBh3MVCaSBpafesAFL0t4Afxo7zDdesBaLND%2FuuM01aKDwhFaa3XUnJnopQxZ%2BJW%2BPDhVPvpPflFD9n6%2BfMmMmHs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
8b300f507da0972a-FRA
alt-svc
h3=":443"; ma=86400
kickstart-grid.css
biletaime.al/assets/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://biletaime.al/assets/css/kickstart-grid.css
Requested by
Host: biletaime.al
URL: https://biletaime.al/assets/css/kickstart.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729ccd2ca95cb51d6aec627c69d6434205b2c804533329eee1a69d6626217570

Request headers

Referer
https://biletaime.al/assets/css/kickstart.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 09:59:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"616fe883-796"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hLTrCFNAZygSltYqFVd%2BrnOm3TuODRIiDDF9Yk1pf5LjPlYSWTC1NXkrlQ1CooE1xIL2uceCAsdyHMlvfObTcgQ4iaWTEtlNaVxrqiPfGU%2BlbKN5f2wsfFnOaY72NaPRcZAlS3EHrEnFL6s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
8b300f507da1972a-FRA
alt-svc
h3=":443"; ma=86400
kickstart-icons.css
biletaime.al/assets/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://biletaime.al/assets/css/kickstart-icons.css
Requested by
Host: biletaime.al
URL: https://biletaime.al/assets/css/kickstart.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a707efd857538069572fa0abe4321b5cc6abf4cb387eb9d2f5ba44178ab30b99

Request headers

Referer
https://biletaime.al/assets/css/kickstart.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 09:59:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"616fe884-759"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VLAdZllMll5CLDLiJLeLB7anhF6n%2BH5OkOgMB8uRMB%2BhPaYoUfEXmMyEj4lHCKXWDuSBeYeu8Qc81ZHbQ%2B0Mo1GzAL4yUYu4NT5PQ4WaT3WEhTdLC0kjBcAIl2iSmeNdVECS9Q2QXtD5pYE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
8b300f507da2972a-FRA
alt-svc
h3=":443"; ma=86400
jquery.fancybox-1.3.4.css
biletaime.al/assets/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://biletaime.al/assets/css/jquery.fancybox-1.3.4.css
Requested by
Host: biletaime.al
URL: https://biletaime.al/assets/css/kickstart.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5cf84cb8b68732568b04cd9a11e659d6d3202e59a5a9cf08e2d0966be00e9e2

Request headers

Referer
https://biletaime.al/assets/css/kickstart.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 09:59:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"616fe888-224b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DtEKSvBxW%2FXGrlNbBiib7igvNO8wTXBPJNpugep3fPNz8woIzKVWhlhbh3Xq1wIF8JH2oqUzpLxh27%2B%2FA5Bcwv7gEcKwNtELge7c5Jk5yFWLqhl31eDudAdBjCOjWHVfD%2FsM%2BqdSTOXw4sY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
8b300f507da4972a-FRA
alt-svc
h3=":443"; ma=86400
prettify.css
biletaime.al/assets/css/
642 B
758 B
Stylesheet
General
Full URL
https://biletaime.al/assets/css/prettify.css
Requested by
Host: biletaime.al
URL: https://biletaime.al/assets/css/kickstart.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4711aa1d077a1a1dafa8bb5bebf3418fcd5ccdb140ac2d5c55bc6a5587eff08f

Request headers

Referer
https://biletaime.al/assets/css/kickstart.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 09:59:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"616fe885-282"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LJc023FnmIE0lBrxp3vRIBhigXeSM6fDQk3nzUE9Qmjqekmv%2FZ7szHeJKzq92OsK%2BnDzRTOTedk5PJfiPXWzvS8jTx6f3Lh1oNnXu1wbeEI01d8eB4IV3pIe2iG9jV4xuROxUU7zETkwq9I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
8b300f507da7972a-FRA
alt-svc
h3=":443"; ma=86400
chosen.css
biletaime.al/assets/css/
14 KB
3 KB
Stylesheet
General
Full URL
https://biletaime.al/assets/css/chosen.css
Requested by
Host: biletaime.al
URL: https://biletaime.al/assets/css/kickstart.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50647c068a35776f74afc08d8508e1bb3d76a0a4798755a7700cbcd8993eaaf0

Request headers

Referer
https://biletaime.al/assets/css/kickstart.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 09:59:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"616fe887-3700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xThleq6SyrwnNika5NYbkSykiby1NHQNz6H4i07V2OrO4I0aXxSxUWMSCLMZeGgGGOakRDalNeVxFIZzVlIgaKE5kEEPhC%2FmiECuZ0B3X6TquqiiWN6w6uFBn2PbvkTS2a4QpPC4e%2FcVcts%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
8b300f507da9972a-FRA
alt-svc
h3=":443"; ma=86400
tiptip.css
biletaime.al/assets/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://biletaime.al/assets/css/tiptip.css
Requested by
Host: biletaime.al
URL: https://biletaime.al/assets/css/kickstart.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
484796b6b7de92caa9f86b9caac9ad56870bfac54768f5723c5985aadcedde9d

Request headers

Referer
https://biletaime.al/assets/css/kickstart.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 09:59:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1729044
etag
W/"616fe886-98e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CuUXEiDu%2FIB%2Fe7LaSWllt2%2BHx%2BULfyl37vrZzy%2Fg8ZyD7Yoe3FzdZRIcUGjTgYcC3ZBMPVaxH8Rs2xdnbhkiBq6CzazuymKOUVmE7xn4dtxDt71sH25bJ%2BJ7XnSFKWaT%2FFMGMBa4KNgWLps%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
8b300f507dab972a-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Arimo:400,700
Requested by
Host: biletaime.al
URL: https://biletaime.al/assets/css/teNdryshme.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
34bf24dfc35a0b7eb2c6341009ae552df9cd2125732fd4cb24420c287d1d8ef8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 14 Aug 2024 08:27:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Aug 2024 09:53:47 GMT
iframe
union.golibe.com/ Frame 88D3
0
0
Document
General
Full URL
https://union.golibe.com/iframe
Requested by
Host: biletaime.al
URL: https://biletaime.al/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.85.23.215 Prague, Czech Republic, ASN13036 (TMOBILE-, CZ),
Reverse DNS
Software
/ Next.js
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Referer
https://biletaime.al/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 14 Aug 2024 09:53:49 GMT
etag
"120diofhsm24dfn"
strict-transport-security
max-age=63072000; includeSubDomains; preload;
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Next.js
/
www.uniontravel.al/frame/ Frame F97C
0
0
Document
General
Full URL
https://www.uniontravel.al/frame/
Requested by
Host: biletaime.al
URL: https://biletaime.al/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.71.35.183 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
359578.cloudwaysapps.com
Software
nginx /
Resource Hash

Request headers

Referer
https://biletaime.al/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
11146
cache-control
max-age=0, s-maxage=2592000
content-encoding
gzip
content-length
686
content-type
text/html; charset=ISO-8859-1
date
Wed, 14 Aug 2024 09:53:47 GMT
expires
Wed, 14 Aug 2024 06:48:01 GMT
server
nginx
vary
Accept-Encoding
x-cache
HIT
/
booking.autoeurope.com/ Frame 8758
0
0
Document
General
Full URL
https://booking.autoeurope.com/?aff=UNIONTRAVEL
Requested by
Host: biletaime.al
URL: https://biletaime.al/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.37.205 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://biletaime.al/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
d2wy8f7a9ursnm.cloudfront.net,dis.criteo.com,dis.us.criteo.com,bid.g.doubleclick.net,platform.twitter.com
age
0
cache-control
no-cache="Set-Cookie"
content-encoding
gzip
content-language
en-US
content-type
text/html;charset=utf-8
date
Wed, 14 Aug 2024 09:53:49 GMT
generator
Mura 10.0.640
mid
WL
section-io-cache
Miss
section-io-id
a93ebc89a5b4eaf9da5d00cbb15f1b3e
server-timing
dtSInfo;desc="0", dtRpid;desc="-1241172010"
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 varnish (Varnish/6.6)
x-content-type-options
nosniff
x-oneagent-js-injection
true
x-request-id
304165587c3d55e0c483ff353ccf9ec2
x-sn
BW15
x-varnish
6522158
56238894.jpg
biletaime.al/assets/img/
449 KB
449 KB
Image
General
Full URL
https://biletaime.al/assets/img/56238894.jpg
Requested by
Host: biletaime.al
URL: https://biletaime.al/assets/css/teNdryshme.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cde374939a6a74e6062bea45fb1a0da61ef2eebcd1f7fb634282cf9e7118e30

Request headers

Referer
https://biletaime.al/assets/css/teNdryshme.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 10:05:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"616fe9e4-702a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zWSmFzd2Hh%2FG6fhhsTGvjJkj1UTPhVeqyBOgf7U2YZU6f34WPN9CkKoJVQ%2BWlcYqmEQV9F6%2Bfre7w%2BXEjDKahu%2B1fns3abq6h%2F7ZIeIm828uhN5gQbLEotfjajzNBdeqlHPPilC37Ictoes%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8b300f519f4a972a-FRA
alt-svc
h3=":443"; ma=86400
content-length
459425
bg-blu.jpg
biletaime.al/assets/img/
15 KB
15 KB
Image
General
Full URL
https://biletaime.al/assets/img/bg-blu.jpg
Requested by
Host: biletaime.al
URL: https://biletaime.al/assets/css/teNdryshme.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3d36ec825dc19db7412779d533ca3aa3be73d56524402a70b322881b37eff07

Request headers

Referer
https://biletaime.al/assets/css/teNdryshme.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Nov 2021 09:31:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"61976eeb-3bb3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NS5yR8vJPPADOGyNQGxb7Nnhf8ltf6D%2FmaGaIaMBwFFl2Hbx4PO2%2Bpo5JWbxXxLXIwCl9MVTzxKTWUyBBDaPebxLtb8djb844o5sO2JKMXElrzHqFnDKER8OLsce2PeMv73uAVaW7ps4hk8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8b300f519f4d972a-FRA
alt-svc
h3=":443"; ma=86400
content-length
15283
icomoon-webfont.woff
biletaime.al/assets/css/fonts/base/
18 KB
19 KB
Font
General
Full URL
https://biletaime.al/assets/css/fonts/base/icomoon-webfont.woff
Requested by
Host: biletaime.al
URL: https://biletaime.al/assets/css/kickstart-icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5653e8b056cc7d7113ed4d90b20ecce3ca243e5a5378de7c301cbedb5728b03a

Request headers

Referer
https://biletaime.al/assets/css/kickstart-icons.css
Origin
https://biletaime.al
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 11:31:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"616ffe05-4980"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fQJ1AwUjxtlGyhOJoxp2pv6KaGZgWZ8xUf4xqcVMrraWzAiyzWAAt0aqhvjj0T3mESsT3xrYaw4mATN368Z3YZGxObhiZCTH3JyfnUJAArf4jzKwdQExlTTUIPC0m4sBoTCqiXuirap2%2Bas%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=2592000
cf-ray
8b300f51dfc9972a-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
252 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0QBHW2NS1N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-187449949-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c93acaf377911efe69d06cd553a946d30d3e7d1cc099a1eb23827f57037c4996
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90999
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 14 Aug 2024 09:53:47 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-187449949-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Aug 2024 08:40:39 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4388
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 14 Aug 2024 10:40:39 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/
474 KB
148 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 08:56:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
3467
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151130
x-xss-protection
0
server
cafe
etag
11205447520193479331
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 14 Aug 2025 08:56:01 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
60 B
70 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=biletaime.al
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16a5415a45bddc68fa58e87ee40285de338e787275c61acbe9db136683c45f90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46
x-xss-protection
0
expires
Wed, 14 Aug 2024 09:53:48 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0QBHW2NS1N&gtm=45je48c0v9109290509za200&_p=1723629227756&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1539671678.1723629228&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1723629227&sct=1&seg=0&dl=https%3A%2F%2Fbiletaime.al%2F&dt=Rreth%20Nesh%20%3A%3A%20Bileta%20Avioni%20Online%20-%20BiletaIme.al&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=717
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0QBHW2NS1N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Aug 2024 09:53:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://biletaime.al
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
203 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2109309354&t=pageview&_s=1&dl=https%3A%2F%2Fbiletaime.al%2F&ul=de-de&de=UTF-8&dt=Rreth%20Nesh%20%3A%3A%20Bileta%20Avioni%20Online%20-%20BiletaIme.al&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=224414470&gjid=1585042781&cid=1539671678.1723629228&tid=UA-187449949-3&_gid=2098723837.1723629228&_r=1&gtm=457e48c0za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&npa=1&z=118453392
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Aug 2024 09:53:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://biletaime.al
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/
511 B
244 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=2037497185533392&correlator=1647973959111410&eid=44809527%2C31084130%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=334759519%2CBiletaIme.al%2CBiletaIme_Square_300x250px&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1723629228171&lmt=1723629228&adxs=980&adys=1005&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbiletaime.al%2F&vis=1&psz=300x771&msz=300x-1&fws=0&ohw=0&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723629227443&idt=689&adks=3489527192&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c60060d9076827d8ead6ccdafbdff1c5dfa6fe886d0fca6f0304f2e6d1d3b50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
215
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://biletaime.al
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
92e06e091b68bb53603e6f5308fdf0c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5168
0
0
Document
General
Full URL
https://92e06e091b68bb53603e6f5308fdf0c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://biletaime.al/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Aug 2024 09:53:48 GMT
expires
Wed, 14 Aug 2024 09:53:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202408080101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94f64740177d37a90ef8479c8c9e5ea176a31edf971d35c37a013f6a323de282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12907
x-xss-protection
0
favicon.ico
biletaime.al/assets/img/
1 KB
1003 B
Other
General
Full URL
https://biletaime.al/assets/img/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8561 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdfb29684c6ee1b0cb7b57b822835b00bdafa28f67843b9c9cd510be8d067efa

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 09:42:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"616fe473-47e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DA8XIkIshhxZKX0vFFOSrBrwcFlXbLJajSETdSij70w5juktsLTE%2B%2BWOWk2TuE4o1gSSUkeYJ3Kk%2ByFvm4%2BxgbEbmVRk%2BFDy%2BY6177CKXIlQ%2FtbSWJ8HRIU25VM05inLhtl4QG2EBfh3RKs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
public, max-age=2592000
cf-ray
8b300f602e62972a-FRA
alt-svc
h3=":443"; ma=86400
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://biletaime.al/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 09:53:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 90D3
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://biletaime.al/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
70853
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 14:12:57 GMT
expires
Wed, 13 Aug 2025 14:12:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.securitymetrics.com
URL
https://www.securitymetrics.com/static/apps/super/assets/img/Credit_Card_Safe_blue.2.png
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202408080101&jk=2037497185533392&bg=!KCulK2TNAAb9K_0H3Ss7ADQBe5WfOCYOaTFGHZ4Cbv2JCvuazIN6FVlVUygaoRlInwX0IRRCub9T3uUPbnldS9_HoSU4AgAAAEtSAAAABmgBB34ANinJBZzdKMBVF8T5SyvXJhK3RXNa114LDdAm4WXNMJXqRp-BQdNbO0CfnnCBC-oJDFYNEF9gsgoAASyZArmyMiEGm4UEYKGAy0IvZxTbYM6b2lTXdishui09nU2Hb8gycJm_QBDjLychmEBb666xgioo4avHiEYWEQ_dw8c3dUiZNC2dRbEtOBwlFX46HO3udsnSXS0CMhF5TN3P8bPJXLjjO07mt4Qa2l2nJ2yeP9n6-yS4D7OrGD1MxdFYZZ5nWXOuKGzgCmaROCoUf6dpAJ9WlMtEJvTBfrCjP00gkr967E8PTEdornULsVbT4P2onSqBzbsWkauNHRG9MjX1p9GNjjIOfjTdwjkjma9loZ-PBe_iJGJ3h6EvuqDPuBVolB-0OjCp3Fvw2KAQlkQnPX9j9hbLCy4cFmWZk0eqWG9qLw2Zynpb-JQOkgTmy8dVJlDZJeH_zAar3B8uMWtc0sFN-nr8PHQ8E4YbmUPKJoQww--5euFEO9XBxvTZNrNHtNne8LWh0t7l4oBZ-btnBUH_qwhngVD_DB2bmYSERdIYDKqdrpxQtUMSySgUvHNVV-FryUSnK1yCaey-R60tTsf4TV2u-LOI0uLxsI11mByQEmrHDH_dA-Ox5xNDEiLIFHPPcCUD1N6DNhcgpYJ_aF9KwT97MU1dDTd-i00PlKOumHXwgS896SZ6BeidlX7duNO026cBSWKMM3pUw3R67BAw2AfsuE6cacsyhJcdUFlarJ8SxN8FsCCy8iIdg6xFaUMVkZ8B3kVIfxGpxSujekfl1XwsPE8Ndv3pXMoQXUbsyOU8CKHsPPUjckCnSPdCR0z6EaEoBoGYT39LpWEeMVtQKCcV1dxrq9lAfHuPnKL4-2VftlcZekvKApdN_UaWrlaaHTL-CqsEKG4R8_YAIJUV88YRezpPsyt4m07NvbQGBe1Pe3pvDHk1-0AXUBEDiMgcqP7Yn9O-oj7z2XM-jA56UoLGX5GIkxntlHCccvZWQFzE8Ss5

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery function| DP_jQuery_1723629227575 boolean| PR_SHOULD_USE_CONTINUATION function| prettyPrintOne function| prettyPrint object| PR function| sleep function| SelectParser function| AbstractChosen function| get_side_border_padding function| gtag object| dataLayer object| googletag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ggeac object| google_js_reporting_queue object| gaGlobal object| gaplugins object| gaData object| google_reactive_ads_global_state number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

14 Cookies

Domain/Path Name / Value
.biletaime.al/ Name: _ga_0QBHW2NS1N
Value: GS1.1.1723629227.1.0.1723629227.0.0.0
.securitymetrics.com/ Name: visid_incap_2488757
Value: IRI0ssLmTG6Lz20p4IYrkKt+vGYAAAAAQUIPAAAAAAB97ixdhOYkAcM3IeOK3Yk4
.securitymetrics.com/ Name: incap_ses_471_2488757
Value: 3N4SIeuv010hxjp5GFSJBqt+vGYAAAAAp6r0ahgYVWsUEnojfVQkTA==
.biletaime.al/ Name: _ga
Value: GA1.2.1539671678.1723629228
.biletaime.al/ Name: _gid
Value: GA1.2.2098723837.1723629228
.biletaime.al/ Name: _gat_gtag_UA_187449949_3
Value: 1
booking.autoeurope.com/ Name: SESSID
Value: 23142482D2AF5463B0632C30EBBB6EF6
booking.autoeurope.com/ Name: KWTRACKING
Value: http%253A%252F%252Fbooking%252Eautoeurope%252Ecom%252Findex%252Ecfm%253Faff%253DUNIONTRAVEL
booking.autoeurope.com/ Name: SITEFLAGCODE
Value: US
.autoeurope.com/ Name: rxVisitor
Value: 1723629229267QPO0PM9DB1EK23A5F1EE5CQBO8JN9LOT
.autoeurope.com/ Name: dtSa
Value: -
.autoeurope.com/ Name: rxvt
Value: 1723631029955|1723629229275
.autoeurope.com/ Name: dtPC
Value: 1$429229265_687h-vRIKAMMFARDNNPIPRBRJVHFHMIIUKRSFG-0e0
.autoeurope.com/ Name: dtCookie
Value: v_4_srv_1_sn_4D8C5EB2890A63CC9B3009EBA89B96CD_app-3A3f5e5cece6cc592f_1_ol_0_perc_100000_mul_1_rcs-3Acss_0

2 Console Messages

Source Level URL
Text
recommendation warning URL: https://biletaime.al/
Message:
[DOM] Found 3 elements with non-unique id #fiLogin: (More info: https://goo.gl/9p2vKq) %o %o %o
recommendation verbose URL: https://biletaime.al/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

92e06e091b68bb53603e6f5308fdf0c6.safeframe.googlesyndication.com
ajax.googleapis.com
biletaime.al
booking.autoeurope.com
code.jquery.com
fonts.googleapis.com
pagead2.googlesyndication.com
region1.google-analytics.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
union.golibe.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.securitymetrics.com
www.uniontravel.al
pagead2.googlesyndication.com
www.securitymetrics.com
167.71.35.183
193.85.23.215
2001:4860:4802:34::36
207.120.37.205
2606:4700:3031::ac43:8561
2a00:1450:4001:802::200e
2a00:1450:4001:810::2001
2a00:1450:4001:81d::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2001
2a04:4e42:400::649
04d22879c7b93a6e5d6f7e767c70cd270fcfaac9b4f129af02145ee7bae943c9
0f016013c2c24636d6c20fe8c8b870bc65fc235d4fd097617b9c8e600d155a1d
16a5415a45bddc68fa58e87ee40285de338e787275c61acbe9db136683c45f90
1e43fe4a20099c5abdf00f2736d9908947072ae5a2fad18edc158750325fbd69
23b12de0818bc4ea6466c6382307f8e61704951a5575b6a5f07de46b67e24f6d
24531f4aebb1b2fd6c14e6f7d31937623e0125305249ea9c5cb2fd70a9fe6c1c
34bf24dfc35a0b7eb2c6341009ae552df9cd2125732fd4cb24420c287d1d8ef8
3cde374939a6a74e6062bea45fb1a0da61ef2eebcd1f7fb634282cf9e7118e30
4711aa1d077a1a1dafa8bb5bebf3418fcd5ccdb140ac2d5c55bc6a5587eff08f
484796b6b7de92caa9f86b9caac9ad56870bfac54768f5723c5985aadcedde9d
4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075
4e2fb053a4a0bccf4fe901a2494d1f5dbe950973a9ce6e337a4e01f3d93ea600
50647c068a35776f74afc08d8508e1bb3d76a0a4798755a7700cbcd8993eaaf0
5653e8b056cc7d7113ed4d90b20ecce3ca243e5a5378de7c301cbedb5728b03a
5d2ffe3b3270205058b7cfcfbe657ab49d7f0792acbebde796eaf4955f434569
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63423c66ecdba921980a0734f444a2220efe455f6ae201a344b6fc4c29ffde94
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
729ccd2ca95cb51d6aec627c69d6434205b2c804533329eee1a69d6626217570
76cfff165454e23e346bd95a80fd9628a6d9e28c66ae501d4f7c5ca2c1e9fdb8
780aa8dd99c3e37a551454a3b7055a0f98c9b5211a752b417e11318d2e1de3d4
7ebfa598c35102becef4d08dff4fbfa77d9e030ef90ce2d8c5a394cf4814ce6c
810a4f2f2a22829196d3c075115c3608ed9e38abb15223931143fd794e9bc20d
83ebece7772df67320ad18e1ce2eee2bf216742d5369b02f2fb77c3eeded2689
890fa4185feeebd72e8d763fa9dddd8d1fb3e2ff85af20c2601672125fc6db7e
8bc959b1f3d97e85af749b6f755571b08d802642f02da2794267b5a88e80797e
94f64740177d37a90ef8479c8c9e5ea176a31edf971d35c37a013f6a323de282
9c60060d9076827d8ead6ccdafbdff1c5dfa6fe886d0fca6f0304f2e6d1d3b50
9ef628db1116fab36a17526fbdfbfbc5b5f415b0ef534d008a9911a3550f77bb
a5cf84cb8b68732568b04cd9a11e659d6d3202e59a5a9cf08e2d0966be00e9e2
a707efd857538069572fa0abe4321b5cc6abf4cb387eb9d2f5ba44178ab30b99
b57bb2b666a44ed5dee8d08382878f05788a7b5801f95037c51bf206cfecabde
bdfb29684c6ee1b0cb7b57b822835b00bdafa28f67843b9c9cd510be8d067efa
c93acaf377911efe69d06cd553a946d30d3e7d1cc099a1eb23827f57037c4996
d3d36ec825dc19db7412779d533ca3aa3be73d56524402a70b322881b37eff07
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2e576e3bc607cd179ff511947010f645d3441a35313aec0dbd06c4437f83b77
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f5ff77c2ef7665e7b883a2ba29008a15d3d68ed782057f7f91d6b28e6f367e57