www.gulfair.com Open in urlscan Pro
2606:4700:10::6816:346a  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://link.marketing.gulfair.com/u/nrd.php?p=2hycOWDJif_440414_1338797_1_6&ems_l=1822482&i=1&d=MTA4OTE5NTAz%7CMmh5Y09XREppZg%3D%3D%7CZDU0ZTcyOGFlMzcxYzc5MzE%3D%7CMjAyMQ%3D%3D%7CMDc%3D%7CMDQ%3D%7CU3VtbWVyK0Rlc3RpbmF0aW9ucw%3D%3D%7CU3VtbWVyK0Rlc3RpbmF0aW9ucy0yMDIx%7CRXhwZXJpZW5jZQ%3D%3D%7CSGVhZGVy%7C&_esuh=_9_a2295bbb8e54f8d7aeb0178a806703ca1ad1837f8b3549f5359a07befea82424 Page URL
2. https://www.gulfair.com/on-board/our-cabin-experience?sc_src=email_1338797&sc_lid=108919503&sc_uid=2hycOWDJif&sc_llid=440414&sc_eh=d54e728ae371c7931&utm_campaign=20210704_Summer+Destinations&utm_source=Summer+Destinations-2021&utm_term=Experience&utm_content=Header&utm_medium=email Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	nrd.php Show response link.marketing.gulfair.com/u/	1021 B 844 B	239ms 177ms	Document text/html	217.175.192.47 EMARSYS-AS Emarsy...
General Check archive.org Show headers Download Go to Full URL https://link.marketing.gulfair.com/u/nrd.php?p=2hycOWDJif_440414_1338797_1_6&ems_l=1822482&i=1&d=MTA4OTE5NTAz%7CMmh5Y09XREppZg%3D%3D%7CZDU0ZTcyOGFlMzcxYzc5MzE%3D%7CMjAyMQ%3D%3D%7CMDc%3D%7CMDQ%3D%7CU3VtbWVyK0Rlc3RpbmF0aW9ucw%3D%3D%7CU3VtbWVyK0Rlc3RpbmF0aW9ucy0yMDIx%7CRXhwZXJpZW5jZQ%3D%3D%7CSGVhZGVy%7C&_esuh=_9_a2295bbb8e54f8d7aeb0178a806703ca1ad1837f8b3549f5359a07befea82424 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.175.192.47 , Austria, ASN199236 (EMARSYS-AS Emarsys eMarketing Systems AG, AT), Reverse DNS Software Apache / Resource Hash 9d827ae0f76b3bd36d81ad271e873c8bf1c454a6f3d691a5e7b3e91e5b70a464 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers Host link.marketing.gulfair.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 20:38:21 GMT server Apache strict-transport-security max-age=15552000; includeSubDomains; preload vary Accept-Encoding content-encoding gzip x-af suite38-web3 cache-control max-age=0, no-cache, no-store, must-revalidate pragma no-cache content-length 466 content-type text/html; charset=utf-8 x-hf suite-haproxy01f
GET H2	405	Primary Request our-cabin-experience Show response www.gulfair.com/on-board/	6 KB 6 KB	709ms 577ms	Document text/html	2606:4700:10::6816:346a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gulfair.com/on-board/our-cabin-experience?sc_src=email_1338797&sc_lid=108919503&sc_uid=2hycOWDJif&sc_llid=440414&sc_eh=d54e728ae371c7931&utm_campaign=20210704_Summer+Destinations&utm_source=Summer+Destinations-2021&utm_term=Experience&utm_content=Header&utm_medium=email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:346a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae3ba80d27f58498e30a608ba76e00be1e90d4e49a293d00f8d67b392e66362b Request headers :method GET :authority www.gulfair.com :scheme https :path /on-board/our-cabin-experience?sc_src=email_1338797&sc_lid=108919503&sc_uid=2hycOWDJif&sc_llid=440414&sc_eh=d54e728ae371c7931&utm_campaign=20210704_Summer+Destinations&utm_source=Summer+Destinations-2021&utm_term=Experience&utm_content=Header&utm_medium=email pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest document referer https://link.marketing.gulfair.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://link.marketing.gulfair.com/ Response headers date Sun, 04 Jul 2021 20:38:22 GMT content-type text/html cf-ray 669b28253cf0648b-FRA access-control-allow-origin * cache-control no-cache, no-store cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server-timing bon, total;dur=355.484967 vary Accept-Encoding server cloudflare alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	200	gt.js Show response static.geetest.com/static/tools/	9 KB 3 KB	23ms 6ms	Script text/javascript	2600:9000:20eb:2000:1:149e:16c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.geetest.com/static/tools/gt.js Requested by Host: www.gulfair.com URL: https://www.gulfair.com/on-board/our-cabin-experience?sc_src=email_1338797&sc_lid=108919503&sc_uid=2hycOWDJif&sc_llid=440414&sc_eh=d54e728ae371c7931&utm_campaign=20210704_Summer+Destinations&utm_source=Summer+Destinations-2021&utm_term=Experience&utm_content=Header&utm_medium=email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:2000:1:149e:16c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AliyunOSS / Resource Hash 34e9d6c69d110adceb78130dcde0fbee8c3f30e8d791f074a1c4b11a44fd9ecd Request headers Referer https://www.gulfair.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 04:20:37 GMT content-encoding gzip x-oss-request-id 60DFE594899DFF36374D653A content-md5 t++D9p4YvZwsYxpBKGp7Cw== age 58665 x-cache Hit from cloudfront x-oss-object-type Normal last-modified Wed, 24 Jul 2019 09:39:55 GMT server AliyunOSS etag W/"B7EF83F69E18BD9C2C631A41286A7B0B" vary Accept-Encoding content-type text/javascript via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) x-oss-storage-class Standard x-amz-cf-pop FRA2-C1 x-oss-hash-crc64ecma 6752125362639036395 x-amz-cf-id jrLMlIbQayPH-cCFjq4xkpDGWt3qV44-_DKaJHxImZGBjfWhZWaSjQ== x-oss-server-time 0
GET H3-29	200	6657193977244c13 Show response www.gulfair.com/	126 KB 39 KB	176ms 164ms	Script text/javascript	2606:4700:10::6816:346a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gulfair.com/6657193977244c13 Requested by Host: www.gulfair.com URL: https://www.gulfair.com/on-board/our-cabin-experience?sc_src=email_1338797&sc_lid=108919503&sc_uid=2hycOWDJif&sc_llid=440414&sc_eh=d54e728ae371c7931&utm_campaign=20210704_Summer+Destinations&utm_source=Summer+Destinations-2021&utm_term=Experience&utm_content=Header&utm_medium=email Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:346a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21f40cc0866409d1cb1190b38b172617fdb7848c68eaa138acc478ec3abc75ba Request headers :path /6657193977244c13 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.gulfair.com referer https://www.gulfair.com/on-board/our-cabin-experience?sc_src=email_1338797&sc_lid=108919503&sc_uid=2hycOWDJif&sc_llid=440414&sc_eh=d54e728ae371c7931&utm_campaign=20210704_Summer+Destinations&utm_source=Summer+Destinations-2021&utm_term=Experience&utm_content=Header&utm_medium=email :scheme https sec-fetch-site same-origin :method GET Referer https://www.gulfair.com/on-board/our-cabin-experience?sc_src=email_1338797&sc_lid=108919503&sc_uid=2hycOWDJif&sc_llid=440414&sc_eh=d54e728ae371c7931&utm_campaign=20210704_Summer+Destinations&utm_source=Summer+Destinations-2021&utm_term=Experience&utm_content=Header&utm_medium=email User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 20:38:23 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=60 server-timing bon, total;dur=0.708305 cf-ray 669b2828fa2a4aa9-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/	13 KB 5 KB	63ms 47ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: www.gulfair.com URL: https://www.gulfair.com/on-board/our-cabin-experience?sc_src=email_1338797&sc_lid=108919503&sc_uid=2hycOWDJif&sc_llid=440414&sc_eh=d54e728ae371c7931&utm_campaign=20210704_Summer+Destinations&utm_source=Summer+Destinations-2021&utm_term=Experience&utm_content=Header&utm_medium=email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299 Request headers Referer https://www.gulfair.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 20:38:22 GMT content-encoding gzip last-modified Fri, 28 May 2021 17:24:20 GMT server cloudflare etag W/"5753bdd2-d310-49fa-bd2b-065a8e512116" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 669b28292fa24a85-FRA
GET H2	200	gettype.php Show response api.geetest.com/	515 B 784 B	354ms 290ms	Script text/javascript	34.255.83.155 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.geetest.com/gettype.php?gt=0fdbade8a0fe41cba0ff758456d23dfa&callback=geetest_1625431112319 Requested by Host: static.geetest.com URL: https://static.geetest.com/static/tools/gt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.255.83.155 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-255-83-155.eu-west-1.compute.amazonaws.com Software openresty / Resource Hash f383302ff2317bc9576b8f4712317cfb7cb7456c6d20a71f944a997ccd943649 Request headers Referer https://www.gulfair.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Jul 2021 20:38:23 GMT server openresty etag "32eaed19a1d2eb7b49af1c0a1f0101b373d6ff10" content-type text/javascript;charset=UTF-8 cache-control no-cache, no-store, must-revalidate content-length 515 expires 0
GET H2	200	fullpage.9.0.7.js Show response static.geetest.com/static/js/	313 KB 93 KB	24ms 10ms	Script application/javascript	2600:9000:20eb:2000:1:149e:16c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.geetest.com/static/js/fullpage.9.0.7.js Requested by Host: static.geetest.com URL: https://static.geetest.com/static/tools/gt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:2000:1:149e:16c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AliyunOSS / Resource Hash dc4c16d1855a221cee1dba0a0e13ca39177e61a4446a3ba4ebfb0965094f5830 Request headers Origin https://www.gulfair.com Referer https://www.gulfair.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 15:33:07 GMT content-encoding gzip x-oss-request-id 60DDDA9631724B3834F66234 content-md5 W9Mz+PxuGlIZh8ynP/4W1A== age 18316 x-cache Hit from cloudfront access-control-max-age 60 x-oss-object-type Normal access-control-allow-origin * last-modified Mon, 28 Jun 2021 01:47:13 GMT server AliyunOSS etag "5BD333F8FC6E1A521987CCA73FFE16D4" vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, HEAD content-type application/javascript via 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront) cache-control max-age=86400 x-oss-storage-class Standard x-amz-cf-pop FRA2-C1 x-oss-hash-crc64ecma 6988515106857491445 x-amz-cf-id 5YyEBB__6MrvRj4xuIud4NTYCVf-QsJLXmXDvNsMB2abzmga_a3xiw== x-oss-server-time 1 expires Thu, 24 Jun 2021 07:38:48 GMT
POST H3-29	200	6657193977244c13 Show response www.gulfair.com/	594 B 779 B	86ms 86ms	Fetch application/json	2606:4700:10::6816:346a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gulfair.com/6657193977244c13?d=www.gulfair.com Requested by Host: www.gulfair.com URL: https://www.gulfair.com/6657193977244c13 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:346a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 893bdbc3ac386af474c2a7478e907563ae82fd09c3c04f713eee647fb57cf810 Request headers sec-fetch-mode cors origin https://www.gulfair.com accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest empty content-length 5228 :path /6657193977244c13?d=www.gulfair.com pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type text/plain; charset=utf-8 accept application/json; charset=utf-8 cache-control no-cache :authority www.gulfair.com referer https://www.gulfair.com/on-board/our-cabin-experience?sc_src=email_1338797&sc_lid=108919503&sc_uid=2hycOWDJif&sc_llid=440414&sc_eh=d54e728ae371c7931&utm_campaign=20210704_Summer+Destinations&utm_source=Summer+Destinations-2021&utm_term=Experience&utm_content=Header&utm_medium=email :scheme https sec-fetch-site same-origin :method POST Accept application/json; charset=utf-8 Referer https://www.gulfair.com/on-board/our-cabin-experience?sc_src=email_1338797&sc_lid=108919503&sc_uid=2hycOWDJif&sc_llid=440414&sc_eh=d54e728ae371c7931&utm_campaign=20210704_Summer+Destinations&utm_source=Summer+Destinations-2021&utm_term=Experience&utm_content=Header&utm_medium=email User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain; charset=utf-8 Response headers date Sun, 04 Jul 2021 20:38:23 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control no-cache, no-store server-timing bon, total;dur=2.585798 cf-ray 669b282b58a54aa9-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	200	get.php Show response api.geetest.com/	851 B 1 KB	303ms 302ms	Script text/javascript	34.255.83.155 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.geetest.com/get.php?gt=0fdbade8a0fe41cba0ff758456d23dfa&challenge=3894714856a8d99b1ebc5016e722960f&lang=en&pt=0&client_type=web&w=losApnOkndCd1oyOqhnszAv8fTAP6v89L3iv8R8(FeWsOXZ7mkRFA)uyUw1LAUBLPHKOw9SMMHOlDVjspuhgU5ArlyYJK4JyLOLedXI2tlWAQp09qBI2)pqAYWezhJVvR0r)vlDKV3eGf)pz8m57ZlSD6BZooyFoZ9mzGDgXwP6fU(WtPlDvFSXjU)dIr5Zp5rmIHeh8Kebh1FYXeL7z4Yt0FQKdIAlJIww8)rYUkTay0yapl(U)lTsjSvZ)q771hXoiZsUZOQGzd2T1IdGRRF0dVlgiKUvTfJXsl5zkGjT)2Agm4U8M6I9943((fjnE)j0LDpGJWAVSjDV6mNKk5DWA(aTV7z7pzvaTtMsDqOCLOhSqBJ0flZyNLvrzfzBf3xKlbr1FUpeDtVapPi0isLk3Id23DhRUM8NHVz90b7E4jMdPK(NwTsbxBqYZtoEuM66l(9bxMPnmIJUWffA4l4W06(VFtO13upmuQ1FpyRJSQ1tFI84fbtd4RgVQXFoQ9dS9hbp6mjbkV4Tyv9P3FuqjWIOlghVhN2WBEwwdtlhh7sBu2jSOYX4sJnL(3QoKIiK1DqEx7VXxc7o(F0M)PvNgLaH)2UtH6ZH1z9RmRCtDz)wKfXPDzEcg7AlqWVk3JJYphzt8650t3EPj(U)TbF2T0iFsOj8NEG0DMJUySWdm9WXVXsLth4sLcRnBP9H3vDe8H4fV9DXdqAqtXQpfzH28S82a88RrpfnZ6IN)0Ji53Un3MtHXOTsy7SWiHKiyrN6bUg7jMXWbGUzFE2EKiMOmBreUzKoVefRq2KzFP7snj7yVMtlm9egvQENPLZeJB9zcdwqPrKgDjH4ZDmhqmzoYRXC0ZL8A3Tx)0ZwU(GxC0AOYOIa6HeACQ7qoaGpLCZSsOVJ)gWPAefQQIte1ciFOyWIC4yA4wmVKwuB3G6v5dRduUEoADidqt4nhxrmxPw1kAgxjVs)umrMlIu1bvoClR7hyCarQKvKLChTlyRBLn8L3DKsYMwNgNZpGK2KMFH5UypMufLcvNW0iOB0bKWuwJimIviXZVB1ssemjafZwHME7oeuib34OfXb)MZBAttRdPVnUNCxxsepu0kDFnHROAoUI5KEjX1Bx5y8GYUG7cyv8QfozKXi0HhLlIp98)ILtALgowViDZuyGm8f2da9XKc4dDak8wJJTLP4jO7)mzBBwKDbM4nDOVBa6qG5wbJ6)OdMkSr5PRb78iszSD8emzpawcKkDkcniCbgdbPIMlkcyZBO19KapuksaCdf8WOjD2yUUB1Odc3LRyfVu3Nddi)zFJgJqX9HLlBVCfdpPgSqsLm9NxgwWugcPk0dFkgCSlOdcWf7PLHXVI4iPWrXf7)c)UkNH5Bb0LcEC48b)DLyJjWs0F5)VkDt0Q8vQf3KubhTIGVe2mFL(pmNxqKMjxrQqg2US5cbH4xb1U3GGNboH(8FOCJOzPE2XH2M7)2MANBlccC)RmVk7)66huZpr9LkkdJNs1KOZfTXSGO8T6ofX8r1SlLXU)fn0pTRtjtA0f5QLajiqUucG01C5jvq3u4Lieu)DRSIvVKVLZh070CibePaYWyEM)tFfhGYsfsEIILJKlv1W)T7GrpzPaWH(sorvBJt59RFCysTkveiWJov5MVtlZMyGtuRQeGTM7266af697c18a9aabf6d6b980ed2a715acb226ba6dd734c4bf2a563826c40414ae9c003f3ec6e7f0bb402801f4c9ece2ac66ece230a150de642955b8fce86bc35802d7357483978aa1d000aa5c50f80700f06d0b52f6fba68813c1a7d274df47df7661a60953c7ac9749d8d1cfd1d6fd19e8153b9f5301a2d3a6d7ad8d307685&callback=geetest_1625431107486 Requested by Host: static.geetest.com URL: https://static.geetest.com/static/js/fullpage.9.0.7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.255.83.155 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-255-83-155.eu-west-1.compute.amazonaws.com Software openresty / Resource Hash 911a6ec5a055af33a1b11686cd6e7bac2338c6ce07b97506d4cf4000ff004f79 Request headers Referer https://www.gulfair.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Jul 2021 20:38:23 GMT server openresty etag "9948ca035773cb1dd7d7d24708d39d7834381183" content-type text/javascript;charset=UTF-8 cache-control no-cache, no-store, must-revalidate content-length 851 expires 0
POST H3-29	200	rum Show response www.gulfair.com/cdn-cgi/	0 166 B	18ms 17ms	XHR text/plain	2606:4700:10::6816:346a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gulfair.com/cdn-cgi/rum?req_id=669b28253cf0648b Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:346a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-fetch-mode cors origin https://www.gulfair.com accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest empty content-length 2702 :path /cdn-cgi/rum?req_id=669b28253cf0648b pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/json accept */* cache-control no-cache :authority www.gulfair.com referer https://www.gulfair.com/on-board/our-cabin-experience?sc_src=email_1338797&sc_lid=108919503&sc_uid=2hycOWDJif&sc_llid=440414&sc_eh=d54e728ae371c7931&utm_campaign=20210704_Summer+Destinations&utm_source=Summer+Destinations-2021&utm_term=Experience&utm_content=Header&utm_medium=email :scheme https sec-fetch-site same-origin :method POST Referer https://www.gulfair.com/on-board/our-cabin-experience?sc_src=email_1338797&sc_lid=108919503&sc_uid=2hycOWDJif&sc_llid=440414&sc_eh=d54e728ae371c7931&utm_campaign=20210704_Summer+Destinations&utm_source=Summer+Destinations-2021&utm_term=Experience&utm_content=Header&utm_medium=email User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/json Response headers date Sun, 04 Jul 2021 20:38:23 GMT content-encoding gzip x-content-type-options nosniff server cloudflare x-frame-options DENY access-control-allow-methods POST,OPTIONS content-type text/plain access-control-allow-origin https://www.gulfair.com access-control-max-age 86400 access-control-allow-credentials true cf-ray 669b282d0d2d4aa9-FRA vary Origin
GET H2	200	style_https.1.5.8.css static.geetest.com/static/wind/	40 KB 5 KB	7ms 7ms	Stylesheet text/css	2600:9000:20eb:2000:1:149e:16c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.geetest.com/static/wind/style_https.1.5.8.css Requested by Host: static.geetest.com URL: https://static.geetest.com/static/js/fullpage.9.0.7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:2000:1:149e:16c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AliyunOSS / Resource Hash 8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e Request headers Referer https://www.gulfair.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 03 Jul 2021 23:09:17 GMT content-encoding gzip x-oss-request-id 60DE4B1DCD8032343297F685 content-md5 P7aqz9WuLTiU8vALDV8yNg== age 77346 x-cache Hit from cloudfront x-oss-object-type Normal last-modified Tue, 24 Mar 2020 07:16:39 GMT server AliyunOSS etag "3FB6AACFD5AE2D3894F2F00B0D5F3236" vary Accept-Encoding content-type text/css via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) cache-control max-age=86400 x-oss-storage-class Standard x-amz-cf-pop FRA2-C1 x-oss-hash-crc64ecma 8727683345402674844 x-amz-cf-id 1Lho0PGBz8knVy6zI631trSJX34oG5NXdXSwIUh1DZWyMl5aRJKm1w== x-oss-server-time 1 expires Wed, 25 Mar 2020 07:16:37 GMT
GET H2	200	sprite.1.5.8.png static.geetest.com/static/wind/	3 KB 4 KB	8ms 8ms	Image image/png	2600:9000:20eb:2000:1:149e:16c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.geetest.com/static/wind/sprite.1.5.8.png Requested by Host: static.geetest.com URL: https://static.geetest.com/static/wind/style_https.1.5.8.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:2000:1:149e:16c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AliyunOSS / Resource Hash 0e743066373cce49251230c376f985e34018fabb8f30d8c643a3933c0143dd93 Request headers Referer https://static.geetest.com/static/wind/style_https.1.5.8.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 15:00:14 GMT via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) x-oss-request-id 60D51E85F9F24134309CF6D9 content-md5 uDxOrr+kOl0ccdj6TMxlOQ== age 34250 x-cache Hit from cloudfront content-length 3429 x-oss-object-type Normal last-modified Tue, 24 Mar 2020 07:45:06 GMT server AliyunOSS etag "B83C4EAEBFA43A5D1C71D8FA4CCC6539" content-type image/png cache-control max-age=86400 x-oss-storage-class Standard x-amz-cf-pop FRA2-C1 accept-ranges bytes x-oss-hash-crc64ecma 18443336215562156834 x-amz-cf-id 81rJ1iSpXjD2o9_g1I5jbZkycBJqpjnvFJ1IUVFxRhJF3CK1zuwEbQ== x-oss-server-time 1 expires Wed, 25 Mar 2020 07:16:41 GMT

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| showBlockPage function| initGeetest string| GeeGT string| GeeChallenge function| solvedCaptcha object| e object| __cfBeacon object| a0_0x26b2 function| a0_0x5181 object| reese84 function| reese84interrogator function| initializeProtection function| protectionSubmitCaptcha undefined| pure function| Geetest

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.geetest.com
link.marketing.gulfair.com
static.cloudflareinsights.com
static.geetest.com
www.gulfair.com
217.175.192.47
2600:9000:20eb:2000:1:149e:16c0:93a1
2606:4700:10::6816:346a
2606:4700::6810:5e41
34.255.83.155
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
0e743066373cce49251230c376f985e34018fabb8f30d8c643a3933c0143dd93
21f40cc0866409d1cb1190b38b172617fdb7848c68eaa138acc478ec3abc75ba
34e9d6c69d110adceb78130dcde0fbee8c3f30e8d791f074a1c4b11a44fd9ecd
893bdbc3ac386af474c2a7478e907563ae82fd09c3c04f713eee647fb57cf810
8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e
911a6ec5a055af33a1b11686cd6e7bac2338c6ce07b97506d4cf4000ff004f79
9d827ae0f76b3bd36d81ad271e873c8bf1c454a6f3d691a5e7b3e91e5b70a464
ae3ba80d27f58498e30a608ba76e00be1e90d4e49a293d00f8d67b392e66362b
dc4c16d1855a221cee1dba0a0e13ca39177e61a4446a3ba4ebfb0965094f5830
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f383302ff2317bc9576b8f4712317cfb7cb7456c6d20a71f944a997ccd943649