www.globalair.com Open in urlscan Pro
2606:4700:20::ac43:4514 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.globalair.com/login.aspx
Submission: On November 29 via api (November 29th 2021, 3:13:55 pm UTC) from US — Scanned from DE

Summary HTTP 118 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 21 domains to perform 118 HTTP transactions. The main IP is 2606:4700:20::ac43:4514, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.globalair.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 27th 2021. Valid for: a year.

This is the only time www.globalair.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8 34	2606:4700:20:... 2606:4700:20::ac43:4514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
4	18.197.253.20 18.197.253.20	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
4	3.224.186.28 3.224.186.28	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.198.96.125 34.198.96.125	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	13.225.83.200 13.225.83.200	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	142.251.5.155 142.251.5.155	15169 (GOOGLE) (GOOGLE)
1 2	99.80.67.138 99.80.67.138	16509 (AMAZON-02) (AMAZON-02)
3 4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 4	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
20	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
3	2600:9000:21f... 2600:9000:21f3:f000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
8	44.195.120.221 44.195.120.221	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
118	32

34 2606:4700:20::ac43:4514 (United States) 8 redirects

ASN13335 (CLOUDFLARENET, US)

www.globalair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.globalair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.224.186.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-186-28.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.198.96.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-96-125.compute-1.amazonaws.com

cs.choozle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.83.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-200.fra2.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.5.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.67.138 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-67-138.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.21.141.232 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.145 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:f000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 44.195.120.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-120-221.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	globalair.com 8 redirects www.globalair.com resources.globalair.com	807 KB
20	2mdn.net s0.2mdn.net	438 KB
18	googlesyndication.com pagead2.googlesyndication.com 7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com tpc.googlesyndication.com	97 KB
14	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net bid.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	186 KB
13	adsafeprotected.com 1 redirects pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	97 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	bing.com bat.bing.com	11 KB
4	google.com www.google.com adservice.google.com	2 KB
4	stackadapt.com tags.srv.stackadapt.com	6 KB
4	ensighten.com nexus.ensighten.com	11 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
2	adsrvr.org 1 redirects insight.adsrvr.org	407 B
2	google.de www.google.de adservice.google.de	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	cloudflare.com cdnjs.cloudflare.com	34 KB
1	googletagservices.com www.googletagservices.com	37 KB
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	662 B
1	choozle.com cs.choozle.com	123 B
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	facebook.com www.facebook.com	295 B
118	21

	Domain	Requested by
32	www.globalair.com	8 redirects www.globalair.com static.cloudflareinsights.com
20	s0.2mdn.net	www.globalair.com s0.2mdn.net
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.globalair.com bid.g.doubleclick.net 7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com www.googletagservices.com
8	dt.adsafeprotected.com	7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.globalair.com googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	bat.bing.com	www.globalair.com bat.bing.com
4	tags.srv.stackadapt.com	www.globalair.com tags.srv.stackadapt.com
4	nexus.ensighten.com	www.globalair.com nexus.ensighten.com
4	securepubads.g.doubleclick.net	www.globalair.com securepubads.g.doubleclick.net
3	static.adsafeprotected.com	pixel.adsafeprotected.com 7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	www.globalair.com tpc.googlesyndication.com
2	googleads4.g.doubleclick.net	www.globalair.com
2	pixel.adsafeprotected.com	1 redirects www.globalair.com
2	googleads.g.doubleclick.net	www.globalair.com
2	7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net
2	resources.globalair.com	www.globalair.com
2	www.google-analytics.com	www.globalair.com www.google-analytics.com
1	cdnjs.cloudflare.com	s0.2mdn.net
1	www.googletagservices.com	www.globalair.com
1	bid.g.doubleclick.net	www.globalair.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	d1eoo1tco6rr5e.cloudfront.net	nexus.ensighten.com
1	cs.choozle.com	www.globalair.com
1	www.google.de	www.globalair.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.cloudflareinsights.com	www.globalair.com
1	cdn.jsdelivr.net	www.globalair.com
1	www.facebook.com	www.globalair.com
118	33

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.pinterest.com
www.linkedin.com
www.airportfuelprices.com
hosting.globalair.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-27` - `2022-06-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-14` - `2022-10-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-07` - `2021-12-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.srv.stackadapt.com Amazon	`2021-11-09` - `2022-12-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.choozle.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-21` - `2022-05-21`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.globalair.com/login.aspx
Frame ID: 104A80CC4ED282A2BBB91E02FE1238CC
Requests: 56 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/b32nw3l/0oc7t4u/iframe
Frame ID: 7F517123278EF744A19D244FC7B1B831
Requests: 2 HTTP requests in this frame

Frame: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6DD5C34D646B776D4D1BFE705ABC13AD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F615834E9AE31F771F14F0631D2441D2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4CE38A19FCE833306DCE35670989D69F
Requests: 2 HTTP requests in this frame

Frame: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D0F6D9AEF6B5C78FF8FD156CD36154B7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY7LXpmQEwAQ&v=APEucNWGkJAzUuW0jvRtWLsQMbMxqRfHzgLpRYVbSmVen_UDtnJcUSGwOQ_gAyXj-ZmfHPeOJY0vjswtK9_9s0uO7EhnGUx5-MkcgwSDbzFvRZt0GbBjLYSvPXwPrkGM0gVVXrS22Dmh7mfsJruAKEqUa68M3316yTGQT7I_Hxk3BXOqe-TNJAE
Frame ID: BC17782986221C5E2500C8FE75E85B4F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ds6HErlMVGOe57nk__molbfR9zHgm2SD_NAUvSRiyi6tqwIftVaOQe0GM4ilC0vec3hqEB2ttuuT2tntVYMTuILtToqD3h74ze2zYxeLMdBcH_sSe6UczfoINEopz0VHctm1t_vV_qirNK0weMbAO58Tm2vA&dbm_d=AKAmf-DA32Vd2Z2q5sEiFV3kSibyTSvwg1Eo9kqM79tIrGcu73m7suDAuRMuFgF9CM2Btko_rZjeBhoALFlLUleXFHJQ0rdc8lfKmGZrmYaEhppOfKgBobUCuLgbHz-obhhq5Thcy934ni_03TYWT1_wlbLXiwSNqStE01PHWFPFYU6Oh_OoLif3XehkicRa39-eFUaYkvh6ker98j3G1sWS7sESiidhezSzZPQpX4rvWDcVtbvFKFaeXSmpNK954uBn7KM9A0fsoTe3Pc0Sdi9QD_0MdneYN8ds3XSQAoPsYzFaI7N5hj9HfI2bRts2F87vtDt5DXvblNtjyLZhsoA8cBuP1E3qNP_f_OkMGACV2HR7wuhjtdsDL_KbMyswIIFLYpGtrg38PoAOnSCE9SlB4lYhBonnZEivGKMcH0gDuq8lOG2xrX_6of5kBUf9SplSJjOuoQEcQFjCvmxbRdEA_lPWi2YBi14b4Wmsq1BISNd3xibWHVVDv1uixQhcPQBioLb-4bjhc03U97wPeBw0AOXSAbtvKA6LCCA0-DrQSEMWkJ_sPCii2nzPHxGrGzgIDky2OYy3VIwxBHzh-3dUeLvToTJBuyoTTNbxdcbVEUnZZABGXjPq6zJZtksewdKRsP3zdN-DBHVq9SfVY7p7NbsMWsO8dbAqOKxkKjJY2T9iFbvz7DqnhXD0f5KvnyHvYTCt4yr6Z7Lv_EvhRyJwleXOxaBhHM0RZkmP_fZABwg7ooMSDyZlsTk7zRNV4bUhH9hPdyLQ8athJZq2kyGAxJrg5RlAKbJcGU2cccjL50dRKY6AZJALfKC_MEOvNCxcghNcpIDDNgkzhPL59vQbimNHL5Jt2coBpsktpvLPJkYcdJXBJ_cgku3qHiyvrVtNRSXRH3FV5Dm0ZfCVap7VVDAMWJBR-GLnycb_C--ubErprr6DbKyxO-LlfH3aTmmjbP1iAgGFNj2LYqOxRFzlGfID6-8oqYdguZbj5lyWXWI8-zhGkHEIUMN5ksEjwicG7mgXt5Rk8gJRxsvWMhmcc0vthMBACyA-xCP1ySaxvQRMFOIjiOY0VCmccdtCfasjk8x6v-DfXrgVj5cv8jQTG3fQ4w3TyAy4O73kL5E6JKoY4YU8py5CnwzVhdylu-29AA0mmdxgoXMbUaVpz8c1Ujj4grd5hzvg8EnC9alMuXf449wuDdjxXE_X5TFrfRqftqYtm6EjCZw99JkHOar8R2RASqGx1zcnmqDKOhHcsoN_ErqRZ07ZGp0lHTMBiBnDNySefcI7GXBfPEvKyn7TuHRMJMQCufQ0qddEK3iwjlfz2Evry6TwxREU-Djf4hdDMZ9WGOGRIz6hVVJPMwu314eRLbiWNwci-hPHVRGHHszH5kM3QrJcEVxodCXJRloWxFOqfgOcShe-sxHmNBvXVljQf8MOy7fCNYm0rRXKC3oTaw1SDF0GHqVKm21Il78cC6qxMh5cc468FBinTchhRvbu4wQac2Fl-YPwfKxkfebzV9MCbmKncYgUS2LcifrNgsyHllsSAXa9DPm0ki-3AvsYzhZTmEMJfT-iUVlvvPodbpGgBsjfEXye1vrhUPyYV8qyqAO3uoSowDKssJ2zRMA-HnmMGbS_WQ9nPsWcdYPxTOJyT-2lBt3B7D1y6rS_Uv4Z_CQfItg5-gXnNFAPwQZmpRMuEFfF7fUtCLtNa5rUSVH_asAAzCAe2DQF8QLPGYyfWHgrNiDOVuQvXoivnBDYAncX4_jQnt35lRHZE8EQKwTnSDgyE2FW5GHLmLegaUrMwRRYjymh7A0gDni7xBx7UJEyAJLB77oGlM-mDQtTm3ZMUT0mjPD2OyUP6WKrnvxNB4Huaf-xC2GO2m_Fn6tTZBk3wB3jPclz0tlyo6VTk1XKX25WnHht9Ox72e-R1iuYCjF0ZC127_86DKJDVhOMaFFj-JSoM-tyKa9CpjrVu7MkcQFHXGXXnQlLx6oZCxoMF4yKCY25iJE0TJ09nKkeyWVH4Vjq8YLGHVOYsfi7owfXAY7GNyCl8e2I1kYB2e9lHvjlRIoWYu9SsNtKg4pTVBkd8E2PAankrQxHSjoAIKRAe6ewLTyBsFEHfJotwbvX3z4cQpc_C5qL_cgvwcqna0AQi-4Z1T1jx6hB_U89LjNSFw8nPW4T2afqaG8kmWaNWmducytI3I7xMB63qK9bZtknZb7y3V9LDOVxgdHA83fWz4Evh6KzqtAn_PpcGWN_5OL3vza7mLQcghYNgGukDS9wupv132b3Hc_z2LEUffjzNLZmYcAi0fxmQ0ZjyWdyyfHQZjbAHlatQ3zeStcHvwfnPsQjJ1o9veDr-cgwYjeVugEzj0P-bw6__qhX6uGVpUEJYvWpagmJaVwGXyd-V9OT50pW0mgHzuLRnljrGfPPNbmbW8XZdgbm3RBBKpVh7UYmwnwqZKDBSmKSxwFFYW53Ru65O1G7yii54L3kN30gjhM61r6A9HsWBdsSA_ZcQm1RNT-k3m3x41KtiOrweKWejLFHAojHJF0jfIS49E7BGpSS6Rb6ukpQ1xMi9hW40pmWX75gF4TK45AeQiCh_eJY8Q&cid=CAASFeRozgz4lLhLMsyCPNNqGHN7HNznXA&rfl=2%2Chttps%253A%252F%252Fwww.globalair.com%252F%240
Frame ID: 3A3DB71206517FE7A6D9539DBA8A2862
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2DBA607C47B762DACE43E9C9216B868C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9857207275611410272/index.html
Frame ID: 1DDCF95C9144F3A17EC37A46C1EBC37C
Requests: 20 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 38DD3DCB69AC5C5C817DCA287DC829C2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login | GlobalAir.com

Page Statistics

118
Requests

89 %
HTTPS

58 %
IPv6

21
Domains

33
Subdomains

32
IPs

5
Countries

1751 kB
Transfer

4067 kB
Size

21
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/GlobalAir/

Search URL Search Domain Scan URL

URL: https://twitter.com/globalair

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/Globalair/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/globalair.com

Search URL Search Domain Scan URL

URL: https://www.airportfuelprices.com/
Title: Max-Trax

Search URL Search Domain Scan URL

URL: https://hosting.globalair.com/
Title: Hosting

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://www.globalair.com/webfonts/fa-brands-400.woff2 HTTP 302
https://www.globalair.com/Home/

Request Chain 20

https://www.globalair.com/webfonts/fa-solid-900.woff2 HTTP 302
https://www.globalair.com/Home/

Request Chain 33

https://www.globalair.com/banmanpro/ad.aspx?ZoneID=85&Task=Get&Mode=HTML&SiteID=1&PageID=1 HTTP 302
https://resources.globalair.com/images/banmanpro/mission_aviation/MAF-globalAir-PMweb.jpg?w=300

Request Chain 34

https://www.globalair.com/banmanpro/ad.aspx?ZoneID=86&Task=Get&Mode=HTML&SiteID=1&PageID=1 HTTP 302
https://resources.globalair.com/images/banmanpro/nbaa/2022/lc2022_sd_300x300_final.png

Request Chain 44

https://insight.adsrvr.org/tags/b32nw3l/0oc7t4u/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/b32nw3l/0oc7t4u/iframe

Request Chain 46

https://www.globalair.com/webfonts/fa-brands-400.woff HTTP 302
https://www.globalair.com/Home/

Request Chain 47

https://www.globalair.com/webfonts/fa-solid-900.woff HTTP 302
https://www.globalair.com/Home/

Request Chain 48

https://www.globalair.com/webfonts/fa-brands-400.ttf HTTP 302
https://www.globalair.com/Home/

Request Chain 49

https://www.globalair.com/webfonts/fa-solid-900.ttf HTTP 302
https://www.globalair.com/Home/

Request Chain 72

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFrVyiZbQ-SqlPstqG6cnmQ&google_cver=1

Request Chain 73

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaTuMTuyS9ddwLa3gL7rzQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnLnCWd8F24W3Xpr5KFgB8&google_cver=1

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ0CDeSH1rd3u5DkXlCV8l0&google_cver=1

Request Chain 75

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcxMDMwNDE4OTY0MDI1ODc5Nw%3D%3D

Request Chain 87

https://pixel.adsafeprotected.com/rfw/st/551864/51534907/skeleton.js?adsafe_url=https%3A%2F%2Fwww.globalair.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.globalair.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=bd&adsafe_jsinfo=,id:ad16e271-4b8d-2328-7e3f-6a1abd4f02ac,c:vmYzDY,sl:na,em:true,fr:false,thd:1,mn:app05ie,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:163,fm:sQanm9V+11%7C12%7C13%7C141*.551864-51534907%7C1411%7C1412%7C1413,idMap:141*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:179,oid:f7041669-5126-11ec-9aa8-02bf2b86cc68,v:19.8.270,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

118 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login.aspx Show response
www.globalair.com/ 29 KB
9 KB 616ms
592ms Document
text/html 2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.globalair.com/login.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1025ba418e3ffeb16d9a8083aa23e3df605fdbd241749230e8038cd6d0a8eb92

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 29 Nov 2021 15:13:48 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSFUq%2BUIlY9WnNwvjrwrxrqbg%2BYL%2FAoBIL1dziJCjq4LNmMdNxhnwivjUtlFKe%2B7N197gKzGxoOhYG%2F397aHkAsmZf%2BxRu9Rf65KU48poNAx3zJi9nmuZ%2BekF2tJPFwTVb7B8jtDjAZY1XPM3wzh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b5cc8336c894e55-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 57ms
20ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.globalair.com
URL: https://www.globalair.com/login.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1058 / 263 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 29 Nov 2021 15:13:48 GMT

GET
H2 200 pages
www.globalair.com/styles/ 112 KB
21 KB 610ms
609ms Stylesheet
text/css 2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.globalair.com/styles/pages?v=uLb9CiZILwzIzfFnMTAc6mI2dv2DWspCXjnPGrAQ-Z81
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffd895321f489aec78010b27641c97572c2766f3f3f5677ce2304fb6c8f83d9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 29 Nov 2021 15:13:16 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUikCmZh7hdW08zmOvf%2Fn8a%2B9Cb1e1BGwrZX8mTqzmYvfTTKh76TjYADxC8bswSJcu1B9l2LmEwgT%2BMjkEgasm2UimsS7VmudeOeNfjkQX3sZyocLCUqn%2F3LoTskE%2Bdx5qDGq0u%2FpWvhrrwitF4X"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b5cc837cf124e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 29 Nov 2022 15:13:16 GMT

GET
H2 200 all.min.css
www.globalair.com/Content/ 58 KB
13 KB 26ms
25ms Stylesheet
text/css 2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.globalair.com/Content/all.min.css
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5e38de32d149f2263d86a25f0db6e63418e296f5c42f004f1ad157b5062db96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Sep 2021 10:33:30 GMT
server: cloudflare
age: 5717769
etag: W/"0b9d09d2fb1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8FG0D8ojbmOst2rD9%2B%2BD8abGuKOFx48CW1QYdUbZCfCdYSd%2B70V810KyNtIk%2F73goDaCScSihVDLNHg%2BpZ2E6mA6w9Z3nP%2BmRq1H7au5PTtxyE0RGpX451tzm3BzicSfyxM5qmbURjVXcb%2BCNA2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b5cc837cf174e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 WebResource.axd Show response
www.globalair.com/ 23 KB
5 KB 604ms
604ms Script
application/x-javascript 2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.globalair.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZCjogkmSUqWcltNjf8THvDVcmMCS2F7fk-f5jaRc-CEwQ0XtUUEu3V3l34gkH-8YXg2&t=637453888754849868
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 05 Jan 2021 01:27:55 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0EkFGc9u2gOlB8TjsVv9mJ2NyeaOp19NeUEabUjS%2F0e2gadqtULmeG3aKUdExXSxcJvFJmZlS90k4L4UMFxPXVSBs7Lgs%2BJs0Tofwjb6pELBHWeHUZHdMue51hpNNIS1L1bYeCE820hj0ueH18a"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b5cc837cf1a4e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 29 Nov 2022 14:24:43 GMT

GET
H2 200 typewriter-icon.jpg
www.globalair.com/myflightdept/images/ 2 KB
2 KB 26ms
24ms Image
image/jpeg 2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.globalair.com/myflightdept/images/typewriter-icon.jpg
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fb5a7b980e2472fba5a65a97fb3c2682ae613563f806d8835c27a6ccc55ea61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 94379
cf-polished: origSize=1805, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1614
last-modified: Wed, 24 Nov 2021 08:41:02 GMT
server: cloudflare
etag: "063e42fe1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOUL2Ths31wAmbUgsP%2BtoxXreHxM3j7DH0vzG4EXaFIYStAqJbu2cg%2BHBIqhoIRaeUvRCWngJHzCbN1naCIv9QmQG6ZcNQcXNF5HahT%2FBJVA9JCSivJOdfSTR1hA5Yy2r%2FNkKA86C1BTpumr9MeU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b5cc837df284e55-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 logbook.gif
www.globalair.com/myflightdept/images/ 2 KB
2 KB 25ms
23ms Image
image/webp 2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.globalair.com/myflightdept/images/logbook.gif
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d417bff7c8b4ac044ced56bb199ebc344d2a33b514aaff9704e72e0b79a97ace

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 94379
cf-polished: origFmt=gif, origSize=3441
content-disposition: inline; filename="logbook.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1848
last-modified: Wed, 24 Nov 2021 08:41:02 GMT
server: cloudflare
etag: "063e42fe1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3Ctvjjvr7E8IcNpC8qztIE6b4EclZvy6hKqf8CexOiBbjfnpJUhUySW8e31wMgPFOrqDpBE4HafGjOUl9FRImxRcWFx1%2B%2FUF9oVCa0DoiYzwZMa8et4AmYWOXq3kXwFWx4wvFmqXQ75QkF%2BHRJd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b5cc837df2c4e55-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 abuyer.gif
www.globalair.com/myflightdept/images/ 832 B
1 KB 22ms
21ms Image
image/webp 2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.globalair.com/myflightdept/images/abuyer.gif
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67291c9420e7fd0b3093bb7d0e375a847e33b7232cddb7773504b1782074fb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 94379
cf-polished: origFmt=gif, origSize=942
content-disposition: inline; filename="abuyer.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 832
last-modified: Wed, 24 Nov 2021 08:41:02 GMT
server: cloudflare
etag: "063e42fe1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5WZi3%2BfAG6t1japr77uvDApsUZ%2BsrVG3yVc3rpdg9YLVnR6DwcIleqrOIWO46f51VPBd2MiHqFM7ck%2F8CdV8j%2BiU%2FUCltsZz9fxHHqfqtLAJjTk0M3gXiQniIqDJsibNlPsvKG9m4fEheYKurzy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b5cc837df2f4e55-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Aircraft4sale_icon.jpg
www.globalair.com/myflightdept/images/ 2 KB
2 KB 32ms
30ms Image
image/webp 2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.globalair.com/myflightdept/images/Aircraft4sale_icon.jpg
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e05f728c64584f7c1e759573e6f2d6fe83166642899a4e9056c4a51e68a8de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 94379
cf-polished: origFmt=jpeg, origSize=1923
content-disposition: inline; filename="Aircraft4sale_icon.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1574
last-modified: Wed, 24 Nov 2021 08:41:02 GMT
server: cloudflare
etag: "063e42fe1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BRE%2FfDFWgVRC%2FtYsZ6lIsJvzWPw%2F9Nf6xKvBTsaXs7B83sL0csI8MY%2Bk9fndvNC2BAR7FtAHes%2F5P8AeN3St84YU6LpXb8%2BacSMUQ7mV%2BI4UZ4ml2cZd%2FGFv3QtoYNZeA%2FCCCQczYls8scJP3xN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b5cc837df334e55-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 faa_icon.jpg
www.globalair.com/myflightdept/images/ 1 KB
2 KB 26ms
25ms Image
image/jpeg 2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.globalair.com/myflightdept/images/faa_icon.jpg
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c41cb16b5c9fe9f5e162464fa3389c28d27b2271b2caf044be9b289cedea7ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 94379
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1393
last-modified: Wed, 24 Nov 2021 08:41:02 GMT
server: cloudflare
etag: "063e42fe1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHQNMuCKsQqh0QCK86ibFXyNHqR48v1oAxidbz6gWa5Ju5OvcR8wK8LqwxEKlTXz5MrH%2BCVJyEfLylPYmqej8fZ6yPnaOeLaLSCJFMExu%2FKwdH8cmzQAM7kjkgoOcs2pS00Gfbq%2BFG8F5ZcwYKGK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b5cc837df364e55-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 faasearch.gif
www.globalair.com/myflightdept/images/ 866 B
1 KB 35ms
33ms Image
image/webp 2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.globalair.com/myflightdept/images/faasearch.gif
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cfafb636322ff1b587e19e1e13420c3ccdf6c011ce747dbb8b75accb8f720be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 94379
cf-polished: origFmt=gif, origSize=939
content-disposition: inline; filename="faasearch.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 866
last-modified: Wed, 24 Nov 2021 08:41:02 GMT
server: cloudflare
etag: "063e42fe1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKo%2BQGhV%2F9qLFan4YLcWcLp3Zkjd9%2FSOPQtyHSP6ayhWlDirNtcdlTfojFF3xOO2caUydBsdZZBa3%2FJh0ONBZSvIygVdzHtShenc8oTrkjO%2B9NbCDwaVyzw0CbDeQuYxwgZd12oR4azAnXa2kb53"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b5cc837df384e55-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 pages Show response
www.globalair.com/scripts/ 118 KB
43 KB 601ms
600ms Script
text/javascript 2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.globalair.com/scripts/pages?v=bRWb2_AEKw_gfV8TFXL1F1wXdrkxmrnKWN-MK35489U1
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcf8413387406046442515b6e6b540ea502885fe58e4c9ea5e12969c267929e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 29 Nov 2021 15:13:16 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iR%2BcV%2FqlYeYGRZ1n8JSsAC80KsrCcXhIiVNpBhJg%2FaYlf4ZSkjzaBNtTUK16oSf6jZX8fexVFhc3wh8IJiev78P5NgZs%2B5y2kcd4DfzGQSOrIRtdi1Vj1C%2FOhyqgAHGQcgBZQi4ZExcbJR16kodX"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b5cc837df224e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 29 Nov 2022 15:13:16 GMT

GET
H2 200 appUi-custom Show response
www.globalair.com/scripts/ 8 KB
3 KB 601ms
600ms Script
text/javascript 2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.globalair.com/scripts/appUi-custom?v=T8kF_wPXW4SpfJpO9_muNze6MJx_Kz-6ti3F3NxfWCA1
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03ff04d63b99324926c987dc3f5755a6ac8b15ecc4acf70bb5b6140570fc377c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 29 Nov 2021 15:13:16 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FAotdJ9HIjnfz5SgifYAHcB%2FGZYqgIinAue%2BNAKGlrgjb1qb15ZGJVVWr6QyBF%2BPke7FAa3Y4y2KVjeOs2WLZ84hMTr2Mg3ATTnrbj1poGVXlF87B8Gh%2Ff2z%2FNDrj8cQMhgwhkv4fwIE513aPL6"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b5cc837df3b4e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 29 Nov 2022 15:13:16 GMT

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/choozle/9288/ 29 KB
9 KB 38ms
9ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/9288/Bootstrap.js
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 21399ec3560a803e2128e26cd66a20f3bc0493acbb2f56affe147bc8bcef5208

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:48 GMT
content-encoding: gzip
last-modified: Sat, 16 Jan 2021 00:53:21 GMT
server: nginx
etag: W/"60023901-72aa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

GET
H2 200 all.min.js Show response
www.globalair.com/scripts/ 1 MB
426 KB 46ms
45ms Script
application/javascript 2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.globalair.com/scripts/all.min.js
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbb4ea560b210d27305bac03822af1ecd2e40a25ab9be5bd2dcd3feacd03563b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Sep 2021 10:33:34 GMT
server: cloudflare
age: 5717769
etag: W/"01333a02fb1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2F0U4jIlxrIqLm7YIc7mFL1KrjH8ZwPyjGcAygyiWF8alqQuKMVDxVFyKyacbovLsB3hYtn0hEFlexh0WBK6Zo9wR3HFrVpS7aqZ%2BPZbBamG8n6KtArbJrAQzEeUy9LP6VRhzmy81Eznkfyf34YY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b5cc837df264e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 tr
www.facebook.com/ 44 B
295 B 24ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=128491507700639&ev=PageView&noscript=1

Requested by

Host: www.globalair.com
URL: https://www.globalair.com/login.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 29 Nov 2021 15:13:48 GMT

GET
H2 200 js.cookie.min.js Show response
cdn.jsdelivr.net/npm/js-cookie@rc/dist/ 2 KB
1 KB 36ms
18ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-cookie@rc/dist/js.cookie.min.js

Requested by

Host: www.globalair.com
URL: https://www.globalair.com/login.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2b92ba8d4314393d3c729cf94c12b65a1db2a41fb676b252f060f8eafdd2efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23148
x-jsd-version: 3.0.0-rc.4
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19164-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"695-pXILqyxk6ej3gkrdagCqNfKaZZQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6b5cc837ee956943-FRA

GET
H2 200 v64f9daad31f64f81be21cbef6184a5e31634941392597 Show response
static.cloudflareinsights.com/beacon.min.js/ 13 KB
5 KB 69ms
51ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6

Request headers

Referer: https://www.globalair.com/
Origin: https://www.globalair.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:48 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.10.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6b5cc837e9691e47-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.globalair.com
URL: https://www.globalair.com/login.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5925
date: Mon, 29 Nov 2021 13:35:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 29 Nov 2021 15:35:03 GMT

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 13 KB
5 KB 431ms
106ms Script
text/javascript 3.224.186.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.186.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-186-28.compute-1.amazonaws.com
Software: /
Resource Hash: cd5b499584d715336281f7b89296e37987ccb6112dee9aef6152d5a7b47d8603

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 29 Nov 2021 15:13:49 GMT
Content-Encoding: gzip
Cache-Control: max-age=30
Content-Length: 4439
Connection: keep-alive
Content-Type: text/javascript

GET
H3

200

/
www.globalair.com/Home/
Redirect Chain

https://www.globalair.com/webfonts/fa-brands-400.woff2
https://www.globalair.com/Home/

66 KB
16 KB

746ms
746ms

Font
text/html

2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.globalair.com/Home/
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/Content/all.min.css
Protocol: H3
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c215b57646bd7737bfef840db766eac86d0429d94e3965e355d9c6ee26efc7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/Content/all.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-aspnet-version: 4.0.30319
date: Mon, 29 Nov 2021 15:13:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnetmvc-version: 5.2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gF8AdACzOZck%2BUpjiA3qoUK8zgvRlutlreW9UkyD8FOJOMvLqm3biasQhQTx%2Bsd9BsG0WF%2BjyROTFshuSaADVIDdzlcM4th9u2jmtbpKf3jip22moXpoVYSJSCSW7BC8wFKXzKHgyRt2wKn0GvVU"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 6b5cc83bd8d3dfcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Mon, 29 Nov 2021 15:13:49 GMT
x-aspnetmvc-version: 5.2
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCJdyPnRREe7ddVKAFQKz0MzejfTYgBf1RrpRffDL3JY69egNCdPzCyR40awM0Zyq63Dh10cNk%2FI7EFbfL%2B2qkPQ%2BWZEiM0kHZihI1fAVF1Bzi6Ss%2BHHCm2pZVItv2h%2BOZdbuMa18JK3SHXEnI6v"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /Home/
cf-cache-status: BYPASS
cache-control: private
cf-ray: 6b5cc8381af2dfcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

200

/
www.globalair.com/Home/
Redirect Chain

https://www.globalair.com/webfonts/fa-solid-900.woff2
https://www.globalair.com/Home/

66 KB
16 KB

764ms
763ms

Font
text/html

2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.globalair.com/Home/
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/Content/all.min.css
Protocol: H3
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f561ae85f27afb9f53f6d5156c5aef8a2ec2e3eb8f6388cefa1e055b588a55d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/Content/all.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-aspnet-version: 4.0.30319
date: Mon, 29 Nov 2021 15:13:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnetmvc-version: 5.2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0h4chIOUxZ7qnjqH01pGDUz5wJ%2FyQmZE%2FXSqB69lDCNA2O4m5g6%2FdVVYWjSP1lch7uLvc69cpTrqk85dJtaImn%2BoqQEQgL6xVg9lAt3uVNiVBLQj8KIOPTxOxaNtsGnCQALV1GvtD%2Fpqg1U%2FkpV"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 6b5cc83bd8e0dfcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Mon, 29 Nov 2021 15:13:49 GMT
x-aspnetmvc-version: 5.2
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGe7VP38aXA7lWBHEB0uKvqhPDrYEjVCCDmLZG6%2BhF23J0sPZEI00B1Tc767PZq98wWJzKjL0kexiEcuYxGwiJU8nsnD0alIVIUmvouyIwlfLJtpi1l9XDrMvI248jdbtJE6irRdT5GajWpMH09g"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /Home/
cf-cache-status: BYPASS
cache-control: private
cf-ray: 6b5cc8381af4dfcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 27ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1990638465&t=pageview&_s=1&dl=https%3A%2F%2Fwww.globalair.com%2Flogin.aspx&ul=en-us&de=UTF-8&dt=Login%20%7C%20GlobalAir.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1239033918&gjid=521740097&cid=529333187.1638198829&tid=UA-204701-2&_gid=673204087.1638198829&_r=1&_slc=1&z=1303691169

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.globalair.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.globalair.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 28ms
14ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 29 Nov 2021 15:13:48 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 94 B
113 B 30ms
16ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.globalair.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

4808e3f356e5c14e1ea25732fc7495d9120c22e741bbf22578b8130abeab5d0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 15:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88
x-xss-protection: 0
expires: Mon, 29 Nov 2021 15:13:48 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 46ms
15ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-204701-2&cid=529333187.1638198829&jid=1239033918&gjid=521740097&_gid=673204087.1638198829&_u=IEBAAAAAAAAAAC~&z=1299784759

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.globalair.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 29 Nov 2021 15:13:48 GMT
content-type: text/plain
access-control-allow-origin: https://www.globalair.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 53ms
30ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-204701-2&cid=529333187.1638198829&jid=1239033918&_u=IEBAAAAAAAAAAC~&z=434743447

Requested by

Host: www.globalair.com
URL: https://www.globalair.com/login.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 54ms
32ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-204701-2&cid=529333187.1638198829&jid=1239033918&_u=IEBAAAAAAAAAAC~&z=434743447

Requested by

Host: www.globalair.com
URL: https://www.globalair.com/login.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 65 B
292 B 106ms
106ms Stylesheet
text/css 3.224.186.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.186.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-186-28.compute-1.amazonaws.com
Software: /
Resource Hash: ad63f4d23538d5e5dd5c741a1ae8f6360d8435321add99709ffa5b54855b01e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 29 Nov 2021 15:13:49 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 423ms
108ms Fetch
image/jpeg 3.224.186.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.186.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-186-28.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 29 Nov 2021 15:13:49 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H3 200 formbg.gif
www.globalair.com/images/ 100 B
771 B 28ms
28ms Image
image/webp 2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.globalair.com/images/formbg.gif
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c9aa98c893aa4cdf9ccc372b35ae0624a215fe43491cdc9c08f9382f5e8b5e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136352
cf-polished: origFmt=gif, origSize=307
content-disposition: inline; filename="formbg.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 100
last-modified: Wed, 24 Nov 2021 08:41:02 GMT
server: cloudflare
etag: "063e42fe1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBVEM1qBeZe1ST5Ne8ZiE03xstHkzLKybPVbUhOS6uJLqggvTSazEUp7STn8Ux7UJ%2FhOvXvgLuTXY9OYNsz%2BKxykeuHmH6WZMMVKTdK%2FkM1SU9IlDgSBPy8i8kILr7%2FQg6OQnXMSr6Gvy7A%2FN43o"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b5cc83c89dfdfcb-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 52ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9223e6eb171099c0a8d26458e61a9219ebacc0107853337cac5a69dd821d819b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:49 GMT
content-encoding: gzip
last-modified: Sat, 13 Nov 2021 03:55:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 43C09D039B154955AE7EC378989A3E24 Ref B: FRAEDGE1406 Ref C: 2021-11-29T15:13:49Z
etag: "80dc6f5342d8d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10442

GET
H3 200 fas.ttf
www.globalair.com/fonts/ 13 KB
14 KB 38ms
38ms Font
application/octet-stream 2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.globalair.com/fonts/fas.ttf?dyl7wv
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/styles/pages?v=uLb9CiZILwzIzfFnMTAc6mI2dv2DWspCXjnPGrAQ-Z81
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32c31de1451ba73b0186bbe8ebaf3ca19e53f873e771caf9218a7e223f90fd8d

Request headers

Referer: https://www.globalair.com/styles/pages?v=uLb9CiZILwzIzfFnMTAc6mI2dv2DWspCXjnPGrAQ-Z81
Origin: https://www.globalair.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6696372
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13368
last-modified: Fri, 10 Sep 2021 10:29:48 GMT
server: cloudflare
etag: "0b6b5c72ea6d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tlpZa26Q96s9yUVHJRe90zRwTi7q2WrW84%2Bi7asx34gFrkGdOTakRihL3vKqAhyX4QeZPojQgxcnW7390QYg3ulbfgMqDbInMNx%2FBoI1PJ7L8JvQIQMd7WJ%2B5u5Z4xPXyhUPypPFyc6Z3RdmVMxQ"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b5cc83d0ab9dfcb-FRA

GET
H3 200 galogo1.png
www.globalair.com/images/ 16 KB
17 KB 51ms
51ms Image
image/webp 2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.globalair.com/images/galogo1.png?123
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c09d7e762d7eff232946ab300e80df7adbba4582e60187315438d3e93164816

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 591378
cf-polished: origFmt=png, origSize=21869
content-disposition: inline; filename="galogo1.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16628
last-modified: Tue, 16 Nov 2021 09:04:28 GMT
server: cloudflare
etag: "0f6a0f5c8dad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5AfS4NE6OZ7fEGv1AuQZYxDpmgRKaR6Q1j9oh%2BY3yOT4Fzv727Qx4iUEsu7DPiGUndnx2qsEI2NOiT%2BPQTQr4diuaJVS4DLPXnzl7Mle9uR3PxIiY82fnehVhDgwEzqHQtCqnZJpusBjwdSdcsQ%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b5cc83d4b5edfcb-FRA
cf-bgj: imgq:100,h2pri

GET
H2

200

MAF-globalAir-PMweb.jpg
resources.globalair.com/images/banmanpro/mission_aviation/
Redirect Chain

https://www.globalair.com/banmanpro/ad.aspx?ZoneID=85&Task=Get&Mode=HTML&SiteID=1&PageID=1
https://resources.globalair.com/images/banmanpro/mission_aviation/MAF-globalAir-PMweb.jpg?w=300

26 KB
27 KB

30ms
23ms

Image
image/jpeg

2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.globalair.com/images/banmanpro/mission_aviation/MAF-globalAir-PMweb.jpg?w=300
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ada4fdceafe0508396cbf69c96b9360f6d868ed6ceef011bd72c86bdb8f602e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3387
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26987
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: av4nBgR0MjUDEaHGzn8fDkdK_sig3aNPfoTc_9V-Vqs
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVsjVmV8ZUfDxEEqWRfTXSMe%2FPEZD5cy8%2B63PeIY%2FSxxHTJACWUFpYgiBubOsy9DviUDErT83HBmGZRohhjaEqzXt2Pl50QbPQQgw90Af29TcvhmEdRtmehfmLPQGZBc%2BQerCY%2FdcGutPJfPA5MeAsg8xzoq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 6b5cc8418d564e55-FRA

Redirect headers

date: Mon, 29 Nov 2021 15:13:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZlQVt6EPT4ZDVGJ2sgTPwmw9ggHLePczRNhQXzEEUkbMyNaUWoRM8Aqly5HEijYcR0fiqcKUFGFolkRarhQ3s2mzYqxR325KUFRYRoSQyc76Rs%2Bp%2FtolU0tKE7GL0S6AqRFY5oObo%2FXgtgb8Qr4i"}],"group":"cf-nel","max_age":604800}
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
location: https://resources.globalair.com/images/banmanpro/mission_aviation/MAF-globalAir-PMweb.jpg?w=300
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: private
cf-ray: 6b5cc83d4b65dfcb-FRA
content-type: text/html; charset=utf-8

GET
H2

200

lc2022_sd_300x300_final.png
resources.globalair.com/images/banmanpro/nbaa/2022/
Redirect Chain

https://www.globalair.com/banmanpro/ad.aspx?ZoneID=86&Task=Get&Mode=HTML&SiteID=1&PageID=1
https://resources.globalair.com/images/banmanpro/nbaa/2022/lc2022_sd_300x300_final.png

67 KB
68 KB

42ms
32ms

Image
image/webp

2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.globalair.com/images/banmanpro/nbaa/2022/lc2022_sd_300x300_final.png
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cca8f581d1e4a15d022a50e6b1c67b0759a109fd91b7f2907565800430ec9319

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 584184
cf-polished: origFmt=png, origSize=84462
content-disposition: inline; filename="lc2022_sd_300x300_final.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 68912
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: Tq-rjXWaWU_m5Xib5EmHurv0Wfh7OXlFcPdsTGe8LwY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=At%2ByvGDngofIs8kBqjVn%2Fq10qe%2FHrwZj6HphIY0vwZi9v%2Feg9e2%2Bz0a3QVydM%2B0rwVJE5BuqC6Zif9xdsM5fCiTotKVV3QIo%2FDg7FpMraXZh%2FHx%2BdJMJzOrTR%2FBogF2taDir8C44lxmDFZEFrLgEOdfQnA%2BN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 6b5cc8418d584e55-FRA

Redirect headers

date: Mon, 29 Nov 2021 15:13:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxWYn1bshdpCpVhmuZT%2F9HWezjpVrUrweSUK5gs8VzRoGi0yN7s4fSmLeEaPTZwLmJE%2FvN5gZH%2FRnVGbhPZbTrx4Dh73er0RiiPZ%2BBJnAOiH4Q6m0BLtARexQULZgRKO2l%2B8em4cZxBtGAiuqJt3"}],"group":"cf-nel","max_age":604800}
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
location: https://resources.globalair.com/images/banmanpro/nbaa/2022/lc2022_sd_300x300_final.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: private
cf-ray: 6b5cc83d4b69dfcb-FRA
content-type: text/html; charset=utf-8

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/choozle/9288/ 399 B
541 B 19ms
19ms Script
text/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/9288/serverComponent.php?r=94330824.51624753&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/9288/code/&publishedOn=Sat%20Jan%2016%2000:45:40%20GMT%202021&ClientID=923&PageID=https%3A%2F%2Fwww.globalair.com%2Flogin.aspx
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/9288/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f86cdded014adca6878b18e675bd917a9443c92e15e8f82e36ee2cebd8c22dbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:49 GMT
cache-control: no-cache, no-store
server: nginx
content-type: text/javascript
content-length: 399
expires: Mon, 29 Nov 2021 15:13:48 GMT

GET
H2 204 17467723.js Show response
bat.bing.com/p/action/ 0
94 B 150ms
149ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/17467723.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 29 Nov 2021 15:13:49 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8743963BECE54536A8FABC8CB56EBB07 Ref B: FRAEDGE1406 Ref C: 2021-11-29T15:13:49Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 47ms
47ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=17467723&Ver=2&mid=b309cf2b-2757-49db-83b7-fd12b5cf9491&sid=f4b3e840512611ecb8dfc9f2de247869&vid=f4b40e10512611ecbc509dedcaa3d066&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Login%20%7C%20GlobalAir.com&p=https%3A%2F%2Fwww.globalair.com%2Flogin.aspx&r=&lt=1577&evt=pageLoad&msclkid=N&sv=1&rn=63355
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 521BEE7765E4482AB5DF42DC1C9DD0C5 Ref B: FRAEDGE1406 Ref C: 2021-11-29T15:13:49Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
95 B 49ms
49ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=17467723&Ver=2&mid=b309cf2b-2757-49db-83b7-fd12b5cf9491&sid=f4b3e840512611ecb8dfc9f2de247869&vid=f4b40e10512611ecbc509dedcaa3d066&vids=0&ea=INQUIRY&en=Y&evt=custom&msclkid=N&rn=124643
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 25B6550B9F6342FD8F81BF834AD59E80 Ref B: FRAEDGE1406 Ref C: 2021-11-29T15:13:49Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 138 B
444 B 106ms
106ms XHR
text/plain 3.224.186.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=v4G3HQM4EtRAWYZBlku_QA&is_js=true&landing_url=https%3A%2F%2Fwww.globalair.com%2Flogin.aspx&t=Login%20%7C%20GlobalAir.com&host=https://www.globalair.com&sa_conv_data_css_value=%20%220-0ee80551-b346-42cf-5258-39c930b6e6f0%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd90726eeabfdf34a5e5213acd4112bda3d4e2fd01c
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.186.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-186-28.compute-1.amazonaws.com
Software: /
Resource Hash: 7f45b8b4cc36fb6f81668f84a6d47c4be540743fa229ac40372987bbd4de690a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 15:13:49 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.globalair.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 138

GET
H2 200 884b4379e15b0dcde3ef6a87d673c491.js Show response
nexus.ensighten.com/choozle/9288/code/ 1 KB
867 B 7ms
7ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/9288/code/884b4379e15b0dcde3ef6a87d673c491.js?conditionId0=4862509&conditionId1=4862519
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/9288/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 28b35e2483ab6d58db382e9a2d302f6c7c12b2dc2a43577d12768dd14f9c5ca2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:49 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 18:55:52 GMT
server: nginx
etag: W/"5d77f1b8-5c6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 466b2d4ceb824c81ab82a48da410acc4.js Show response
nexus.ensighten.com/choozle/9288/code/ 2 KB
547 B 7ms
7ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/9288/code/466b2d4ceb824c81ab82a48da410acc4.js?conditionId0=421905
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/9288/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ef53ca1ed9fc4233f8d49c44a602df622b9c933eb0d0fc954ed96d5436fec751

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:49 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 18:26:18 GMT
server: nginx
etag: W/"5fa2f24a-62a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H/1.1 200
OK 15690
cs.choozle.com/dp/chz/ 35 B
123 B 448ms
105ms Image
image/gif 34.198.96.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.choozle.com/dp/chz/15690?d=www.globalair.com&cb=9099606967
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.96.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-96-125.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H3 200 fish.svg
www.globalair.com/images/ 68 KB
52 KB 25ms
24ms Image
image/svg+xml 2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.globalair.com/images/fish.svg
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b2daf949bdaf094643122dfb81ef4da4458c8a71c8e708d56681c0b420df243

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Oct 2021 09:45:52 GMT
server: cloudflare
age: 2912544
etag: W/"0c81e1985c9d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mw%2F7p2WV0tVP%2FgfwvXrL8%2FW0uKrY3oq%2FB8WJQ7OmBQyO6rHbHs29LSDXRvzqiGyq1kfWJtYSq0pDu3k0rVNo6V5hImJzeoNkbVXG6kzyClCSeJey9e4ijlnaqpzjT4PhY72bFXO4P6zDT1iwR78Q"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b5cc83f2eb1dfcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/b32nw3l/0oc7t4u/ Frame 7F51
Redirect Chain

https://insight.adsrvr.org/tags/b32nw3l/0oc7t4u/iframe
https://d1eoo1tco6rr5e.cloudfront.net/b32nw3l/0oc7t4u/iframe

133 B
662 B

35ms
7ms

Document
text/html

13.225.83.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/b32nw3l/0oc7t4u/iframe
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/9288/code/884b4379e15b0dcde3ef6a87d673c491.js?conditionId0=4862509&conditionId1=4862519
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.83.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-83-200.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9072d40eb342210ab620a99aa597bb982ee2c2b329987850bd3bf3956f22986

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/

Response headers

Content-Type: text/html
Content-Length: 133
Connection: keep-alive
Last-Modified: Fri, 01 Oct 2021 23:57:13 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 28 Nov 2021 17:36:10 GMT
Cache-Control: max-age=86400
ETag: "dfaee59352fe1ba038806837a491db5e"
X-Cache: Hit from cloudfront
Via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: iIqbMnSKjU0vspnxON4U4fH6Mt0adqneb1a5wlQBAN3kyF7B1jA2dg==
Age: 77861

Redirect headers

date: Mon, 29 Nov 2021 15:13:50 GMT
content-type: text/html; charset=UTF-8
content-length: 183
location: https://d1eoo1tco6rr5e.cloudfront.net/b32nw3l/0oc7t4u/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 /
insight.adsrvr.org/track/evnt/ Frame 7F51 70 B
260 B 31ms
30ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=b32nw3l&ct=0:0oc7t4u&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/b32nw3l/0oc7t4u/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

/
www.globalair.com/Home/
Redirect Chain

https://www.globalair.com/webfonts/fa-brands-400.woff
https://www.globalair.com/Home/

66 KB
16 KB

203ms
202ms

Font
text/html

2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.globalair.com/Home/
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/Content/all.min.css
Protocol: H3
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab9712585dbf3256db644875e4bfbc9ee88f7cb6ba3022ad9178fb44343e6aa4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/Content/all.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-aspnet-version: 4.0.30319
date: Mon, 29 Nov 2021 15:13:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnetmvc-version: 5.2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8U2gHD82jTJd%2BsVqC%2Bgn4NLEabgjJaz1Y5KDaY5Z6FMnfRfyTo078icdYRebTf6bMzBtSmccuSj9Jw%2F0j4K3L%2FCmvVu7qCFjEVyqDcOr0luC6Zb3kMnTVwhnCTdY5rOdGAEDyddQvySf8jUfpXo"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 6b5cc844ffa1dfcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Mon, 29 Nov 2021 15:13:50 GMT
x-aspnetmvc-version: 5.2
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTZ5UL9gUpUkdvQyY8GQqHIArO7szDrnjcjhRDBdX9mqc9QbExUBs3sh3%2FeY90JdxGEdMvlIolkAzG91W6IKEVAXL9OgUsoOMKKL2x2siZWOXB2D15owKzyM8avI3eCtssrkcfX%2FQrKMFGgpDMcC"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /Home/
cf-cache-status: BYPASS
cache-control: private
cf-ray: 6b5cc8414a7cdfcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

200

/
www.globalair.com/Home/
Redirect Chain

https://www.globalair.com/webfonts/fa-solid-900.woff
https://www.globalair.com/Home/

66 KB
16 KB

643ms
643ms

Font
text/html

2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.globalair.com/Home/
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/Content/all.min.css
Protocol: H3
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfba5b151a1e54f80fa294ee14263ba41d1fcbc2c81d8db5e25adaa16a2d9f97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/Content/all.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-aspnet-version: 4.0.30319
date: Mon, 29 Nov 2021 15:13:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnetmvc-version: 5.2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tq3TjiItD%2FT5iC0cK50IGbU%2FhF0mPOV5%2Bq0n1dDkfMd%2FLamzxeAuTnBHuYfEsUPfQCJuF982HlDblT6W1Jqna9FdAzAM0WaS9wYmfeIHYxnVvnrIMGtxpZZm4Ubx%2B%2FAKBwOw2X%2BzH2LUfUT%2BSE95"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 6b5cc845480cdfcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Mon, 29 Nov 2021 15:13:50 GMT
x-aspnetmvc-version: 5.2
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TM3h7kMX7UbwD9wikdetJPSu9Wz5gC0BxE3TatZWgstWDOkk9YpA1oaM9fMl%2FvCVYiABF3J4LL9K5scQnurGYVZIVlSLAeXUMTdsKZReGtCz0GqWJBnZXV26Mdj6BKIr%2BWOu3vnEb6PXJPi0yLA4"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /Home/
cf-cache-status: BYPASS
cache-control: private
cf-ray: 6b5cc8417abedfcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

200

/
www.globalair.com/Home/
Redirect Chain

https://www.globalair.com/webfonts/fa-brands-400.ttf
https://www.globalair.com/Home/

66 KB
16 KB

700ms
700ms

Font
text/html

2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.globalair.com/Home/
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/Content/all.min.css
Protocol: H3
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87c3d011705283015941c61b5cf4a40d6c6253bba59fb8df4361a4f53e602f7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/Content/all.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-aspnet-version: 4.0.30319
date: Mon, 29 Nov 2021 15:13:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnetmvc-version: 5.2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEsh%2Bq%2BH0918jasD7qIZlf0nMhepVKQL8p4u0Q1F6VDO6HSedcAAroIbnSCutmz1zKjKvr0zAOwTLslG%2FXYorHW27YRQLopr1DAQIVlT1atSWBQkzyI9DH9y0f31F4l%2Bj7ZBB8Bdt%2BlfI8cTr5xm"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 6b5cc84a0f07dfcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Mon, 29 Nov 2021 15:13:51 GMT
x-aspnetmvc-version: 5.2
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnSG5Bg4m4Golf42xCKP2nW4nnH8n5wQU%2FmGh5cvqJ7Yu60PGU9CxaDvLsjeQs9a7QmJrHujEcBtgHqhMwlb2CfiVsnzWlvi38YljYhofl3nEYox7ZnB3gZnBpGRG45xgsO4loazh0vT3vx0IGa3"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /Home/
cf-cache-status: BYPASS
cache-control: private
cf-ray: 6b5cc8463952dfcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

200

/
www.globalair.com/Home/
Redirect Chain

https://www.globalair.com/webfonts/fa-solid-900.ttf
https://www.globalair.com/Home/

66 KB
16 KB

727ms
727ms

Font
text/html

2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.globalair.com/Home/
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/Content/all.min.css
Protocol: H3
Server: 2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c28bae2d121341665958f6917569e1c319a9f715859e29c199e2f7aa3bf3362

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/Content/all.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-aspnet-version: 4.0.30319
date: Mon, 29 Nov 2021 15:13:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnetmvc-version: 5.2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nm686lG2dlMu5uOHKh%2F1rTo5zo3EBO%2FloT9TuVbDJmC139Ub6IqgFVa0dAdyy31WIxJFN7LqTXbd8S9xQ2LKJzLSWVirsOKDVLlI8CE6rlXnQyBAgpAqRbHRLaHHe9%2B649ynSDKAWYL0KH7UX7hl"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 6b5cc84dbcbbdfcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Mon, 29 Nov 2021 15:13:52 GMT
x-aspnetmvc-version: 5.2
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCLA4vxZUNs6AdYKebF5tKOsEhmP50WQs%2FL0sdih1GV00sNJt4LQE916OkYEmklGKabbl%2FNo5wfuuagLYG0LQYuh%2FzR7qIetCLn2OtIkBi2%2FSF17HbNHpdGuutTyreoMMYf2rmXfy8plGaTHTDCJ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /Home/
cf-cache-status: BYPASS
cache-control: private
cf-ray: 6b5cc84a0f0bdfcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 rum Show response
www.globalair.com/cdn-cgi/ 0
168 B 18ms
18ms XHR
text/plain 2606:4700:20::ac43:4514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.globalair.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.globalair.com/login.aspx
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Mon, 29 Nov 2021 15:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.globalair.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6b5cc8533d69dfcb-FRA
vary: Origin

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 40ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.globalair.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 15:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 41ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.globalair.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 15:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
10 KB 230ms
230ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3593394302749266&correlator=2536462818409524&output=ldjh&impl=fifs&eid=31062924%2C44748552&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=13428562%2CNEW-970x90-Ad-Banner-May-2021&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&cookie_enabled=1&bc=31&abxe=1&lmt=1638198833&dt=1638198833265&dlt=1638198828748&idt=162&frm=20&biw=1600&bih=1200&oid=2&adxs=423&adys=55&adks=340152150&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.globalair.com%2Flogin.aspx&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1084x-1&msz=1054x-1&ga_vid=529333187.1638198829&ga_sid=1638198833&ga_hid=1990638465&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

6cb66eaaa59ad6f5a5cacb17a3367c61a3cdc03488d4d2ab7a748c6df155ebf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10178
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.globalair.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 49ms
21ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b88c033390ac0fb336673679ad3277700639af43673b66997c43bc98b1f1401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 15:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9119
x-xss-protection: 0

GET
H2 200 container.html Show response
7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6DD5 6 KB
4 KB 70ms
19ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 29 Nov 2021 15:13:53 GMT
expires: Tue, 29 Nov 2022 15:13:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 50ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 29 Nov 2021 15:13:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F615 12 KB
5 KB 24ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 29 Nov 2021 14:47:55 GMT
expires: Tue, 29 Nov 2022 14:47:55 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4CE3 783 B
535 B 33ms
16ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

468a7babae2615fd101b1e23654db9d82833ec9f2f18b8bab4355d37c51e75c7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VKWDzlHfhIoOVfAnjQFXcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 29 Nov 2021 15:13:53 GMT
date: Mon, 29 Nov 2021 15:13:53 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-VKWDzlHfhIoOVfAnjQFXcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame F615 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 16:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 16:13:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4CE3 0
0 74ms
74ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=3593394302749266&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 container.html Show response
7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D0F6 6 KB
3 KB 21ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 29 Nov 2021 15:13:53 GMT
expires: Tue, 29 Nov 2022 15:13:53 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BC17 624 B
976 B 39ms
17ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY7LXpmQEwAQ&v=APEucNWGkJAzUuW0jvRtWLsQMbMxqRfHzgLpRYVbSmVen_UDtnJcUSGwOQ_gAyXj-ZmfHPeOJY0vjswtK9_9s0uO7EhnGUx5-MkcgwSDbzFvRZt0GbBjLYSvPXwPrkGM0gVVXrS22Dmh7mfsJruAKEqUa68M3316yTGQT7I_Hxk3BXOqe-TNJAE

Requested by

Host: www.globalair.com
URL: https://www.globalair.com/login.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 29 Nov 2021 15:13:53 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 29 Nov 2021 15:13:53 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3A3D 12 KB
10 KB 54ms
34ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ds6HErlMVGOe57nk__molbfR9zHgm2SD_NAUvSRiyi6tqwIftVaOQe0GM4ilC0vec3hqEB2ttuuT2tntVYMTuILtToqD3h74ze2zYxeLMdBcH_sSe6UczfoINEopz0VHctm1t_vV_qirNK0weMbAO58Tm2vA&dbm_d=AKAmf-DA32Vd2Z2q5sEiFV3kSibyTSvwg1Eo9kqM79tIrGcu73m7suDAuRMuFgF9CM2Btko_rZjeBhoALFlLUleXFHJQ0rdc8lfKmGZrmYaEhppOfKgBobUCuLgbHz-obhhq5Thcy934ni_03TYWT1_wlbLXiwSNqStE01PHWFPFYU6Oh_OoLif3XehkicRa39-eFUaYkvh6ker98j3G1sWS7sESiidhezSzZPQpX4rvWDcVtbvFKFaeXSmpNK954uBn7KM9A0fsoTe3Pc0Sdi9QD_0MdneYN8ds3XSQAoPsYzFaI7N5hj9HfI2bRts2F87vtDt5DXvblNtjyLZhsoA8cBuP1E3qNP_f_OkMGACV2HR7wuhjtdsDL_KbMyswIIFLYpGtrg38PoAOnSCE9SlB4lYhBonnZEivGKMcH0gDuq8lOG2xrX_6of5kBUf9SplSJjOuoQEcQFjCvmxbRdEA_lPWi2YBi14b4Wmsq1BISNd3xibWHVVDv1uixQhcPQBioLb-4bjhc03U97wPeBw0AOXSAbtvKA6LCCA0-DrQSEMWkJ_sPCii2nzPHxGrGzgIDky2OYy3VIwxBHzh-3dUeLvToTJBuyoTTNbxdcbVEUnZZABGXjPq6zJZtksewdKRsP3zdN-DBHVq9SfVY7p7NbsMWsO8dbAqOKxkKjJY2T9iFbvz7DqnhXD0f5KvnyHvYTCt4yr6Z7Lv_EvhRyJwleXOxaBhHM0RZkmP_fZABwg7ooMSDyZlsTk7zRNV4bUhH9hPdyLQ8athJZq2kyGAxJrg5RlAKbJcGU2cccjL50dRKY6AZJALfKC_MEOvNCxcghNcpIDDNgkzhPL59vQbimNHL5Jt2coBpsktpvLPJkYcdJXBJ_cgku3qHiyvrVtNRSXRH3FV5Dm0ZfCVap7VVDAMWJBR-GLnycb_C--ubErprr6DbKyxO-LlfH3aTmmjbP1iAgGFNj2LYqOxRFzlGfID6-8oqYdguZbj5lyWXWI8-zhGkHEIUMN5ksEjwicG7mgXt5Rk8gJRxsvWMhmcc0vthMBACyA-xCP1ySaxvQRMFOIjiOY0VCmccdtCfasjk8x6v-DfXrgVj5cv8jQTG3fQ4w3TyAy4O73kL5E6JKoY4YU8py5CnwzVhdylu-29AA0mmdxgoXMbUaVpz8c1Ujj4grd5hzvg8EnC9alMuXf449wuDdjxXE_X5TFrfRqftqYtm6EjCZw99JkHOar8R2RASqGx1zcnmqDKOhHcsoN_ErqRZ07ZGp0lHTMBiBnDNySefcI7GXBfPEvKyn7TuHRMJMQCufQ0qddEK3iwjlfz2Evry6TwxREU-Djf4hdDMZ9WGOGRIz6hVVJPMwu314eRLbiWNwci-hPHVRGHHszH5kM3QrJcEVxodCXJRloWxFOqfgOcShe-sxHmNBvXVljQf8MOy7fCNYm0rRXKC3oTaw1SDF0GHqVKm21Il78cC6qxMh5cc468FBinTchhRvbu4wQac2Fl-YPwfKxkfebzV9MCbmKncYgUS2LcifrNgsyHllsSAXa9DPm0ki-3AvsYzhZTmEMJfT-iUVlvvPodbpGgBsjfEXye1vrhUPyYV8qyqAO3uoSowDKssJ2zRMA-HnmMGbS_WQ9nPsWcdYPxTOJyT-2lBt3B7D1y6rS_Uv4Z_CQfItg5-gXnNFAPwQZmpRMuEFfF7fUtCLtNa5rUSVH_asAAzCAe2DQF8QLPGYyfWHgrNiDOVuQvXoivnBDYAncX4_jQnt35lRHZE8EQKwTnSDgyE2FW5GHLmLegaUrMwRRYjymh7A0gDni7xBx7UJEyAJLB77oGlM-mDQtTm3ZMUT0mjPD2OyUP6WKrnvxNB4Huaf-xC2GO2m_Fn6tTZBk3wB3jPclz0tlyo6VTk1XKX25WnHht9Ox72e-R1iuYCjF0ZC127_86DKJDVhOMaFFj-JSoM-tyKa9CpjrVu7MkcQFHXGXXnQlLx6oZCxoMF4yKCY25iJE0TJ09nKkeyWVH4Vjq8YLGHVOYsfi7owfXAY7GNyCl8e2I1kYB2e9lHvjlRIoWYu9SsNtKg4pTVBkd8E2PAankrQxHSjoAIKRAe6ewLTyBsFEHfJotwbvX3z4cQpc_C5qL_cgvwcqna0AQi-4Z1T1jx6hB_U89LjNSFw8nPW4T2afqaG8kmWaNWmducytI3I7xMB63qK9bZtknZb7y3V9LDOVxgdHA83fWz4Evh6KzqtAn_PpcGWN_5OL3vza7mLQcghYNgGukDS9wupv132b3Hc_z2LEUffjzNLZmYcAi0fxmQ0ZjyWdyyfHQZjbAHlatQ3zeStcHvwfnPsQjJ1o9veDr-cgwYjeVugEzj0P-bw6__qhX6uGVpUEJYvWpagmJaVwGXyd-V9OT50pW0mgHzuLRnljrGfPPNbmbW8XZdgbm3RBBKpVh7UYmwnwqZKDBSmKSxwFFYW53Ru65O1G7yii54L3kN30gjhM61r6A9HsWBdsSA_ZcQm1RNT-k3m3x41KtiOrweKWejLFHAojHJF0jfIS49E7BGpSS6Rb6ukpQ1xMi9hW40pmWX75gF4TK45AeQiCh_eJY8Q&cid=CAASFeRozgz4lLhLMsyCPNNqGHN7HNznXA&rfl=2%2Chttps%253A%252F%252Fwww.globalair.com%252F%240

Requested by

Host: www.globalair.com
URL: https://www.globalair.com/login.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ffaef0ce322e979fcfa17b5a480c39201ca10fe5f7fd5f2fe6d607ea7b51517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9479
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 3A3D 58 KB
21 KB 84ms
40ms Script
text/javascript 142.251.5.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVMvzMvY-7aXgGqycDpdI2iC7-fZCKoc-NMFT46TP1tnh71vfE&d=CnkAoCZ_4N5_Gh7AG3mUGGYRBBvErWoRuuJTy6-iwJGXoJxlLzMk4b7iC4MluR8vNpIUF4V7pNRSu6ayYSGhWbEoOsYwGzdoYcx9SzkOhGkSI86YvM_-P9EztKlH9G7zL4T9Gn7zIwMqX0jXyHVq9jQr4qEIH3TppgFnEpkSAKAmf-C9l9aKYgj1I7RlxL2dxvOBE-JZynlIxXPPLc1C2clt8YBoioVmVszhq9Y4YBxiFB_jpZ5xFsQYuP5VyAv1YVS4E5RcgIWv_kfXDUobMegIUiyWZknmAbVHdou5CcB3iKnFODFx3GhNUPzD6UCqVxAjOerTuabEGGMFRdY1SYEde6XGmn5udnstNqo-33VhPrRzGdITaUkSQwDyR6U7ZJxqGZ3uSu7pLlve0Kn-CobVCtMoYbaeUnIrB9Q9-liiKBvF8BDypCu7z3menjltYe0_IUvHbL8Tzknq1y5PzOpE1WcaH9wHA4zX_oUr01C5znvs9sH1rUWSmPpx5BT_sE4EUOdeOptyqREWyyQfSYYMrsRNLeYMJwPx8tT2i1OFS0qg7rHYyI4x8jAsI_N7v6N5Y0oetiDPhhxl0bRKzsf7lZKenhPnmwWfRT_HRW4Yd2I0_fpqvepDTxwWSoA3Wf_JfXpWx7gcDbCTUYcd2fKyTFHSD1e6HagDaYRBJwFAOUlgz2Cx_XzpO86ZsPOqFLc72uDGR9VWPzqDLYnaF43PkJKZhBkDVpKRPTIXqiYDXFDXzWZkVQ6f4O3gYNsMHQ8g19x7P04ockxcL_ZQck-cQDLsjgLVcJwW7vawr1P3m3fjSrnb7K8Ue_I_y5R4dOVNLny6DwTgozdzc5zNAXhH8sm26cUyOIDXRzGVvWKzz1EgnOmK_-Vqs36RxgGKJ9WwD67k4COaBI3cA26GOW9kjfsAlL1bsrmUULJ48RYEdBtYI4-eM9akYiiviIKu0THtqY5lf8sA9kbzwLhKqAS_4KMj6pAdq22BOKZAvZ2DCdjr-jcfTyTfzHbIlszZVWAvh-qQNSjdNOUbKePKyuOl0t_VUAcK1kErZ1h09-F1h2xl3-zYzLAMXiUovvsBR_Etg57mGEElSlt0Qz3Si1L6YO1lrivMnMe-dRB06ImfcuQiNEsLDwJP4W9L7NeglWLNFgOpWiUvCGDoWcjTAlR0vTIpk7NSPX6_rb2b78YnMIhzq_zkdSKTmlnKxiyNu18_WjBxZw7cqHW2nO_w03521YHm7S_zrULfAFGQZoS7lzArI1ERTmxHQMRZGgvuWxvrYc3hBNcd7yNin2dXlYCsZzEOnxPpIFi12p5Of1QkvcZEIOOJOBTa2Eha7aARuk5X6SG68k_i_OPSAN7tIkriSSjQ7mt9cUwWX23lpzfbTunPDXD5dQSXhrOP20Bgrmt0UIIBeeBIa_Jo7pqrnL3F_6xLoJHf_caWjvGDFSitnh3VncinAb8lTsXQy6TqNGcO0TAMZyEfeAnyJels8LJSKt6AGncwDQ1zmfQXn5al8iB7Nt5fG6eIm-NGph2o0xARrg2hJB3paCDd00_r8uFl3VtWasWd0rZ8ZqFW3Uvh5SMKpfwRrgKiNWdHuIEqyJe7-MH48lsa1grY8ijJO7WVjagS-VFDuHKahpzenfuQ56wA7RAi1kZQPBzWFKb4uO3gpTJeoDE-FuQZnUs6diUTeLZ5DN1McVIOf3PogY-DtVbE4UrqpdM-CE4OsOhMxJS0HLaH8d8kFUG6oxYvIDQ4UorDpQlzy01Y7D51ErFsC0yDGhBVem2ppffxW-7lgqFNfDiKDn4a_ZdTKRsoyacuSY0fnCNM4d5v1JFPii-guPjC0zSnMgxZGUOrmk9BV1VAgMeAleZsZMKI2Ybfrq6uXM2ISaADGF2rhnBccoiGCxMvx90laOA5ZqII9r44A19ByBwik6-utj4ZjyinEMty--WjC9tke9y8TPagPvCl5m7szY4330eegVa-5gFme6Rdo-Ij5BCSCdAphaoe80E1hg3KTs1JTqRRPfJHjjL4nx2sfmpjPmwu_AwTBJzUJ_4pmhcTwebdVXQDIeL90Z-X8J7xWS8unWrgu_Lsa0NJhqtzrMH1WVwrPStHOKj1-V1mK3S-9tAb_IMSh-2ObAz-cOZjUMsrp2VV5wuG3RkQYmgVWgH_5FpvlS87SB7VcbMZVTcPJAV33EpWXiIIIeOYyKTi69AutqeYcCgeqqhMUH7jM_h70xIAK3OghVAt8RGf7NEbGUB8iwXUgIDFwV0Xnrpn5ExF-wykPdG_uzJ3vZYyHkgrXWTHB0u9U2L4ZaUmwgL1SRjE2DI-m-kIc7l2moGxQWImdZxcwCgQYs-YrTEOvSD5qxPYXOrjMIXY9PgbgoGfnkeDpMHb_pXRzZjKBsEtHfimvgIbAHTVhnDN5X4Wutg1St6HEnMmKzofDD6IFE06dFPTrMcPiM6CDUG3USNrwr7lVllHR6a90vGp1s9eLuouGaQ1HXYLt3xY2W3Sc8ASmoJ4H1HndqXzQSUUMEyT9Az4f4T8Jr_nb_-45OFqeAfVmgObqjgIB7S6uARCk8pLxk2XQmcfYaFjiHALpaPm2K8buQ21vmA9fLcN4-s8h2nqDZCbZ-R5Jpr1_mzfK8RIXx9po_Xq2SUeukrYtW3-BE0iFPT9089VPmkvdntevQ3rGroJRIaB5v9pTPoMcX5_R9OVeSMhRrsCiUaQ7_pgODKYTliBaDXtp3C6iftBVrnK1gXlFoA3DTlx4ymLtdSveKghYVTwCSpDEJWhv5GQjVcfPIBy9sTIKkT-mD083LKwhEUNy06BWahUsobiGw8skvk4eqpHfkreQ96g-PVxcMsVRueKzKPrEWoSTxDcgBc1VHIikQLgPXzDg16mLUPnDDztY2P1R_pZwtWnf4HFvpIIc9degv_ccBlOThtGnBoT0Gtu8nT-ZgUkZRFCy4F9DMX3mwGkrb1ZS23arDvCaBl0KoslQlytotAxhvAMRxZCebupdRPGCaytllt5Y8l4GfLCWC0cP5EaB6oKm23OZP30PiuKs4VWtUcI2XGsiEPBm8sGL92o_r6N-taoWAExkoSk6v8GkdMkaE3Lg0yuHb7xeIq8y_fvmR-xYnrPKYXWHtBVGt-FMFp6vAMcn_L-_uElw1HDbVoBAb_buywN-W1kIAeVUhtaz5VZI8UyB6KK6wDndar8QXx3y1qSmb12yJvv4Nxjg1J8SPvkFZ41hXbbUbnlLTjIUTxcmijZkrkd3NbewiicGo6ItgSZJcM_WxoZCAASFeRozgz4lLhLMsyCPNNqGHN7HNznXGAB

Requested by

Host: www.globalair.com
URL: https://www.globalair.com/login.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f155.1e100.net

Software

cafe /

Resource Hash

2804f8ff7b2c1e6c6ae1d8ff925828efaaacf05e29e3c01b87be9ec7a66ade9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20518
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/551864/51534907/ Frame 3A3D 46 KB
13 KB 139ms
63ms Script
application/javascript 99.80.67.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/551864/51534907/skeleton.js
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-67-138.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: edf0e7cbee4eeb9c8cb3fd6ede2b1526136a818ac86478f358314e6977758a7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:53 GMT
content-encoding: gzip
x-server-name: app05.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 3A3D 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.globalair.com
URL: https://www.globalair.com/login.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 15:11:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A3D 119 KB
37 KB 68ms
60ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.globalair.com
URL: https://www.globalair.com/login.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Nov 2021 15:13:53 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 3A3D 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.globalair.com
URL: https://www.globalair.com/login.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 15:13:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3A3D 0
0 15ms
14ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQB413GK-OW1pH9o3LjOCnFzG3dy-GVIVyE-n8iJsS2ydb9l91FbR54-nyxVxzJXh6Dj09gI8Sl5zP1OdoMgay-1McLgA
Requested by: Host: www.globalair.com
URL: https://www.globalair.com/login.aspx
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A3D 42 B
63 B 43ms
43ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C_0tBeu4szQaBbGkPYuAiJZAFzHGlUsbjZjHQLOs0_jBPO8cdDFz_JPhcoqgPolzsbyGXea6AV5A_TVDYnzJlWFg2jxRGgLSn-A7x0h9YyFby9HWM

Requested by

Host: www.globalair.com
URL: https://www.globalair.com/login.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
44ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=3593394302749266&bg=!i4iliMzNAAZQLpa_UC47ACkAdvg8WnW_agvJC4ZFhOySFBMA9nReeblO7AmTHsg1Vstk6naWe0hFHQIAAAByUgAAAAtoAQcKASMIhOw1vWfhbdah9DV4APXu6CTjC2z0IuVbDuLLbFwPU9NbTsQV0XHSIn0C1pkyrHrm05QA0138MLyfCpema-r9KfTmy0B6_biUdzMsVX_gS7PonEqoXgQMAAq_vs65kIqtMeoQTD1jdVozWyDZOxeGOn7YCctU5W0BQvNwRzG9appKqJPe9psoMW4Kn_QKLeu40dOGQC5RxWzQQdKE_XFbH4ILyEzHQXWS_T3f7I6Yc2XxRDk1z9bFQ7lESre-KakotkxBgLQ0ZizMV1oEBu_MEySSjCh3wVS75dwSw9fpE1ETdlgd0iPngOkwQndh3i4AOkEaEINQcW7pPepFTRqtkaXa9wIPnass9V6sfcXBKs5gNXSjXUOjI7MsfWprrmx7SiqZAnNCKSuFJjCxuML3VEG6wDaJi8kAs7pllemJR5ham7-M5Qq7uu3Q1OlivjuCa1clPIWAEdKj-3LFpWKup7ClTaJzN-DxhXa2i-wG3o4w0ucY7Os4bsDcomuKvDTpeYSIFQq3YYC3nibycbSh1M5Ap4JqXxIAvwXHJ-dloIhsdYI-QasXgz8zQ4bGo3WWgv-4Q4KKuFoTb5zaMbPUMrjXAkCAJePrlXagBEEKg7tASNbd3HJyBuJeDu8rmQpDoCDOrwndoiVFS5TL9bdd_AvdHOrXWFuyunomep41fXQDSCGEAk3_RMJOEJQb1MDjZFz9sD1k3vCypjiRiBF-gCQ-W-wmDiG2eFewfCNCgQ2RFaP0Ie7aLBmtP8RzyRtSIJ5XByvw92K80e4BaOC3mX9Zs9LmqqEdcDLf_yqOSDdIKbXQLUCLK9tN7FjRnUAaB5BjdQ5zGGkTocR8RMyCDGTyqxk35Lh-lOYzcvJHfOE9ebcm6EGfimTj9e0ykX50iXx9YuPJ7TUO4yt9Ui2tEI6Dp1iE_pbhNM88hVL-DC4syD_FhebgDkyHJZd76ZFgCzlrcx3qgw5CiQsICxY7t8XFcyyApM1QF54ylegumKyo5Oa6c66K4InGuXmuN1UCf1yZRzGM433uL3w5oBKsv2FAYHrV7cs8zLbOcTZGTpx46oKD7Xs9QrqqDbQSybtRGjZ1EpzzH3qj_oqDGoYxdxFzHStUgO65dBfw4-T_RpWY_Ql01ZhpTjxa_dOQ3M5RgDdn4itwsFcerFg7q-8kBKX6nUVuE6dBt-n9Ms0mfsGGvEwtlSpzH61UUZ7Jh8Kt6-227BmDmVs

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.globalair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BC17
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFrVyiZbQ-SqlPstqG6cnmQ&google_cver=1

43 B
894 B

15ms
14ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFrVyiZbQ-SqlPstqG6cnmQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY7LXpmQEwAQ&v=APEucNWGkJAzUuW0jvRtWLsQMbMxqRfHzgLpRYVbSmVen_UDtnJcUSGwOQ_gAyXj-ZmfHPeOJY0vjswtK9_9s0uO7EhnGUx5-MkcgwSDbzFvRZt0GbBjLYSvPXwPrkGM0gVVXrS22Dmh7mfsJruAKEqUa68M3316yTGQT7I_Hxk3BXOqe-TNJAE
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 15:13:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 29 Nov 2021 15:13:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFrVyiZbQ-SqlPstqG6cnmQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BC17
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaTuMTuyS9ddwLa3gL7rzQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnLnCWd8F24W3Xpr5KFgB8&google_cver=1

43 B
894 B

38ms
38ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnLnCWd8F24W3Xpr5KFgB8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY7LXpmQEwAQ&v=APEucNWGkJAzUuW0jvRtWLsQMbMxqRfHzgLpRYVbSmVen_UDtnJcUSGwOQ_gAyXj-ZmfHPeOJY0vjswtK9_9s0uO7EhnGUx5-MkcgwSDbzFvRZt0GbBjLYSvPXwPrkGM0gVVXrS22Dmh7mfsJruAKEqUa68M3316yTGQT7I_Hxk3BXOqe-TNJAE
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 15:13:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 29 Nov 2021 15:13:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnLnCWd8F24W3Xpr5KFgB8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BC17
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ0CDeSH1rd3u5DkXlCV8l0&google_cver=1

43 B
1002 B

36ms
12ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJ0CDeSH1rd3u5DkXlCV8l0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY7LXpmQEwAQ&v=APEucNWGkJAzUuW0jvRtWLsQMbMxqRfHzgLpRYVbSmVen_UDtnJcUSGwOQ_gAyXj-ZmfHPeOJY0vjswtK9_9s0uO7EhnGUx5-MkcgwSDbzFvRZt0GbBjLYSvPXwPrkGM0gVVXrS22Dmh7mfsJruAKEqUa68M3316yTGQT7I_Hxk3BXOqe-TNJAE

Protocol

HTTP/1.1

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 15:13:53 GMT
X-Proxy-Origin: 78.47.208.28; 78.47.208.28; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 06ccba91-ba4e-4915-b2b7-a0464b236188
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJ0CDeSH1rd3u5DkXlCV8l0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BC17
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcxMDMwNDE4OTY0MDI1ODc5Nw%3D%3D

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcxMDMwNDE4OTY0MDI1ODc5Nw%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 15:13:53 GMT
X-Proxy-Origin: 78.47.208.28; 78.47.208.28; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7d8b9f9a-0300-45aa-9168-ec0ba9c872ac
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcxMDMwNDE4OTY0MDI1ODc5Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3A3D 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ds6HErlMVGOe57nk__molbfR9zHgm2SD_NAUvSRiyi6tqwIftVaOQe0GM4ilC0vec3hqEB2ttuuT2tntVYMTuILtToqD3h74ze2zYxeLMdBcH_sSe6UczfoINEopz0VHctm1t_vV_qirNK0weMbAO58Tm2vA&dbm_d=AKAmf-DA32Vd2Z2q5sEiFV3kSibyTSvwg1Eo9kqM79tIrGcu73m7suDAuRMuFgF9CM2Btko_rZjeBhoALFlLUleXFHJQ0rdc8lfKmGZrmYaEhppOfKgBobUCuLgbHz-obhhq5Thcy934ni_03TYWT1_wlbLXiwSNqStE01PHWFPFYU6Oh_OoLif3XehkicRa39-eFUaYkvh6ker98j3G1sWS7sESiidhezSzZPQpX4rvWDcVtbvFKFaeXSmpNK954uBn7KM9A0fsoTe3Pc0Sdi9QD_0MdneYN8ds3XSQAoPsYzFaI7N5hj9HfI2bRts2F87vtDt5DXvblNtjyLZhsoA8cBuP1E3qNP_f_OkMGACV2HR7wuhjtdsDL_KbMyswIIFLYpGtrg38PoAOnSCE9SlB4lYhBonnZEivGKMcH0gDuq8lOG2xrX_6of5kBUf9SplSJjOuoQEcQFjCvmxbRdEA_lPWi2YBi14b4Wmsq1BISNd3xibWHVVDv1uixQhcPQBioLb-4bjhc03U97wPeBw0AOXSAbtvKA6LCCA0-DrQSEMWkJ_sPCii2nzPHxGrGzgIDky2OYy3VIwxBHzh-3dUeLvToTJBuyoTTNbxdcbVEUnZZABGXjPq6zJZtksewdKRsP3zdN-DBHVq9SfVY7p7NbsMWsO8dbAqOKxkKjJY2T9iFbvz7DqnhXD0f5KvnyHvYTCt4yr6Z7Lv_EvhRyJwleXOxaBhHM0RZkmP_fZABwg7ooMSDyZlsTk7zRNV4bUhH9hPdyLQ8athJZq2kyGAxJrg5RlAKbJcGU2cccjL50dRKY6AZJALfKC_MEOvNCxcghNcpIDDNgkzhPL59vQbimNHL5Jt2coBpsktpvLPJkYcdJXBJ_cgku3qHiyvrVtNRSXRH3FV5Dm0ZfCVap7VVDAMWJBR-GLnycb_C--ubErprr6DbKyxO-LlfH3aTmmjbP1iAgGFNj2LYqOxRFzlGfID6-8oqYdguZbj5lyWXWI8-zhGkHEIUMN5ksEjwicG7mgXt5Rk8gJRxsvWMhmcc0vthMBACyA-xCP1ySaxvQRMFOIjiOY0VCmccdtCfasjk8x6v-DfXrgVj5cv8jQTG3fQ4w3TyAy4O73kL5E6JKoY4YU8py5CnwzVhdylu-29AA0mmdxgoXMbUaVpz8c1Ujj4grd5hzvg8EnC9alMuXf449wuDdjxXE_X5TFrfRqftqYtm6EjCZw99JkHOar8R2RASqGx1zcnmqDKOhHcsoN_ErqRZ07ZGp0lHTMBiBnDNySefcI7GXBfPEvKyn7TuHRMJMQCufQ0qddEK3iwjlfz2Evry6TwxREU-Djf4hdDMZ9WGOGRIz6hVVJPMwu314eRLbiWNwci-hPHVRGHHszH5kM3QrJcEVxodCXJRloWxFOqfgOcShe-sxHmNBvXVljQf8MOy7fCNYm0rRXKC3oTaw1SDF0GHqVKm21Il78cC6qxMh5cc468FBinTchhRvbu4wQac2Fl-YPwfKxkfebzV9MCbmKncYgUS2LcifrNgsyHllsSAXa9DPm0ki-3AvsYzhZTmEMJfT-iUVlvvPodbpGgBsjfEXye1vrhUPyYV8qyqAO3uoSowDKssJ2zRMA-HnmMGbS_WQ9nPsWcdYPxTOJyT-2lBt3B7D1y6rS_Uv4Z_CQfItg5-gXnNFAPwQZmpRMuEFfF7fUtCLtNa5rUSVH_asAAzCAe2DQF8QLPGYyfWHgrNiDOVuQvXoivnBDYAncX4_jQnt35lRHZE8EQKwTnSDgyE2FW5GHLmLegaUrMwRRYjymh7A0gDni7xBx7UJEyAJLB77oGlM-mDQtTm3ZMUT0mjPD2OyUP6WKrnvxNB4Huaf-xC2GO2m_Fn6tTZBk3wB3jPclz0tlyo6VTk1XKX25WnHht9Ox72e-R1iuYCjF0ZC127_86DKJDVhOMaFFj-JSoM-tyKa9CpjrVu7MkcQFHXGXXnQlLx6oZCxoMF4yKCY25iJE0TJ09nKkeyWVH4Vjq8YLGHVOYsfi7owfXAY7GNyCl8e2I1kYB2e9lHvjlRIoWYu9SsNtKg4pTVBkd8E2PAankrQxHSjoAIKRAe6ewLTyBsFEHfJotwbvX3z4cQpc_C5qL_cgvwcqna0AQi-4Z1T1jx6hB_U89LjNSFw8nPW4T2afqaG8kmWaNWmducytI3I7xMB63qK9bZtknZb7y3V9LDOVxgdHA83fWz4Evh6KzqtAn_PpcGWN_5OL3vza7mLQcghYNgGukDS9wupv132b3Hc_z2LEUffjzNLZmYcAi0fxmQ0ZjyWdyyfHQZjbAHlatQ3zeStcHvwfnPsQjJ1o9veDr-cgwYjeVugEzj0P-bw6__qhX6uGVpUEJYvWpagmJaVwGXyd-V9OT50pW0mgHzuLRnljrGfPPNbmbW8XZdgbm3RBBKpVh7UYmwnwqZKDBSmKSxwFFYW53Ru65O1G7yii54L3kN30gjhM61r6A9HsWBdsSA_ZcQm1RNT-k3m3x41KtiOrweKWejLFHAojHJF0jfIS49E7BGpSS6Rb6ukpQ1xMi9hW40pmWX75gF4TK45AeQiCh_eJY8Q&cid=CAASFeRozgz4lLhLMsyCPNNqGHN7HNznXA&rfl=2%2Chttps%253A%252F%252Fwww.globalair.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267948
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 12:48:05 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2DBA 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 267947
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 3A3D 106 KB
38 KB 154ms
8ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.globalair.com
URL: https://www.globalair.com/login.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
Origin: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8954
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Nov 2021 12:44:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 3A3D 8 KB
3 KB 6ms
6ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVMvzMvY-7aXgGqycDpdI2iC7-fZCKoc-NMFT46TP1tnh71vfE&d=CnkAoCZ_4N5_Gh7AG3mUGGYRBBvErWoRuuJTy6-iwJGXoJxlLzMk4b7iC4MluR8vNpIUF4V7pNRSu6ayYSGhWbEoOsYwGzdoYcx9SzkOhGkSI86YvM_-P9EztKlH9G7zL4T9Gn7zIwMqX0jXyHVq9jQr4qEIH3TppgFnEpkSAKAmf-C9l9aKYgj1I7RlxL2dxvOBE-JZynlIxXPPLc1C2clt8YBoioVmVszhq9Y4YBxiFB_jpZ5xFsQYuP5VyAv1YVS4E5RcgIWv_kfXDUobMegIUiyWZknmAbVHdou5CcB3iKnFODFx3GhNUPzD6UCqVxAjOerTuabEGGMFRdY1SYEde6XGmn5udnstNqo-33VhPrRzGdITaUkSQwDyR6U7ZJxqGZ3uSu7pLlve0Kn-CobVCtMoYbaeUnIrB9Q9-liiKBvF8BDypCu7z3menjltYe0_IUvHbL8Tzknq1y5PzOpE1WcaH9wHA4zX_oUr01C5znvs9sH1rUWSmPpx5BT_sE4EUOdeOptyqREWyyQfSYYMrsRNLeYMJwPx8tT2i1OFS0qg7rHYyI4x8jAsI_N7v6N5Y0oetiDPhhxl0bRKzsf7lZKenhPnmwWfRT_HRW4Yd2I0_fpqvepDTxwWSoA3Wf_JfXpWx7gcDbCTUYcd2fKyTFHSD1e6HagDaYRBJwFAOUlgz2Cx_XzpO86ZsPOqFLc72uDGR9VWPzqDLYnaF43PkJKZhBkDVpKRPTIXqiYDXFDXzWZkVQ6f4O3gYNsMHQ8g19x7P04ockxcL_ZQck-cQDLsjgLVcJwW7vawr1P3m3fjSrnb7K8Ue_I_y5R4dOVNLny6DwTgozdzc5zNAXhH8sm26cUyOIDXRzGVvWKzz1EgnOmK_-Vqs36RxgGKJ9WwD67k4COaBI3cA26GOW9kjfsAlL1bsrmUULJ48RYEdBtYI4-eM9akYiiviIKu0THtqY5lf8sA9kbzwLhKqAS_4KMj6pAdq22BOKZAvZ2DCdjr-jcfTyTfzHbIlszZVWAvh-qQNSjdNOUbKePKyuOl0t_VUAcK1kErZ1h09-F1h2xl3-zYzLAMXiUovvsBR_Etg57mGEElSlt0Qz3Si1L6YO1lrivMnMe-dRB06ImfcuQiNEsLDwJP4W9L7NeglWLNFgOpWiUvCGDoWcjTAlR0vTIpk7NSPX6_rb2b78YnMIhzq_zkdSKTmlnKxiyNu18_WjBxZw7cqHW2nO_w03521YHm7S_zrULfAFGQZoS7lzArI1ERTmxHQMRZGgvuWxvrYc3hBNcd7yNin2dXlYCsZzEOnxPpIFi12p5Of1QkvcZEIOOJOBTa2Eha7aARuk5X6SG68k_i_OPSAN7tIkriSSjQ7mt9cUwWX23lpzfbTunPDXD5dQSXhrOP20Bgrmt0UIIBeeBIa_Jo7pqrnL3F_6xLoJHf_caWjvGDFSitnh3VncinAb8lTsXQy6TqNGcO0TAMZyEfeAnyJels8LJSKt6AGncwDQ1zmfQXn5al8iB7Nt5fG6eIm-NGph2o0xARrg2hJB3paCDd00_r8uFl3VtWasWd0rZ8ZqFW3Uvh5SMKpfwRrgKiNWdHuIEqyJe7-MH48lsa1grY8ijJO7WVjagS-VFDuHKahpzenfuQ56wA7RAi1kZQPBzWFKb4uO3gpTJeoDE-FuQZnUs6diUTeLZ5DN1McVIOf3PogY-DtVbE4UrqpdM-CE4OsOhMxJS0HLaH8d8kFUG6oxYvIDQ4UorDpQlzy01Y7D51ErFsC0yDGhBVem2ppffxW-7lgqFNfDiKDn4a_ZdTKRsoyacuSY0fnCNM4d5v1JFPii-guPjC0zSnMgxZGUOrmk9BV1VAgMeAleZsZMKI2Ybfrq6uXM2ISaADGF2rhnBccoiGCxMvx90laOA5ZqII9r44A19ByBwik6-utj4ZjyinEMty--WjC9tke9y8TPagPvCl5m7szY4330eegVa-5gFme6Rdo-Ij5BCSCdAphaoe80E1hg3KTs1JTqRRPfJHjjL4nx2sfmpjPmwu_AwTBJzUJ_4pmhcTwebdVXQDIeL90Z-X8J7xWS8unWrgu_Lsa0NJhqtzrMH1WVwrPStHOKj1-V1mK3S-9tAb_IMSh-2ObAz-cOZjUMsrp2VV5wuG3RkQYmgVWgH_5FpvlS87SB7VcbMZVTcPJAV33EpWXiIIIeOYyKTi69AutqeYcCgeqqhMUH7jM_h70xIAK3OghVAt8RGf7NEbGUB8iwXUgIDFwV0Xnrpn5ExF-wykPdG_uzJ3vZYyHkgrXWTHB0u9U2L4ZaUmwgL1SRjE2DI-m-kIc7l2moGxQWImdZxcwCgQYs-YrTEOvSD5qxPYXOrjMIXY9PgbgoGfnkeDpMHb_pXRzZjKBsEtHfimvgIbAHTVhnDN5X4Wutg1St6HEnMmKzofDD6IFE06dFPTrMcPiM6CDUG3USNrwr7lVllHR6a90vGp1s9eLuouGaQ1HXYLt3xY2W3Sc8ASmoJ4H1HndqXzQSUUMEyT9Az4f4T8Jr_nb_-45OFqeAfVmgObqjgIB7S6uARCk8pLxk2XQmcfYaFjiHALpaPm2K8buQ21vmA9fLcN4-s8h2nqDZCbZ-R5Jpr1_mzfK8RIXx9po_Xq2SUeukrYtW3-BE0iFPT9089VPmkvdntevQ3rGroJRIaB5v9pTPoMcX5_R9OVeSMhRrsCiUaQ7_pgODKYTliBaDXtp3C6iftBVrnK1gXlFoA3DTlx4ymLtdSveKghYVTwCSpDEJWhv5GQjVcfPIBy9sTIKkT-mD083LKwhEUNy06BWahUsobiGw8skvk4eqpHfkreQ96g-PVxcMsVRueKzKPrEWoSTxDcgBc1VHIikQLgPXzDg16mLUPnDDztY2P1R_pZwtWnf4HFvpIIc9degv_ccBlOThtGnBoT0Gtu8nT-ZgUkZRFCy4F9DMX3mwGkrb1ZS23arDvCaBl0KoslQlytotAxhvAMRxZCebupdRPGCaytllt5Y8l4GfLCWC0cP5EaB6oKm23OZP30PiuKs4VWtUcI2XGsiEPBm8sGL92o_r6N-taoWAExkoSk6v8GkdMkaE3Lg0yuHb7xeIq8y_fvmR-xYnrPKYXWHtBVGt-FMFp6vAMcn_L-_uElw1HDbVoBAb_buywN-W1kIAeVUhtaz5VZI8UyB6KK6wDndar8QXx3y1qSmb12yJvv4Nxjg1J8SPvkFZ41hXbbUbnlLTjIUTxcmijZkrkd3NbewiicGo6ItgSZJcM_WxoZCAASFeRozgz4lLhLMsyCPNNqGHN7HNznXGAB

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 15:04:03 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 3A3D 24 KB
9 KB 7ms
6ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 15:10:32 GMT

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2DBA 35 KB
13 KB 7ms
6ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 16:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 16:13:39 GMT

GET
H2 200 main.gr.19.8.270.js Show response
static.adsafeprotected.com/ Frame 3A3D 187 KB
60 KB 137ms
8ms Script
application/javascript 2600:9000:21f3:f000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.270.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/551864/51534907/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:f000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 255d7536bc23ccf8c9daaffa1e8985fad893b4a6e879989d4a743cef3a14a234

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:41:19 GMT
content-encoding: gzip
age: 581555
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 22 Nov 2021 21:26:13 GMT
server: AmazonS3
etag: W/"97555862abc91b6f26be3ae590ed242e"
vary: Accept-Encoding
x-amz-version-id: SdE4MbHi75sePjhKKdXAKekDupsz0WTg
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: hS6_D1sMbX5st-7wr2YWWLdMJywQmZTDcEaZpdAxoSThVK26KjjWVQ==

GET
DATA 200
OK truncated
/ Frame 3A3D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6808cc96508d89dbfc037702b84900f5265191cfd7d3e8f675dd5d501f2678a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9857207275611410272/ Frame 1DDC 4 KB
1 KB 22ms
7ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9857207275611410272/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

241cf4053ed4f3711959e2e222e27268de0fcaa5ad69cf5054543dfa53f57d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1353
date: Fri, 26 Nov 2021 07:07:46 GMT
expires: Sat, 26 Nov 2022 07:07:46 GMT
last-modified: Tue, 24 Aug 2021 16:57:30 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 288367
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3A3D 0
524 B 85ms
49ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst21BlO-wEHUx0Bqo7FFlNYb0zkvFLrQkX6cJpg03MYUXUyIj3k_Mr4uoFgnC3dfPuieb8VVDaqc3ZGrAj3JPlMC3F6iRi9CZi__t1yNQr5_sw-l60PfbwmYfscH4bqMeMgahnC&sai=AMfl-YQ46ThQqgWWBBD3V0YGSYwcsMiBDMSu4rtyuy1xilkdO80EjWLIxtINCcUPTbKmFF1oT8qb-LyI3Xy8e5ROPKw5qgs-g-ZzBHfEk88&sig=Cg0ArKJSzOKmkx80LQbWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=175&cbvp=1&cstd=172&cisv=r20211111.30825&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.globalair.com
URL: https://www.globalair.com/login.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 15:13:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DBA 0
20 B 58ms
58ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdDbrMe6kYa2JJMLK7_UPs42gmAEAAAAAOAHgBAI&bg=!U1ClUBTNAAZQLpa_UC47ACkAdvg8WiX4uQvdUcmIwnqyFLdGdHKt2_OPbnyI8uiTXkkNw1Us2woCigIAAABWUgAAAAtoAQeZAxnui6R-ovnsef09Z8hvKWfhtVeRluB-91f18t6-K0LnRN22BILS3p7sPteiHjSxMUh4XAW_OfNARtD00aEbqnwdCWHIEt2HIPy0ay_yIz7gN_Uu-KOLQxrStKira8YmEFBsA0LDzCuex5AVCYFUIECxi5m_F7e-sE3nV60VRnBUiMnSwm44yrDko7tHKdHOeRHP8YzYkXcduDr36tQoElvWTdJ4WIwQkvylgV11aA_sVBLiJgotlSUAhrTds0a196GO2aesRgJZfyJIuwPfffUoiuN5yte_QNoC6h9J_d3_L3ntLwWg094HDXFy0ryjKEIY7zVUVlZ0wQAQpxYsZDsOAiny_j_rHCtnHmsqJYbmMRe2Hq-j1YtTTpxgRKyOOaMhfUl1pOk4FTWlNcN3BnT-CdR9rKcl2qgQTyvmwWIJ2TwPG2WT9JWagQACSGY7ibg79q2phvthXcGCXcYKOFwShjSUsMaakJf9k7Un08Xy-X_x6VJEvMMLM6T0kCuoj7xWTKI0gMK0I5-E5yyl1Ocp4VQNQL2kBpKTLRwTLN4Y2l4Q3BXfjYQf_H-O4noB8JOWWDkRHGVjbezLpLncbghJby0LDs4G196fCIbGttRxmBn3uLKLj7gJA6e17pWZyKZWoC8bPbM-XecrDg6ydNuvP7MY4d535hqHKY70TZwfIPX690Vy9FE3f2y3jYlvr04nceD6GuBWin0L99Q5rmkj5H58SFKozaTGSSe8vy7ibq3fH_4hmWc6xSgC_SSb6J5yQsi3_zZsPaBpQ7aTNPwJso442XpHYXBLoZujxFhPd8yqg_Y4V5TSBMYf05Fa6bRy8gb44IayY_HZu2yrdUG3hFGj_9MPKhBXIHPo_b2Dnqs3Jk21Arf7d4rGkW3cJJUFDfjht1xWlx34FTR9hHpQJl-KuZl8H0H_0fdlMuqbJKGq8asaOM1Umdu5G9DBmWlYCS0KxnyTkKLxmUble4g1TxV1oNR29_li-9tWS0igFQqz_o9agTXdZSIAFIXefZg_TFj8OaziU45cyUelVNCQb95E-_onLGNp

Requested by

Host: 7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com
URL: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 3A3D
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/551864/51534907/skeleton.js?adsafe_url=https%3A%2F%2Fwww.globalair.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.globalair.com%2F&adsafe_type=c&adsafe_url=...
https://static.adsafeprotected.com/skeleton.js

17 B
464 B

7ms
6ms

Script
application/javascript

2600:9000:21f3:f000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com
URL: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:21f3:f000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
age: 12551877
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 8u3JOaM_727MEGdmZW-WaNVdK7TvnY1iT6EvuBB4O0TScXR8wU_Tyg==

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:53 GMT
x-server-name: app20.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 38DD 80 KB
21 KB 8ms
7ms Script
application/javascript 2600:9000:21f3:f000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com
URL: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:f000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 08:08:31 GMT
content-encoding: gzip
age: 5123123
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: t8CbjfFOesyAXYADRi-wpMGIxPZ88i0v1WD9KOFPrwemBWMxVpj2PQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3A3D 43 B
215 B 403ms
111ms Image
image/gif 44.195.120.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=551864&asId=ad16e271-4b8d-2328-7e3f-6a1abd4f02ac&tv=%7Bc:vmYzEn,pingTime:-3,time:204,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:178%7D,%7Bpiv:100,vs:i,t:203%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:204,o:0,n:203,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:178,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B37~1%5D,as:%5B37~728.90%5D%7D%7D,%7Bsl:i,t:203,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sQanm9V+11%7C12%7C13%7C141*.551864-51534907%7C1411%7C1412%7C1413,idMap:141*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: 7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com
URL: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.120.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-120-221.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:54 GMT
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3A3D 43 B
216 B 399ms
110ms Image
image/gif 44.195.120.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=551864&asId=ad16e271-4b8d-2328-7e3f-6a1abd4f02ac&tv=%7Bc:vmYzEo,pingTime:-6,time:205,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:205,o:0,n:203,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:178,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B37~1%5D,as:%5B37~728.90%5D%7D%7D,%7Bsl:i,t:203,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sQanm9V+11%7C12%7C13%7C141*.551864-51534907%7C1411%7C1412%7C1413,idMap:141*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:www.globalair.com*%2C7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com*&br=c
Requested by: Host: 7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com
URL: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.120.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-120-221.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:54 GMT
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3A3D 43 B
215 B 387ms
111ms Image
image/gif 44.195.120.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=551864&asId=ad16e271-4b8d-2328-7e3f-6a1abd4f02ac&tv=%7Bc:vmYzEt,pingTime:-2,time:210,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:8,bdZ:149,beA:154,beZ:155,mfA:317,cmA:318,inA:318,inZ:322,prA:322,prZ:327,si:333,poA:334,poZ:347,cmZ:347,mfZ:347,loA:358,loZ:360,ltA:364,ltZ:364%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:178%7D,%7Bpiv:100,vs:i,t:203%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:210,o:0,n:203,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:178,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B37~1%5D,as:%5B37~728.90%5D%7D%7D,%7Bsl:i,t:203,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B7~100%5D,as:%5B7~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sQanm9V+11%7C12%7C13%7C141*.551864-51534907%7C1411%7C1412%7C1413,idMap:141*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:30,readyFired:true%7D&br=c
Requested by: Host: 7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com
URL: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.120.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-120-221.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:54 GMT
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3A3D 43 B
215 B 355ms
118ms Image
image/gif 44.195.120.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=551864&asId=ad16e271-4b8d-2328-7e3f-6a1abd4f02ac&tv=%7Bc:vmYzFf,time:258,type:e,im:%7Bimprf:%7Bttecl:375,ecd:7,tsecr:1%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:258,o:0,n:203,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:178,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B37~1%5D,as:%5B37~728.90%5D%7D%7D,%7Bsl:i,t:203,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B55~100%5D,as:%5B55~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sQanm9V+11%7C12%7C13%7C141*.551864-51534907%7C1411%7C1412%7C1413,idMap:141*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: 7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com
URL: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.120.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-120-221.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:54 GMT
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 style.css
s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/ Frame 1DDC 3 KB
875 B 8ms
7ms Stylesheet
text/css 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cbfa8f1fa958989e6c0910a10ccff91d31bf6209d300176dae4fc7d4a9cf7c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9857207275611410272/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 20:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 412462
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:57:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Nov 2022 20:39:32 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/ Frame 1DDC 113 KB
34 KB 50ms
22ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:13:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1523912
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 33534
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1c274"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7vvFqmWVmx7DH%2BwGm4ZO9BVXVYGN6jWRWiw5m7n4LFbVRmRu46KFhxiCcDRy6X6oq7WBAMOtV144%2F1hLXx6M2VU5khJgveXcafbDMK9XTm9X1F7SIQczDXf7aNaqiuZDr0DZrWjuF1N5%2F92h9DOdOg8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b5cc858dcdb4dfa-FRA
expires: Sat, 19 Nov 2022 15:13:54 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/9857207275611410272/javascripts/ Frame 1DDC 3 KB
777 B 7ms
7ms Script
application/x-javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9857207275611410272/javascripts/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d3f27a3972d1254d23f3464dcedc6f1a1dc3a3e5439322bf715996c20f05edc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9857207275611410272/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533022
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 748
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:57:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Nov 2022 11:10:12 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame 1DDC 73 KB
73 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9857207275611410272/images/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad3568e2108c0abf3ad1c05c629be3ea7c5a8a2dfcda139514224783ae5bbda2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 10:33:13 GMT
x-content-type-options: nosniff
age: 189641
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74798
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:57:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Nov 2022 10:33:13 GMT

GET
H3 200 push1.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame 1DDC 2 KB
2 KB 10ms
10ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9857207275611410272/images/push1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b69e331b79759fb1c0b61205e2704e6228d1952b681cdddc8e808b7e884e3af9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 12:45:45 GMT
x-content-type-options: nosniff
age: 181689
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2391
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:57:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Nov 2022 12:45:45 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame 1DDC 87 KB
87 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9857207275611410272/images/bg2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c6e60c44e2e29d40a94d2843b8dd17b89af0a5767802c154fc0d257be4cf42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 23:20:52 GMT
x-content-type-options: nosniff
age: 489182
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89049
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:57:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Nov 2022 23:20:52 GMT

GET
H3 200 push2.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame 1DDC 2 KB
2 KB 8ms
8ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9857207275611410272/images/push2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3e8146a8ce9363aca840c573afe77f382a578b5aa1a4b9eacb9dab4e8832635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:09:14 GMT
x-content-type-options: nosniff
age: 464680
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2024
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:57:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Nov 2022 06:09:14 GMT

GET
H3 200 bg3.jpg
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame 1DDC 71 KB
71 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9857207275611410272/images/bg3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7ef9e6359708b2c0d0ff0782f1e05d8103ee6150b9c978157dce258cb7e95d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 23:27:12 GMT
x-content-type-options: nosniff
age: 488802
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72234
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:57:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Nov 2022 23:27:12 GMT

GET
H3 200 push3.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame 1DDC 2 KB
2 KB 12ms
11ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9857207275611410272/images/push3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37d742cb539fd632ae327cdf25ca452b3d3ae5492c00cdd41a8afe1fb5f59810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:49:18 GMT
x-content-type-options: nosniff
age: 465876
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:57:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Nov 2022 05:49:18 GMT

GET
H3 200 bg4.jpg
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame 1DDC 57 KB
57 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9857207275611410272/images/bg4.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d06b21ffde792d5820d85d667c466761f2d11eb0c24de8d2ee686bda13cf3ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 20:28:35 GMT
x-content-type-options: nosniff
age: 413119
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58679
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:57:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Nov 2022 20:28:35 GMT

GET
H3 200 push4.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame 1DDC 140 B
167 B 18ms
18ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9857207275611410272/images/push4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b47b0822eca0f063d9761994afcb069eb121b3b33f472ae5c47ff3f506491c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 06:52:05 GMT
x-content-type-options: nosniff
age: 289309
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 140
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:57:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Nov 2022 06:52:05 GMT

GET
H3 200 push5.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame 1DDC 2 KB
2 KB 17ms
17ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9857207275611410272/images/push5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4844bd0dd9b6fbbcf54d761c911839947dc63ccdf796238ebb77bf2d9567a5f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:52:27 GMT
x-content-type-options: nosniff
age: 501687
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2452
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:57:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Nov 2022 19:52:27 GMT

GET
H3 200 bg5.jpg
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame 1DDC 82 KB
82 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9857207275611410272/images/bg5.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbcbb6bbbc30bc9f7ce2e21e30b94d99d485f6aff4f4d0e23d3eeca215991e6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 20:39:32 GMT
x-content-type-options: nosniff
age: 412462
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84030
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:57:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Nov 2022 20:39:32 GMT

GET
H3 200 push7.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame 1DDC 2 KB
2 KB 17ms
17ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9857207275611410272/images/push7.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ec8660120360dee15aa257d9ff6e5d30e4eec2e9cc5b9f69b275b4226fef871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:20:40 GMT
x-content-type-options: nosniff
age: 427994
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2026
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:57:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Nov 2022 16:20:40 GMT

GET
H3 200 push6.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame 1DDC 3 KB
3 KB 19ms
19ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9857207275611410272/images/push6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8249e6e6aab05d209185d72bf727e5220b1f067681e62678fb5d81d372696f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:10:46 GMT
x-content-type-options: nosniff
age: 428588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2645
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:57:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Nov 2022 16:10:46 GMT

GET
H3 200 mask.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame 1DDC 4 KB
4 KB 18ms
18ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9857207275611410272/images/mask.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a0ebad63f72a76eef81489ff5a91460a375240977a35f6f6bb93f1bf1bb5f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 20:11:49 GMT
x-content-type-options: nosniff
age: 500525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3774
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:57:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Nov 2022 20:11:49 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame 1DDC 1 KB
1 KB 17ms
17ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9857207275611410272/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d75c407d160a96010327243698e453ffbc5e2e6aa6d37a80cb8057457210902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:10:46 GMT
x-content-type-options: nosniff
age: 428588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1292
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:57:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Nov 2022 16:10:46 GMT

GET
H3 200 cta_hover.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame 1DDC 99 B
129 B 18ms
18ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9857207275611410272/images/cta_hover.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae829f91c5894fabf92675d9ccf31d618cd5e4d9a518274c532a727d71e8b3ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 06:52:05 GMT
x-content-type-options: nosniff
age: 289309
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:57:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Nov 2022 06:52:05 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame 1DDC 8 KB
8 KB 16ms
16ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9857207275611410272/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8226c4a493e7940c8fb7760cd0b68656bd25557379cbb42bb8f395a51b478a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:49:18 GMT
x-content-type-options: nosniff
age: 465876
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8527
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:57:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Nov 2022 05:49:18 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3A3D 0
23 B 61ms
46ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst21BlO-wEHUx0Bqo7FFlNYb0zkvFLrQkX6cJpg03MYUXUyIj3k_Mr4uoFgnC3dfPuieb8VVDaqc3ZGrAj3JPlMC3F6iRi9CZi__t1yNQr5_sw-l60PfbwmYfscH4bqMeMgahnC&sai=AMfl-YQ46ThQqgWWBBD3V0YGSYwcsMiBDMSu4rtyuy1xilkdO80EjWLIxtINCcUPTbKmFF1oT8qb-LyI3Xy8e5ROPKw5qgs-g-ZzBHfEk88&sig=Cg0ArKJSzOKmkx80LQbWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=411&vt=11&dtpt=236&dett=3&cstd=172&cisv=r20211111.30825&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.globalair.com
URL: https://www.globalair.com/login.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 15:13:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3A3D 43 B
215 B 214ms
214ms Image
image/gif 44.195.120.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=551864&asId=ad16e271-4b8d-2328-7e3f-6a1abd4f02ac&tv=%7Bc:vmYzJ7,pingTime:-10,time:498,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuNDUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1638198834200%7C%7C8ec7887b56edd38f5f0e14064639379d%7C%7Cb4088f046bf9a570f2964ffc86d258ff%7C%7Cad4a6ea710aee2214e7857782058a2d3%7C%7C4583c4e974413f27bbd65cc89f688a3e%7C%7C9b6e87650a044e6f56561acdde476b69%7C%7C754c2a0715b18d993160deff103e55e4%7C%7Cfdeafe0100cc3f590623d543ee58f79b%7C%7C1629390669%7D
Requested by: Host: 7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com
URL: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.120.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-120-221.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:54 GMT
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3A3D 42 B
64 B 42ms
41ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1AeYFcZ2ZK4cf8nYYRJLFnvjwxFPAHyTkaEvhPzzow-aR3yshui_C3-opvp20QeSx0jFbPhYHy386DfrpfkE0YBkNtg4u7742zkbimaDk7bf73OLgvA&sai=AMfl-YTGVCWzKMFDBnv69FUjjqHxWbK58oKGi9rbu6_EJehV5K4c33fjH6992rRWWhFThhxfjQsMOUkQPqgWmIfnSc8428QvgRBqJjT7f88rdi9ghEfvx5CC-KAbpZh97U31&sig=Cg0ArKJSzDJfOAPVUg8pEAE&cid=CAASFeRozgz4lLhLMsyCPNNqGHN7HNznXA&id=lidar2&mcvt=1000&p=55,507,145,1235&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=340152150&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638198833549&rpt=185&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3A3D 43 B
215 B 111ms
110ms Image
image/gif 44.195.120.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=551864&asId=ad16e271-4b8d-2328-7e3f-6a1abd4f02ac&tv=%7Bc:vmYzUv,pingTime:1,time:1204,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:178%7D,%7Bpiv:100,vs:i,t:203%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1204,o:0,n:203,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:178,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B37~1%5D,as:%5B37~728.90%5D%7D%7D,%7Bsl:i,t:203,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:216,fm:sQanm9V+11%7C12%7C13%7C141*.551864-51534907%7C1411%7C1412%7C1413,idMap:141*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.120.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-120-221.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:54 GMT
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3A3D 43 B
215 B 113ms
112ms Image
image/gif 44.195.120.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=551864&asId=ad16e271-4b8d-2328-7e3f-6a1abd4f02ac&tv=%7Bc:vmYzUv,pingTime:1,time:1204,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:178%7D,%7Bpiv:100,vs:i,t:203%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1204,o:0,n:203,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:178,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B37~1%5D,as:%5B37~728.90%5D%7D%7D,%7Bsl:i,t:203,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:216,fm:sQanm9V+11%7C12%7C13%7C141*.551864-51534907%7C1411%7C1412%7C1413,idMap:141*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.120.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-120-221.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:54 GMT
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3A3D 43 B
215 B 112ms
111ms Image
image/gif 44.195.120.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=551864&asId=ad16e271-4b8d-2328-7e3f-6a1abd4f02ac&tv=%7Bc:vmYzUw,pingTime:1,time:1205,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:178%7D,%7Bpiv:100,vs:i,t:203%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1205,o:0,n:203,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:178,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B37~1%5D,as:%5B37~728.90%5D%7D%7D,%7Bsl:i,t:203,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:216,fm:sQanm9V+11%7C12%7C13%7C141*.551864-51534907%7C1411%7C1412%7C1413,idMap:141*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.120.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-120-221.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 15:13:54 GMT
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.globalair.com/	1970-01-19 23:03:26	Name: _ga Value: GA1.2.529333187.1638198829
.globalair.com/	1970-01-19 23:03:26	Name: _gid Value: GA1.2.673204087.1638198829
.globalair.com/	1970-01-19 23:03:26	Name: _gat Value: 1
tags.srv.stackadapt.com/	1970-01-20 07:48:54	Name: sa-user-id Value: s%3A0-0ee80551-b346-42cf-5258-39c930b6e6f0.Pof2afXBy0KDaG3gf448fqvx2FNhGSaRZvm2J7%2B2Kv0
.srv.stackadapt.com/	1970-01-20 07:48:54	Name: sa-user-id-v2 Value: s%3A0-0ee80551-b346-42cf-5258-39c930b6e6f0%24ip%2478.47.208.28.81N5KZH4fLb48lyYHIEqZ3S5UFFIqAHk60Atvnu66JA
.bing.com/	1970-01-20 08:24:54	Name: MUID Value: 2D9C457C20636D9A1A9D558221086C5D
.globalair.com/	1970-01-19 23:04:45	Name: _uetsid Value: f4b3e840512611ecb8dfc9f2de247869
.globalair.com/	1970-01-20 08:24:54	Name: _uetvid Value: f4b40e10512611ecbc509dedcaa3d066
www.globalair.com/	1969-12-31 23:59:59	Name: SSPIDER Value: False
www.globalair.com/	1969-12-31 23:59:59	Name: SIPISBlocked Value: False
www.globalair.com/	1969-12-31 23:59:59	Name: 861 Value: 28,1190,726
www.globalair.com/	1969-12-31 23:59:59	Name: 851 Value: 219,1025,508
.globalair.com/	1970-01-20 08:24:54	Name: __gads Value: ID=d543f358e470aafc-228432e412cc0012:T=1638198833:S=ALNI_MZkx3qlXpQ6abhGLmk6FFg0FWcN5w
.casalemedia.com/	1970-01-20 07:48:54	Name: CMID Value: YaTuMTuyS9ddwLa3gL7rzQAA
.casalemedia.com/	1970-01-20 01:12:54	Name: CMPS Value: 3177
.doubleclick.net/	1970-01-20 08:24:54	Name: IDE Value: AHWqTUnK5eyMDrbwc96yNLqQ7GOUg4L7ls9_I4X3wUzlFF-2GtOTWWnJ_hDhHRYIbYc
.adnxs.com/	1970-01-20 01:12:54	Name: uuid2 Value: 1710304189640258797
.casalemedia.com/	1970-01-20 01:12:54	Name: CMPRO Value: 1152
.casalemedia.com/	1970-01-19 23:04:45	Name: CMST Value: YaTuMWGk7jEA
.adnxs.com/	1970-01-20 01:12:54	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilef:@Dv!]tbPl1M>e)ZlrFUfJ+tGXxp.N`<!f^dU]fQO/Zu=9RceJ0tGZNab<jTGy1bpRzqF1`b^e%)m23)
.casalemedia.com/	1970-01-20 07:48:54	Name: CMRUM3 Value: 2d61a4ee312760CAESEAnLnCWd8F24W3Xpr5KFgB8

36 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.globalair.com/login.aspx Message: Failed to decode downloaded font: https://www.globalair.com/webfonts/fa-brands-400.woff2
other	warning	URL: https://www.globalair.com/login.aspx Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.globalair.com/login.aspx Message: Failed to decode downloaded font: https://www.globalair.com/webfonts/fa-brands-400.woff2
other	warning	URL: https://www.globalair.com/login.aspx Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.globalair.com/login.aspx Message: Failed to decode downloaded font: https://www.globalair.com/webfonts/fa-brands-400.woff2
other	warning	URL: https://www.globalair.com/login.aspx Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.globalair.com/login.aspx Message: Failed to decode downloaded font: https://www.globalair.com/webfonts/fa-solid-900.woff2
other	warning	URL: https://www.globalair.com/login.aspx Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.globalair.com/login.aspx Message: Failed to decode downloaded font: https://www.globalair.com/webfonts/fa-solid-900.woff2
other	warning	URL: https://www.globalair.com/login.aspx Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.globalair.com/login.aspx Message: Failed to decode downloaded font: https://www.globalair.com/webfonts/fa-solid-900.woff2
other	warning	URL: https://www.globalair.com/login.aspx Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.globalair.com/login.aspx Message: Failed to decode downloaded font: https://www.globalair.com/webfonts/fa-brands-400.woff
other	warning	URL: https://www.globalair.com/login.aspx Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.globalair.com/login.aspx Message: Failed to decode downloaded font: https://www.globalair.com/webfonts/fa-brands-400.woff
other	warning	URL: https://www.globalair.com/login.aspx Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.globalair.com/login.aspx Message: Failed to decode downloaded font: https://www.globalair.com/webfonts/fa-brands-400.woff
other	warning	URL: https://www.globalair.com/login.aspx Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.globalair.com/login.aspx Message: Failed to decode downloaded font: https://www.globalair.com/webfonts/fa-solid-900.woff
other	warning	URL: https://www.globalair.com/login.aspx Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.globalair.com/login.aspx Message: Failed to decode downloaded font: https://www.globalair.com/webfonts/fa-solid-900.woff
other	warning	URL: https://www.globalair.com/login.aspx Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.globalair.com/login.aspx Message: Failed to decode downloaded font: https://www.globalair.com/webfonts/fa-solid-900.woff
other	warning	URL: https://www.globalair.com/login.aspx Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.globalair.com/login.aspx Message: Failed to decode downloaded font: https://www.globalair.com/webfonts/fa-brands-400.ttf
other	warning	URL: https://www.globalair.com/login.aspx Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.globalair.com/login.aspx Message: Failed to decode downloaded font: https://www.globalair.com/webfonts/fa-brands-400.ttf
other	warning	URL: https://www.globalair.com/login.aspx Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.globalair.com/login.aspx Message: Failed to decode downloaded font: https://www.globalair.com/webfonts/fa-brands-400.ttf
other	warning	URL: https://www.globalair.com/login.aspx Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.globalair.com/login.aspx Message: Failed to decode downloaded font: https://www.globalair.com/webfonts/fa-solid-900.ttf
other	warning	URL: https://www.globalair.com/login.aspx Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.globalair.com/login.aspx Message: Failed to decode downloaded font: https://www.globalair.com/webfonts/fa-solid-900.ttf
other	warning	URL: https://www.globalair.com/login.aspx Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.globalair.com/login.aspx Message: Failed to decode downloaded font: https://www.globalair.com/webfonts/fa-solid-900.ttf
other	warning	URL: https://www.globalair.com/login.aspx Message: OTS parsing error: invalid sfntVersion: 1008813135

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7dd4ba2d12ab172b40ae327378a3e2b3.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
bat.bing.com
bid.g.doubleclick.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cs.choozle.com
d1eoo1tco6rr5e.cloudfront.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
insight.adsrvr.org
nexus.ensighten.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
resources.globalair.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tags.srv.stackadapt.com
tpc.googlesyndication.com
www.facebook.com
www.globalair.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
13.225.83.200
142.250.185.162
142.250.186.162
142.250.186.34
142.251.5.155
18.197.253.20
185.33.220.145
2.21.141.232
2600:9000:21f3:f000:8:48e:53c0:93a1
2606:4700:20::ac43:4514
2606:4700::6810:125e
2606:4700::6810:5614
2606:4700::6810:5f41
2620:1ec:c11::200
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2006
2a00:1450:4001:811::2003
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c1b::9d
2a03:2880:f11c:8083:face:b00c:0:25de
3.224.186.28
34.198.96.125
44.195.120.221
52.223.40.198
99.80.67.138
03ff04d63b99324926c987dc3f5755a6ac8b15ecc4acf70bb5b6140570fc377c
04e05f728c64584f7c1e759573e6f2d6fe83166642899a4e9056c4a51e68a8de
0b88c033390ac0fb336673679ad3277700639af43673b66997c43bc98b1f1401
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1025ba418e3ffeb16d9a8083aa23e3df605fdbd241749230e8038cd6d0a8eb92
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1cbfa8f1fa958989e6c0910a10ccff91d31bf6209d300176dae4fc7d4a9cf7c7
1ec8660120360dee15aa257d9ff6e5d30e4eec2e9cc5b9f69b275b4226fef871
1fb5a7b980e2472fba5a65a97fb3c2682ae613563f806d8835c27a6ccc55ea61
21399ec3560a803e2128e26cd66a20f3bc0493acbb2f56affe147bc8bcef5208
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
241cf4053ed4f3711959e2e222e27268de0fcaa5ad69cf5054543dfa53f57d22
255d7536bc23ccf8c9daaffa1e8985fad893b4a6e879989d4a743cef3a14a234
2804f8ff7b2c1e6c6ae1d8ff925828efaaacf05e29e3c01b87be9ec7a66ade9f
28b35e2483ab6d58db382e9a2d302f6c7c12b2dc2a43577d12768dd14f9c5ca2
2a0ebad63f72a76eef81489ff5a91460a375240977a35f6f6bb93f1bf1bb5f7d
32c31de1451ba73b0186bbe8ebaf3ca19e53f873e771caf9218a7e223f90fd8d
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37d742cb539fd632ae327cdf25ca452b3d3ae5492c00cdd41a8afe1fb5f59810
3b47b0822eca0f063d9761994afcb069eb121b3b33f472ae5c47ff3f506491c6
3c09d7e762d7eff232946ab300e80df7adbba4582e60187315438d3e93164816
3c9aa98c893aa4cdf9ccc372b35ae0624a215fe43491cdc9c08f9382f5e8b5e9
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3ffaef0ce322e979fcfa17b5a480c39201ca10fe5f7fd5f2fe6d607ea7b51517
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
468a7babae2615fd101b1e23654db9d82833ec9f2f18b8bab4355d37c51e75c7
4808e3f356e5c14e1ea25732fc7495d9120c22e741bbf22578b8130abeab5d0b
4844bd0dd9b6fbbcf54d761c911839947dc63ccdf796238ebb77bf2d9567a5f9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
4cfafb636322ff1b587e19e1e13420c3ccdf6c011ce747dbb8b75accb8f720be
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5ada4fdceafe0508396cbf69c96b9360f6d868ed6ceef011bd72c86bdb8f602e
5b2daf949bdaf094643122dfb81ef4da4458c8a71c8e708d56681c0b420df243
5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6
5c28bae2d121341665958f6917569e1c319a9f715859e29c199e2f7aa3bf3362
5c41cb16b5c9fe9f5e162464fa3389c28d27b2271b2caf044be9b289cedea7ea
5f561ae85f27afb9f53f6d5156c5aef8a2ec2e3eb8f6388cefa1e055b588a55d
6808cc96508d89dbfc037702b84900f5265191cfd7d3e8f675dd5d501f2678a5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c215b57646bd7737bfef840db766eac86d0429d94e3965e355d9c6ee26efc7a
6cb66eaaa59ad6f5a5cacb17a3367c61a3cdc03488d4d2ab7a748c6df155ebf8
6d75c407d160a96010327243698e453ffbc5e2e6aa6d37a80cb8057457210902
7d3f27a3972d1254d23f3464dcedc6f1a1dc3a3e5439322bf715996c20f05edc
7f45b8b4cc36fb6f81668f84a6d47c4be540743fa229ac40372987bbd4de690a
8249e6e6aab05d209185d72bf727e5220b1f067681e62678fb5d81d372696f65
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87c3d011705283015941c61b5cf4a40d6c6253bba59fb8df4361a4f53e602f7e
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8c6e60c44e2e29d40a94d2843b8dd17b89af0a5767802c154fc0d257be4cf42f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9223e6eb171099c0a8d26458e61a9219ebacc0107853337cac5a69dd821d819b
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab9712585dbf3256db644875e4bfbc9ee88f7cb6ba3022ad9178fb44343e6aa4
ad3568e2108c0abf3ad1c05c629be3ea7c5a8a2dfcda139514224783ae5bbda2
ad63f4d23538d5e5dd5c741a1ae8f6360d8435321add99709ffa5b54855b01e9
ae829f91c5894fabf92675d9ccf31d618cd5e4d9a518274c532a727d71e8b3ef
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b92ba8d4314393d3c729cf94c12b65a1db2a41fb676b252f060f8eafdd2efd
b5e38de32d149f2263d86a25f0db6e63418e296f5c42f004f1ad157b5062db96
b69e331b79759fb1c0b61205e2704e6228d1952b681cdddc8e808b7e884e3af9
b7ef9e6359708b2c0d0ff0782f1e05d8103ee6150b9c978157dce258cb7e95d8
bbb4ea560b210d27305bac03822af1ecd2e40a25ab9be5bd2dcd3feacd03563b
bbcbb6bbbc30bc9f7ce2e21e30b94d99d485f6aff4f4d0e23d3eeca215991e6b
bcf8413387406046442515b6e6b540ea502885fe58e4c9ea5e12969c267929e9
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bfba5b151a1e54f80fa294ee14263ba41d1fcbc2c81d8db5e25adaa16a2d9f97
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c3e8146a8ce9363aca840c573afe77f382a578b5aa1a4b9eacb9dab4e8832635
cca8f581d1e4a15d022a50e6b1c67b0759a109fd91b7f2907565800430ec9319
cd5b499584d715336281f7b89296e37987ccb6112dee9aef6152d5a7b47d8603
d06b21ffde792d5820d85d667c466761f2d11eb0c24de8d2ee686bda13cf3ef6
d417bff7c8b4ac044ced56bb199ebc344d2a33b514aaff9704e72e0b79a97ace
d9072d40eb342210ab620a99aa597bb982ee2c2b329987850bd3bf3956f22986
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
edf0e7cbee4eeb9c8cb3fd6ede2b1526136a818ac86478f358314e6977758a7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef53ca1ed9fc4233f8d49c44a602df622b9c933eb0d0fc954ed96d5436fec751
f67291c9420e7fd0b3093bb7d0e375a847e33b7232cddb7773504b1782074fb8
f8226c4a493e7940c8fb7760cd0b68656bd25557379cbb42bb8f395a51b478a6
f86cdded014adca6878b18e675bd917a9443c92e15e8f82e36ee2cebd8c22dbf
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
ffd895321f489aec78010b27641c97572c2766f3f3f5677ce2304fb6c8f83d9c

www.globalair.com Open in urlscan Pro 2606:4700:20::ac43:4514 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

118 Requests

89 %HTTPS

58 %IPv6

21 Domains

33 Subdomains

32 IPs

5 Countries

1751 kBTransfer

4067 kBSize

21 Cookies

6 Outgoing links

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.globalair.com Open in urlscan Pro
2606:4700:20::ac43:4514 Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

89 %
HTTPS

58 %
IPv6

21
Domains

33
Subdomains

32
IPs

5
Countries

1751 kB
Transfer

4067 kB
Size

21
Cookies

118 HTTP transactions
1 data transactions