urlscan.io logo urlscan.io
SecurityTrails logo

iwantthatflight.co.nz Open in urlscan Pro
2606:4700:20::681a:c6c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u.to/fIopGA
Effective URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Submission: On November 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 22 HTTP transactions. The main IP is 2606:4700:20::681a:c6c, located in United States and belongs to CLOUDFLARENET, US. The main domain is iwantthatflight.co.nz.
TLS certificate: Issued by WE1 on November 4th 2024. Valid for: 3 months.
This is the only time iwantthatflight.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 195.216.243.155 57724 (DDOS-GUARD)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
22 6
1    195.216.243.155 (Moscow, Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: s5.uid.me
u.to
14    2606:4700:20::681a:c6c (United States)

ASN13335 (CLOUDFLARENET, US)
iwantthatflight.co.nz
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
Apex Domain
Subdomains		 Transfer
14 iwantthatflight.co.nz
iwantthatflight.co.nz
64 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
10 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
95 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
7 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
980 B
1 u.to
u.to — Cisco Umbrella Rank: 744022
399 B
22 6
Domain Requested by
14 iwantthatflight.co.nz iwantthatflight.co.nz
2 pagead2.googlesyndication.com iwantthatflight.co.nz
pagead2.googlesyndication.com
2 ajax.googleapis.com iwantthatflight.co.nz
1 static.cloudflareinsights.com iwantthatflight.co.nz
1 cdnjs.cloudflare.com iwantthatflight.co.nz
1 u.to 1 redirects
22 6
Subject Issuer Validity Valid
iwantthatflight.co.nz
WE1		 2024-11-04 -
2025-02-02		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Frame ID: 5F686D037CFE8FCC1E12481497981785
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Untitled Page

Page URL History Show full URLs

  1. https://u.to/fIopGA HTTP 302
    https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • (?:/yui/|yui\.yahooapis\.com)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

22
Requests

91 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

177 kB
Transfer

582 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u.to/fIopGA HTTP 302
    https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request UserProfile.aspx
iwantthatflight.co.nz/
Redirect Chain
  • https://u.to/fIopGA
  • https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b48235eca732ad8f93ecd7f4563068eab7c4bad02dc4e0b3fc7fc22335d52055

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8ddae697fd04d406-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 05 Nov 2024 06:48:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RFXo0XGOWKqqKmdCjyII4LIcYWsjlFSx35mLotu5FcSX5weKXkV9ZMSeyTXzFk70mUWpwgN13aeCVMSbgvaa%2Bj3hQfDc2nrBnPHcGQ8M1WelYqA6OiN4Yl%2FKNi%2Fk8hYMri4ujcWW8VRQMvtBN392vPdk%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=6539&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3982&recv_bytes=2371&delivery_rate=672518&cwnd=253&unsent_bytes=0&cid=c2cdbbf034905e7f&ts=1107&x=0"
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 05 Nov 2024 06:48:52 GMT
Keep-Alive
timeout=15
Location
https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA#hcnmrbakxfnekuqku
Server
nginx/1.8.0
Transfer-Encoding
chunked
reset-min.css
cdnjs.cloudflare.com/ajax/libs/yui/2.9.0/reset/ 		775 B
980 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/yui/2.9.0/reset/reset-min.css
Requested by
Host: iwantthatflight.co.nz
URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a09a1ea5656684eca8c3cf51aa78e7505de76d3bce596d4c7d7f39f13bd3f71
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://iwantthatflight.co.nz/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb0403c-307"
age
366587
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CZ0Mx%2BZLogydfWcB1BpU4Xvym2iKl1Ywe5NKHvKCRmzs1%2F0ugEWIffdM5PKSC0XH62r1u6vhHM3ulfluB5QANRr9vJt5NS3FZemh62RPVePFd8bVAFoU8ZDU6k4T6a6auSLJf04CBY%2B4kAVKwaes%2FthF"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 26 Oct 2025 06:48:54 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 06:48:54 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:18:04 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ddae69f387a9b58-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
345
server
cloudflare
iwtf-desktop-43.css
iwantthatflight.co.nz/includes/ 		38 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iwantthatflight.co.nz/includes/iwtf-desktop-43.css?v=9
Requested by
Host: iwantthatflight.co.nz
URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6d00266f631e5edc92a5ce4fdd61469b9f5447abe55f604e0644c5066114613f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"2d8c50977c9eda1:0"
age
5281
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gibK1oqBoX8FJPZXKTbWcfmX3VjvJOUDup50xvn4%2BJNW7IaTvwK9vf2eLl19VPbVKrdZZY984WAJSik4fYbFHDKJv%2B1Nn5y9Ltc3rps7FgsVZDyBvsmDlmRngEXy8dc7cASCC9mXEkzCuIIBoDVk8BK19Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=6482&sent=31&recv=23&lost=0&retrans=0&sent_bytes=18902&recv_bytes=3403&delivery_rate=1745645&cwnd=253&unsent_bytes=0&cid=c2cdbbf034905e7f&ts=1161&x=0"
date
Tue, 05 Nov 2024 06:48:54 GMT
content-type
text/css
last-modified
Sat, 04 May 2024 23:41:31 GMT
vary
Accept-Encoding
cache-control
max-age=5184000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddae69efe62d406-FRA
accept-ranges
bytes
content-length
10601
x-powered-by
ASP.NET
server
cloudflare
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: iwantthatflight.co.nz
URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://iwantthatflight.co.nz/

Response headers

content-encoding
gzip
age
487315
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:26:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:26:59 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
32954
x-xss-protection
0
server
sffe
Iwtf_general11-NewAutocomplete.js
iwantthatflight.co.nz/includes/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iwantthatflight.co.nz/includes/Iwtf_general11-NewAutocomplete.js?v=5
Requested by
Host: iwantthatflight.co.nz
URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8ba5751e0b5679c809fa5941c47907e479e17013b605d66ead7269902eecdb5e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"b27f25977c9eda1:0"
age
311792
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D032N3mZM0VBnO8xOELHzW64h3NnSUqckF5kpp76D4qmabExMxl1ruflPu%2BUEp0J87DtUQAVABhbA4aTD%2F2XRAjL4p85zwUVcwtCFDLPVa6XVNiNsCTre1Q9BZ90xBGmV%2Fwyf%2FVGFviFcJGQXzZESg%2BaWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=6482&sent=25&recv=23&lost=0&retrans=0&sent_bytes=15083&recv_bytes=3403&delivery_rate=1745645&cwnd=253&unsent_bytes=0&cid=c2cdbbf034905e7f&ts=1160&x=0"
date
Tue, 05 Nov 2024 06:48:54 GMT
content-type
text/javascript
last-modified
Sat, 04 May 2024 23:41:30 GMT
vary
Accept-Encoding
cache-control
max-age=5184000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddae69efe6bd406-FRA
accept-ranges
bytes
content-length
3230
x-powered-by
ASP.NET
server
cloudflare
ufd-base.css
iwantthatflight.co.nz/includes/combo/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iwantthatflight.co.nz/includes/combo/ufd-base.css
Requested by
Host: iwantthatflight.co.nz
URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7c33d48507e6a45788bbd72ec1af59ed5bedfec512626d63b14dd6c499244d6a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"0852655c1c0cb1:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I8q7QCf0cPZxkKE20IuH6BpFu5HgP7DXDZ5sJsFCgTLfkNIGLjE%2FfWFNWEKPWpBWJV%2F64yZgl9b%2FY7qDbI34CdFMD8jGVkIMNxtAmNTZor3DwV6d9eDHZ9Uqwm49yC6GzrGPgdYOaSiVLuPvhK1No3WUaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=6879&sent=91&recv=29&lost=0&retrans=0&sent_bytes=69745&recv_bytes=3403&delivery_rate=13866160&cwnd=299&unsent_bytes=0&cid=c2cdbbf034905e7f&ts=2192&x=0"
date
Tue, 05 Nov 2024 06:48:55 GMT
content-type
text/css
last-modified
Sun, 30 Jan 2011 21:04:50 GMT
vary
Accept-Encoding
cache-control
max-age=5184000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddae69efe65d406-FRA
accept-ranges
bytes
content-length
587
x-powered-by
ASP.NET
server
cloudflare
sexy.css
iwantthatflight.co.nz/includes/combo/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iwantthatflight.co.nz/includes/combo/sexy.css
Requested by
Host: iwantthatflight.co.nz
URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
148b6b5885766117076b92e02d880368a68bf412b39241d960d2a98cb22523e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"058f553c1c0cb1:0"
age
5281
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2F9Km6cjwdmt0WIzTCLXAG7HUh1ATi7IxS2zwGRxgsWlZuaS9dW3BF%2F4LnjnFQRcwSzd8dE1BlPkPcoLqQm3N0OHpMmfu82%2BuwG0f6raVABFxf%2B5zMncS%2BvzePJ3VWqh2cd2v9UnFFEc%2BdtkCTMb%2FiBV%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=6482&sent=61&recv=23&lost=0&retrans=0&sent_bytes=46016&recv_bytes=3403&delivery_rate=1745645&cwnd=253&unsent_bytes=0&cid=c2cdbbf034905e7f&ts=1161&x=0"
date
Tue, 05 Nov 2024 06:48:54 GMT
content-type
text/css
last-modified
Sun, 30 Jan 2011 21:04:48 GMT
vary
Accept-Encoding
cache-control
max-age=5184000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddae69efe66d406-FRA
accept-ranges
bytes
content-length
755
x-powered-by
ASP.NET
server
cloudflare
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.0/ 		232 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.0/jquery-ui.min.js
Requested by
Host: iwantthatflight.co.nz
URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94217ee7990c505fb77ceff70625ee8b87a250a7109adafb79c29278b543c484
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://iwantthatflight.co.nz/

Response headers

content-encoding
gzip
age
487411
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:25:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:25:23 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
63638
x-xss-protection
0
server
sffe
jquery.ui.ufd1.js
iwantthatflight.co.nz/includes/combo/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iwantthatflight.co.nz/includes/combo/jquery.ui.ufd1.js
Requested by
Host: iwantthatflight.co.nz
URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fc1e807e622460413aad8b0a41d4dac3d2efd9fa076c80c53378eeeb2f47998b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"0f299c860c3cb1:0"
age
5281
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jhv7O4SDBwlHvenyOtqyuAqf9NCb0pH9iuqMW1XPIYjw2KJzFUPHMojczCghOBFbaf%2Ftt1QFoGB5IJ5xb%2BM0IZ3ccL8x8Fy%2BBsQGNhXkfnTq4j1MLj78z%2FVIE6l4xrpE1q3jBRStPo5l805Kkjhe4YOlVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=6482&sent=44&recv=23&lost=0&retrans=0&sent_bytes=30190&recv_bytes=3403&delivery_rate=1745645&cwnd=253&unsent_bytes=0&cid=c2cdbbf034905e7f&ts=1161&x=0"
date
Tue, 05 Nov 2024 06:48:54 GMT
content-type
text/javascript
last-modified
Thu, 03 Feb 2011 05:11:16 GMT
vary
Accept-Encoding
cache-control
max-age=5184000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddae69efe6cd406-FRA
accept-ranges
bytes
content-length
15036
x-powered-by
ASP.NET
server
cloudflare
date4.js
iwantthatflight.co.nz/includes/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iwantthatflight.co.nz/includes/date4.js?v=2
Requested by
Host: iwantthatflight.co.nz
URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a861180d5eed9370890734fd7c36ab1fcbc164217532ad5631dfe144af251d76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"7a2b4e977c9eda1:0"
age
1407325
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IP2hOAwERctiUE9ilTRkS46WaO7Xwji3jL3%2Flp6CiiwZqNhq6ocX6Q8C5azTJbX6djMLqdinTfpRcu2KW7mwCNlP1zIlHGizJYtrXrlCGLOnc%2Bea4N36IL9XK8MXIdVYG04O%2FnvJvs673K%2Fo4DR4rsCIiA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=6482&sent=18&recv=23&lost=0&retrans=0&sent_bytes=10253&recv_bytes=3403&delivery_rate=1745645&cwnd=253&unsent_bytes=0&cid=c2cdbbf034905e7f&ts=1160&x=0"
date
Tue, 05 Nov 2024 06:48:54 GMT
content-type
text/javascript
last-modified
Sat, 04 May 2024 23:41:31 GMT
vary
Accept-Encoding
cache-control
max-age=5184000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddae69efe6ed406-FRA
accept-ranges
bytes
content-length
4184
x-powered-by
ASP.NET
server
cloudflare
jquery.datePicker2.js
iwantthatflight.co.nz/includes/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iwantthatflight.co.nz/includes/jquery.datePicker2.js
Requested by
Host: iwantthatflight.co.nz
URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
66bf7f5e2cb6ce31b82baa32f75e10da693c7901952198f8618ebb7d9c6ccd4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"047ebd927acf1:0"
age
5281
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3IpyGhwuFERBALQzn4gFnuQxhqHgK0QEhetLSBGlTgJo1m7rVUXU699%2BRq0VQaRUBpJzYa2XWPxPBoAnnG%2Bted8b8lBNwYHstmzy6ilamGQ6%2BzfxmVmlD7EDZFdoq0xDUM0HPnrcp7e1OwqHUEeUDI31eg%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=6482&sent=64&recv=23&lost=0&retrans=0&sent_bytes=47403&recv_bytes=3403&delivery_rate=1745645&cwnd=253&unsent_bytes=0&cid=c2cdbbf034905e7f&ts=1162&x=0"
date
Tue, 05 Nov 2024 06:48:54 GMT
content-type
text/javascript
last-modified
Wed, 28 May 2014 16:34:48 GMT
vary
Accept-Encoding
cache-control
max-age=5184000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddae69efe6fd406-FRA
accept-ranges
bytes
content-length
14651
x-powered-by
ASP.NET
server
cloudflare
datePicker.css
iwantthatflight.co.nz/includes/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iwantthatflight.co.nz/includes/datePicker.css
Requested by
Host: iwantthatflight.co.nz
URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e07a49bbce467edfddacb604599bf08499f8eff61c1a45744ae13e7be0a00583

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"0578965586ece1:0"
age
5281
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tFiK%2FuqCLjQIRaJ3m%2B5GxAX5ZRvTG3ZpCnh90Jqt27H3uJnDNRQaXJdTAUeV%2BBkKv1PYGc0F0zl56r5MpvfgSM8R3Nf6SXtW3fgIYaT%2F2P5wFMJiT46bn%2BHr1yqcri2%2B2d4N4KJXCi88mP%2FfBI1oyH3dkg%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=6482&sent=81&recv=23&lost=0&retrans=0&sent_bytes=63735&recv_bytes=3403&delivery_rate=1745645&cwnd=253&unsent_bytes=0&cid=c2cdbbf034905e7f&ts=1164&x=0"
date
Tue, 05 Nov 2024 06:48:54 GMT
content-type
text/css
last-modified
Fri, 21 Jun 2013 08:21:58 GMT
vary
Accept-Encoding
cache-control
max-age=5184000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddae69efe69d406-FRA
accept-ranges
bytes
content-length
977
x-powered-by
ASP.NET
server
cloudflare
datePickerHotel.css
iwantthatflight.co.nz/includes/ 		572 B
956 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iwantthatflight.co.nz/includes/datePickerHotel.css
Requested by
Host: iwantthatflight.co.nz
URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f7dcdf35f7843129474288313432f9c96425089d19f072cc1677a94bc8d03b74

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"01c883c36bccb1:0"
age
5281
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LtwNn5SynvIzYuWjvpLFICyllrDkN5coOONNRGJT6EYY9xzg75HvcHTvjpyF%2FjNwOs52Q2PpcyBXrCzqRxfzAUGIdbvI6%2BwjlSmdD2bcPv2KASnO2X1jz%2FJDDZY7w08jCDvygyt0SLloykeRxtf4MH2WEg%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=6482&sent=78&recv=23&lost=0&retrans=0&sent_bytes=62713&recv_bytes=3403&delivery_rate=1745645&cwnd=253&unsent_bytes=0&cid=c2cdbbf034905e7f&ts=1162&x=0"
date
Tue, 05 Nov 2024 06:48:54 GMT
content-type
text/css
last-modified
Tue, 25 Jan 2011 02:19:04 GMT
vary
Accept-Encoding
cache-control
max-age=5184000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddae69efe6ad406-FRA
accept-ranges
bytes
content-length
486
x-powered-by
ASP.NET
server
cloudflare
filter3.js
iwantthatflight.co.nz/includes/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iwantthatflight.co.nz/includes/filter3.js
Requested by
Host: iwantthatflight.co.nz
URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4d9623ad4454bd8c68ca0bc06439755049ed06f009d505e1ee2bf999a9d7910f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"7a2b4e977c9eda1:0"
age
5281
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sc%2FBlCFFLTivD%2FbXhLdRam5%2BeejWhjqdxS%2B7uSJzqxh0C8JUxlYitIsvobZ2RfpczO%2B9XZzPXIkLMkM2JSoH5iK%2FAx5YDV9HaGHgKJunSEFUGk7DYtP9RCJ3Iv%2B4KHY%2B82GTLBz%2F7lDlZ%2BtlMPl%2FiuWIBw%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=6482&sent=84&recv=23&lost=0&retrans=0&sent_bytes=65264&recv_bytes=3403&delivery_rate=1745645&cwnd=253&unsent_bytes=0&cid=c2cdbbf034905e7f&ts=1165&x=0"
date
Tue, 05 Nov 2024 06:48:54 GMT
content-type
text/javascript
last-modified
Sat, 04 May 2024 23:41:31 GMT
vary
Accept-Encoding
cache-control
max-age=5184000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddae69efe70d406-FRA
accept-ranges
bytes
content-length
2410
x-powered-by
ASP.NET
server
cloudflare
menudivider.jpg
iwantthatflight.co.nz/pics/ 		821 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iwantthatflight.co.nz/pics/menudivider.jpg
Requested by
Host: iwantthatflight.co.nz
URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cf6ec467a13b7ed6f36f3ecd8c88387cc52fecd24462e1d57e571916b8db347b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA

Response headers

cf-bgj
h2pri
etag
"071706732bccb1:0"
age
5281
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uBatrZ1bWYaellAAsXdNZZfmbDzk8dHgqZMyq2vu6uviRxKgclwNyZmwkMCwvCt0N388j53Qu399tFSRXActHY80Hvdsby5NQZFIQweY1cjHn9rI6yxmGwWX3PA1%2BO7b48bU0DmwjWwv9wqpjJ1Z3iaCBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=6482&sent=85&recv=23&lost=0&retrans=0&sent_bytes=65776&recv_bytes=3403&delivery_rate=1745645&cwnd=253&unsent_bytes=2472&cid=c2cdbbf034905e7f&ts=1166&x=0"
date
Tue, 05 Nov 2024 06:48:54 GMT
content-type
image/jpeg
last-modified
Tue, 25 Jan 2011 01:51:38 GMT
vary
Accept-Encoding
cache-control
max-age=5184000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddae69efe78d406-FRA
accept-ranges
bytes
content-length
821
x-powered-by
ASP.NET
server
cloudflare
show_ads.js
pagead2.googlesyndication.com/pagead/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: iwantthatflight.co.nz
URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1558e4a59bdd5eb425935dc93b0f638f3743bb1c6ccf21e297e6ac66a1eb2a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://iwantthatflight.co.nz/

Response headers

content-encoding
br
etag
17122461649548188055
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 06:48:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 05 Nov 2024 06:48:54 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
10531
x-xss-protection
0
server
cafe
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: iwantthatflight.co.nz
URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://iwantthatflight.co.nz
Referer
https://iwantthatflight.co.nz/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8ddae69fab5b65b4-FRA
access-control-allow-origin
*
date
Tue, 05 Nov 2024 06:48:54 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
Iwtf_general11-NewAutocomplete.js
iwantthatflight.co.nz/includes/ 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://iwantthatflight.co.nz/includes/Iwtf_general11-NewAutocomplete.js?v=5
Requested by
Host: iwantthatflight.co.nz
URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8ba5751e0b5679c809fa5941c47907e479e17013b605d66ead7269902eecdb5e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"b27f25977c9eda1:0"
age
311792
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D032N3mZM0VBnO8xOELHzW64h3NnSUqckF5kpp76D4qmabExMxl1ruflPu%2BUEp0J87DtUQAVABhbA4aTD%2F2XRAjL4p85zwUVcwtCFDLPVa6XVNiNsCTre1Q9BZ90xBGmV%2Fwyf%2FVGFviFcJGQXzZESg%2BaWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=6482&sent=25&recv=23&lost=0&retrans=0&sent_bytes=15083&recv_bytes=3403&delivery_rate=1745645&cwnd=253&unsent_bytes=0&cid=c2cdbbf034905e7f&ts=1160&x=0"
date
Tue, 05 Nov 2024 06:48:54 GMT
content-type
text/javascript
last-modified
Sat, 04 May 2024 23:41:30 GMT
vary
Accept-Encoding
cache-control
max-age=5184000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddae69efe6bd406-FRA
accept-ranges
bytes
content-length
3230
x-powered-by
ASP.NET
server
cloudflare
menudivider.jpg
iwantthatflight.co.nz/pics/ 		821 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iwantthatflight.co.nz/pics/menudivider.jpg
Requested by
Host: iwantthatflight.co.nz
URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cf6ec467a13b7ed6f36f3ecd8c88387cc52fecd24462e1d57e571916b8db347b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA

Response headers

cf-bgj
h2pri
etag
"071706732bccb1:0"
age
5281
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uBatrZ1bWYaellAAsXdNZZfmbDzk8dHgqZMyq2vu6uviRxKgclwNyZmwkMCwvCt0N388j53Qu399tFSRXActHY80Hvdsby5NQZFIQweY1cjHn9rI6yxmGwWX3PA1%2BO7b48bU0DmwjWwv9wqpjJ1Z3iaCBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=6482&sent=85&recv=23&lost=0&retrans=0&sent_bytes=65776&recv_bytes=3403&delivery_rate=1745645&cwnd=253&unsent_bytes=2472&cid=c2cdbbf034905e7f&ts=1166&x=0"
date
Tue, 05 Nov 2024 06:48:54 GMT
content-type
image/jpeg
last-modified
Tue, 25 Jan 2011 01:51:38 GMT
vary
Accept-Encoding
cache-control
max-age=5184000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddae69efe78d406-FRA
accept-ranges
bytes
content-length
821
x-powered-by
ASP.NET
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0
show_ads.js
pagead2.googlesyndication.com/pagead/ 		26 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: iwantthatflight.co.nz
URL: https://iwantthatflight.co.nz/UserProfile.aspx?SetCurrency=USD&url=https://u.to/0k4pGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1558e4a59bdd5eb425935dc93b0f638f3743bb1c6ccf21e297e6ac66a1eb2a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://iwantthatflight.co.nz/

Response headers

content-encoding
br
etag
17122461649548188055
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 06:48:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 05 Nov 2024 06:48:54 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
10531
x-xss-protection
0
server
cafe
HeaderAndBackground4.jpg
iwantthatflight.co.nz/pics/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Domain
iwantthatflight.co.nz
URL
https://iwantthatflight.co.nz/pics/HeaderAndBackground4.jpg

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| getQueryStringParameterByName function| MyGetElementById function| InitialText function| ImageOK function| CheckImagesLoaded function| GetCookie function| SetCookie function| SetCookieByDays function| getCookieVal function| addDays function| SelectSelectedIndexSet function| ControlValueFromCookieSet function| OriginSetDomestic function| InternationalLocationSetFromCookie function| InternationalAirportNameFromAirportCode function| LocationSetInternational function| LocationSetInternationalOLD function| getInternetExplorerVersion function| OriginAirportSetDefault function| gCurrency function| gCurrencySymbol function| gCurrencyChosen function| gCurrencySet object| jQuery1102030855306395213167 boolean| mbFilter_ReturnTrip function| FilterFlights function| EditAlert function| sFilterParamsCreate function| sDateValGet function| filter_DatePickInit function| FiltersInit function| ShowAlertFilter string| google_ui_features object| google_js_reporting_queue number| google_srt object| adsbygoogle object| __cfBeacon

3 Cookies

Domain/Path Name / Value
.u.to/ Name: lng
Value: de
iwantthatflight.co.nz/ Name: ASP.NET_SessionId
Value: fmj1scyvbr5l1u2mtxrtajat
iwantthatflight.co.nz/ Name: IWTF_afid
Value: 2485

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
iwantthatflight.co.nz
pagead2.googlesyndication.com
static.cloudflareinsights.com
u.to
iwantthatflight.co.nz
pagead2.googlesyndication.com
195.216.243.155
2606:4700:20::681a:c6c
2606:4700::6810:4f49
2606:4700::6811:180e
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
148b6b5885766117076b92e02d880368a68bf412b39241d960d2a98cb22523e1
4d9623ad4454bd8c68ca0bc06439755049ed06f009d505e1ee2bf999a9d7910f
66bf7f5e2cb6ce31b82baa32f75e10da693c7901952198f8618ebb7d9c6ccd4e
6d00266f631e5edc92a5ce4fdd61469b9f5447abe55f604e0644c5066114613f
7c33d48507e6a45788bbd72ec1af59ed5bedfec512626d63b14dd6c499244d6a
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8ba5751e0b5679c809fa5941c47907e479e17013b605d66ead7269902eecdb5e
94217ee7990c505fb77ceff70625ee8b87a250a7109adafb79c29278b543c484
9a09a1ea5656684eca8c3cf51aa78e7505de76d3bce596d4c7d7f39f13bd3f71
a861180d5eed9370890734fd7c36ab1fcbc164217532ad5631dfe144af251d76
b1558e4a59bdd5eb425935dc93b0f638f3743bb1c6ccf21e297e6ac66a1eb2a1
b48235eca732ad8f93ecd7f4563068eab7c4bad02dc4e0b3fc7fc22335d52055
cf6ec467a13b7ed6f36f3ecd8c88387cc52fecd24462e1d57e571916b8db347b
e07a49bbce467edfddacb604599bf08499f8eff61c1a45744ae13e7be0a00583
f7dcdf35f7843129474288313432f9c96425089d19f072cc1677a94bc8d03b74
fc1e807e622460413aad8b0a41d4dac3d2efd9fa076c80c53378eeeb2f47998b