urlscan.io logo urlscan.io
SecurityTrails logo

www2.secure.esky.by Open in urlscan Pro
104.126.37.136  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www2.secure.esky.by/
Effective URL: https://www2.secure.esky.by//
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On December 21 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 43 HTTP transactions. The main IP is 104.126.37.136, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www2.secure.esky.by.
TLS certificate: Issued by R3 on December 21st 2023. Valid for: 3 months.
This is the only time www2.secure.esky.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    104.126.37.128 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-128.deploy.static.akamaitechnologies.com
www2.secure.esky.by
www2.esky.by
11    104.126.37.136 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-136.deploy.static.akamaitechnologies.com
www2.secure.esky.by
www2.esky.by
www.esky.by
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    18.239.50.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-51.ams58.r.cloudfront.net
static1.eskypartners.com
4    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
16 esky.by
www2.secure.esky.by
www2.esky.by
www.esky.by
432 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
569 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
34 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
88 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
188 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
1 eskypartners.com
static1.eskypartners.com — Cisco Umbrella Rank: 273990
8 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
43 8
Domain Requested by
10 www2.secure.esky.by 1 redirects www2.secure.esky.by
6 fonts.gstatic.com fonts.googleapis.com
www.google.com
5 www2.esky.by 1 redirects www2.secure.esky.by
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com www2.secure.esky.by
www.gstatic.com
www.google.com
2 connect.facebook.net www2.secure.esky.by
connect.facebook.net
2 www.googletagmanager.com www2.secure.esky.by
1 www.facebook.com connect.facebook.net
1 www.esky.by www2.secure.esky.by
1 static1.eskypartners.com www2.secure.esky.by
1 fonts.googleapis.com www2.secure.esky.by
43 11

This site contains links to these domains. Also see Links.

Domain
www2.esky.by
Subject Issuer Validity Valid
www.esky.nl
R3		 2023-12-21 -
2024-03-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
static1.eskypartners.com
Certum Domain Validation CA SHA2		 2023-06-29 -
2024-06-28		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-29 -
2023-12-28		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www2.secure.esky.by//
Frame ID: 117E18E631EF148569203BC5AFA435B3
Requests: 29 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_QGcaAAAAALG11yv7RiZ9suas8z0z9vuA3tiM&co=aHR0cHM6Ly93d3cyLnNlY3VyZS5lc2t5LmJ5OjQ0Mw..&hl=it&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=2mkxrxk0q1t
Frame ID: B813C0095FAD590559EB9E265C399962
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 - Page not found - eSky.by

Page URL History Show full URLs

  1. http://www2.secure.esky.by/ HTTP 301
    https://www2.secure.esky.by// Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

43
Requests

79 %
HTTPS

70 %
IPv6

8
Domains

11
Subdomains

11
IPs

2
Countries

1318 kB
Transfer

3446 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www2.secure.esky.by/ HTTP 301
    https://www2.secure.esky.by// Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://www2.esky.by/userzone/sdk.js HTTP 302
  • https://www.esky.by/

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www2.secure.esky.by//
Redirect Chain
  • http://www2.secure.esky.by/
  • https://www2.secure.esky.by//
62 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www2.secure.esky.by//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-136.deploy.static.akamaitechnologies.com
Software
esky-edge /
Resource Hash
fc65a9733b96bc723d03e18e61099f5322078cdd86f9aca81abdc7c51660a641
Security Headers
Name Value
Content-Security-Policy default-src 'nonce-dbd071ccc5cbeb746ee0744dab3b5bcc' 'self' www2.esky.by www2.secure.esky.by api.esky.com bookings.eskypartners.com secure.eskypartners.com https: *.3lift.com *.adara.com *.bidswitch.net *.bstatic.com *.clickmeter.com *.creativecdn.com *.criteo.com *.criteo.net *.doubleclick.net *.edestinos.com *.emjcd.com *.esky.co.uk *.esky.com *.esky.pl *.eskypartners.com *.facebook.com *.google-analytics.com *.google.al *.google.am *.google.at *.google.ba *.google.be *.google.bg *.google.bs *.google.by *.google.ca *.google.cat *.google.ch *.google.cl *.google.cn *.google.co *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.kr *.google.co.ma *.google.co.nz *.google.co.th *.google.co.uk *.google.co.ve *.google.co.za *.google.com *.google.com.ar *.google.com.au *.google.com.bo *.google.com.br *.google.com.co *.google.com.cu *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.gi *.google.com.gt *.google.com.hk *.google.com.jm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.ni *.google.com.pa *.google.com.pe *.google.com.ph *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sv *.google.com.tr *.google.com.tw *.google.com.ua *.google.com.uy *.google.com.vn *.google.cz *.google.de *.google.dk *.google.dm *.google.ee *.google.es *.google.eu *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.is *.google.it *.google.je *.google.li *.google.lk *.google.lt *.google.lu *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.mn *.google.mv *.google.nl *.google.no *.google.pl *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.si *.google.sk *.google.sm *.google.tn *.google.us *.googleadservices.com *.googlesyndication.com *.gstatic.com *.hotelbeds.com *.hotjar.com *.hotjar.io *.ipresso.pl *.msecnd.net *.riskified.com *.smartadserver.com *.socdm.com *.usercentrics.eu ad.360yield.com ad.yieldlab.net ade.clmbtech.com ads.avocet.io ads.travelaudience.com api.turismocity.com asa-isa.com bat.bing.com bat.r.msn.com beacon.krxd.net c.bing.com clickmeter.com cm.adform.net contextual.media.net creativecdn.com criteo-partners.tremorhub.com criteo-sync.teads.tv do1ztk2swfi8z.cloudfront.net dpm.demdex.net e1.emxdgt.com emjcd.com exchange.mediavine.com i.liadm.com i.travelapi.com ib.adnxs.com id5-sync.com idsync.rlcdn.com images.gta-travel.com match.sharethrough.com matching.ivitrack.com mczbf.com media.expedia.com mpsnare.iesnare.com mule.airtickets.com pixel.rubiconproject.com r.casalemedia.com rt.inistrack.net s.ad.smaato.net s.thebrighttag.com secure.rentalcars.com simage2.pubmatic.com stags.bluekai.com static.sojern.com sync-criteo.ads.yieldmo.com sync-t1.taboola.com sync.outbrain.com tags.bluekai.com trends.revcontent.com uk.cdn-net.com ups.analytics.yahoo.com visitor.omnitagjs.com ws://*.hotjar.com wss://*.hotjar.com www.googletagmanager.com www.googletraveladservices.com www.kayak.com www.mczbf.com www.tripadvisor.com x.dlx.addthis.com; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; frame-ancestors 'none'; report-uri /csp-report;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
max-age=0, must-revalidate, private
content-encoding
gzip
content-length
8482
content-security-policy
default-src 'nonce-dbd071ccc5cbeb746ee0744dab3b5bcc' 'self' www2.esky.by www2.secure.esky.by api.esky.com bookings.eskypartners.com secure.eskypartners.com https: *.3lift.com *.adara.com *.bidswitch.net *.bstatic.com *.clickmeter.com *.creativecdn.com *.criteo.com *.criteo.net *.doubleclick.net *.edestinos.com *.emjcd.com *.esky.co.uk *.esky.com *.esky.pl *.eskypartners.com *.facebook.com *.google-analytics.com *.google.al *.google.am *.google.at *.google.ba *.google.be *.google.bg *.google.bs *.google.by *.google.ca *.google.cat *.google.ch *.google.cl *.google.cn *.google.co *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.kr *.google.co.ma *.google.co.nz *.google.co.th *.google.co.uk *.google.co.ve *.google.co.za *.google.com *.google.com.ar *.google.com.au *.google.com.bo *.google.com.br *.google.com.co *.google.com.cu *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.gi *.google.com.gt *.google.com.hk *.google.com.jm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.ni *.google.com.pa *.google.com.pe *.google.com.ph *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sv *.google.com.tr *.google.com.tw *.google.com.ua *.google.com.uy *.google.com.vn *.google.cz *.google.de *.google.dk *.google.dm *.google.ee *.google.es *.google.eu *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.is *.google.it *.google.je *.google.li *.google.lk *.google.lt *.google.lu *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.mn *.google.mv *.google.nl *.google.no *.google.pl *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.si *.google.sk *.google.sm *.google.tn *.google.us *.googleadservices.com *.googlesyndication.com *.gstatic.com *.hotelbeds.com *.hotjar.com *.hotjar.io *.ipresso.pl *.msecnd.net *.riskified.com *.smartadserver.com *.socdm.com *.usercentrics.eu ad.360yield.com ad.yieldlab.net ade.clmbtech.com ads.avocet.io ads.travelaudience.com api.turismocity.com asa-isa.com bat.bing.com bat.r.msn.com beacon.krxd.net c.bing.com clickmeter.com cm.adform.net contextual.media.net creativecdn.com criteo-partners.tremorhub.com criteo-sync.teads.tv do1ztk2swfi8z.cloudfront.net dpm.demdex.net e1.emxdgt.com emjcd.com exchange.mediavine.com i.liadm.com i.travelapi.com ib.adnxs.com id5-sync.com idsync.rlcdn.com images.gta-travel.com match.sharethrough.com matching.ivitrack.com mczbf.com media.expedia.com mpsnare.iesnare.com mule.airtickets.com pixel.rubiconproject.com r.casalemedia.com rt.inistrack.net s.ad.smaato.net s.thebrighttag.com secure.rentalcars.com simage2.pubmatic.com stags.bluekai.com static.sojern.com sync-criteo.ads.yieldmo.com sync-t1.taboola.com sync.outbrain.com tags.bluekai.com trends.revcontent.com uk.cdn-net.com ups.analytics.yahoo.com visitor.omnitagjs.com ws://*.hotjar.com wss://*.hotjar.com www.googletagmanager.com www.googletraveladservices.com www.kayak.com www.mczbf.com www.tripadvisor.com x.dlx.addthis.com; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; frame-ancestors 'none'; report-uri /csp-report;
content-type
text/html; charset=UTF-8
date
Thu, 21 Dec 2023 12:13:16 GMT
esky-correlation-id
1D3D2DE4-E919-1D73-E180-D7EBB2D31B1F
expires
Thu, 21 Dec 2023 12:13:16 GMT
pragma
no-cache
server
esky-edge
strict-transport-security
max-age=31536000; includeSubDomains; preload;
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-generated-by
dbr-transaction-process-b1901
x-request-id
12dfff5350517a9d3abdd8243b0bcd069597e589
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
174
Content-Security-Policy-Report-Only
frame-ancestors 'self' https://skybox.eskypartners.com; report-uri https://secure.esky.com/csp-report
Content-Type
text/html
Date
Thu, 21 Dec 2023 12:13:16 GMT
Location
https://www2.secure.esky.by//
Server
esky-edge
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
default.css
www2.secure.esky.by/res/https/b1901/flights/css/default/templates/ 		145 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www2.secure.esky.by/res/https/b1901/flights/css/default/templates/default.css
Requested by
Host: www2.secure.esky.by
URL: https://www2.secure.esky.by//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-136.deploy.static.akamaitechnologies.com
Software
esky-edge /
Resource Hash
3012c205f6c6cd7d085bdb030e82c79dee509d3eb458a1af8b21bc0d155c05aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www2.secure.esky.by//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 12:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
last-modified
Fri, 01 Dec 2023 08:12:53 GMT
server
esky-edge
referrer-policy
strict-origin-when-cross-origin
etag
"2430e-60b6e55bcab40-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
24500
x-xss-protection
1; mode=block
404.css
www2.secure.esky.by/res/https/b1901/flights/css/default/pages/errors/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www2.secure.esky.by/res/https/b1901/flights/css/default/pages/errors/404.css
Requested by
Host: www2.secure.esky.by
URL: https://www2.secure.esky.by//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-136.deploy.static.akamaitechnologies.com
Software
esky-edge /
Resource Hash
3e76ee6b1c06c9b58bef057860331e63cee8bde7b3ec2f0815c16c5c10e665f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www2.secure.esky.by//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 12:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
last-modified
Fri, 01 Dec 2023 08:12:53 GMT
server
esky-edge
referrer-policy
strict-origin-when-cross-origin
etag
"57b2-60b6e55bcab40-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
4842
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext
Requested by
Host: www2.secure.esky.by
URL: https://www2.secure.esky.by//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1fb94d95d1da111ff60c9a78c7b80967568b61871c62e36164ea3980fdbec27b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www2.secure.esky.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Dec 2023 12:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 12:13:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Dec 2023 12:13:16 GMT
eskybydbr30-white.svg
static1.eskypartners.com/logos/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.eskypartners.com/logos/eskybydbr30-white.svg
Requested by
Host: www2.secure.esky.by
URL: https://www2.secure.esky.by//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.50.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-50-51.ams58.r.cloudfront.net
Software
esky-edge /
Resource Hash
7910eef3215a2699b0f7dd7d366ba957945a3d85406e4e6bcc006fd853cb02ea

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www2.secure.esky.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 12:13:16 GMT
via
1.1 64e65d847e47fbcbf4dc70bc1c185676.cloudfront.net (CloudFront)
last-modified
Wed, 06 Nov 2019 10:33:40 GMT
server
esky-edge
x-amz-cf-pop
AMS58-P3
etag
"5dc2a184-1f40"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
content-length
8000
x-amz-cf-id
IuPRceljaaWOi2MgouMrCI4abG8uWV7MSumttscjnn_uaz6iCiQSMg==
expires
Thu, 28 Dec 2023 12:13:16 GMT
enterprise.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6Ld_QGcaAAAAALG11yv7RiZ9suas8z0z9vuA3tiM
Requested by
Host: www2.secure.esky.by
URL: https://www2.secure.esky.by//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ed0cb25daf7999595c6da9a56d96e1f81790d70b98b9d097b79f1231d3249e1f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www2.secure.esky.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 12:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 21 Dec 2023 12:13:16 GMT
/
www.esky.by/
Redirect Chain
  • https://www2.esky.by/userzone/sdk.js
  • https://www.esky.by/
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.esky.by/
Requested by
Host: www2.secure.esky.by
URL: https://www2.secure.esky.by//
Protocol
H2
Server
104.126.37.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-136.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www2.secure.esky.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date
Thu, 21 Dec 2023 12:13:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
esky-edge
content-security-policy-report-only
frame-ancestors 'self' https://skybox.eskypartners.com; report-uri https://secure.esky.com/csp-report
content-type
text/html
location
https://www.esky.by/
content-length
150
x-xss-protection
1; mode=block
common.js
www2.secure.esky.by/res/https/b1901/flights/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.secure.esky.by/res/https/b1901/flights/js/common.js
Requested by
Host: www2.secure.esky.by
URL: https://www2.secure.esky.by//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-136.deploy.static.akamaitechnologies.com
Software
esky-edge /
Resource Hash
76bc7763939ef093e1f277205bfe9e91881a06b718e8f5a7d9856b6ac2710679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www2.secure.esky.by//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 12:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
last-modified
Fri, 01 Dec 2023 08:18:21 GMT
server
esky-edge
referrer-policy
strict-origin-when-cross-origin
etag
"43a3-60b6e69498d40-gzip"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
5274
x-xss-protection
1; mode=block
default.js
www2.secure.esky.by/res/https/b1901/flights/js/pages/ 		527 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.secure.esky.by/res/https/b1901/flights/js/pages/default.js
Requested by
Host: www2.secure.esky.by
URL: https://www2.secure.esky.by//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-136.deploy.static.akamaitechnologies.com
Software
esky-edge /
Resource Hash
24184e2b261e69fb993d875a71fb6a37cabbd877be4ceaeaac361144d5f56f25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www2.secure.esky.by//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 12:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
last-modified
Fri, 01 Dec 2023 08:18:21 GMT
server
esky-edge
referrer-policy
strict-origin-when-cross-origin
etag
"83c41-60b6e69498d40-gzip"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
x-xss-protection
1; mode=block
ru_by.js
www2.secure.esky.by/res/https/b1901/flights/js/partners-locale/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.secure.esky.by/res/https/b1901/flights/js/partners-locale/ru_by.js
Requested by
Host: www2.secure.esky.by
URL: https://www2.secure.esky.by//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-136.deploy.static.akamaitechnologies.com
Software
esky-edge /
Resource Hash
2c9c5c2650a75f95b76da290fdd24d1450dec5e969ac5aa975d40c34841d772e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www2.secure.esky.by//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 12:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
last-modified
Fri, 01 Dec 2023 08:18:21 GMT
server
esky-edge
referrer-policy
strict-origin-when-cross-origin
etag
"3361-60b6e69498d40-gzip"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
3269
x-xss-protection
1; mode=block
404.js
www2.secure.esky.by/res/https/b1901/flights/js/errors/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.secure.esky.by/res/https/b1901/flights/js/errors/404.js
Requested by
Host: www2.secure.esky.by
URL: https://www2.secure.esky.by//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-136.deploy.static.akamaitechnologies.com
Software
esky-edge /
Resource Hash
ef61a3ad760186d77c7662afd8ad76e1e1432959097435e5c9ded238af02b5c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www2.secure.esky.by//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 12:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
last-modified
Fri, 01 Dec 2023 08:18:21 GMT
server
esky-edge
referrer-policy
strict-origin-when-cross-origin
etag
"1320-60b6e69498d40-gzip"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
1520
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		169 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WMQ4KZW
Requested by
Host: www2.secure.esky.by
URL: https://www2.secure.esky.by//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b429e7542494e270a049eaaade962e3d11ae17ac4eb6e57218928da138a203fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www2.secure.esky.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 12:13:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
62443
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Dec 2023 12:13:16 GMT
recaptcha__it.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 		504 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__it.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Ld_QGcaAAAAALG11yv7RiZ9suas8z0z9vuA3tiM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13fc70e3424b13b1b2871e2aa39e2592a53ed7bf6a4af37a1973cee9fa6e45cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www2.secure.esky.by/
Origin
https://www2.secure.esky.by
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:37:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206926
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Dec 2024 19:37:47 GMT
eSKY.ttf
www2.secure.esky.by/res/https/b1901/flights/fonts/ 		155 KB
155 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www2.secure.esky.by/res/https/b1901/flights/fonts/eSKY.ttf?dhoxie
Requested by
Host: www2.secure.esky.by
URL: https://www2.secure.esky.by/res/https/b1901/flights/css/default/templates/default.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-136.deploy.static.akamaitechnologies.com
Software
esky-edge /
Resource Hash
76687fb0e583f3720fb10d603150ea00d251a54ac24605a56fd9e8c940db0acb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www2.secure.esky.by/res/https/b1901/flights/css/default/templates/default.css
Origin
https://www2.secure.esky.by
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 12:13:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Dec 2023 08:15:28 GMT
server
esky-edge
etag
"26a88-60b6e5ef9c800"
content-type
font/ttf
accept-ranges
bytes
content-length
158344
x-xss-protection
1; mode=block
4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caeaf02fa4a8a45438c270767c4e50fc7f3ed5f94a4c90984eaacb87c2e8a693
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www2.secure.esky.by
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:54:17 GMT
x-content-type-options
nosniff
age
184739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18200
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:10:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 08:54:17 GMT
o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5ardu2ui.woff2
fonts.gstatic.com/s/notosans/v35/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v35/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5ardu2ui.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3eaaacd78ca10c4fa18e7d7311769484e322a4d1061b2faf05651e799d3d477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www2.secure.esky.by
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 09:09:01 GMT
x-content-type-options
nosniff
age
183855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21196
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 20:08:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 09:09:01 GMT
o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v35/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v35/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ce617e28c528cae254492f317057575634a707c324c4bcaa253f6a576cd8926
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www2.secure.esky.by
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:36:01 GMT
x-content-type-options
nosniff
age
247035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39552
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 20:09:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Dec 2024 15:36:01 GMT
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www2.secure.esky.by
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:45:55 GMT
x-content-type-options
nosniff
age
498441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29752
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:05:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 17:45:55 GMT
gtm.js
www.googletagmanager.com/ 		539 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NH83QL6
Requested by
Host: www2.secure.esky.by
URL: https://www2.secure.esky.by//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cadd0dbbf8e3394892096495b72c49950fbca6c0cae1a5d308f694e16dca5a15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www2.secure.esky.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 12:13:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
128989
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Dec 2023 12:13:16 GMT
log
www2.esky.by/_fe/ Frame 		0
0
cookies
www2.esky.by/pass/ Frame 		0
0
log
www2.esky.by/_fe/ 		0
0
cookies
www2.esky.by/pass/ 		0
0
2.js
www2.secure.esky.by/res/https/b1901/flights/js/ 		210 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.secure.esky.by/res/https/b1901/flights/js/2.js
Requested by
Host: www2.secure.esky.by
URL: https://www2.secure.esky.by/res/https/b1901/flights/js/common.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-136.deploy.static.akamaitechnologies.com
Software
esky-edge /
Resource Hash
1b9b9ab55dbed3ac6602412b04b0f73eafbd6dea3f7b4500cdddcd5a0803fa70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www2.secure.esky.by//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 12:13:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
last-modified
Fri, 01 Dec 2023 08:18:21 GMT
server
esky-edge
referrer-policy
strict-origin-when-cross-origin
etag
"349da-60b6e69498d40-gzip"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
x-xss-protection
1; mode=block
sdk.js
connect.facebook.net/ru_BY/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_BY/sdk.js
Requested by
Host: www2.secure.esky.by
URL: https://www2.secure.esky.by//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e2f2b56f84cb414e10a2c11b5ec696d9c431032cce59a4faa2f520642e6d5e73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www2.secure.esky.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 21 Dec 2023 12:13:17 GMT
content-md5
XyfRC6raSJflQkBJ093P9A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
x-fb-debug
Ku2Db2dfBoobj1lgqHfqAR5pl1CCChMJuMOHSopJmGA10SWLPFI547opcLHdSLJWhbJKa9qEDPzETHQOVUEFUA==
x-fb-content-md5
452ce96558682a6329f742d4700ad1bd
cross-origin-opener-policy
same-origin-allow-popups
etag
"c85d827ffd1dd740c54430f5af9e4a15"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 21 Dec 2023 12:33:17 GMT
anchor
www.google.com/recaptcha/enterprise/ Frame B813 		41 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_QGcaAAAAALG11yv7RiZ9suas8z0z9vuA3tiM&co=aHR0cHM6Ly93d3cyLnNlY3VyZS5lc2t5LmJ5OjQ0Mw..&hl=it&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=2mkxrxk0q1t
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__it.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
aa8d548cf6cb84eeb01dc99ce67f714a6ca2fd658fb8084f41b06a3b95835392
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LTbQ4aM3kgKPa7Jr_glTZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www2.secure.esky.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-LTbQ4aM3kgKPa7Jr_glTZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 12:13:17 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame B813 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_QGcaAAAAALG11yv7RiZ9suas8z0z9vuA3tiM&co=aHR0cHM6Ly93d3cyLnNlY3VyZS5lc2t5LmJ5OjQ0Mw..&hl=it&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=2mkxrxk0q1t
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 08:00:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15153
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 08:00:44 GMT
recaptcha__it.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame B813 		504 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__it.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_QGcaAAAAALG11yv7RiZ9suas8z0z9vuA3tiM&co=aHR0cHM6Ly93d3cyLnNlY3VyZS5lc2t5LmJ5OjQ0Mw..&hl=it&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=2mkxrxk0q1t
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13fc70e3424b13b1b2871e2aa39e2592a53ed7bf6a4af37a1973cee9fa6e45cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:37:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206926
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Dec 2024 19:37:47 GMT
sdk.js
connect.facebook.net/en_US/ 		297 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f41076a0f02bb784259a85bcd2167373
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_BY/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d494ae733a48c19a9ebaf16cab443ff219cd4139c5d149499d111536aa6210fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www2.secure.esky.by/
Origin
https://www2.secure.esky.by
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 21 Dec 2023 12:13:17 GMT
content-md5
b3KJ4RcJDMkjLX3f3GI3ww==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86868
reporting-endpoints
x-fb-debug
xexEk2cYo/XZeKVQslJH5+wHIbAYcYEmy3tVAJszVnXInUF3SHZzcbA7d3LaBAAyTcGwo7to6j0e137YDv2xUg==
x-fb-content-md5
4b9e26298a7b1af949aafa67f4386af7
cross-origin-opener-policy
same-origin-allow-popups
etag
"32bc295bba9f9a99593a245043ed097c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 20 Dec 2024 12:13:17 GMT
SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js
www.google.com/js/bg/ Frame B813 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__it.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_QGcaAAAAALG11yv7RiZ9suas8z0z9vuA3tiM&co=aHR0cHM6Ly93d3cyLnNlY3VyZS5lc2t5LmJ5OjQ0Mw..&hl=it&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=2mkxrxk0q1t
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:58:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
4470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6849
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 10:58:47 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B813 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 21:09:58 GMT
x-content-type-options
nosniff
age
226999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 25 Dec 2023 21:09:58 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B813 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_QGcaAAAAALG11yv7RiZ9suas8z0z9vuA3tiM&co=aHR0cHM6Ly93d3cyLnNlY3VyZS5lc2t5LmJ5OjQ0Mw..&hl=it&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=2mkxrxk0q1t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 23:26:56 GMT
x-content-type-options
nosniff
age
564381
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B813 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_QGcaAAAAALG11yv7RiZ9suas8z0z9vuA3tiM&co=aHR0cHM6Ly93d3cyLnNlY3VyZS5lc2t5LmJ5OjQ0Mw..&hl=it&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=2mkxrxk0q1t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 21:01:27 GMT
x-content-type-options
nosniff
age
54710
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Dec 2024 21:01:27 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame B813 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=it&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_QGcaAAAAALG11yv7RiZ9suas8z0z9vuA3tiM&co=aHR0cHM6Ly93d3cyLnNlY3VyZS5lc2t5LmJ5OjQ0Mw..&hl=it&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=2mkxrxk0q1t
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1e962e4e5d7fc314fc84eb0bb72947f6f7e65eee405991e5fa461b763c3160d1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_QGcaAAAAALG11yv7RiZ9suas8z0z9vuA3tiM&co=aHR0cHM6Ly93d3cyLnNlY3VyZS5lc2t5LmJ5OjQ0Mw..&hl=it&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=2mkxrxk0q1t
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 12:13:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 21 Dec 2023 12:13:17 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=394663683924793&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww2.secure.esky.by%2F%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=f41076a0f02bb784259a85bcd2167373
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www2.secure.esky.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
strict-transport-security
max-age=15552000; preload
date
Thu, 21 Dec 2023 12:13:17 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
UaO3Zac0MZ3/DEAAM+aE9MnE1SZ0EACtXS1MyaSI1oeiyNZ6+a0HzqP72HCSukT47SNV4to+BN20CVelyODPhg==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www2.secure.esky.by
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
v1.1
www2.esky.by/patalyst/ 		0
237 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www2.esky.by/patalyst/v1.1
Requested by
Host: www2.secure.esky.by
URL: https://www2.secure.esky.by/res/https/b1901/flights/js/pages/default.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-128.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www2.secure.esky.by/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Dec 2023 12:13:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
api-supported-versions
1.0, 1.1, 1.2
server
nginx
access-control-allow-origin
*
x-envoy-upstream-service-time
0
content-length
0
x-xss-protection
1; mode=block
v1.1
www2.esky.by/patalyst/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www2.esky.by/patalyst/v1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-128.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Origin
https://www2.secure.esky.by
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-methods
POST
access-control-allow-origin
*
date
Thu, 21 Dec 2023 12:13:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
x-xss-protection
1; mode=block
v1.1
www2.esky.by/patalyst/ 		0
237 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www2.esky.by/patalyst/v1.1
Requested by
Host: www2.secure.esky.by
URL: https://www2.secure.esky.by/res/https/b1901/flights/js/pages/default.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-128.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www2.secure.esky.by/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Dec 2023 12:13:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
api-supported-versions
1.0, 1.1, 1.2
server
nginx
access-control-allow-origin
*
x-envoy-upstream-service-time
0
content-length
0
x-xss-protection
1; mode=block
v1.1
www2.esky.by/patalyst/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www2.esky.by/patalyst/v1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-128.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Origin
https://www2.secure.esky.by
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-methods
POST
access-control-allow-origin
*
date
Thu, 21 Dec 2023 12:13:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
x-xss-protection
1; mode=block
rum
www2.esky.by/_fe/ Frame 		0
0
rum
www2.esky.by/_fe/ Frame 		0
0
rum
www2.esky.by/_fe/ 		0
0
rum
www2.esky.by/_fe/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www2.esky.by
URL
https://www2.esky.by/_fe/log
Domain
www2.esky.by
URL
https://www2.esky.by/pass/cookies?partner_id=ESKYBYWWW2
Domain
www2.esky.by
URL
https://www2.esky.by/_fe/log
Domain
www2.esky.by
URL
https://www2.esky.by/pass/cookies?partner_id=ESKYBYWWW2
Domain
www2.esky.by
URL
https://www2.esky.by/_fe/rum
Domain
www2.esky.by
URL
https://www2.esky.by/_fe/rum
Domain
www2.esky.by
URL
https://www2.esky.by/_fe/rum
Domain
www2.esky.by
URL
https://www2.esky.by/_fe/rum

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| setFirstTimeVisit object| dataLayer object| _eac function| extendObj object| ibeConfig object| dbrRoutes object| requireJsConfig object| i18n object| logger function| i18nExtend undefined| shim object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| uzAsyncInit object| google_tag_manager object| google_tag_data object| recaptcha function| postscribe object| google_tag_manager_external function| webpackJsonpV3 object| jQBrowser object| __locale__ function| fbAsyncInit object| closure_lm_294534 object| FB object| __buffer object| _eas object| utmz

13 Cookies

Domain/Path Name / Value
www2.secure.esky.by/ Name: uguid
Value: 4b1ce7f7e0bec8f5751fbc0062c45f8f65762737
.secure.esky.by/ Name: ak_bmsc
Value: C5F03E8A5177DB83B37CADDC8B867412~000000000000000000000000000000~YAAQhCV+aAKCrWeMAQAAAFVLjBZI7C4pWDgZ4x0nmt9iKdOMsZQo7rR0ksx1Fv9K8jXK3iaeEQZM8pasutCQRPeMMhocajMk+68GJX2mcJ6HAgkXmM7UiXvt38tlNq9bOJ3hVuDkvVPLQrv+hGC++OffOquHLmLcJa1t4ypdWVXFnE++XeXqat/PZ3guiRRfT+nVovoLSiDxxb2wNjc8kf8e7LVIIjiFs39WaivFY3F7sD1/T+oVevYNraf1axoJRBbQ86jO2nTQYvKjpqNoZZ//oglZ7WgfJu1pXBRuR/UwG2ayTm6gVlI0/HXGV+d8hjQBbj9uhs3Yg8FaSS8kQbU4QtcZgGqL4q75DcB+mWB8sKgPFAGUp7rFWv4TwSCbteCz05qCGhbvmRo7trVY
www2.secure.esky.by/ Name: firstTimeVisit
Value: 202312211313
.esky.by/ Name: ak_bmsc
Value: E1B5F01224CE0F1EDB65E17BABD72185~000000000000000000000000000000~YAAQhCV+aCuCrWeMAQAAtVZLjBal+WYl4C4gm3QN1pbA6miF18pKv7h7kY8I0jIGqqkxQgWapC65X3dOLz4tM1hyIh68sLgkTOe5PVdLhZyqTUg6mtCueiq7GGLktmbVZ/MLowtAmKIINbb12pExR4Oo2xG0zPsJZ2A8XURvdEXKeuPyDsMDNU3DpjEr7jWdlzu4+W1ZKof5L/vrwXAxUrhOYVqT4TOm7TapGJ9rmTO4GZoRPTGVMfk/4q8Z1ra9ewIpfSNvS9sXpKNltSHxKiGgDRLBFDua4upZ4CtGREOZ0PuZG1nkzIC5ltv6QvgYO5mOQzp0o2o7KO2mW5sOu/QPlEc/DkT+c9s2jabvgkmLYabMwQXSrgw0w0L5/qgU8wFttbRHMww=
.esky.by/ Name: _gcl_au
Value: 1.1.617647644.1703160797
.esky.by/ Name: bm_mi
Value: 7673861837ED5B13477662679381BC02~YAAQhCV+aESCrWeMAQAAsFdLjBbk8B3PrtMD75kDErGJoEyrrmXeRd+rQ0eR4xTtXVJqrt0PSITMaCki2oQnpMwTeO1AT3ILbAppf05Q0+xsTVmwQNXsqABcpALivCrO9S5g2lJGukFsbaEOzaxGBa6wCpvs82Yu2FOvWyinJ4oJ4kMz7eNw5dcrZeYyBMabcME0/N5U09K+g7QaP/A93WS+yxiftfD/1QPQEBdAxn/9sn/u6cayRStLaNVxC7JfPXFZ9VTy5j+1fUIMx8LrHe7n9NOzi7FSDGXXfO33Y/nMM+/O5QlUCjo=~1
.esky.by/ Name: bm_sv
Value: F07488BBE1CFE0486C085DB5B0642289~YAAQhCV+aEWCrWeMAQAAsFdLjBYWLGrG6ziOFwLdtD2SIcNGqFguURfnj7oO6ODFmGJUcxe4+BANxZeedlf/vpO7/2WontnSW0o9VTAUR8ndcR3p5pv87zYSKDz8jeGb/fxnttPK0wVWorECA000wAws8wSmrJ9wLAY2gOYpTk9bIF+btEHDdk7mQEYoxkJflczP2O/7+BVFHEVMx7aRh2sjyg85ez4LBsmzZLeIXfQLuY6ILipFS0QAL5UL~1
.esky.by/ Name: esky_TCSI
Value: FIWA1703160797135
www2.secure.esky.by/ Name: newUser
Value: FIWA1703160797135
.esky.by/ Name: esky_TCSIS
Value: RUPIF1703160797135
.esky.by/ Name: MasterId
Value: 890e5c30-c990-5d3f-aa50-a23c33fb083d
www2.secure.esky.by/ Name: esky_TCTTIStart
Value: 1703160797136
www2.secure.esky.by/ Name: UniqueUserId
Value: 056ebdbd4249d141f25deaf7dfeeca00

9 Console Messages

Source Level URL
Text
network error URL: https://www2.secure.esky.by//
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://www2.secure.esky.by//
Message:
Access to XMLHttpRequest at 'https://www2.esky.by/_fe/log' from origin 'https://www2.secure.esky.by' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
network error URL: https://www2.esky.by/_fe/log
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www2.secure.esky.by//
Message:
Access to XMLHttpRequest at 'https://www2.esky.by/pass/cookies?partner_id=ESKYBYWWW2' from origin 'https://www2.secure.esky.by' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
network error URL: https://www2.esky.by/pass/cookies?partner_id=ESKYBYWWW2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www2.secure.esky.by//
Message:
Access to XMLHttpRequest at 'https://www2.esky.by/_fe/rum' from origin 'https://www2.secure.esky.by' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
network error URL: https://www2.esky.by/_fe/rum
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www2.secure.esky.by//
Message:
Access to XMLHttpRequest at 'https://www2.esky.by/_fe/rum' from origin 'https://www2.secure.esky.by' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
network error URL: https://www2.esky.by/_fe/rum
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'nonce-dbd071ccc5cbeb746ee0744dab3b5bcc' 'self' www2.esky.by www2.secure.esky.by api.esky.com bookings.eskypartners.com secure.eskypartners.com https: *.3lift.com *.adara.com *.bidswitch.net *.bstatic.com *.clickmeter.com *.creativecdn.com *.criteo.com *.criteo.net *.doubleclick.net *.edestinos.com *.emjcd.com *.esky.co.uk *.esky.com *.esky.pl *.eskypartners.com *.facebook.com *.google-analytics.com *.google.al *.google.am *.google.at *.google.ba *.google.be *.google.bg *.google.bs *.google.by *.google.ca *.google.cat *.google.ch *.google.cl *.google.cn *.google.co *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.kr *.google.co.ma *.google.co.nz *.google.co.th *.google.co.uk *.google.co.ve *.google.co.za *.google.com *.google.com.ar *.google.com.au *.google.com.bo *.google.com.br *.google.com.co *.google.com.cu *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.gi *.google.com.gt *.google.com.hk *.google.com.jm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.ni *.google.com.pa *.google.com.pe *.google.com.ph *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sv *.google.com.tr *.google.com.tw *.google.com.ua *.google.com.uy *.google.com.vn *.google.cz *.google.de *.google.dk *.google.dm *.google.ee *.google.es *.google.eu *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.is *.google.it *.google.je *.google.li *.google.lk *.google.lt *.google.lu *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.mn *.google.mv *.google.nl *.google.no *.google.pl *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.si *.google.sk *.google.sm *.google.tn *.google.us *.googleadservices.com *.googlesyndication.com *.gstatic.com *.hotelbeds.com *.hotjar.com *.hotjar.io *.ipresso.pl *.msecnd.net *.riskified.com *.smartadserver.com *.socdm.com *.usercentrics.eu ad.360yield.com ad.yieldlab.net ade.clmbtech.com ads.avocet.io ads.travelaudience.com api.turismocity.com asa-isa.com bat.bing.com bat.r.msn.com beacon.krxd.net c.bing.com clickmeter.com cm.adform.net contextual.media.net creativecdn.com criteo-partners.tremorhub.com criteo-sync.teads.tv do1ztk2swfi8z.cloudfront.net dpm.demdex.net e1.emxdgt.com emjcd.com exchange.mediavine.com i.liadm.com i.travelapi.com ib.adnxs.com id5-sync.com idsync.rlcdn.com images.gta-travel.com match.sharethrough.com matching.ivitrack.com mczbf.com media.expedia.com mpsnare.iesnare.com mule.airtickets.com pixel.rubiconproject.com r.casalemedia.com rt.inistrack.net s.ad.smaato.net s.thebrighttag.com secure.rentalcars.com simage2.pubmatic.com stags.bluekai.com static.sojern.com sync-criteo.ads.yieldmo.com sync-t1.taboola.com sync.outbrain.com tags.bluekai.com trends.revcontent.com uk.cdn-net.com ups.analytics.yahoo.com visitor.omnitagjs.com ws://*.hotjar.com wss://*.hotjar.com www.googletagmanager.com www.googletraveladservices.com www.kayak.com www.mczbf.com www.tripadvisor.com x.dlx.addthis.com; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; frame-ancestors 'none'; report-uri /csp-report;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
static1.eskypartners.com
www.esky.by
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www2.esky.by
www2.secure.esky.by
www2.esky.by
104.126.37.128
104.126.37.136
18.239.50.51
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2003
2a00:1450:4001:827::2004
2a00:1450:4001:831::200a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
13fc70e3424b13b1b2871e2aa39e2592a53ed7bf6a4af37a1973cee9fa6e45cb
1b9b9ab55dbed3ac6602412b04b0f73eafbd6dea3f7b4500cdddcd5a0803fa70
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e962e4e5d7fc314fc84eb0bb72947f6f7e65eee405991e5fa461b763c3160d1
1fb94d95d1da111ff60c9a78c7b80967568b61871c62e36164ea3980fdbec27b
24184e2b261e69fb993d875a71fb6a37cabbd877be4ceaeaac361144d5f56f25
2c9c5c2650a75f95b76da290fdd24d1450dec5e969ac5aa975d40c34841d772e
3012c205f6c6cd7d085bdb030e82c79dee509d3eb458a1af8b21bc0d155c05aa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e76ee6b1c06c9b58bef057860331e63cee8bde7b3ec2f0815c16c5c10e665f4
487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
76687fb0e583f3720fb10d603150ea00d251a54ac24605a56fd9e8c940db0acb
76bc7763939ef093e1f277205bfe9e91881a06b718e8f5a7d9856b6ac2710679
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7910eef3215a2699b0f7dd7d366ba957945a3d85406e4e6bcc006fd853cb02ea
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7ce617e28c528cae254492f317057575634a707c324c4bcaa253f6a576cd8926
a3eaaacd78ca10c4fa18e7d7311769484e322a4d1061b2faf05651e799d3d477
aa8d548cf6cb84eeb01dc99ce67f714a6ca2fd658fb8084f41b06a3b95835392
b429e7542494e270a049eaaade962e3d11ae17ac4eb6e57218928da138a203fb
cadd0dbbf8e3394892096495b72c49950fbca6c0cae1a5d308f694e16dca5a15
caeaf02fa4a8a45438c270767c4e50fc7f3ed5f94a4c90984eaacb87c2e8a693
d494ae733a48c19a9ebaf16cab443ff219cd4139c5d149499d111536aa6210fd
e2f2b56f84cb414e10a2c11b5ec696d9c431032cce59a4faa2f520642e6d5e73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed0cb25daf7999595c6da9a56d96e1f81790d70b98b9d097b79f1231d3249e1f
ef61a3ad760186d77c7662afd8ad76e1e1432959097435e5c9ded238af02b5c8
fc65a9733b96bc723d03e18e61099f5322078cdd86f9aca81abdc7c51660a641