www.netflights.com Open in urlscan Pro
104.17.68.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://netflights.com/
Effective URL:
https://www.netflights.com/
Submission: On February 19 via manual (February 19th 2023, 11:53:35 am UTC) from GB — Scanned from GB

Summary HTTP 85 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 33 IPs in 6 countries across 20 domains to perform 85 HTTP transactions. The main IP is 104.17.68.6, located in and belongs to CLOUDFLARENET, US. The main domain is www.netflights.com.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on July 18th 2022. Valid for: a year.

This is the only time www.netflights.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.17.234.108 104.17.234.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 12	104.17.235.108 104.17.235.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	104.17.68.6 104.17.68.6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
2	52.222.214.97 52.222.214.97	16509 (AMAZON-02) (AMAZON-02)
1	185.32.80.216 185.32.80.216	42263 (GERMANEDG...) (GERMANEDGECLOUD)
7	109.169.42.14 109.169.42.14	20860 (IOMART-AS) (IOMART-AS)
7	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 6	142.251.208.134 142.251.208.134	15169 (GOOGLE) (GOOGLE)
1	13.32.110.120 13.32.110.120	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 5	34.255.115.245 34.255.115.245	16509 (AMAZON-02) (AMAZON-02)
2	185.32.83.83 185.32.83.83	42263 (GERMANEDG...) (GERMANEDGECLOUD)
1	185.32.83.82 185.32.83.82	42263 (GERMANEDG...) (GERMANEDGECLOUD)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:214... 2600:9000:214f:dc00:7:a364:ab80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.186.231.97 35.186.231.97	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:401::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	20.191.43.109 20.191.43.109	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	51.138.228.101 51.138.228.101	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	3.71.138.13 3.71.138.13	16509 (AMAZON-02) (AMAZON-02)
1	20.223.27.194 20.223.27.194	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.5.21.172 3.5.21.172	14618 (AMAZON-AES) (AMAZON-AES)
85	33

1 104.17.234.108 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

netflights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.17.235.108 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

netflights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v2api.netflights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.17.68.6 (None, )

ASN13335 (CLOUDFLARENET, US)

www.netflights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-97.fra56.r.cloudfront.net

static-ssl.responsetap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.32.80.216 (Germany)

ASN42263 (GERMANEDGECLOUD, DE)

tracking.bd4travel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 109.169.42.14 (United Kingdom)

ASN20860 (IOMART-AS, GB)
PTR: ict.infinity-tracking.net

metrics.responsetap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.208.134 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s42-in-f6.1e100.net

10328531.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9859257.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8299063.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-120.vie50.r.cloudfront.net

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.255.115.245 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-115-245.eu-west-1.compute.amazonaws.com

travelrepublic.nanorep.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.32.83.83 (Germany)

ASN42263 (GERMANEDGECLOUD, DE)

api1.bd4travel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.32.83.82 (Germany)

ASN42263 (GERMANEDGECLOUD, DE)

api-n44410.bd4travel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:dc00:7:a364:ab80:93a1 (United States)

ASN16509 (AMAZON-02, US)

svht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.231.97 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com

wrap.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.191.43.109 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

q-eu1.az.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.138.228.101 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.az.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.138.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-138-13.eu-central-1.compute.amazonaws.com

visitor-services.nanorep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.223.27.194 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k-eu1.az.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.21.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

nr1.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	netflights.com 2 redirects netflights.com — Cisco Umbrella Rank: 596271 www.netflights.com v2api.netflights.com — Cisco Umbrella Rank: 914192	1 MB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2506	67 KB
9	responsetap.com static-ssl.responsetap.com — Cisco Umbrella Rank: 44024 metrics.responsetap.com — Cisco Umbrella Rank: 43946	26 KB
8	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 10328531.fls.doubleclick.net 9859257.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 77 8299063.fls.doubleclick.net	5 KB
6	contentsquare.net t.contentsquare.net — Cisco Umbrella Rank: 3307 q-eu1.az.contentsquare.net — Cisco Umbrella Rank: 39472 c.az.contentsquare.net — Cisco Umbrella Rank: 8366 k-eu1.az.contentsquare.net — Cisco Umbrella Rank: 34120	92 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	1 KB
5	nanorep.co 1 redirects travelrepublic.nanorep.co	149 KB
4	bd4travel.com tracking.bd4travel.com — Cisco Umbrella Rank: 132051 api1.bd4travel.com — Cisco Umbrella Rank: 520350 api-n44410.bd4travel.com	16 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 368	12 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	259 B
2	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3412	562 B
2	tradedoubler.com svht.tradedoubler.com — Cisco Umbrella Rank: 63237 wrap.tradedoubler.com — Cisco Umbrella Rank: 96541	9 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	136 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4583	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	209 KB
1	amazonaws.com nr1.s3.amazonaws.com — Cisco Umbrella Rank: 78160	120 KB
1	nanorep.com visitor-services.nanorep.com — Cisco Umbrella Rank: 46760	373 B
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 785	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
85	20

	Domain	Requested by
11	v2api.netflights.com	www.netflights.com
10	www.netflights.com	www.netflights.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.netflights.com
7	metrics.responsetap.com	static-ssl.responsetap.com t.contentsquare.net
5	travelrepublic.nanorep.co	1 redirects www.netflights.com t.contentsquare.net
3	adservice.google.com	10328531.fls.doubleclick.net 9859257.fls.doubleclick.net 8299063.fls.doubleclick.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.netflights.com
2	8299063.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.facebook.com	www.netflights.com
2	c.az.contentsquare.net	www.netflights.com
2	q-eu1.az.contentsquare.net	t.contentsquare.net
2	www.google.co.uk	www.netflights.com
2	www.google.com	www.netflights.com
2	region1.google-analytics.com	www.googletagmanager.com
2	api1.bd4travel.com	tracking.bd4travel.com
2	connect.facebook.net	www.netflights.com connect.facebook.net
2	9859257.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	10328531.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	static-ssl.responsetap.com	www.netflights.com static-ssl.responsetap.com
2	fonts.gstatic.com	fonts.googleapis.com
2	dev.visualwebsiteoptimizer.com	www.netflights.com
2	www.googletagmanager.com	www.netflights.com www.googletagmanager.com
2	netflights.com	2 redirects
1	nr1.s3.amazonaws.com	www.netflights.com
1	k-eu1.az.contentsquare.net	t.contentsquare.net
1	visitor-services.nanorep.com	t.contentsquare.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	wrap.tradedoubler.com	www.googletagmanager.com
1	svht.tradedoubler.com	www.netflights.com
1	unpkg.com	www.googletagmanager.com
1	api-n44410.bd4travel.com	tracking.bd4travel.com
1	t.contentsquare.net	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	tracking.bd4travel.com	www.netflights.com
1	fonts.googleapis.com	www.netflights.com
85	35

This site contains links to these domains. Also see Links.

Domain
uk.trustpilot.com
dnatatravelcareers.com
www.dnata.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.pinterest.com
api.whatsapp.com

Subject Issuer	Validity	Valid
www.netflights.com GeoTrust EV RSA CA 2018	`2022-07-18` - `2023-08-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
netflights.com Cloudflare Inc ECC CA-3	`2022-04-03` - `2023-04-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
script.infinity-tracking.com Amazon	`2022-12-12` - `2024-01-11`	a year	crt.sh
*.bd4travel.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-02` - `2023-11-28`	a year	crt.sh
metrics.responsetap.com R3	`2023-01-30` - `2023-04-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
t.contentsquare.net Amazon	`2022-10-13` - `2023-11-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-28` - `2023-02-26`	3 months	crt.sh
*.nanorep.co DigiCert TLS RSA SHA256 2020 CA1	`2022-04-26` - `2023-04-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-01` - `2023-06-01`	a year	crt.sh
*.tradedoubler.com Amazon	`2022-12-13` - `2024-01-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
q.aa.contentsquare.net R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
kep-web.aa.contentsquare.net R3	`2023-02-10` - `2023-05-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.nanorep.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-26` - `2023-04-26`	a year	crt.sh
kep-malka.aa.contentsquare.net R3	`2023-02-07` - `2023-05-08`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.netflights.com/
Frame ID: 477DD6A6FEF1C3628F9876FD7A9F6960
Requests: 73 HTTP requests in this frame

Frame: https://www.netflights.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676793600
Frame ID: 2BC7F84690B7E19134CBA8B9C009AE31
Requests: 3 HTTP requests in this frame

Frame: https://10328531.fls.doubleclick.net/activityi;dc_pre=CMnqmY_Dof0CFZMKewodTJoJcQ;src=10328531;type=retarget;cat=homep0;ord=1623805912812;gtm=45He32f0;auiddc=725795979.1676807609;u10=https%3A%2F%2Fwww.netflights.com%2F;~oref=https%3A%2F%2Fwww.netflights.com%2F
Frame ID: 261A3C6626196A75118E05D674E3116E
Requests: 2 HTTP requests in this frame

Frame: https://9859257.fls.doubleclick.net/activityi;dc_pre=CM7TmY_Dof0CFcEdGAodPzcCdQ;src=9859257;type=0;cat=darts0;ord=2932909929846;gtm=45He32f0;auiddc=725795979.1676807609;~oref=https%3A%2F%2Fwww.netflights.com%2F
Frame ID: 64101CB265CE3E4E7B9B2417D08DB501
Requests: 2 HTTP requests in this frame

Frame: https://q-eu1.az.contentsquare.net/quota?ct=0
Frame ID: EECFE10128C6004A59B671BE10A47F36
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E2663037753941F382639DDDE321E6BA
Requests: 1 HTTP requests in this frame

Frame: https://8299063.fls.doubleclick.net/activityi;dc_pre=CP25-o_Dof0CFXIMewodp-QI6A;src=8299063;type=allpa0;cat=allpa0;ord=432527721800;gtm=45He32f0;auiddc=725795979.1676807609;u1=https%3A%2F%2Fwww.netflights.com%2F;u11=desktop;~oref=https%3A%2F%2Fwww.netflights.com%2F
Frame ID: EA94170E874D7271C971EC32E049ADFD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cheap flights 2023/2024 compare & book a flight ticket & flight deals Artboardreassuranceuk-based

Page URL History Show full URLs

http://netflights.com/ HTTP 301
https://netflights.com/ HTTP 301
https://www.netflights.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

85
Requests

98 %
HTTPS

45 %
IPv6

20
Domains

35
Subdomains

33
IPs

6
Countries

2042 kB
Transfer

5235 kB
Size

27
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://uk.trustpilot.com/review/www.netflights.com
Title: .st2{fill:#56b287}.st3{fill:#145433} We are rated Excellent on Trustpilot! Read our reviews here

Search URL Search Domain Scan URL

URL: https://dnatatravelcareers.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.dnata.com/doc/dnatataxstrategy.pdf
Title: Tax Strategy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/netflights
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/netflights
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/netflights/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Netflights
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/netflights/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=447767647948&text=&source=&data=
Title: WhatsApp

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://netflights.com/ HTTP 301
https://netflights.com/ HTTP 301
https://www.netflights.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://10328531.fls.doubleclick.net/activityi;src=10328531;type=retarget;cat=homep0;ord=1623805912812;gtm=45He32f0;auiddc=725795979.1676807609;u10=https%3A%2F%2Fwww.netflights.com%2F;~oref=https%3A%2F%2Fwww.netflights.com%2F HTTP 302
https://10328531.fls.doubleclick.net/activityi;dc_pre=CMnqmY_Dof0CFZMKewodTJoJcQ;src=10328531;type=retarget;cat=homep0;ord=1623805912812;gtm=45He32f0;auiddc=725795979.1676807609;u10=https%3A%2F%2Fwww.netflights.com%2F;~oref=https%3A%2F%2Fwww.netflights.com%2F

Request Chain 34

https://9859257.fls.doubleclick.net/activityi;src=9859257;type=0;cat=darts0;ord=2932909929846;gtm=45He32f0;auiddc=725795979.1676807609;~oref=https%3A%2F%2Fwww.netflights.com%2F HTTP 302
https://9859257.fls.doubleclick.net/activityi;dc_pre=CM7TmY_Dof0CFcEdGAodPzcCdQ;src=9859257;type=0;cat=darts0;ord=2932909929846;gtm=45He32f0;auiddc=725795979.1676807609;~oref=https%3A%2F%2Fwww.netflights.com%2F

Request Chain 67

https://travelrepublic.nanorep.co/api/widget/v1/cnf?format=json&widgetType=float&kb=1090435532&configId=1090510282&referer=https%3A%2F%2Fwww.netflights.com%2F HTTP 301
https://travelrepublic.nanorep.co/api/widget/v1/cnf?format=json&widgetType=float&kb=1090435532&configId=1090510282&referer=https%3A%2F%2Fwww.netflights.com%2F&cookieAdded=1

Request Chain 81

https://8299063.fls.doubleclick.net/activityi;src=8299063;type=allpa0;cat=allpa0;ord=432527721800;gtm=45He32f0;auiddc=725795979.1676807609;u1=https%3A%2F%2Fwww.netflights.com%2F;u11=desktop;~oref=https%3A%2F%2Fwww.netflights.com%2F HTTP 302
https://8299063.fls.doubleclick.net/activityi;dc_pre=CP25-o_Dof0CFXIMewodp-QI6A;src=8299063;type=allpa0;cat=allpa0;ord=432527721800;gtm=45He32f0;auiddc=725795979.1676807609;u1=https%3A%2F%2Fwww.netflights.com%2F;u11=desktop;~oref=https%3A%2F%2Fwww.netflights.com%2F

85 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.netflights.com/
Redirect Chain

http://netflights.com/
https://netflights.com/
https://www.netflights.com/

219 KB
56 KB

531ms
320ms

Document
text/html

104.17.68.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.68.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4290c9f284e2edda5680684bb45f03ec797147d43ffd625d603e5dd252755be7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 79becd5bcdc43601-MAN
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 19 Feb 2023 11:53:27 GMT
expires: -1
pragma: no-cache
server: cloudflare
vary: Accept-Encoding

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 79becd58e9cde593-MAN
content-type: text/html
date: Sun, 19 Feb 2023 11:53:27 GMT
location: https://www.netflights.com/
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 226ms
83ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: www.netflights.com
URL: https://www.netflights.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 Feb 2023 11:53:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 Feb 2023 11:19:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Feb 2023 11:53:28 GMT

GET
H2 200 home-css
www.netflights.com/bundles/ 180 KB
32 KB 75ms
74ms Stylesheet
text/css 104.17.68.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflights.com/bundles/home-css?v=TQn5uhtq_tnPeEY4GK0kS5jZUMHivlWZTBUBNqntIwc1
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.68.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b108fdbec4ce7563e8f12807d32e99be5932e82163977cf791bdd550438995d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Feb 2023 11:53:28 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public
cf-ray: 79becd5de9b93601-MAN
expires: Mon, 19 Feb 2024 11:53:28 GMT

GET
H2 200 qantas_lhp.jpg
v2api.netflights.com/media/18278/ 49 KB
49 KB 100ms
84ms Image
image/webp 104.17.235.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2api.netflights.com/media/18278/qantas_lhp.jpg
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.235.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5944466d7170a9787daa4e1fb6aa3381a5dd366b708dbb5b52661f660cf553a2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
cf-cache-status: HIT
age: 216009
cf-polished: qual=85, origFmt=jpeg, origSize=79448
content-disposition: inline; filename="qantas_lhp.webp"
content-length: 49924
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Feb 2023 16:09:23 GMT
server: cloudflare
etag: "8ba66fb5d73bd91:0"
vary: Accept
content-type: image/webp
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 79becd5e78f3e593-MAN
expires: Sun, 05 Mar 2023 11:53:28 GMT

GET
H2 200 large-usa-271a.jpg
v2api.netflights.com/media/19956/ 135 KB
135 KB 48ms
48ms Image
image/jpeg 104.17.235.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2api.netflights.com/media/19956/large-usa-271a.jpg
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.235.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4202c9de4a51df1a656322c1b614abab97974c872a5da51f05441208007c03df

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Feb 2023 10:24:34 GMT
server: cloudflare
age: 955650
cf-polished: degrade=85, origSize=485711, status=webp_bigger
etag: "bdc1fe89a73bd91:0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 79becd5f097ee593-MAN
content-length: 137792
expires: Sun, 05 Mar 2023 11:53:28 GMT

GET
H2 200 large-dubai-401a.jpg
v2api.netflights.com/media/21300/ 140 KB
140 KB 61ms
61ms Image
image/webp 104.17.235.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2api.netflights.com/media/21300/large-dubai-401a.jpg
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.235.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 991a4399aee9f0b73a8fc5984814dc6020b4ced7469a77df023b7dbf3dc5c286

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
cf-cache-status: HIT
age: 248029
cf-polished: qual=85, origFmt=jpeg, origSize=461253
content-disposition: inline; filename="large-dubai-401a.webp"
content-length: 142854
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Feb 2023 14:56:35 GMT
server: cloudflare
etag: "a882bdd1642d91:0"
vary: Accept
content-type: image/webp
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 79becd5f49c9e593-MAN
expires: Sun, 05 Mar 2023 11:53:28 GMT

GET
H2 200 aircanada_shp.jpg
v2api.netflights.com/media/18308/ 45 KB
45 KB 80ms
77ms Image
image/webp 104.17.235.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2api.netflights.com/media/18308/aircanada_shp.jpg
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.235.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9cc4f980b67a5d9b07485d5030260458546fc54ce0aee6b92628a0df8c58dea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
cf-cache-status: HIT
age: 392969
cf-polished: qual=85, origFmt=jpeg, origSize=65994
content-disposition: inline; filename="aircanada_shp.webp"
content-length: 46062
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Feb 2023 09:44:42 GMT
server: cloudflare
etag: "fc3b52cc8f3fd91:0"
vary: Accept
content-type: image/webp
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 79becd5f59d7e593-MAN
expires: Sun, 05 Mar 2023 11:53:28 GMT

GET
H2 200 digimag_shp.jpg
v2api.netflights.com/media/19555/ 43 KB
43 KB 59ms
56ms Image
image/webp 104.17.235.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2api.netflights.com/media/19555/digimag_shp.jpg
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.235.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d97dd1a0354ddcea3bb1019a533b1cf9684e59bb738bfcfc27465135c6db7596

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
cf-cache-status: HIT
age: 525260
cf-polished: qual=85, origFmt=jpeg, origSize=71256
content-disposition: inline; filename="digimag_shp.webp"
content-length: 44206
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Feb 2023 09:45:47 GMT
server: cloudflare
etag: "41fed3f28f3fd91:0"
vary: Accept
content-type: image/webp
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 79becd5f59d8e593-MAN
expires: Sun, 05 Mar 2023 11:53:28 GMT

GET
H2 200 atp_exclusive_shp.jpg
v2api.netflights.com/media/20536/ 63 KB
63 KB 59ms
57ms Image
image/jpeg 104.17.235.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2api.netflights.com/media/20536/atp_exclusive_shp.jpg
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.235.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fd71ad86089b496ecbfcc59153d3615b3de204a1426595ed232ecb6ee90ebc4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Feb 2023 16:33:20 GMT
server: cloudflare
age: 241337
cf-polished: degrade=85, origSize=86020, status=webp_bigger
etag: "5e4c53612442d91:0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 79becd5f59dae593-MAN
content-length: 64668
expires: Sun, 05 Mar 2023 11:53:28 GMT

GET
H2 200 small-bangkok-589a.jpg
v2api.netflights.com/media/17169/ 40 KB
41 KB 59ms
57ms Image
image/webp 104.17.235.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2api.netflights.com/media/17169/small-bangkok-589a.jpg
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.235.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5a9f1d1e73faeb3f4a3ed98b41ee286905848450284277d383bdf886c0f6b64

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
cf-cache-status: HIT
age: 218236
cf-polished: qual=85, origFmt=jpeg, origSize=178299
content-disposition: inline; filename="small-bangkok-589a.webp"
content-length: 41440
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Feb 2023 14:57:47 GMT
server: cloudflare
etag: "11e72381742d91:0"
vary: Accept
content-type: image/webp
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 79becd5f59dce593-MAN
expires: Sun, 05 Mar 2023 11:53:28 GMT

GET
H2 200 small-new-york-272a.jpg
v2api.netflights.com/media/16390/ 33 KB
34 KB 61ms
60ms Image
image/webp 104.17.235.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2api.netflights.com/media/16390/small-new-york-272a.jpg
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.235.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7595fa3fb27e6051e381eed5b20b7e4c6c5c3a65e65cce401ddb798b39c4ed8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
cf-cache-status: HIT
age: 227502
cf-polished: qual=85, origFmt=jpeg, origSize=143031
content-disposition: inline; filename="small-new-york-272a.webp"
content-length: 34292
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Feb 2023 09:49:20 GMT
server: cloudflare
etag: "9fb3cf71903fd91:0"
vary: Accept
content-type: image/webp
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 79becd5fba26e593-MAN
expires: Sun, 05 Mar 2023 11:53:28 GMT

GET
H2 200 premium-horiz.jpg
v2api.netflights.com/media/16384/ 23 KB
23 KB 61ms
61ms Image
image/webp 104.17.235.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2api.netflights.com/media/16384/premium-horiz.jpg
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.235.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d05ad4fddaa0cb53bcef29b01b98ebe9cb520c5272160555546478357cab19f3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
cf-cache-status: HIT
age: 227394
cf-polished: qual=85, origFmt=jpeg, origSize=41589
content-disposition: inline; filename="premium-horiz.webp"
content-length: 23104
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Jun 2022 13:38:46 GMT
server: cloudflare
etag: "ad5911e82a7fd81:0"
vary: Accept
content-type: image/webp
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 79becd5fba2be593-MAN
expires: Sun, 05 Mar 2023 11:53:28 GMT

GET
H2 200 script Show response
www.netflights.com/bundles/ 244 KB
77 KB 74ms
72ms Script
text/javascript 104.17.68.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflights.com/bundles/script?v=vJLrsBfgYiajIl6ASIKD9jthHqmDBsy7BHVQrufrEqI1
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.68.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdedaec116c065bb114d24c998aac96047c1304d0e575f81aeb8e387319f6ba6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Feb 2023 11:53:28 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public
cf-ray: 79becd5f5c883601-MAN
expires: Mon, 19 Feb 2024 11:53:28 GMT

GET
H2 200 flightSearch Show response
www.netflights.com/bundles/react/ 1 MB
285 KB 110ms
108ms Script
text/javascript 104.17.68.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflights.com/bundles/react/flightSearch?v=SUex8o6bxXHhdyOAZXsInJQ3M5l-Qt6PgY_2Kkun1dU1
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.68.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3889569c027418845337e30b8fc437d91473877291fb8596bce329e2a3d8baf3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Feb 2023 11:53:28 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public
cf-ray: 79becd5f5c8a3601-MAN
expires: Mon, 19 Feb 2024 11:53:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 644 KB
133 KB 209ms
103ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TQ7C4F

Requested by

Host: www.netflights.com
URL: https://www.netflights.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

53a87bcabafb19ccf616a4414b238b7150cc7dfd1d4efc3d78a91b336498b075

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135427
x-xss-protection: 0
last-modified: Sun, 19 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Feb 2023 11:53:28 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
2 KB 146ms
42ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=90144&u=https%3A%2F%2Fwww.netflights.com%2F&f=1&r=0.10793200022694216
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: glon1 /
Resource Hash: 939396d7eca3ba54b9bb1f1a2055e0f43acef3990f08426e4335ed474c50281b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
content-encoding: gzip
via: 1.1 google
server: glon1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 207ms
59ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.netflights.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:13:56 GMT
x-content-type-options: nosniff
age: 254372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 13:13:56 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 rTapTrack.min.js Show response
static-ssl.responsetap.com/static/scripts/ 77 KB
21 KB 257ms
123ms Script
text/javascript 52.222.214.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-ssl.responsetap.com/static/scripts/rTapTrack.min.js
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05b8481852a6a5d480f18249769648681a4eb4c6d50383dc862a537b994de6f0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 01:59:45 GMT
content-encoding: br
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
x-amz-request-id: SG96J2Y8GGKRSVZ8
x-amz-cf-pop: FRA56-P3
x-amz-server-side-encryption: AES256
age: 35624
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tGG3YaCBTd11Y1P0uO3mymiOJnJ1+H0wHW4livW3DHNce7WbV9hG8Vvn74UUEVLuBWJF1c9jNTs=
last-modified: Fri, 10 Feb 2023 11:24:13 GMT
server: AmazonS3
etag: W/"f85d496e4c65a02130262133bc9cd9da"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache,max-age=0
x-amz-cf-id: SC75LMd3Xbf4vIA3bo8xZQS7wFS_ihtncAyp4CozfO5o9KUWnJEmdg==

GET
H/1.1 200
OK bd4t.js Show response
tracking.bd4travel.com/module/n44410/ 47 KB
16 KB 237ms
102ms Script
application/javascript 185.32.80.216
GERMANEDGECLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.bd4travel.com/module/n44410/bd4t.js
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.32.80.216 , Germany, ASN42263 (GERMANEDGECLOUD, DE),
Reverse DNS
Software: nginx /
Resource Hash: 36d4143953402e3489d0cdef9974146e04e1ada20d9c48b3465a2a89dd70fc28

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 11:53:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Feb 2023 14:37:06 GMT
Server: nginx
ETag: "63ecee12-3bf8"
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Cache-Control: max-age=3600, public
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 15352
Expires: Sun, 19 Feb 2023 12:53:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 185ms
74ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.netflights.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 12:23:05 GMT
x-content-type-options: nosniff
age: 257423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 12:23:05 GMT

GET
H2 200 invisible.js Show response
www.netflights.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 2BC7 36 KB
16 KB 44ms
44ms Script
application/javascript 104.17.68.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflights.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676793600
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.68.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ab908a20fbb139aa255134b2851a6ec578143b8fe93af4b1f78d21a417a61d3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 79becd5fcd553601-MAN

GET
H2 200 sydney.jpg
v2api.netflights.com/media/22688/ 82 KB
83 KB 40ms
39ms Image
image/jpeg 104.17.235.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2api.netflights.com/media/22688/sydney.jpg?anchor=center&mode=crop&width=1920&height=660&rnd=133210974359130000&quality=60
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.235.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 722492d7e15da3cf571077bf580526f92f1329ed9da2c2fa088f6956df2b2d33

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
cf-cache-status: HIT
age: 183413
cf-polished: origSize=92463, status=webp_bigger
content-length: 84202
cf-bgj: imgq:85,h2pri
last-modified: Fri, 17 Feb 2023 08:52:38 GMT
server: cloudflare
imageprocessedby: ImageProcessor/2.6.0.0 - ImageProcessor.Web/4.9.0.0
etag: "f7e3c30ad42d91:0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 79becd603ac6e593-MAN
expires: Mon, 27 Feb 2023 11:53:28 GMT

GET
H2 200 moredeals.png
v2api.netflights.com/media/22682/ 34 KB
34 KB 48ms
47ms Image
image/webp 104.17.235.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2api.netflights.com/media/22682/moredeals.png?rnd=133210302509030000&width=1328&quality=60
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.235.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8775641fdf28c7c5d379fbe23b18cfb6da62c9d52a2b0629193b08fbb5288bcc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
cf-cache-status: HIT
age: 194229
cf-polished: origFmt=png, origSize=49574
content-disposition: inline; filename="moredeals.webp"
content-length: 34676
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Feb 2023 14:11:29 GMT
server: cloudflare
imageprocessedby: ImageProcessor/2.6.0.0 - ImageProcessor.Web/4.9.0.0
etag: "eeb79b901042d91:0"
vary: Accept
content-type: image/webp
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 79becd603ac9e593-MAN
expires: Mon, 27 Feb 2023 11:53:28 GMT

POST
H2 200 content Show response
www.netflights.com/PlatformApi/cookiepolicy/ 493 B
379 B 364ms
363ms XHR
application/json 104.17.68.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflights.com/PlatformApi/cookiepolicy/content
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/bundles/script?v=vJLrsBfgYiajIl6ASIKD9jthHqmDBsy7BHVQrufrEqI1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.68.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / GRNNFV2WFE01
Resource Hash: b778dd5ed20e3b96f8aea88122b42c4df9ab04ff3e54bdec46cd67111e23aa6a

Request headers

X-CONTEXT-ID: b5befbe9-616e-4420-9bc5-03e77eb94d8d
accept-language: en-GB,en;q=0.9
X-CULTURE-CODE: en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
X-PRODUCT-CODE: NW2
Accept: */*
Referer: https://www.netflights.com/
X-WEBSITE-CODE: GBR
X-Requested-With: XMLHttpRequest
X-SESSION-ID: 5ad7e949-3003-40f2-91a3-41092d4adadc

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-context-id: b5befbe9-616e-4420-9bc5-03e77eb94d8d
x-powered-by: GRNNFV2WFE01
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.netflights.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 79becd605e6d3601-MAN
expires: -1

GET
H2 200 content Show response
www.netflights.com/PlatformAPI/search/flights/ 4 KB
2 KB 66ms
65ms XHR
application/json 104.17.68.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflights.com/PlatformAPI/search/flights/content
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/bundles/react/flightSearch?v=SUex8o6bxXHhdyOAZXsInJQ3M5l-Qt6PgY_2Kkun1dU1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.68.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / GRNNFV2WFE01
Resource Hash: b04cb19db615fc748e50a29b9e072de4422d2624bc3b7b41087a8cdfce7ac61a

Request headers

X-ON-THE-GRASS
X-CONTEXT-ID: b5befbe9-616e-4420-9bc5-03e77eb94d8d
accept-language: en-GB,en;q=0.9
X-CULTURE-CODE: en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
X-PRODUCT-CODE: NW2
Accept: application/json, text/plain, */*
Referer: https://www.netflights.com/
X-WEBSITE-CODE: GBR
X-MARKETING-SOURCE
X-SESSION-ID: 5ad7e949-3003-40f2-91a3-41092d4adadc

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-context-id: b5befbe9-616e-4420-9bc5-03e77eb94d8d
x-powered-by: GRNNFV2WFE01
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-ray: 79becd60cf2c3601-MAN
expires: -1

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 123ms
122ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=90144&d=netflights.com&u=DAF976015CC532519B1414FF2B67C24B4&h=9bf83cdeaf6b310c3bb0a66d791e6f2b&t=false&r=0.5262644108249057

Requested by

Host: www.netflights.com
URL: https://www.netflights.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:28 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 content Show response
www.netflights.com/PlatformAPI/search/recent/ 3 KB
1 KB 60ms
60ms XHR
application/json 104.17.68.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflights.com/PlatformAPI/search/recent/content?searchType=Flight
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/bundles/react/flightSearch?v=SUex8o6bxXHhdyOAZXsInJQ3M5l-Qt6PgY_2Kkun1dU1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.68.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / GRNNFV2WFE03
Resource Hash: 47ea7a0dc30e9bf032148714b80c274f18779a6d1028740358d143e743af4cf9

Request headers

X-ON-THE-GRASS
X-CONTEXT-ID: b5befbe9-616e-4420-9bc5-03e77eb94d8d
accept-language: en-GB,en;q=0.9
X-CULTURE-CODE: en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
X-PRODUCT-CODE: NW2
Accept: application/json, text/plain, */*
Referer: https://www.netflights.com/
X-WEBSITE-CODE: GBR
X-MARKETING-SOURCE
X-SESSION-ID: 5ad7e949-3003-40f2-91a3-41092d4adadc

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-context-id: b5befbe9-616e-4420-9bc5-03e77eb94d8d
x-powered-by: GRNNFV2WFE03
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-ray: 79becd60ef593601-MAN
expires: -1

GET
H/1.1 200
OK info Show response
metrics.responsetap.com/infinity/ 2 KB
2 KB 133ms
132ms Fetch
application/json 109.169.42.14
IOMART-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.responsetap.com/infinity/info?pv=3&v=rtap-20230210&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.100+Safari%2F537.36&features=14&rtap=56473&placeholders=329172
Requested by: Host: static-ssl.responsetap.com
URL: https://static-ssl.responsetap.com/static/scripts/rTapTrack.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.169.42.14 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS: ict.infinity-tracking.net
Software: nginx /
Resource Hash: 42bd9bd094615f32364829cff59680d8919246e3bea505363b19e6c69dfea8e6

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
Date: Sun, 19 Feb 2023 11:53:29 GMT
Server: nginx
Connection: keep-alive
Content-Length: 1742
Apigw-Requestid: AlcU_giSrPEEPhw=
Content-Type: application/json

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 115 KB
45 KB 358ms
71ms Script
application/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-P6ZRTF7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ7C4F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e08b307594321587eea40a9cc17e92f57f1ea7dde2477fb94647ba5e89ac8422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45825
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 19 Feb 2023 11:53:28 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1045786480/ 2 KB
1 KB 407ms
119ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1045786480/?random=1676807608583&cv=11&fst=1676807608583&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.netflights.com%2F&tiba=Cheap%20flights%202023%2F2024%20compare%20%26%20book%20a%20flight%20ticket%20%26%20flight%20deals&auid=725795979.1676807609&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ7C4F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d18097d36077c9a7f1f24face538d7bd90b7619877e58172b61defa5b422375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 897
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 334ms
46ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ7C4F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 19 Feb 2023 11:53:28 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5D9359053E6C49F2BE68ED49D33E0AB7 Ref B: LON04EDGE1108 Ref C: 2023-02-19T11:53:28Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H2

200

activityi;dc_pre=CMnqmY_Dof0CFZMKewodTJoJcQ;src=10328531;type=retarget;cat=homep0;ord=1623805912812;gtm=45He32f0;auiddc=725795979.1676807609;u10=https%3A%2F%2Fwww.netflights.com%2F;~oref=https%3A%2... Show response
10328531.fls.doubleclick.net/ Frame 261A
Redirect Chain

https://10328531.fls.doubleclick.net/activityi;src=10328531;type=retarget;cat=homep0;ord=1623805912812;gtm=45He32f0;auiddc=725795979.1676807609;u10=https%3A%2F%2Fwww.netflights.com%2F;~oref=https%3...
https://10328531.fls.doubleclick.net/activityi;dc_pre=CMnqmY_Dof0CFZMKewodTJoJcQ;src=10328531;type=retarget;cat=homep0;ord=1623805912812;gtm=45He32f0;auiddc=725795979.1676807609;u10=https%3A%2F%2Fw...

439 B
567 B

103ms
99ms

Document
text/html

142.251.208.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10328531.fls.doubleclick.net/activityi;dc_pre=CMnqmY_Dof0CFZMKewodTJoJcQ;src=10328531;type=retarget;cat=homep0;ord=1623805912812;gtm=45He32f0;auiddc=725795979.1676807609;u10=https%3A%2F%2Fwww.netflights.com%2F;~oref=https%3A%2F%2Fwww.netflights.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ7C4F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f6.1e100.net

Software

cafe /

Resource Hash

59cc12edc8f66b6706c697b9266c7c788ecf166a0ce3c44896656daaa9fee042

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.netflights.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 231
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 11:53:29 GMT
expires: Sun, 19 Feb 2023 11:53:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 11:53:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10328531.fls.doubleclick.net/activityi;dc_pre=CMnqmY_Dof0CFZMKewodTJoJcQ;src=10328531;type=retarget;cat=homep0;ord=1623805912812;gtm=45He32f0;auiddc=725795979.1676807609;u10=https%3A%2F%2Fwww.netflights.com%2F;~oref=https%3A%2F%2Fwww.netflights.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 295ms
34ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ7C4F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Feb 2023 11:28:42 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1486
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 19 Feb 2023 13:28:42 GMT

GET
H2 200 e112fa0d8903d.js Show response
t.contentsquare.net/uxa/ 347 KB
91 KB 342ms
82ms Script
application/javascript 13.32.110.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/e112fa0d8903d.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ7C4F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-120.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5028b17ac332e3325ca2ae0277726eb094f9f92fa0d862fde816499b4591e05c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 10:29:54 GMT
content-encoding: gzip
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 92682
last-modified: Thu, 16 Feb 2023 10:29:17 GMT
server: AmazonS3
etag: "2e43908de63b9ffdb57d634889194474"
vary: Accept-Encoding, Origin
content-type: application/javascript;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: SyPRbmuernU59WMReS7y1-cIzTwuQ5-cC4h-ky3V08OiUnh5Zs9u8Q==

GET
H2

200

activityi;dc_pre=CM7TmY_Dof0CFcEdGAodPzcCdQ;src=9859257;type=0;cat=darts0;ord=2932909929846;gtm=45He32f0;auiddc=725795979.1676807609;~oref=https%3A%2F%2Fwww.netflights.com%2F Show response
9859257.fls.doubleclick.net/ Frame 6410
Redirect Chain

https://9859257.fls.doubleclick.net/activityi;src=9859257;type=0;cat=darts0;ord=2932909929846;gtm=45He32f0;auiddc=725795979.1676807609;~oref=https%3A%2F%2Fwww.netflights.com%2F?
https://9859257.fls.doubleclick.net/activityi;dc_pre=CM7TmY_Dof0CFcEdGAodPzcCdQ;src=9859257;type=0;cat=darts0;ord=2932909929846;gtm=45He32f0;auiddc=725795979.1676807609;~oref=https%3A%2F%2Fwww.netf...

391 B
558 B

133ms
128ms

Document
text/html

142.251.208.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9859257.fls.doubleclick.net/activityi;dc_pre=CM7TmY_Dof0CFcEdGAodPzcCdQ;src=9859257;type=0;cat=darts0;ord=2932909929846;gtm=45He32f0;auiddc=725795979.1676807609;~oref=https%3A%2F%2Fwww.netflights.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ7C4F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f6.1e100.net

Software

cafe /

Resource Hash

7abe36eebfb35383a3986174f661ab09f2e3a1dd995ac334d08f0b6eab35a489

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.netflights.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 11:53:29 GMT
expires: Sun, 19 Feb 2023 11:53:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 11:53:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9859257.fls.doubleclick.net/activityi;dc_pre=CM7TmY_Dof0CFcEdGAodPzcCdQ;src=9859257;type=0;cat=darts0;ord=2932909929846;gtm=45He32f0;auiddc=725795979.1676807609;~oref=https%3A%2F%2Fwww.netflights.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 296ms
46ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.netflights.com
URL: https://www.netflights.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 19 Feb 2023 11:53:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: i92ZWh0tPmssZdTD886prZae27q/WeAJeCBLvcTYpObivRpUz8vSYZ+oVzU0tSPdrOuwv07d+g0XRtOj8dK2nA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 floating-widget.js Show response
travelrepublic.nanorep.co/web/ 597 KB
141 KB 427ms
169ms Script
text/javascript 34.255.115.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://travelrepublic.nanorep.co/web/floating-widget.js?account=travelrepublic

Requested by

Host: www.netflights.com
URL: https://www.netflights.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.255.115.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-115-245.eu-west-1.compute.amazonaws.com

Software

nanoRepServer /

Resource Hash

4e1bff7bccd636c91c5b879650b192b8439abd43dfb568fecb17e5a4b621073d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:12 GMT
content-encoding: deflate
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
server: nanoRepServer
etag: "8DACC31112D6D00"
vary: Origin
content-type: text/javascript;charset=utf-8
cache-control: no-cache, no-store
access-control-allow-credentials: *
content-length: 143839
x-xss-protection: 1; mode=block
expires: Wed, 18 Jan 2023 20:58:37 GMT

POST
H/1.1 200
OK 3_8aknlPEJms.1676807608497 Show response
api1.bd4travel.com/ab/v2/n44410/ 90 B
412 B 53ms
53ms XHR
application/json 185.32.83.83
GERMANEDGECLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://api1.bd4travel.com/ab/v2/n44410/3_8aknlPEJms.1676807608497
Requested by: Host: tracking.bd4travel.com
URL: https://tracking.bd4travel.com/module/n44410/bd4t.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.32.83.83 , Germany, ASN42263 (GERMANEDGECLOUD, DE),
Reverse DNS
Software: /
Resource Hash: 11c27d96bc59456464b63e8dc2fd12b5ada363ca83b1cd885a5beabf768c0ab4

Request headers

Accept: application/json
Referer: https://www.netflights.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 19 Feb 2023 11:53:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.netflights.com
X-Server-Id: experiments-server-prod-5c87c79857-2gddx
Access-Control-Allow-Credentials: true
Content-Length: 91

POST
H/1.1 200
OK collect Show response
api-n44410.bd4travel.com/ 0
250 B 374ms
70ms XHR
text/plain 185.32.83.82
GERMANEDGECLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://api-n44410.bd4travel.com/collect?n44410
Requested by: Host: tracking.bd4travel.com
URL: https://tracking.bd4travel.com/module/n44410/bd4t.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.32.83.82 , Germany, ASN42263 (GERMANEDGECLOUD, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.netflights.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 19 Feb 2023 11:53:28 GMT
Keep-Alive: timeout=5
Access-Control-Allow-Headers: Content-Type
Content-Length: 0
Access-Control-Allow-Methods: POST
Content-Type: text/plain;charset=utf-8

GET
H2 200 web-vitals.es5.umd.min.js Show response
unpkg.com/web-vitals@0.2.4/dist/ 3 KB
2 KB 286ms
42ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@0.2.4/dist/web-vitals.es5.umd.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ7C4F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7759e54f5a6c7c7fb2bbfe960a8987e05a205022750a3da5829f777509c6966d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14793411
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GBVW837CNEDFX5YFH14Q0CQ3-lhr
server: cloudflare
etag: W/"dc4-zHMtd6MY6uJBl7Yg/m0ZngsgUrM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79becd638a98dd54-LHR

GET
H2 200 tr_sdk.js Show response
svht.tradedoubler.com/ 8 KB
8 KB 309ms
58ms Script
application/javascript 2600:9000:214f:dc00:7:a364:ab80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://svht.tradedoubler.com/tr_sdk.js
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:dc00:7:a364:ab80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9453899835a6c346a26a69c7c199c0f3ea483cda2e4adde39acfb4510d6b64b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 10:37:04 GMT
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 10:31:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 4585
x-amz-server-side-encryption: AES256
etag: "a7594ecee57567c4581902ff3b2d315e"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 8225
x-amz-cf-id: zGT3WRS1YTF_g3j3fz3RwApNhe2jFjpgnsjRWv__leb7UXNby4phCw==

GET
H2 200 wrap Show response
wrap.tradedoubler.com/ 1 B
281 B 300ms
48ms Script
application/javascript 35.186.231.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://wrap.tradedoubler.com/wrap?id=26412
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ7C4F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 97.231.186.35.bc.googleusercontent.com
Software: TXServerHttp /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:28 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin: *
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 61ms
60ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-27HG5NY586&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ7C4F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f45071460c35d35c8d5c5540d08c54fb6559cdac2a7a0ca982eabc9cc835d058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78018
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 19 Feb 2023 11:53:28 GMT

OPTIONS
H/1.1 204
No Content info
metrics.responsetap.com/infinity/ Frame 0
0 673ms
304ms Preflight 109.169.42.14
IOMART-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.responsetap.com/infinity/info?pv=3&v=rtap-20230210&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.100+Safari%2F537.36&features=14&rtap=56473&placeholders=329172
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.169.42.14 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS: ict.infinity-tracking.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.netflights.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sun, 19 Feb 2023 11:53:29 GMT
Server: nginx
access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS,PUT
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: AlcU_gFqrPEEPRQ=

OPTIONS
H/1.1 200
OK 3_8aknlPEJms.1676807608497
api1.bd4travel.com/ab/v2/n44410/ Frame 0
0 603ms
304ms Preflight 185.32.83.83
GERMANEDGECLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://api1.bd4travel.com/ab/v2/n44410/3_8aknlPEJms.1676807608497
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.32.83.83 , Germany, ASN42263 (GERMANEDGECLOUD, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.netflights.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.netflights.com
Content-Length: 0
Date: Sun, 19 Feb 2023 11:53:28 GMT
Vary: Accept-Encoding Origin
X-Server-Id: experiments-server-prod-5c87c79857-2gddx

GET
H2 200 pica.js
www.netflights.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 2BC7 22 KB
9 KB 47ms
46ms Other
application/javascript 104.17.68.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflights.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.68.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f977c59282926bfe6d0388caf507d9ddd677e059fb66d75b5270b6b2f42380

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:53:28 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 79becd63ad163601-MAN

GET
DATA 200
OK truncated
/ 316 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b28f70fc1fa0b7d0e2350ad98bbb642b47a65550b05449da821198189c66c9f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 378 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ceb5fd0131ad56cbda5369320567f34119b91f9097e6400f676179c57a2ceac

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 75ms
73ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 19 Feb 2023 12:16:20 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 142ms
40ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-27HG5NY586&gtm=45je32f0&_p=1036504554&cid=673414383.1676807609&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.netflights.com%2F&sid=1676807608&sct=1&seg=0&dt=Cheap%20flights%202023%2F2024%20compare%20%26%20book%20a%20flight%20ticket%20%26%20flight%20deals&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_name=Home&ep.orientation=Landscape&ep.page_type=Home&ep.lead_details_impression=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-27HG5NY586&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.netflights.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 19000918.js Show response
bat.bing.com/p/action/ 0
137 B 121ms
120ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/19000918.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 19 Feb 2023 11:53:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7FB9F05AEB9540C79836E6335345A76F Ref B: LON04EDGE1108 Ref C: 2023-02-19T11:53:29Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 47ms
47ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=19000918&tm=gtm002&Ver=2&mid=238ca6e9-ec91-469a-9eac-650279e16305&sid=06693f70b04c11edb67a33751fad75ca&vid=06693d20b04c11ed911ec5e82267c3f1&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Cheap%20flights%202023%2F2024%20compare%20%26%20book%20a%20flight%20ticket%20%26%20flight%20deals&kw=Netflights,%20cheap%20flights,%20cheap%20flights%202023,%20cheap%20flights%202024,%20compare%20flight%20tickets,%20flight%20tickets,%20flight%20deals&p=https%3A%2F%2Fwww.netflights.com%2F&r=&lt=1455&evt=pageLoad&sv=1&rn=722148

Requested by

Host: www.netflights.com
URL: https://www.netflights.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 19 Feb 2023 11:53:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F9BB897806E44DC198EE36B41FFB3A49 Ref B: LON04EDGE1108 Ref C: 2023-02-19T11:53:29Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
354 B 144ms
52ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-845674-13&cid=673414383.1676807609&jid=1986447710&gjid=1310328952&_gid=180616288.1676807609&_u=aCDAgEAjQAAAAEAEK~&z=1557632457

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.netflights.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 19 Feb 2023 11:53:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.netflights.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
192 B 34ms
34ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1036504554&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.netflights.com%2F&ul=en-us&de=UTF-8&dt=Cheap%20flights%202023%2F2024%20compare%20%26%20book%20a%20flight%20ticket%20%26%20flight%20deals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Referral&ea=track_event&_u=aCDAgEAjQAAAAAAEK~&jid=1986447710&gjid=1310328952&cid=673414383.1676807609&tid=UA-845674-13&_gid=180616288.1676807609&gtm=45He32f0n71TQ7C4F&cd2=%20-%20&cd152=null&cd163=&cd129=673414383.1676807609&z=1850456864&cd130=490

Requested by

Host: www.netflights.com
URL: https://www.netflights.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:18:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66929
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 34ms
34ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1036504554&t=pageview&_s=1&dl=https%3A%2F%2Fwww.netflights.com%2F&ul=en-us&de=UTF-8&dt=Cheap%20flights%202023%2F2024%20compare%20%26%20book%20a%20flight%20ticket%20%26%20flight%20deals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiUAjRAAAAEAEK~&jid=&gjid=&cid=673414383.1676807609&tid=UA-845674-13&_gid=180616288.1676807609&gtm=45He32f0n71TQ7C4F&cd2=%20-%20&cd152=null&cd129=673414383.1676807609&cg1=Home&cd78=Home&cd85=Landscape&cd109=Home&cd147=&cm16=1&z=690063640&cd130=492

Requested by

Host: www.netflights.com
URL: https://www.netflights.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:18:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66929
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1045786480/ 42 B
455 B 172ms
60ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1045786480/?random=1676807608583&cv=11&fst=1676804400000&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.netflights.com%2F&tiba=Cheap%20flights%202023%2F2024%20compare%20%26%20book%20a%20flight%20ticket%20%26%20flight%20deals&fmt=3&is_vtc=1&random=1378236941&rmt_tld=0&ipr=y

Requested by

Host: www.netflights.com
URL: https://www.netflights.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/1045786480/ 42 B
455 B 168ms
58ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/1045786480/?random=1676807608583&cv=11&fst=1676804400000&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.netflights.com%2F&tiba=Cheap%20flights%202023%2F2024%20compare%20%26%20book%20a%20flight%20ticket%20%26%20flight%20deals&fmt=3&is_vtc=1&random=1378236941&rmt_tld=1&ipr=y

Requested by

Host: www.netflights.com
URL: https://www.netflights.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 quota
q-eu1.az.contentsquare.net/ Frame 0
0 193ms
44ms Preflight 20.191.43.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q-eu1.az.contentsquare.net/quota?ct=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.191.43.109 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.netflights.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
date: Sun, 19 Feb 2023 11:53:29 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
timing-allow-origin: *

POST
H2 200 quota Show response
q-eu1.az.contentsquare.net/ Frame EECF 29 B
234 B 44ms
43ms Fetch
application/json 20.191.43.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q-eu1.az.contentsquare.net/quota?ct=0
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/e112fa0d8903d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.191.43.109 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 70c705d49e04d07b8353972235ca2f2f7f48c1ddbb671829a282558b991a8fa1

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 19 Feb 2023 11:53:29 GMT
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression
content-length: 29
access-control-allow-methods: POST, OPTIONS
content-type: application/json

GET
H2 204 pageview
c.az.contentsquare.net/ 0
272 B 360ms
43ms Image
text/plain 51.138.228.101
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.az.contentsquare.net/pageview?pid=33328&uu=207cfd5d-bdd1-ac4d-9f14-6ea8dcbd07cd&sn=1&hd=1676807609&pn=1&dw=1624&dh=6457&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fwww.netflights.com%2F&uc=0&la=en-US&cvars=%7B%223%22%3A%5B%22PageType%22%2C%22Cheap%20flights%202023%2F2024%20compare%20%26amp%3B%20book%20a%20flight%20ticket%20%26amp%3B%20flight%20deals%22%5D%7D&cvarp=%7B%223%22%3A%5B%22PageType%22%2C%22Cheap%20flights%202023%2F2024%20compare%20%26amp%3B%20book%20a%20flight%20ticket%20%26amp%3B%20flight%20deals%22%5D%7D&v=12.5.1&pvt=n&dt=479&ex=&r=905141
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.138.228.101 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:29 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
BLOB 200
OK 244d8464-2e7c-40c9-8124-cb5cdb49455c
https://www.netflights.com/ 698 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.netflights.com/244d8464-2e7c-40c9-8124-cb5cdb49455c
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2cd015488824cc8993f2c08c6b541b7d077de8ac7d46f4b26562bd2749a28c2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Length: 698
Content-Type: application/javascript

POST
H2 200 79becd5bcdc43601 Show response
www.netflights.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 2BC7 2 B
415 B 78ms
77ms XHR
text/plain 104.17.68.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflights.com/cdn-cgi/challenge-platform/h/g/cv/result/79becd5bcdc43601
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676793600
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.68.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 19 Feb 2023 11:53:29 GMT
content-encoding: br
server: cloudflare
cf-ray: 79becd66dc0e3601-MAN
content-type: text/plain; charset=UTF-8

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 75ms
74ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-845674-13&cid=673414383.1676807609&jid=1986447710&_u=aCDAgEAjQAAAAEAEK~&z=1838902526

Requested by

Host: www.netflights.com
URL: https://www.netflights.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
107 B 73ms
73ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-845674-13&cid=673414383.1676807609&jid=1986447710&_u=aCDAgEAjQAAAAEAEK~&z=1838902526

Requested by

Host: www.netflights.com
URL: https://www.netflights.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CMnqmY_Dof0CFZMKewodTJoJcQ;src=10328531;type=retarget;cat=homep0;ord=1623805912812;gtm=45He32f0;auiddc=*;u10=https%3A%2F%2Fwww.netflights.com%2F;~oref=https%3A%2F%2Fwww.netflights.com%2F
adservice.google.com/ddm/fls/z/ Frame 261A 42 B
107 B 192ms
84ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMnqmY_Dof0CFZMKewodTJoJcQ;src=10328531;type=retarget;cat=homep0;ord=1623805912812;gtm=45He32f0;auiddc=*;u10=https%3A%2F%2Fwww.netflights.com%2F;~oref=https%3A%2F%2Fwww.netflights.com%2F

Requested by

Host: 10328531.fls.doubleclick.net
URL: https://10328531.fls.doubleclick.net/activityi;dc_pre=CMnqmY_Dof0CFZMKewodTJoJcQ;src=10328531;type=retarget;cat=homep0;ord=1623805912812;gtm=45He32f0;auiddc=725795979.1676807609;u10=https%3A%2F%2Fwww.netflights.com%2F;~oref=https%3A%2F%2Fwww.netflights.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://10328531.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CM7TmY_Dof0CFcEdGAodPzcCdQ;src=9859257;type=0;cat=darts0;ord=2932909929846;gtm=45He32f0;auiddc=*;~oref=https%3A%2F%2Fwww.netflights.com%2F
adservice.google.com/ddm/fls/z/ Frame 6410 42 B
401 B 179ms
83ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM7TmY_Dof0CFcEdGAodPzcCdQ;src=9859257;type=0;cat=darts0;ord=2932909929846;gtm=45He32f0;auiddc=*;~oref=https%3A%2F%2Fwww.netflights.com%2F

Requested by

Host: 9859257.fls.doubleclick.net
URL: https://9859257.fls.doubleclick.net/activityi;dc_pre=CM7TmY_Dof0CFcEdGAodPzcCdQ;src=9859257;type=0;cat=darts0;ord=2932909929846;gtm=45He32f0;auiddc=725795979.1676807609;~oref=https%3A%2F%2Fwww.netflights.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9859257.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1709314699303159 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 182ms
182ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1709314699303159?v=2.9.96&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

727c47fedba5a71fa52f8ddd4f48b5c78f755680a91bb412f851a6dd7af55aa6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 19 Feb 2023 11:53:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ilAKnV0MKlhU3dgdQLY3td0A0u3N7WpNvEZTkEhG2kH8A9CXSfuyrrGsnjLEdRLgwH/fu+Kwt/WQGLiOeeT3uw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

cnf Show response
travelrepublic.nanorep.co/api/widget/v1/
Redirect Chain

https://travelrepublic.nanorep.co/api/widget/v1/cnf?format=json&widgetType=float&kb=1090435532&configId=1090510282&referer=https%3A%2F%2Fwww.netflights.com%2F
https://travelrepublic.nanorep.co/api/widget/v1/cnf?format=json&widgetType=float&kb=1090435532&configId=1090510282&referer=https%3A%2F%2Fwww.netflights.com%2F&cookieAdded=1

12 KB
5 KB

55ms
55ms

XHR
application/json

34.255.115.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://travelrepublic.nanorep.co/api/widget/v1/cnf?format=json&widgetType=float&kb=1090435532&configId=1090510282&referer=https%3A%2F%2Fwww.netflights.com%2F&cookieAdded=1

Requested by

Host: www.netflights.com
URL: https://www.netflights.com/

Protocol

Server

34.255.115.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-115-245.eu-west-1.compute.amazonaws.com

Software

nanoRepServer /

Resource Hash

faa9076574ac4cd3952eb54ccabac2f28d7890b7a7d39f456a785f669a4cc451

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:12 GMT
content-encoding: deflate
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
server: nanoRepServer
etag: "8DB11F2F5F292101090510282_Float_entitySecretRequired_true-657637016723309349"
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.netflights.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 4639
x-xss-protection: 1; mode=block
expires: Wed, 18 Jan 2023 20:58:37 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:12 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff
server: nanoRepServer
vary: Origin
access-control-allow-origin: https://www.netflights.com
location: https://travelrepublic.nanorep.co/api/widget/v1/cnf?format=json&widgetType=float&kb=1090435532&configId=1090510282&referer=https%3A%2F%2Fwww.netflights.com%2F&cookieAdded=1
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 18 Jan 2023 20:58:37 GMT

GET
H2 200 visitorTokenConfig Show response
travelrepublic.nanorep.co/api/ 94 B
516 B 52ms
51ms XHR
application/json 34.255.115.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://travelrepublic.nanorep.co/api/visitorTokenConfig?

Requested by

Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/e112fa0d8903d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.255.115.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-115-245.eu-west-1.compute.amazonaws.com

Software

nanoRepServer /

Resource Hash

086891f96cf54a0938281ebdc52edbfa58291be32b592dd792d7dbd2e4cf8e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:12 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff
server: nanoRepServer
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.netflights.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 94
x-xss-protection: 1; mode=block
expires: Wed, 18 Jan 2023 20:58:37 GMT

GET
H2 200 inf_512.js Show response
static-ssl.responsetap.com/static/scripts/ 573 B
963 B 56ms
55ms Script
text/javascript 52.222.214.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-ssl.responsetap.com/static/scripts/inf_512.js?h=7cd1dd14781d9b7012bc
Requested by: Host: static-ssl.responsetap.com
URL: https://static-ssl.responsetap.com/static/scripts/rTapTrack.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e514a6d89a74752ffa9be651449284ae176bdae1be5ae94e44fb3cd74a433eff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:11:48 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Fri, 10 Feb 2023 11:24:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 2501
x-amz-server-side-encryption: AES256
etag: "7710e56d5256e8fdaeac4ec62ffb25f9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 573
x-amz-cf-id: ArSYrkJdV6nS_48ZBmuMyJA2H3S-DOpMdcXrY72lQSPlJqPZXstR2g==

GET
H2 200 visitor-token Show response
visitor-services.nanorep.com/visitor-token-service/ 38 B
373 B 282ms
49ms XHR
application/json 3.71.138.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-services.nanorep.com/visitor-token-service/visitor-token?
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/e112fa0d8903d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.71.138.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-138-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c60f98abadf1d3c1181d88915c64683c25a842de3a40ae9e97f43e8d49cd5ed9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time: 0.236012ms
date: Sun, 19 Feb 2023 11:53:29 GMT
x-correlation-id: bd2fbc62-88af-4b58-9b4d-a143658f0419
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.netflights.com
access-control-allow-credentials: true
content-length: 38

POST
H2 200 recording Show response
k-eu1.az.contentsquare.net/v2/ Frame EECF 0
169 B 450ms
131ms Fetch 20.223.27.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k-eu1.az.contentsquare.net/v2/recording?rt=5&v=12.5.1&pid=33328&uu=207cfd5d-bdd1-ac4d-9f14-6ea8dcbd07cd&sn=1&pn=1&ri=1&rst=1676807609407&let=1676807609588&ct=2
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/e112fa0d8903d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.223.27.194 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 19 Feb 2023 11:53:30 GMT
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

OPTIONS
H/1.1 200
OK allocate
metrics.responsetap.com/infinity/ Frame 0
0 69ms
69ms Preflight
application/json 109.169.42.14
IOMART-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.responsetap.com/infinity/allocate?pv=3&v=rtap-20230210&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.100+Safari%2F537.36&autoformat=1&igrp=7076&ictvid=d4c43ee5-f6fc-4ff0-a3fe-760e774a15db&href=https%3A%2F%2Fwww.netflights.com%2F&vref=&t=Cheap+flights+2023%2F2024+compare+%26+book+a+flight+ticket+%26+flight+deals&state=rlt%7E1676807610%7Eland%7E2_78185_direct_d07cf785cc4262319df76fcd5bbf489b&dgrps=210164
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.169.42.14 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS: ict.infinity-tracking.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.netflights.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: OPTIONS,GET
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Sun, 19 Feb 2023 11:53:29 GMT
Server: nginx
x-amz-apigw-id: AlcVEFOrrPEFcFg=
x-amzn-RequestId: ac60e788-2899-4379-9800-5de27227447c

GET
H/1.1 200
OK allocate Show response
metrics.responsetap.com/infinity/ 124 B
565 B 102ms
102ms Fetch
application/json 109.169.42.14
IOMART-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.responsetap.com/infinity/allocate?pv=3&v=rtap-20230210&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.100+Safari%2F537.36&autoformat=1&igrp=7076&ictvid=d4c43ee5-f6fc-4ff0-a3fe-760e774a15db&href=https%3A%2F%2Fwww.netflights.com%2F&vref=&t=Cheap+flights+2023%2F2024+compare+%26+book+a+flight+ticket+%26+flight+deals&state=rlt%7E1676807610%7Eland%7E2_78185_direct_d07cf785cc4262319df76fcd5bbf489b&dgrps=210164
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/e112fa0d8903d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.169.42.14 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS: ict.infinity-tracking.net
Software: nginx /
Resource Hash: ce3a8f157df679bcfe3196f3236f0faf87057402ea81f1a4dd223eb9b070b2e1

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 19 Feb 2023 11:53:29 GMT
Server: nginx
x-amzn-RequestId: 5d296cbb-e66b-4b7c-b7b6-dd15eb998282
X-Amzn-Trace-Id: Root=1-63f20db9-788b955a63982bec048078cb;Sampled=0
Access-Control-Allow-Methods: GET,OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 124
x-amz-apigw-id: AlcVEG24rPEFTpw=

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 179ms
46ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1709314699303159&ev=PageView&dl=https%3A%2F%2Fwww.netflights.com%2F&rl=&if=false&ts=1676807609770&sw=1600&sh=1200&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676807609769.859064297&it=1676807609471&coo=false&rqm=GET

Requested by

Host: www.netflights.com
URL: https://www.netflights.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 19 Feb 2023 11:53:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
DATA 200
OK truncated
/ 597 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0838f1963f6528d25800db30d22d357558926d19d3b5a6d48d901bf93251f643

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 423 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20c9c5a53c38ef829be854bf1ad905d7f247d7a5cc495269233b12496d7d555e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK Netflights%20Orb.png
nr1.s3.amazonaws.com/domainConfig/3B86136E/40FEB9CC/ew2BltAChbUZkqTJxvLaLg/1/ 119 KB
120 KB 466ms
134ms Image
image/png 3.5.21.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr1.s3.amazonaws.com/domainConfig/3B86136E/40FEB9CC/ew2BltAChbUZkqTJxvLaLg/1/Netflights%20Orb.png
Requested by: Host: www.netflights.com
URL: https://www.netflights.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.21.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: fcc36716a1b94e2f02ce64c905da3d7906e4c3199df89c5d663d6affa12cb57f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 11:53:31 GMT
Last-Modified: Thu, 02 Jan 2020 17:43:47 GMT
Server: AmazonS3
x-amz-request-id: 594GGQ1M58Y9R1GB
ETag: "88fcbc2b111d35e36e0cb0c32347e99f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 122241
x-amz-id-2: qSHy6jjRLfjcbPIEQKAYIklxnOOpkgu67AUE+wlF83J/i+YrZoi8koxOtd8y9DdsJqqaDfj2LeCEmHw9UA/LHg==

GET
H2 200 faqs Show response
travelrepublic.nanorep.co/api/widget/v1/ 718 B
1 KB 60ms
59ms XHR
application/json 34.255.115.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://travelrepublic.nanorep.co/api/widget/v1/faqs?format=json&widgetType=float&account=travelrepublic&configId=1090510282&referer=https%3A%2F%2Fwww.netflights.com%2F&visitorToken=7033040865259245568

Requested by

Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/e112fa0d8903d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.255.115.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-115-245.eu-west-1.compute.amazonaws.com

Software

nanoRepServer /

Resource Hash

d1b8f0547973e3fadaf823ec28333ed31f181079aaeddaa5cff99632343c3eb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:12 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff
server: nanoRepServer
etag: "8DB126A2D551080TravelRepublic_40FEB9CC_domain_40FFDDCA_Float_"
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.netflights.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 718
x-xss-protection: 1; mode=block
expires: Wed, 18 Jan 2023 20:58:37 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame E266 0
74 B 46ms
45ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.netflights.com
URL: https://www.netflights.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.netflights.com
Referer: https://www.netflights.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.netflights.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 11:53:30 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK track Show response
metrics.responsetap.com/infinity/ 615 B
969 B 65ms
65ms Fetch
application/json 109.169.42.14
IOMART-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.responsetap.com/infinity/track?pv=2&v=rtap-20230210&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.100+Safari%2F537.36&igrp=7076&href=https%3A%2F%2Fwww.netflights.com%2F&vref=&t=Cheap+flights+2023%2F2024+compare+%26+book+a+flight+ticket+%26+flight+deals&res=1600x1200&channelOverride=1&d%5Bmaster%5D=vid%7Ed4c43ee5-f6fc-4ff0-a3fe-760e774a15db&d%5Bil7076%5D=rlt%7E1676807610%7Eland%7E2_78185_direct_d07cf785cc4262319df76fcd5bbf489b&d%5Bin7076%5D=rlt%7E1676807610%7Eland%7E2_78185_direct_d07cf785cc4262319df76fcd5bbf489b&c_gua_cid=673414383.1676807609&c_GA_Cookie=GA1.2.673414383.1676807609&isNew=1&isLand=1
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/e112fa0d8903d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.169.42.14 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS: ict.infinity-tracking.net
Software: nginx /
Resource Hash: 5c01420f70f2272d0b7789a352b64d197d164caa0a8e465d5c67f64dddb26c32

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 11:53:30 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP NID ADM PSA OUR IND COM NAV INT"
Access-Control-Allow-Origin: *
Content-Type: application/json; charset=UTF-8
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 615
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

activityi;dc_pre=CP25-o_Dof0CFXIMewodp-QI6A;src=8299063;type=allpa0;cat=allpa0;ord=432527721800;gtm=45He32f0;auiddc=725795979.1676807609;u1=https%3A%2F%2Fwww.netflights.com%2F;u11=desktop;~oref=htt... Show response
8299063.fls.doubleclick.net/ Frame EA94
Redirect Chain

https://8299063.fls.doubleclick.net/activityi;src=8299063;type=allpa0;cat=allpa0;ord=432527721800;gtm=45He32f0;auiddc=725795979.1676807609;u1=https%3A%2F%2Fwww.netflights.com%2F;u11=desktop;~oref=h...
https://8299063.fls.doubleclick.net/activityi;dc_pre=CP25-o_Dof0CFXIMewodp-QI6A;src=8299063;type=allpa0;cat=allpa0;ord=432527721800;gtm=45He32f0;auiddc=725795979.1676807609;u1=https%3A%2F%2Fwww.net...

446 B
258 B

94ms
94ms

Document
text/html

142.251.208.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8299063.fls.doubleclick.net/activityi;dc_pre=CP25-o_Dof0CFXIMewodp-QI6A;src=8299063;type=allpa0;cat=allpa0;ord=432527721800;gtm=45He32f0;auiddc=725795979.1676807609;u1=https%3A%2F%2Fwww.netflights.com%2F;u11=desktop;~oref=https%3A%2F%2Fwww.netflights.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ7C4F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f6.1e100.net

Software

cafe /

Resource Hash

469a35d73dda10dd746b3adf1526a39d131fd8526b9b85e477b9e2f87cacf9f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.netflights.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 235
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 11:53:30 GMT
expires: Sun, 19 Feb 2023 11:53:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 11:53:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8299063.fls.doubleclick.net/activityi;dc_pre=CP25-o_Dof0CFXIMewodp-QI6A;src=8299063;type=allpa0;cat=allpa0;ord=432527721800;gtm=45He32f0;auiddc=725795979.1676807609;u1=https%3A%2F%2Fwww.netflights.com%2F;u11=desktop;~oref=https%3A%2F%2Fwww.netflights.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 35ms
34ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1036504554&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.netflights.com%2F&ul=en-us&de=UTF-8&dt=Cheap%20flights%202023%2F2024%20compare%20%26%20book%20a%20flight%20ticket%20%26%20flight%20deals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Custom%20Dimension%20Scraper&ea=undefined&_u=aCDAiUAjRAAAAEAEK~&jid=&gjid=&cid=673414383.1676807609&tid=UA-845674-13&_gid=180616288.1676807609&gtm=45He32f0n71TQ7C4F&cd2=%20-%20&cd152=null&cd129=673414383.1676807609&cd110=Home&cd185=0.035403274542606944_1676807610644&z=1828980937&cd130=533

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:13:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 27628
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 dvar
c.az.contentsquare.net/ 0
42 B 44ms
43ms Image
text/plain 51.138.228.101
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.az.contentsquare.net/dvar?v=12.5.1&pid=33328&uu=207cfd5d-bdd1-ac4d-9f14-6ea8dcbd07cd&sn=1&pn=1&dv=H4sIAAAAAAAAA6tWSi72TSxJzsjMS%2FdOrVSyUjLQMzA2NTEwNjI3MTUxMjMwszQxiTc0MzezMDA3MzQwMzFRqgUAAzxLxzYAAAA%3D&ct=2&r=452683
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.138.228.101 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:30 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 34ms
34ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1036504554&t=timing&_s=2&dl=https%3A%2F%2Fwww.netflights.com%2F&ul=en-us&de=UTF-8&dt=Cheap%20flights%202023%2F2024%20compare%20%26%20book%20a%20flight%20ticket%20%26%20flight%20deals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3807&pdt=37&dns=30&rrt=599&srt=320&tcp=180&dit=1455&clt=1455&_gst=1758&_gbt=2098&_u=aCDAiUAjRAAAAEAEK~&jid=&gjid=&cid=673414383.1676807609&tid=UA-845674-13&_gid=180616288.1676807609&gtm=45He32f0n71TQ7C4F&cd2=%20-%20&cd152=null&cd129=673414383.1676807609&cg1=Home&cd78=Home&cd85=Landscape&cd109=Home&cd147=&cm16=1&z=529824384&cd130=575

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.netflights.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:13:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 27628
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK allocate Show response
metrics.responsetap.com/infinity/ 124 B
565 B 170ms
170ms Fetch
application/json 109.169.42.14
IOMART-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.responsetap.com/infinity/allocate?pv=3&v=rtap-20230210&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.100+Safari%2F537.36&autoformat=1&igrp=7076&ictvid=d4c43ee5-f6fc-4ff0-a3fe-760e774a15db&href=https%3A%2F%2Fwww.netflights.com%2F&vref=&t=Cheap+flights+2023%2F2024+compare+%26+book+a+flight+ticket+%26+flight+deals&state=rlt%7E1676807610%7Eland%7E2_78185_direct_d07cf785cc4262319df76fcd5bbf489b&c_gua_cid=673414383.1676807609&c_GA_Cookie=GA1.2.673414383.1676807609&dgrps=210164
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/e112fa0d8903d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.169.42.14 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS: ict.infinity-tracking.net
Software: nginx /
Resource Hash: ce3a8f157df679bcfe3196f3236f0faf87057402ea81f1a4dd223eb9b070b2e1

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 19 Feb 2023 11:53:30 GMT
Server: nginx
x-amzn-RequestId: 2f6a007d-524f-4a5c-99ba-d8f87148ec22
X-Amzn-Trace-Id: Root=1-63f20dba-186e4a1d60b2dc46121b0bfe;Sampled=0
Access-Control-Allow-Methods: GET,OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 124
x-amz-apigw-id: AlcVPHV6LPEFlEg=

OPTIONS
H/1.1 200
OK allocate
metrics.responsetap.com/infinity/ Frame 0
0 66ms
66ms Preflight
application/json 109.169.42.14
IOMART-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.responsetap.com/infinity/allocate?pv=3&v=rtap-20230210&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.100+Safari%2F537.36&autoformat=1&igrp=7076&ictvid=d4c43ee5-f6fc-4ff0-a3fe-760e774a15db&href=https%3A%2F%2Fwww.netflights.com%2F&vref=&t=Cheap+flights+2023%2F2024+compare+%26+book+a+flight+ticket+%26+flight+deals&state=rlt%7E1676807610%7Eland%7E2_78185_direct_d07cf785cc4262319df76fcd5bbf489b&c_gua_cid=673414383.1676807609&c_GA_Cookie=GA1.2.673414383.1676807609&dgrps=210164
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.169.42.14 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS: ict.infinity-tracking.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.netflights.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: OPTIONS,GET
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Sun, 19 Feb 2023 11:53:30 GMT
Server: nginx
x-amz-apigw-id: AlcVOFq4rPEFhMw=
x-amzn-RequestId: 5083eea8-b621-4868-8cce-5c04131dfd7c

GET
H2 200 dc_pre=CP25-o_Dof0CFXIMewodp-QI6A;src=8299063;type=allpa0;cat=allpa0;ord=432527721800;gtm=45He32f0;auiddc=*;u1=https%3A%2F%2Fwww.netflights.com%2F;u11=desktop;~oref=https%3A%2F%2Fwww.netflights.com%2F
adservice.google.com/ddm/fls/z/ Frame EA94 42 B
107 B 83ms
82ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CP25-o_Dof0CFXIMewodp-QI6A;src=8299063;type=allpa0;cat=allpa0;ord=432527721800;gtm=45He32f0;auiddc=*;u1=https%3A%2F%2Fwww.netflights.com%2F;u11=desktop;~oref=https%3A%2F%2Fwww.netflights.com%2F

Requested by

Host: 8299063.fls.doubleclick.net
URL: https://8299063.fls.doubleclick.net/activityi;dc_pre=CP25-o_Dof0CFXIMewodp-QI6A;src=8299063;type=allpa0;cat=allpa0;ord=432527721800;gtm=45He32f0;auiddc=725795979.1676807609;u1=https%3A%2F%2Fwww.netflights.com%2F;u11=desktop;~oref=https%3A%2F%2Fwww.netflights.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8299063.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 43ms
41ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-27HG5NY586&gtm=45je32f0&_p=1036504554&cid=673414383.1676807609&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1676807608&sct=1&seg=0&dl=https%3A%2F%2Fwww.netflights.com%2F&dt=Cheap%20flights%202023%2F2024%20compare%20%26%20book%20a%20flight%20ticket%20%26%20flight%20deals&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-27HG5NY586&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.netflights.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 11:53:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.netflights.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.netflights.com/	1970-01-20 09:47:23	Name: GMSession Value: 5ad7e949-3003-40f2-91a3-41092d4adadc
.netflights.com/	1970-01-20 18:33:50	Name: _vwo_uuid_v2 Value: DAF976015CC532519B1414FF2B67C24B4\|9bf83cdeaf6b310c3bb0a66d791e6f2b
.netflights.com/	1970-01-20 19:22:47	Name: bd4tPrivacy Value: %7B%22level%22%3A%22on%22%2C%22consented%22%3A%22false%22%7D
.netflights.com/	1970-01-20 19:22:47	Name: bd4ti Value: 3_8aknlPEJms.1676807608497
.netflights.com/	1970-01-20 14:05:56	Name: NF.RecentlySearched Value: 0817d01b-062f-4816-bf76-15d1bf9d4fe8
.netflights.com/	1970-01-20 11:56:23	Name: _gcl_au Value: 1.1.725795979.1676807609
.netflights.com/	1969-12-31 23:59:59	Name: V2Pages Value: Home
.netflights.com/	1970-01-20 09:48:14	Name: _uetsid Value: 06693f70b04c11edb67a33751fad75ca
.netflights.com/	1970-01-20 19:08:23	Name: _uetvid Value: 06693d20b04c11ed911ec5e82267c3f1
.netflights.com/	1970-01-20 19:22:47	Name: _ga Value: GA1.2.673414383.1676807609
.netflights.com/	1970-01-20 09:48:14	Name: _gid Value: GA1.2.180616288.1676807609
.netflights.com/	1970-01-20 09:46:47	Name: _dc_gtm_UA-845674-13 Value: 1
.bing.com/	1970-01-20 19:08:23	Name: MUID Value: 2313EAD6911669762481F86B90F668B0
.netflights.com/	1970-01-20 19:16:11	Name: _cs_c Value: 0
.netflights.com/	1970-01-20 19:16:11	Name: _cs_id Value: 207cfd5d-bdd1-ac4d-9f14-6ea8dcbd07cd.1676807609.1.1676807609.1676807609.1.1710971609166
.doubleclick.net/	1970-01-20 19:08:23	Name: IDE Value: AHWqTUlygoij0NCS0RcNzdn_-qvBV1_uPE2A29GrquL0zyueR1Ex0k-qSoCdlBap5U4
.netflights.com/	1970-01-20 19:22:47	Name: bd4tExperimentsData Value: %7B%22experiments%22%3A%7B%7D%2C%22properties%22%3A%7B%7D%2C%22redirects%22%3A%7B%7D%2C%22javaScript%22%3A%7B%7D%2C%22pauseUpdatesSeconds%22%3A20%2C%22ts%22%3A1676807609412%7D
.netflights.com/	1970-01-20 19:22:47	Name: bd4tExperiments Value: %7B%7D
.netflights.com/	1970-01-20 09:46:49	Name: __cf_bm Value: gif3LzuuiEh.1PJTmrXw09OSQnVvEKj.QSlnZSUilzM-1676807609-0-AZ9e8KRsXne3UPzE5CQ7sTHwXS5VQPMleFiOuAAkYGtqMma3kyDgvw48vvyimlIV/IRmiZY9zl9+IHUdVIcLbSEX80ZcxXmLnvHsSt4czJ/yffOhCxl9wjH/A4L5gx2MZ/rpgZv04q/txzzgm4zubgsCzoFdj80fpyErdR9B1qS2zaMCJEAsw0wxnkxOWC+eP+o1toyyCc0NB6mauzMrNEg=
.netflights.com/	1970-01-20 09:46:49	Name: _cs_s Value: 1.5.0.1676809409545
.nanorep.co/	1970-01-20 18:32:23	Name: u Value: v2,EU1,40CBB43982AEBCC7
.travelrepublic.nanorep.co/	1970-01-20 18:32:23	Name: 40FEB9CC Value: cv_4#t_EDB8404B9#v_1#lv_EDB8404B9#e_00000000
.netflights.com/	1970-01-20 11:56:23	Name: _fbp Value: fb.1.1676807609769.859064297
.nanorep.com/	1970-01-20 19:22:47	Name: bc.visitor_token Value: 7033040865259245568
www.netflights.com/	1970-01-20 18:32:23	Name: bc.visitor_token Value: 7033040865259245568
.netflights.com/	1970-01-20 09:46:49	Name: _cs_mk_ga Value: 0.035403274542606944_1676807610644
.netflights.com/	1970-01-20 19:22:47	Name: _ga_27HG5NY586 Value: GS1.1.1676807608.1.0.1676807610.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10328531.fls.doubleclick.net
8299063.fls.doubleclick.net
9859257.fls.doubleclick.net
adservice.google.com
api-n44410.bd4travel.com
api1.bd4travel.com
bat.bing.com
c.az.contentsquare.net
connect.facebook.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
k-eu1.az.contentsquare.net
metrics.responsetap.com
netflights.com
nr1.s3.amazonaws.com
q-eu1.az.contentsquare.net
region1.google-analytics.com
static-ssl.responsetap.com
stats.g.doubleclick.net
svht.tradedoubler.com
t.contentsquare.net
tracking.bd4travel.com
travelrepublic.nanorep.co
unpkg.com
v2api.netflights.com
visitor-services.nanorep.com
wrap.tradedoubler.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.netflights.com
104.17.234.108
104.17.235.108
104.17.68.6
109.169.42.14
13.32.110.120
142.251.208.134
185.32.80.216
185.32.83.82
185.32.83.83
20.191.43.109
20.223.27.194
2001:4860:4802:34::36
2001:4860:4802:38::178
2600:9000:214f:dc00:7:a364:ab80:93a1
2606:4700::6810:7eaf
2620:1ec:c11::200
2a00:1450:4001:812::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2004
2a00:1450:4001:831::2003
2a00:1450:400d:808::2003
2a00:1450:400d:80e::2002
2a00:1450:400d:80e::200a
2a00:1450:4025:401::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.5.21.172
3.71.138.13
34.255.115.245
34.96.102.137
35.186.231.97
51.138.228.101
52.222.214.97
05b8481852a6a5d480f18249769648681a4eb4c6d50383dc862a537b994de6f0
0838f1963f6528d25800db30d22d357558926d19d3b5a6d48d901bf93251f643
086891f96cf54a0938281ebdc52edbfa58291be32b592dd792d7dbd2e4cf8e00
11c27d96bc59456464b63e8dc2fd12b5ada363ca83b1cd885a5beabf768c0ab4
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
20c9c5a53c38ef829be854bf1ad905d7f247d7a5cc495269233b12496d7d555e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2ab908a20fbb139aa255134b2851a6ec578143b8fe93af4b1f78d21a417a61d3
2fd71ad86089b496ecbfcc59153d3615b3de204a1426595ed232ecb6ee90ebc4
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36d4143953402e3489d0cdef9974146e04e1ada20d9c48b3465a2a89dd70fc28
3889569c027418845337e30b8fc437d91473877291fb8596bce329e2a3d8baf3
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
4202c9de4a51df1a656322c1b614abab97974c872a5da51f05441208007c03df
4290c9f284e2edda5680684bb45f03ec797147d43ffd625d603e5dd252755be7
42bd9bd094615f32364829cff59680d8919246e3bea505363b19e6c69dfea8e6
45f977c59282926bfe6d0388caf507d9ddd677e059fb66d75b5270b6b2f42380
469a35d73dda10dd746b3adf1526a39d131fd8526b9b85e477b9e2f87cacf9f2
47ea7a0dc30e9bf032148714b80c274f18779a6d1028740358d143e743af4cf9
4e1bff7bccd636c91c5b879650b192b8439abd43dfb568fecb17e5a4b621073d
5028b17ac332e3325ca2ae0277726eb094f9f92fa0d862fde816499b4591e05c
53a87bcabafb19ccf616a4414b238b7150cc7dfd1d4efc3d78a91b336498b075
5944466d7170a9787daa4e1fb6aa3381a5dd366b708dbb5b52661f660cf553a2
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59cc12edc8f66b6706c697b9266c7c788ecf166a0ce3c44896656daaa9fee042
5c01420f70f2272d0b7789a352b64d197d164caa0a8e465d5c67f64dddb26c32
6ceb5fd0131ad56cbda5369320567f34119b91f9097e6400f676179c57a2ceac
70c705d49e04d07b8353972235ca2f2f7f48c1ddbb671829a282558b991a8fa1
722492d7e15da3cf571077bf580526f92f1329ed9da2c2fa088f6956df2b2d33
727c47fedba5a71fa52f8ddd4f48b5c78f755680a91bb412f851a6dd7af55aa6
7759e54f5a6c7c7fb2bbfe960a8987e05a205022750a3da5829f777509c6966d
7abe36eebfb35383a3986174f661ab09f2e3a1dd995ac334d08f0b6eab35a489
7b28f70fc1fa0b7d0e2350ad98bbb642b47a65550b05449da821198189c66c9f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8775641fdf28c7c5d379fbe23b18cfb6da62c9d52a2b0629193b08fbb5288bcc
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
939396d7eca3ba54b9bb1f1a2055e0f43acef3990f08426e4335ed474c50281b
991a4399aee9f0b73a8fc5984814dc6020b4ced7469a77df023b7dbf3dc5c286
a9453899835a6c346a26a69c7c199c0f3ea483cda2e4adde39acfb4510d6b64b
b04cb19db615fc748e50a29b9e072de4422d2624bc3b7b41087a8cdfce7ac61a
b108fdbec4ce7563e8f12807d32e99be5932e82163977cf791bdd550438995d2
b778dd5ed20e3b96f8aea88122b42c4df9ab04ff3e54bdec46cd67111e23aa6a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c5a9f1d1e73faeb3f4a3ed98b41ee286905848450284277d383bdf886c0f6b64
c60f98abadf1d3c1181d88915c64683c25a842de3a40ae9e97f43e8d49cd5ed9
c7595fa3fb27e6051e381eed5b20b7e4c6c5c3a65e65cce401ddb798b39c4ed8
c9cc4f980b67a5d9b07485d5030260458546fc54ce0aee6b92628a0df8c58dea
cdedaec116c065bb114d24c998aac96047c1304d0e575f81aeb8e387319f6ba6
ce3a8f157df679bcfe3196f3236f0faf87057402ea81f1a4dd223eb9b070b2e1
d05ad4fddaa0cb53bcef29b01b98ebe9cb520c5272160555546478357cab19f3
d18097d36077c9a7f1f24face538d7bd90b7619877e58172b61defa5b422375f
d1b8f0547973e3fadaf823ec28333ed31f181079aaeddaa5cff99632343c3eb7
d97dd1a0354ddcea3bb1019a533b1cf9684e59bb738bfcfc27465135c6db7596
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
e08b307594321587eea40a9cc17e92f57f1ea7dde2477fb94647ba5e89ac8422
e2cd015488824cc8993f2c08c6b541b7d077de8ac7d46f4b26562bd2749a28c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e514a6d89a74752ffa9be651449284ae176bdae1be5ae94e44fb3cd74a433eff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f45071460c35d35c8d5c5540d08c54fb6559cdac2a7a0ca982eabc9cc835d058
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
faa9076574ac4cd3952eb54ccabac2f28d7890b7a7d39f456a785f669a4cc451
fcc36716a1b94e2f02ce64c905da3d7906e4c3199df89c5d663d6affa12cb57f

www.netflights.com Open in urlscan Pro 104.17.68.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

85 Requests

98 %HTTPS

45 %IPv6

20 Domains

35 Subdomains

33 IPs

6 Countries

2042 kBTransfer

5235 kBSize

27 Cookies

9 Outgoing links

Page URL History

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.netflights.com Open in urlscan Pro
104.17.68.6 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

98 %
HTTPS

45 %
IPv6

20
Domains

35
Subdomains

33
IPs

6
Countries

2042 kB
Transfer

5235 kB
Size

27
Cookies

85 HTTP transactions
5 data transactions