urlscan.io logo urlscan.io
SecurityTrails logo

www.iata.org Open in urlscan Pro
2606:4700::6812:8ae  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.iata.org/Pages/fraudulent-emails-websites.aspx
Effective URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Submission: On June 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 44 IPs in 6 countries across 31 domains to perform 137 HTTP transactions. The main IP is 2606:4700::6812:8ae, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.iata.org. The Cisco Umbrella rank of the primary domain is 195760.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 27th 2022. Valid for: a year.
This is the only time www.iata.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 26 2606:4700::68... 13335 (CLOUDFLAR...)
7 142.250.185.98 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:133... 15133 (EDGECAST)
13 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 65.9.63.33 16509 (AMAZON-02)
2 172.64.145.46 13335 (CLOUDFLAR...)
4 2a03:2880:f01... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 199.232.188.157 54113 (FASTLY)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 18.64.103.63 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 99.86.4.6 16509 (AMAZON-02)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
9 2a00:1450:400... 15169 (GOOGLE)
1 99.86.4.14 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
3 3.97.121.83 16509 (AMAZON-02)
1 2620:1ec:27::... 8075 (MICROSOFT...)
1 18.158.135.185 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f11... 32934 (FACEBOOK)
4 20.120.65.166 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
3 52.54.96.194 14618 (AMAZON-AES)
1 2 20.234.93.27 8075 (MICROSOFT...)
2 13.69.106.217 8075 (MICROSOFT...)
137 44
26    2606:4700::6812:8ae (United States)

ASN13335 (CLOUDFLARENET, US)
www.iata.org
7    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
1    2606:4700:4400::ac40:9912 (United States)

ASN13335 (CLOUDFLARENET, US)
dl.episerver.net
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
13    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3bd2e09113cc6e4d09b08ddddff4975f.safeframe.googlesyndication.com
6    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    65.9.63.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-33.fra56.r.cloudfront.net
static.hotjar.com
2    172.64.145.46 (United States)

ASN13335 (CLOUDFLARENET, US)
s.usea01.idio.episerver.net
a.usea01.idio.episerver.net
4    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
siteimproveanalytics.com
1    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    18.64.103.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-63.txl50.r.cloudfront.net
cdn.funnelytics.io
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    99.86.4.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-6.fra6.r.cloudfront.net
script.hotjar.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
9    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
pagead2.googlesyndication.com
1    99.86.4.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-14.fra6.r.cloudfront.net
vars.hotjar.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
3    3.97.121.83 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-97-121-83.ca-central-1.compute.amazonaws.com
track-v2.funnelytics.io
1    2620:1ec:27::cafe:1375 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    18.158.135.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-135-185.eu-central-1.compute.amazonaws.com
6126171.global.siteimproveanalytics.io
1    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
5    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    20.120.65.166 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
l.clarity.ms
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    52.54.96.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-96-194.compute-1.amazonaws.com
pi.pardot.com
go.updates.iata.org
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
2    13.69.106.217 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
27 iata.org
www.iata.org — Cisco Umbrella Rank: 195760
go.updates.iata.org — Cisco Umbrella Rank: 377590
2 MB
13 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
796 KB
12 googlesyndication.com
3bd2e09113cc6e4d09b08ddddff4975f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
55 KB
12 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 173
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
static.doubleclick.net — Cisco Umbrella Rank: 338
177 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
15 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 534
l.clarity.ms — Cisco Umbrella Rank: 2346
c.clarity.ms — Cisco Umbrella Rank: 1052
26 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
665 B
5 google.de
adservice.google.de — Cisco Umbrella Rank: 8526
www.google.de — Cisco Umbrella Rank: 6117
2 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 275
29 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 320
www.linkedin.com — Cisco Umbrella Rank: 560
px4.ads.linkedin.com — Cisco Umbrella Rank: 5318
3 KB
4 funnelytics.io
cdn.funnelytics.io — Cisco Umbrella Rank: 63574
track-v2.funnelytics.io — Cisco Umbrella Rank: 51945
4 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 324
c.bing.com — Cisco Umbrella Rank: 210
13 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 144
203 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
33 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
21 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 584
script.hotjar.com — Cisco Umbrella Rank: 713
vars.hotjar.com — Cisco Umbrella Rank: 832
70 KB
3 episerver.net
dl.episerver.net — Cisco Umbrella Rank: 13006
s.usea01.idio.episerver.net — Cisco Umbrella Rank: 26862
a.usea01.idio.episerver.net — Cisco Umbrella Rank: 25055
4 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 747
280 B
2 pardot.com
pi.pardot.com — Cisco Umbrella Rank: 3920
4 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
141 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 111
18 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 213
3 KB
1 siteimproveanalytics.io
6126171.global.siteimproveanalytics.io — Cisco Umbrella Rank: 526461
620 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 506
354 B
1 t.co
t.co — Cisco Umbrella Rank: 505
337 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 760
3 KB
1 siteimproveanalytics.com
siteimproveanalytics.com — Cisco Umbrella Rank: 3282
6 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 608
15 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 114
15 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 163
43 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 1660
22 KB
137 31
Domain Requested by
26 www.iata.org 1 redirects www.iata.org
13 www.youtube.com www.iata.org
www.youtube.com
www.googletagmanager.com
7 www.google.com securepubads.g.doubleclick.net
www.iata.org
www.youtube.com
tpc.googlesyndication.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 securepubads.g.doubleclick.net www.iata.org
securepubads.g.doubleclick.net
www.googletagservices.com
5 pagead2.googlesyndication.com www.googletagservices.com
az416426.vo.msecnd.net
tpc.googlesyndication.com
5 www.facebook.com www.iata.org
4 l.clarity.ms www.clarity.ms
az416426.vo.msecnd.net
4 jnn-pa.googleapis.com www.youtube.com
4 www.google.de www.iata.org
4 googleads.g.doubleclick.net www.googleadservices.com
www.youtube.com
4 connect.facebook.net www.iata.org
connect.facebook.net
3 track-v2.funnelytics.io az416426.vo.msecnd.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.iata.org
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.iata.org
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 c.clarity.ms 1 redirects
2 pi.pardot.com www.iata.org
pi.pardot.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 px.ads.linkedin.com 2 redirects
2 www.googletagmanager.com www.iata.org
www.googletagmanager.com
1 go.updates.iata.org pi.pardot.com
1 c.bing.com 1 redirects
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 stats.g.doubleclick.net az416426.vo.msecnd.net
1 6126171.global.siteimproveanalytics.io www.iata.org
1 www.clarity.ms bat.bing.com
1 px4.ads.linkedin.com www.iata.org
1 www.linkedin.com 1 redirects
1 vars.hotjar.com static.hotjar.com
1 a.usea01.idio.episerver.net www.iata.org
1 analytics.twitter.com www.iata.org
1 t.co www.iata.org
1 script.hotjar.com static.hotjar.com
1 fonts.gstatic.com www.youtube.com
1 cdn.funnelytics.io www.iata.org
1 snap.licdn.com www.iata.org
1 siteimproveanalytics.com www.iata.org
1 static.ads-twitter.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 s.usea01.idio.episerver.net www.iata.org
1 static.hotjar.com www.googletagmanager.com
1 www.googletagservices.com securepubads.g.doubleclick.net
1 3bd2e09113cc6e4d09b08ddddff4975f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 az416426.vo.msecnd.net www.iata.org
1 dl.episerver.net www.iata.org
137 50
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-27 -
2023-05-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2021-08-06 -
2022-08-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-12 -
2022-06-10		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.funnelytics.io
Amazon		 2021-12-06 -
2023-01-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
*.global.r1.siteimproveanalytics.io
Amazon		 2022-04-27 -
2023-05-26		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-08 -
2022-11-07		 a year crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 01		 2022-05-07 -
2023-05-07		 a year crt.sh
go.updates.iata.org
R3		 2022-04-07 -
2022-07-06		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Frame ID: 195E13B225ACA2F958D731AF61986D76
Requests: 98 HTTP requests in this frame

Frame: https://www.youtube.com/embed/FuDFLKPtzfw
Frame ID: 19EE89942B7E67CEDD27307103CD91B4
Requests: 5 HTTP requests in this frame

Frame: https://3bd2e09113cc6e4d09b08ddddff4975f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 42307987BE40F9AD9F341454AC4D20DF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstk-msX5kHhhs8Y_0FaBgsSEWa4FHAX1OXAnK3scOS1kCmC3jf4hb0ZwthcmQqJ042WvtRc08mimVIoJ2_BWW-zkdQiwWOaJbYmFQksNJMmEnpavexY8hhj9hPNZPP2fp70Ys39crzv8EAs6stU555lmbOczMEtUt66QnxEEijEvgbA6A1K1NSmG0n5HCdHHt69JteacQB478WhqjWZXe-gbwgUTUbbI03OKHbZ0PARCdShMohao2pbgo8BxOxAmBfNUoagv5mxkX068Ancxk3WnLGo9L6m0MzObFnSpB2LmV9BPdZZlfP0qOQPsmqP3SD02Q&sai=AMfl-YQx2TkkdFHwj6H119amyJSgokTalgLest7niK-x6VhOQcutj81O3-piXfRbUhDTZF9mn7r9hMO-Dd9ki8k7RFMXj3ILKfpUP4tgPA-lci8i53W7zBmRHCy1YgDaBa-4&sig=Cg0ArKJSzBPrfnrze3WcEAE&uach_m=[UACH]&adurl=
Frame ID: 69EC3C2D8F78F8DC1805434C964D0A4A
Requests: 9 HTTP requests in this frame

Frame: https://www.youtube.com/embed/FuDFLKPtzfw?enablejsapi=1&origin=https%3A%2F%2Fwww.iata.org
Frame ID: 3F65D6B0AB011F8570F124C2058F90DA
Requests: 21 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: 762FB7877A4D726618C6ABB55D382028
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5BBEA469E97912299214150B934343E5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F2907C0782F2F875874D58BC48FD3C42
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

IATA - Fraudulent emails & websites

Page URL History Show full URLs

  1. https://www.iata.org/Pages/fraudulent-emails-websites.aspx HTTP 301
    https://www.iata.org/en/youandiata/fraudulent-emails-websites/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

137
Requests

95 %
HTTPS

61 %
IPv6

31
Domains

50
Subdomains

44
IPs

6
Countries

3669 kB
Transfer

9693 kB
Size

51
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.iata.org/Pages/fraudulent-emails-websites.aspx HTTP 301
    https://www.iata.org/en/youandiata/fraudulent-emails-websites/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45991&time=1654265200732&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D45991%26time%3D1654265200732%26url%3Dhttps%253A%252F%252Fwww.iata.org%252Fen%252Fyouandiata%252Ffraudulent-emails-websites%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45991&time=1654265200732&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45991&time=1654265200732&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&liSync=true&e_ipv6=AQKZATWiDvzJmAAAAYEp48L6Rp3_nh8MAy27mSbqPSU_P72ztqz7FKuh4FfpcTqJtqZ0BfU
Request Chain 124
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=6C6D961501F8409296307E04230078E1&RedC=c.clarity.ms&MXFR=3E15DA55E19A6A500A6DCBEDE59A646E HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=6C6D961501F8409296307E04230078E1&MUID=080C0BFFBA7E6B920E8B1A47BBF56AA4

137 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.iata.org/en/youandiata/fraudulent-emails-websites/
Redirect Chain
  • https://www.iata.org/Pages/fraudulent-emails-websites.aspx
  • https://www.iata.org/en/youandiata/fraudulent-emails-websites/
108 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f895f430bf2ff8521abc607b39cf7db048c529f6476e4dc7266f1925b89641a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-expose-headers
Request-Context
cache-control
public, max-age=300
cf-cache-status
EXPIRED
cf-ray
7158fd987912924d-FRA
content-encoding
gzip
content-length
22991
content-type
text/html; charset=utf-8
date
Fri, 03 Jun 2022 14:06:39 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Fri, 03 Jun 2022 14:11:39 GMT
last-modified
Fri, 03 Jun 2022 10:01:18 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

access-control-expose-headers
Request-Context
cf-cache-status
DYNAMIC
cf-ray
7158fd979eca924d-FRA
content-length
1230
content-type
text/html; charset=utf-8
date
Fri, 03 Jun 2022 14:06:39 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
/en/youandiata/fraudulent-emails-websites/
referrer-policy
strict-origin-when-cross-origin
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
28b6eceea9ce4d68cbb4b8a8afeeea47432c6b6240fad1f214c2ad76fb4eef75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28115
x-xss-protection
0
server
sffe
etag
"1233 / 346 of 1000 / last-modified: 1654254639"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Jun 2022 14:06:40 GMT
main.css
www.iata.org/bundles/ 		385 KB
89 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iata.org/bundles/main.css
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c3c7d261d28afdd73d3b2041feb1498e0c7f17bd44e10cbfa565eeee51acefc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
9068483
vary
User-Agent,Accept-Encoding
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 18 Feb 2022 15:05:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
cf-ray
7158fd9b9f51924d-FRA
expires
Sat, 18 Feb 2023 15:05:16 GMT
main.css
www.iata.org/bundles/ 		390 KB
90 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iata.org/bundles/main.css?v=8VQl4U0PC-180tUYxsb2VnuQL2WMC9LX0X9e6bCr7Dk1
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30bff88d3fe3e4c255b611f47f523ff8f05fdcc2f23970e109cc3cebb534c97f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
94573
vary
User-Agent,Accept-Encoding
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 02 Jun 2022 11:50:26 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
cf-ray
7158fd9b9f55924d-FRA
expires
Fri, 02 Jun 2023 11:50:26 GMT
AktivGrotesk_W_Lt.woff2
www.iata.org/Static/fonts/ 		179 KB
179 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.iata.org/Static/fonts/AktivGrotesk_W_Lt.woff2
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd023f437e110d80ed29030d97f7218d03755ddfff27ab266972962421d478a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Origin
https://www.iata.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1031330
vary
Accept-Encoding
content-length
183312
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 23 Feb 2022 15:53:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"0c3170cd28d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/font-woff2
access-control-expose-headers
Request-Context
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7158fd9b9f5a924d-FRA
AktivGrotesk_W_Rg.woff2
www.iata.org/Static/fonts/ 		169 KB
169 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.iata.org/Static/fonts/AktivGrotesk_W_Rg.woff2
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2da1d1a73c33dcf371bb3cf4e8e797a794cd90b0fed14957d32263b360810903
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Origin
https://www.iata.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1032562
vary
Accept-Encoding
content-length
173116
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 23 Feb 2022 15:53:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"0c3170cd28d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/font-woff2
access-control-expose-headers
Request-Context
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7158fd9b9f5c924d-FRA
AktivGrotesk_W_Md.woff2
www.iata.org/Static/fonts/ 		182 KB
183 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.iata.org/Static/fonts/AktivGrotesk_W_Md.woff2
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57daf5dedb7b3fde8cf10b877dafa9c333a384c6ac7f92f6dd9550f2c84ef07c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Origin
https://www.iata.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1032562
vary
Accept-Encoding
content-length
186696
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 23 Feb 2022 15:53:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"0c3170cd28d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/font-woff2
access-control-expose-headers
Request-Context
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7158fd9b9f5e924d-FRA
AktivGrotesk_W_Bd.woff2
www.iata.org/Static/fonts/ 		176 KB
176 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.iata.org/Static/fonts/AktivGrotesk_W_Bd.woff2
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90a365ef6c57ff79ef72d8644c530fb104dd27bb97c0c70a952bd8c9dfe56b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Origin
https://www.iata.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1032562
vary
Accept-Encoding
content-length
180280
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 23 Feb 2022 15:53:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"0c3170cd28d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/font-woff2
access-control-expose-headers
Request-Context
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7158fd9b9f60924d-FRA
AktivGrotesk_W_XBd.woff
www.iata.org/Static/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.iata.org/Static/fonts/AktivGrotesk_W_XBd.woff
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d875163a7d10a7c95d258a3a134f7dfa6f446392bc420edbff6a0eea3281f03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Origin
https://www.iata.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1032562
vary
Accept-Encoding
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 23 Feb 2022 15:53:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0c3170cd28d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/font-woff
access-control-expose-headers
Request-Context
cache-control
max-age=2678400
cf-ray
7158fd9b9f61924d-FRA
iataIcons.woff
www.iata.org/Static/fonts/ 		21 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.iata.org/Static/fonts/iataIcons.woff
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89aae21d524dad8ead1b06cc4c4b65f9ce29dcc62a84997076bd0de123c93423
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Origin
https://www.iata.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1032943
vary
Accept-Encoding
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 23 Feb 2022 15:53:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0c3170cd28d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/font-woff
access-control-expose-headers
Request-Context
cache-control
max-age=2678400
cf-ray
7158fd9b9f65924d-FRA
iataIcons2019.woff
www.iata.org/Static/fonts/ 		5 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.iata.org/Static/fonts/iataIcons2019.woff
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
119101d5459b2e6b26f4d52811b09306847a6457bcdbfec0bef9da37c3045e13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Origin
https://www.iata.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1032562
vary
Accept-Encoding
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 23 Feb 2022 15:53:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0c3170cd28d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/font-woff
access-control-expose-headers
Request-Context
cache-control
max-age=2678400
cf-ray
7158fd9baf68924d-FRA
fonts.css
www.iata.org/bundles/ 		2 KB
789 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iata.org/bundles/fonts.css?v=_jnSv-K94JIbyFi6cBAIEFIRxfS_gUUGWw7afkr_7Qk1
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b1d0d26733bb3ce6b891aa82306458b5260987e31acc178eef6fb57453654a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
9068483
vary
User-Agent,Accept-Encoding
content-length
719
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 18 Feb 2022 15:05:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
cf-ray
7158fd9b9f63924d-FRA
expires
Sat, 18 Feb 2023 15:05:16 GMT
iata-logo-transp.png
www.iata.org/contentassets/3e83770142a040d688e269bb2f709b7b/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iata.org/contentassets/3e83770142a040d688e269bb2f709b7b/iata-logo-transp.png?h=127&mode=crop&scale=both&v=20220126181403
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5368b6460d4729e397d27eda0c6d8973636a626518e27790cae3ffe4c88401e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
vary
Accept-Encoding
content-length
3880
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 Jun 2022 14:05:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
cf-ray
7158fd9cb9cf924d-FRA
expires
Fri, 10 Jun 2022 14:06:40 GMT
flynetzero_megamenu.jpg
www.iata.org/contentassets/298de74e365f48639a82e2bf515bd801/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iata.org/contentassets/298de74e365f48639a82e2bf515bd801/flynetzero_megamenu.jpg?w=345&h=184&mode=crop&scale=both&v=1654265199
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c75a093de0fd2824bd456d9dfc892ae79bd7649d8d7f722a30d97bfd9c8eb06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
12694
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 Jun 2022 14:06:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
cf-ray
7158fd9cb9d2924d-FRA
expires
Fri, 10 Jun 2022 14:06:40 GMT
seats.jpg
www.iata.org/contentassets/df415c6d0ae344ee8d8f3ae341d84c7e/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iata.org/contentassets/df415c6d0ae344ee8d8f3ae341d84c7e/seats.jpg?w=345&h=184&mode=crop&scale=both&v=1654265199
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c94292e38c0a05307b9bd07bba86f98b9c35d402b52d83f3f520e97bc1d6be65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
20038
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 Jun 2022 14:06:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
cf-ray
7158fd9cb9d3924d-FRA
expires
Fri, 10 Jun 2022 14:06:40 GMT
mro-menu.png
www.iata.org/contentassets/25fdf21819764404898ffe1eea1653c7/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iata.org/contentassets/25fdf21819764404898ffe1eea1653c7/mro-menu.png?w=345&h=184&mode=crop&scale=both&v=1654265199
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1abdca285184c77e57fbb838894039027e8fb09e2a47f8d5864b6c5a505015e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
64847
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 Jun 2022 14:06:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
cf-ray
7158fd9cb9d5924d-FRA
expires
Fri, 10 Jun 2022 14:06:40 GMT
training-330.jpg
www.iata.org/contentassets/82bc61c09ae542f4b270c6dd4f30f522/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iata.org/contentassets/82bc61c09ae542f4b270c6dd4f30f522/training-330.jpg?w=345&h=184&mode=crop&scale=both&v=1654265199
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aecc883e28cf7548536b73aa1a455a4c008d14eb7f0819e8b7ac64e068ea98a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
16775
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 Jun 2022 14:06:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
cf-ray
7158fd9cb9d9924d-FRA
expires
Fri, 10 Jun 2022 14:06:40 GMT
cabin-safety-megamenu.jpg
www.iata.org/contentassets/0d3c40466ddd430aa74a7863dbe17cb7/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iata.org/contentassets/0d3c40466ddd430aa74a7863dbe17cb7/cabin-safety-megamenu.jpg?w=345&h=184&mode=crop&scale=both&v=1654265199
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535b0b3550bc47892462d2c0cc7ac69da16168a034ca3cf5cf514981f4c1723a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
17035
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 Jun 2022 14:06:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
cf-ray
7158fd9cb9db924d-FRA
expires
Fri, 10 Jun 2022 14:06:40 GMT
megamenu_agm_345x184px.png
www.iata.org/contentassets/1f70f9c0c1524c2882127ae5918d9cd7/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iata.org/contentassets/1f70f9c0c1524c2882127ae5918d9cd7/megamenu_agm_345x184px.png?w=345&h=184&mode=crop&scale=both&v=1654265199
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
962619938836452f4f7ec7eba630cdad8d5a4d5e1bbc4b7cb5e5353380825772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
21781
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 Jun 2022 14:06:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
cf-ray
7158fd9cb9df924d-FRA
expires
Fri, 10 Jun 2022 14:06:40 GMT
twitter_whiteontransparent.png
www.iata.org/globalassets/iata/general/social-media/ 		530 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iata.org/globalassets/iata/general/social-media/twitter_whiteontransparent.png?w=25&h=25&mode=crop&scale=both&v=20201123113504
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ea8d337774acc6768f6026b9b171baacde0542e358e021b873f82bf2ffe9bf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
vary
Accept-Encoding
content-length
530
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 Jun 2022 14:02:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
cf-ray
7158fd9cb9e1924d-FRA
expires
Fri, 10 Jun 2022 14:06:40 GMT
facebook_whiteontransparent.png
www.iata.org/globalassets/iata/general/social-media/ 		410 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iata.org/globalassets/iata/general/social-media/facebook_whiteontransparent.png?w=25&h=25&mode=crop&scale=both&v=20201201081603
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21d5553376e1ef3fb62091daaa999dea7de514a5fdcd73b91252d617872367ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
vary
Accept-Encoding
content-length
410
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 Jun 2022 14:02:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
cf-ray
7158fd9cb9e2924d-FRA
expires
Fri, 10 Jun 2022 14:06:40 GMT
linkedined_whiteontransparent.png
www.iata.org/globalassets/iata/general/social-media/ 		422 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iata.org/globalassets/iata/general/social-media/linkedined_whiteontransparent.png?w=25&h=25&mode=crop&scale=both&v=20201201081619
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8f70c48bf953347fb2e121c648d7f24ccb4b82af68a5b1084ac45c83d541c85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
vary
Accept-Encoding
content-length
422
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 Jun 2022 14:02:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
cf-ray
7158fd9cb9e4924d-FRA
expires
Fri, 10 Jun 2022 14:06:40 GMT
youtube_whiteontransparent.png
www.iata.org/globalassets/iata/general/social-media/ 		395 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iata.org/globalassets/iata/general/social-media/youtube_whiteontransparent.png?w=25&h=25&mode=crop&scale=both&v=20201201081646
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e126139717a0ecc2ad609a2335163fe5261ed5e5abf37b538d02b06f06bf8472
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
vary
Accept-Encoding
content-length
395
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 Jun 2022 14:05:39 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
cf-ray
7158fd9cb9e5924d-FRA
expires
Fri, 10 Jun 2022 14:06:40 GMT
rss_whiteontransparent.png
www.iata.org/globalassets/iata/general/social-media/ 		628 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iata.org/globalassets/iata/general/social-media/rss_whiteontransparent.png?w=25&h=25&mode=crop&scale=both&v=20201201081527
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a7a922bda1091ff0b65e50ee843815cf7550093e5959e9c70fc0b2eda482819
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
vary
Accept-Encoding
content-length
628
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 Jun 2022 14:02:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
cf-ray
7158fd9cb9e6924d-FRA
expires
Fri, 10 Jun 2022 14:06:40 GMT
find.js
dl.episerver.net/13.4.8/epi-util/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.episerver.net/13.4.8/epi-util/find.js
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a4ffd1b704018c9f7d710aff2c8e9382c4e598e7362a943c2099824322caf7d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
6760
x-powered-by
ASP.NET
content-length
2254
last-modified
Mon, 14 Mar 2022 15:33:30 GMT
server
cloudflare
etag
W/"6083-1647272010000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
content-type
application/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7158fd9d6fc39112-FRA
expires
Sat, 04 Jun 2022 14:06:40 GMT
main.js
www.iata.org/bundles/ 		2 MB
803 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iata.org/bundles/main.js?v=FwJSuIRA4Zvd8tkDbd5vGnL9NXtrBOXMo-akMcrjMDA1
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f971b49334fbfa54f5a868c369879349f60685eda0c4376bd3c0638644be260c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
94574
vary
User-Agent,Accept-Encoding
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 02 Jun 2022 11:50:26 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
cf-ray
7158fd9cb9c9924d-FRA
expires
Fri, 02 Jun 2023 11:50:26 GMT
gtm.js
www.googletagmanager.com/ 		278 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T883LZ
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
26d7e53c0a97c35d480f6bc6703f772d837d689e9594d70205a5b44d7594be82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85717
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 03 Jun 2022 14:06:40 GMT
truncated
/ 		137 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f507919484d4d8e30b48508e5aac0f4cfe0738c9c386133363063c2f756e6c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		471 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4086c3011c4f3f281712e3e9c5497bc0ac91e00a9580f01c248c32e59d9a73e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1381
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/8FA5)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7b4b7770-a01e-003e-474f-777f0a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Fri, 03 Jun 2022 14:36:40 GMT
pubads_impl_2022053101.js
securepubads.g.doubleclick.net/gpt/ 		366 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
f7a0dbff813bc7c5605b8a86f87c6aaf78793b501ad00953f5fe4fc3beee65e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 08:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127016
x-xss-protection
0
last-modified
Tue, 31 May 2022 08:34:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 03 Jun 2023 08:19:48 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		63 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.iata.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
275c6f44bfaaca1124f23e1bec4917dfc1bbdef49ea9134f6d531af151a6b332
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
expires
Fri, 03 Jun 2022 14:06:40 GMT
FuDFLKPtzfw
www.youtube.com/embed/ Frame 19EE 		64 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/FuDFLKPtzfw
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iata.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Fri, 03 Jun 2022 14:06:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		398 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9097e1ff17fbb8acade8627483d0471e77677fb494adff42037dbfc39303a937

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		303 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
158d06fec406363800e7188324534c4db142cc1b0939dd8c60768dfb9647de24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.iata.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.iata.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		51 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4411649661836215&correlator=586938375899189&eid=31067856%2C31067869%2C31067357&output=ldjh&gdfp_req=1&vrg=2022053101&ptt=17&impl=fifs&iu_parts=3987215%2CEpiserver_IATA_Left_Column%2CEpiserver_IATA_Right_Column&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=160x600%2C180x150&ifi=1&adks=1969587054%2C1506114118&sfv=1-0-38&ecs=20220603&fsapi=false&cust_params=PageId%3D13567%26pagelevel6%3D%255Bpagelevel6%255D%26pagelevel5%3D%255Bpagelevel5%255D%26pagelevel4%3D%255Bpagelevel4%255D%26pagelevel3%3D%255Bpagelevel3%255D%26pagelevel2%3Dfraudulent-emails-websites%26pagelevel1%3Dyouandiata&sc=1&cookie_enabled=1&abxe=1&dt=1654265200266&lmt=1654250478&dlt=1654265199915&idt=320&biw=1600&bih=1200&adxs=-9%2C1315&adys=-9%2C358&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C180x150&msz=0x-1%7C180x-1&fws=2%2C4&ohw=0%2C1600&ga_vid=1986310223.1654265200&ga_sid=1654265200&ga_hid=1565850063&ga_fc=false&btvi=-1%7C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
13698941495ff490324b2d3e6c83183d928945f2d29bd5a667e3a6fd4e8137e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20480
x-xss-protection
0
google-lineitem-id
-2,133398025
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,138253442119
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.iata.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3bd2e09113cc6e4d09b08ddddff4975f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4230 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3bd2e09113cc6e4d09b08ddddff4975f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iata.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 14:06:40 GMT
expires
Sat, 03 Jun 2023 14:06:40 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Index
www.iata.org/DynamicCrossLink/ 		6 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.iata.org/DynamicCrossLink/Index?currentPageId=13567
Requested by
Host: www.iata.org
URL: https://www.iata.org/bundles/main.js?v=FwJSuIRA4Zvd8tkDbd5vGnL9NXtrBOXMo-akMcrjMDA1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.iata.org/en/youandiata/fraudulent-emails-websites/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
Accept-Encoding
content-length
123
x-xss-protection
1; mode=block
request-context
appId=cid-v1:f1e7b9dd-f730-4bc0-892e-73b3eaeaf264
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private
cf-ray
7158fd9e4cde924d-FRA
view
securepubads.g.doubleclick.net/pcs/ Frame 69EC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstk-msX5kHhhs8Y_0FaBgsSEWa4FHAX1OXAnK3scOS1kCmC3jf4hb0ZwthcmQqJ042WvtRc08mimVIoJ2_BWW-zkdQiwWOaJbYmFQksNJMmEnpavexY8hhj9hPNZPP2fp70Ys39crzv8EAs6stU555lmbOczMEtUt66QnxEEijEvgbA6A1K1NSmG0n5HCdHHt69JteacQB478WhqjWZXe-gbwgUTUbbI03OKHbZ0PARCdShMohao2pbgo8BxOxAmBfNUoagv5mxkX068Ancxk3WnLGo9L6m0MzObFnSpB2LmV9BPdZZlfP0qOQPsmqP3SD02Q&sai=AMfl-YQx2TkkdFHwj6H119amyJSgokTalgLest7niK-x6VhOQcutj81O3-piXfRbUhDTZF9mn7r9hMO-Dd9ki8k7RFMXj3ILKfpUP4tgPA-lci8i53W7zBmRHCy1YgDaBa-4&sig=Cg0ArKJSzBPrfnrze3WcEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 14:06:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 03 Jun 2022 14:06:40 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 69EC 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
381
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8691
x-xss-protection
0
server
cafe
etag
17811423179848367920
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 14:00:19 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 69EC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 14:03:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 69EC 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 14:06:40 GMT
l
www.google.com/ads/measurement/ Frame 69EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIOLYKThsZDpRtch42-MwbuNERg0-yxYHvukycsBWuehea-gNsCtPoXHTplx63oRlY65mSf-vI0KnuCjPkUnjQryNFjw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
6578416240171504136
tpc.googlesyndication.com/simgad/ Frame 69EC 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6578416240171504136
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f1ae9117422a229514d32064db2fce3fc7ff0da2bf1ec87b98b3955146098c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 05:12:34 GMT
x-content-type-options
nosniff
age
291246
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5034
x-xss-protection
0
last-modified
Tue, 04 Dec 2018 15:57:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 31 May 2023 05:12:34 GMT
www-player.css
www.youtube.com/s/player/02208bb4/ Frame 19EE 		0
0
www-embed-player.js
www.youtube.com/s/player/02208bb4/www-embed-player.vflset/ Frame 19EE 		0
0
base.js
www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/ Frame 19EE 		0
0
fetch-polyfill.js
www.youtube.com/s/player/02208bb4/fetch-polyfill.vflset/ Frame 19EE 		0
0
FuDFLKPtzfw
www.youtube.com/embed/ Frame 3F65 		0
0
hotjar-1723475.js
static.hotjar.com/c/ 		29 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1723475.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T883LZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-33.fra56.r.cloudfront.net
Software
/
Resource Hash
7a2437d8d8cde4bb9e436c55e36652ee771fe2e87658f2b16734169197bd1ab1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
56
etag
W/3e7c7126e2ad7eb88afd06e3ea177d66
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
QDKhqUzhosbD-u75Co9TJVOK8gdL_KWR1U1H0JLS7pFfbQrOpKfZeQ==
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
ia.js
s.usea01.idio.episerver.net/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.usea01.idio.episerver.net/ia.js
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23a1a6f198b4d909350fa59d97d61ffcc56410ed6c85bb0f10dfb1885ed7e9b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
4PWBnyJ6uewJcMDzKwrw9Q==
age
1934
last-modified
Wed, 05 Aug 2020 12:00:06 GMT
server
cloudflare
etag
W/"0x8D83937181E63FA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
e75dd618-801e-0010-5d5d-6e8957000000
cache-control
public, max-age=14400
x-ms-version
2018-03-28
cf-ray
7158fda00e539119-FRA
expires
Fri, 03 Jun 2022 18:06:40 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26310
x-xss-protection
0
pragma
public
x-fb-debug
VJ+ydLYkjN8qhj9JctgcKh6uGUz+8GN8Hg/Gm2V4VwPZ0i3qhqN4DmOdb64rZe1jeBgGO3n7QMeou6gHK8ZI/Q==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 03 Jun 2022 14:06:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		154 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1048537815
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T883LZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
217c6406583ff202cf56d73f214fbb40f9b4f9ff14c4f5d674504876e51461e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57888
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 03 Jun 2022 14:06:40 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T883LZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1914
date
Fri, 03 Jun 2022 13:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 03 Jun 2022 15:34:46 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T883LZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15000
x-xss-protection
0
server
cafe
etag
6069194915506431635
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 03 Jun 2022 14:06:40 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T883LZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4635FB618ADE471494C4D42D8C102116 Ref B: FRA31EDGE0614 Ref C: 2022-06-03T14:06:40Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Fri, 03 Jun 2022 14:06:40 GMT
accept-ranges
bytes
content-length
11333
uwt.js
static.ads-twitter.com/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T883LZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9fa5f4494a80ecf219df87f5a3bedccc280a4a458e72a12732411ec531731bb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 19:44:22 GMT
etag
"37e15fed72b47b0100cbd5c7aaa9d3a0+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
14634
x-served-by
cache-iad-kjyo7100129-IAD, cache-muc13968-MUC
siteanalyze_6126171.js
siteimproveanalytics.com/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteimproveanalytics.com/js/siteanalyze_6126171.js
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
324a3be3c88d864090180621534b3c1e7d97e1f24839312a547e9a3ad9d47207

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7169
cf-ray
7158fda02f6090dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5128
x-amz-id-2
mDSyz9O9LgCkyVxuSgjrvpB1MYVYiHWYEQ8hznyez7jmNVlXATm0R/UWDXBB1P8no0UAYYIQGZ0=
last-modified
Mon, 16 May 2022 09:29:24 GMT
server
cloudflare
etag
"98d90e189e85b6a6cdf72588d6ba7ca5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BVHzhdbryStNiVqL2bBRgjHCk4OFUDQ6wyjk8Rke5UFRk4i9pt4iZ3kKM08uK4dVo3g1ODsgSI79Rbqti3NP%2Frqzxbe%2Bfh%2Bmgk%2B8qvXSkAzmGH80rnglk0f64911TSeCa8Bni2%2BaJQDAdFFUGHWQFv6oebRRos%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
R2YDT8MF67WNJ0TF
cache-control
max-age=86400, no-transform
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 14:06:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=60772
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
track.js
cdn.funnelytics.io/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.funnelytics.io/track.js
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-63.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bda277a4ba0af74a71829d0503828c4f976d0c56187bf9dfb4f7c017d99179d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 20:13:02 GMT
content-encoding
gzip
last-modified
Tue, 08 Dec 2020 16:42:53 GMT
server
AmazonS3
age
64418
etag
W/"4ae1baef1263c1a5a4d1b46c51016daa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 67b828898c2b34a7518c5b13dd7321c0.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P3
x-amz-cf-id
lf-Tb1vmYFpiJnT4PfAKsUN8g0A4M_VWeaUACeo3LtJzLhLpOSO1mw==
FuDFLKPtzfw
www.youtube.com/embed/ Frame 3F65 		63 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/FuDFLKPtzfw?enablejsapi=1&origin=https%3A%2F%2Fwww.iata.org
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T883LZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d1a77a4fd2792da534255900f459062af122e7d012bf9edf746c4936aa41100e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iata.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Fri, 03 Jun 2022 14:06:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
iframe_api
www.youtube.com/ 		980 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T883LZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
88ba15c9bc1ab764a5d87136d8ce4db46e53073f7463d91e8f5050a40545d5d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 03 Jun 2022 14:06:40 GMT
truncated
/ Frame 69EC 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87c411bc73a95995fb9486459d614cfe211993eb7d4fa4905e5c0c3369a12c2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 69EC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBALCFQbkw2xQSryPEF_GHpsHXSQOkCzdcuVOhOKWfCsVh0G6pc67thZ9K3cFpXDMc_krZ5tfEojf-7uQA8oYUATEIa9euSZ9jvpgxofiAueZbIzcRdsp78DNvfleKX-TNCtq18Mv8v0nRhRkVyjPVe0tUOY3_H1AtNVQUdc24RaQQM_3-CToM1HxfKTUzhkdsYMksiHeg9HGSYqH5JPz7RuvxWX76XkDFNCSVKhGXR7Z4HT0kVCWvw_yoM9snQ3-jOhQh03D3ca2qi69vOJv-sYehFZQiGe7-FDSlEHMoIKYByE1gzkQtihXhNNypRD6GZpZ4&sai=AMfl-YSYJondZlTzMMY577hXMtazHg09HN6CMVV6f9OqOJmGvUrAgBMyjQRvf5K6PKkICJ-vruQpD4uKvYffcaB9gxBERY3KjWMOTIcDIwTYby1OTeHt6lp-4pV8S0-DQo6M&sig=Cg0ArKJSzH9NXlbu0yN2EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 14:06:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 03 Jun 2022 14:06:40 GMT
www-widgetapi.js
www.youtube.com/s/player/02208bb4/www-widgetapi.vflset/ 		157 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/02208bb4/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05bc542bcd29803a843c851c578dda9c21c9d6fddb1d360f9c297838f720460f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 12:28:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
5896
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52200
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 00:19:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 03 Jun 2023 12:28:24 GMT
www-player.css
www.youtube.com/s/player/02208bb4/ Frame 3F65 		338 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/02208bb4/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/FuDFLKPtzfw?enablejsapi=1&origin=https%3A%2F%2Fwww.iata.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
623aab405058e30a77d9161bd1a4e1ba46549e2b7937db37205dbdb772852662
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/FuDFLKPtzfw?enablejsapi=1&origin=https%3A%2F%2Fwww.iata.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:05:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
65
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47515
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 00:19:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 03 Jun 2023 14:05:35 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3F65 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/FuDFLKPtzfw?enablejsapi=1&origin=https%3A%2F%2Fwww.iata.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 11:18:05 GMT
x-content-type-options
nosniff
age
269315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 31 May 2023 11:18:05 GMT
modules.d0961e771164cd91e405.js
script.hotjar.com/ 		243 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.d0961e771164cd91e405.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1723475.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-6.fra6.r.cloudfront.net
Software
/
Resource Hash
dd6afc5ca21e20fba6c0f8063017e22fcbcf5f94d9ad50db0b5320133f0cfbb4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 07:34:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
282754
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
64057
access-control-allow-origin
*
last-modified
Tue, 31 May 2022 07:33:23 GMT
etag
"1ed5739adb19197da798013ab080794d"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
hHenX3mSVDuseY8mWfsDMj02CKW3Fyndh_23ThkpcwbUq0QvWhfd0w==
www-embed-player.js
www.youtube.com/s/player/02208bb4/www-embed-player.vflset/ Frame 3F65 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/02208bb4/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/FuDFLKPtzfw?enablejsapi=1&origin=https%3A%2F%2Fwww.iata.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b668e843499461acaf97c3e2b7c4a55940f37e6b083168928b538f9736213f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/FuDFLKPtzfw?enablejsapi=1&origin=https%3A%2F%2Fwww.iata.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 16:49:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
76633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95691
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 00:19:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 02 Jun 2023 16:49:27 GMT
base.js
www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/ Frame 3F65 		2 MB
531 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/FuDFLKPtzfw?enablejsapi=1&origin=https%3A%2F%2Fwww.iata.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5cacda73a7b677180e4428c3d0345b49d890c98bd25eb3db239c3f96efbee22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/FuDFLKPtzfw?enablejsapi=1&origin=https%3A%2F%2Fwww.iata.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 16:01:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
165937
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
543920
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 00:19:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 01 Jun 2023 16:01:03 GMT
fetch-polyfill.js
www.youtube.com/s/player/02208bb4/fetch-polyfill.vflset/ Frame 3F65 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/02208bb4/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/FuDFLKPtzfw?enablejsapi=1&origin=https%3A%2F%2Fwww.iata.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/FuDFLKPtzfw?enablejsapi=1&origin=https%3A%2F%2Fwww.iata.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 22:54:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
54715
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 00:19:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 02 Jun 2023 22:54:45 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 13:07:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3578
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 03 Jun 2022 14:07:02 GMT
adsct
t.co/i/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=o2bja&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=9e1e213a-68f3-4866-a8f9-9328d9f3ca5d
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-response-time
112
date
Fri, 03 Jun 2022 14:06:40 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
89ebf2852f5f26ea0dce6c74d972dabb1a340c5cb20b7405ed1110286a7e1998
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=o2bja&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=9e1e213a-68f3-4866-a8f9-9328d9f3ca5d
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-response-time
162
date
Fri, 03 Jun 2022 14:06:40 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
b4f21fc31af8959fadd8998e1ec32f00c08cf9fedb4081bbc348a2e7456410c4
content-length
43
ia.gif
a.usea01.idio.episerver.net/ 		26 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.usea01.idio.episerver.net/ia.gif?r=&s=6741dcf4-607d-4b5a-a97f-0f469ceaa584&x%5Bidio_visitor_id%5D%5B0%5D=11bb559e-2a05-46f1-b9ea-3d79a9c63987&c=48df0e3e2fb2409591831c2667355d3f&d=155&a=consume&u=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&l=1654265200682&z=0.9061635853684296
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Jun 2022 14:06:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
7158fda07f129119-FRA
content-length
26
expires
Fri, 03 Jun 2022 18:06:40 GMT
17148711.js
bat.bing.com/p/action/ 		219 B
477 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17148711.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
21eba3ff57a32f5bd00b3628fe1f38519d8ef4437f83bd70f1b5c61ab8c8a1fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5E2D66B41FC04A09BE70AAA42CAB96EF Ref B: FRA31EDGE0614 Ref C: 2022-06-03T14:06:40Z
date
Fri, 03 Jun 2022 14:06:40 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
content-length
300
0
bat.bing.com/action/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17148711&tm=gtm002&Ver=2&mid=40e43faa-3e22-42c6-b124-107e6e480c64&sid=64051470e34611ec972f93a2e6163e1c&vid=64053830e34611ec8fa0fd8c74825f0e&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=IATA%20-%20Fraudulent%20emails%20%26%20websites&p=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&r=&lt=1302&evt=pageLoad&msclkid=N&sv=1&rn=341757
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5BA73167F1F14B978377B549B1E44056 Ref B: FRA31EDGE0614 Ref C: 2022-06-03T14:06:40Z
date
Fri, 03 Jun 2022 14:06:40 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1048537815/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1048537815/?random=1654265200695&cv=9&fst=1654265200695&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg610&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&tiba=IATA%20-%20Fraudulent%20emails%20%26%20websites&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36fed3049d021e34a2d5c1fc2060940e1c36003317650ce5bf4b3eb7337cb0b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1046
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1048537815/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1048537815/?random=1654265200697&cv=9&fst=1654265200697&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg610&sendb=1&ig=1&data=dynx_pagetype%3Dother&frm=0&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&tiba=IATA%20-%20Fraudulent%20emails%20%26%20websites&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0edc1b4ed8293e574b9a97e181d42c3eed961cb17e8defd4c04486b7be57cab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1064
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
100680477116283
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/100680477116283?v=2.9.61&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f0ebfaf921c463ec79bd40c998894c772380bbeb1faac6fb675354c8c189baa2
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89115
x-xss-protection
0
pragma
public
x-fb-debug
rayZN6N86x8Sx12q+FDfvw+W515i0oo5HYQRP+6UllLmbr+Pstv55gWzWCO2xbEAdHOCe6IUl9j4sRgsiNm1mg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 03 Jun 2022 14:06:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1048537815/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1048537815/?random=1654265200725&cv=9&fst=1654265200725&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa610&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&tiba=IATA%20-%20Fraudulent%20emails%20%26%20websites&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d33a733a766b90ab20fbde6332294484a146c39caf68db556eaf65914eaefac5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 14:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1062
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-63c3a81830bf549dafe40b369003f751.html
vars.hotjar.com/ Frame 762F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1723475.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-14.fra6.r.cloudfront.net
Software
/
Resource Hash
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer
https://www.iata.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
282754
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 31 May 2022 07:34:06 GMT
etag
"e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified
Tue, 31 May 2022 07:33:23 GMT
vary
Accept-Encoding
via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-cf-id
EGeclNGbPsYducNAWNaaBZtUeaT8vX7IZobqTiiPSpdNfIMoK5bOTA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-robots-tag
none
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45991&time=1654265200732&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D45991%26time%3D1654265200732%26url%3Dhttps%253A%252F%252Fwww.iata.org%252Fen%252F...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45991&time=1654265200732&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45991&time=1654265200732&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&liSync=true&e_ipv6=AQKZATWiDvzJmAAAAYEp...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45991&time=1654265200732&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&liSync=true&e_ipv6=AQKZATWiDvzJmAAAAYEp48L6Rp3_nh8MAy27mSbqPSU_P72ztqz7FKuh4FfpcTqJtqZ0BfU
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:41 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 5FAFCED1EB4C44E6A0DC0F340314C3FE Ref B: FRAEDGE1306 Ref C: 2022-06-03T14:06:41Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXgi6G2GVM7CJC56DkFqw==
x-li-fabric
prod-lor1

Redirect headers

date
Fri, 03 Jun 2022 14:06:41 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: DAF48CEC7D494C0EA39593AD2BA12994 Ref B: FRAEDGE1507 Ref C: 2022-06-03T14:06:41Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45991&time=1654265200732&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&liSync=true&e_ipv6=AQKZATWiDvzJmAAAAYEp48L6Rp3_nh8MAy27mSbqPSU_P72ztqz7FKuh4FfpcTqJtqZ0BfU
x-li-proto
http/2
content-length
0
x-li-uuid
AAXgi6GxP0AH3ju7d3sceA==
sessions
track-v2.funnelytics.io/ 		50 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track-v2.funnelytics.io/sessions
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.97.121.83 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-97-121-83.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
67a6bd65b52dc5c19b55065830dafdc47885846bad2672ba893331f98442a5c0

Request headers

Referer
https://www.iata.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 03 Jun 2022 14:06:41 GMT
x-amzn-requestid
3a82f8da-ec3e-41d9-98c7-eed8505915b5
x-amz-apigw-id
TJhJsFb74osFoqQ=
x-amzn-trace-id
Root=1-629a1571-180a59d92d4c7838260d72da;Sampled=0
content-length
50
content-type
application/json
17148711
www.clarity.ms/tag/uet/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/17148711
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/17148711.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1375 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
ef6d0297916d332cc646f0e4550dd376e8444ad3df576d7bea7dcf9fed3bfc3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:40 GMT
x-powered-by
ASP.NET
x-azure-ref
0cBWaYgAAAAB8j37dVLKjQ6Ce8Am2ADIaVklFRURHRTA3MTQANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
content-length
1543
expires
-1
image.aspx
6126171.global.siteimproveanalytics.io/ 		34 B
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6126171.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&title=IATA%20-%20Fraudulent%20emails%20%26%20websites&res=1600x1200&accountid=6126171&rt=1614&prev=85670749-eb23-fbf2-e8d1-9b3006970510&luid=bd913a01-02e4-af99-f142-a9d7fddbd5a4&rnd=97293
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.135.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-135-185.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 14:06:40 GMT
Cache-Control
max-age=0, no-cache="set-cookie"
Expires
Fri, 03 Jun 2022 14:06:40 UTC
Connection
keep-alive
Content-Length
34
Content-Type
image/gif
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4245951-1&cid=1986310223.1654265200&jid=1344446812&gjid=1113883613&_gid=384480679.1654265201&_u=aChAiEAjBAAAAE~&z=832795719
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.iata.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 03 Jun 2022 14:06:40 GMT
content-type
text/plain
access-control-allow-origin
https://www.iata.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1565850063&t=pageview&_s=1&dl=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&dp=%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&ul=en-us&de=UTF-8&dt=IATA%20-%20Fraudulent%20emails%20%26%20websites&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAiEAjB~&jid=1344446812&gjid=1113883613&cid=1986310223.1654265200&tid=UA-4245951-1&_gid=384480679.1654265201&gtm=2wg610T883LZ&cd6=Home&cd7=0&z=1168505393
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 13:42:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1461
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
2424939317556213
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2424939317556213?v=2.9.61&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4f8b44fdef980d0b8195a4e2565e5da017d150bfe0fc5551c0c5f22cfbaac66
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88914
x-xss-protection
0
pragma
public
x-fb-debug
doIeavSQFif88ZPxMf01E6KGMte3v+oSeNALSD5KTe/EIoFWkEkx58UfLuUnCfi7wbK09IEDAbPMgc7YOto7Lg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 03 Jun 2022 14:06:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1048537815/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1048537815/?random=1654265200695&cv=9&fst=1654264800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg610&sendb=1&frm=0&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&tiba=IATA%20-%20Fraudulent%20emails%20%26%20websites&async=1&fmt=3&is_vtc=1&random=1912785759&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 14:06:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1048537815/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1048537815/?random=1654265200695&cv=9&fst=1654264800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg610&sendb=1&frm=0&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&tiba=IATA%20-%20Fraudulent%20emails%20%26%20websites&async=1&fmt=3&is_vtc=1&random=1912785759&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 14:06:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 3F65 		113 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7ef80bc6599d31bf817c22ec75791d2ce917035db0c06dc8dbce08d801cbd12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 3F65 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 13:54:57 GMT
x-content-type-options
nosniff
age
704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Jun 2022 14:09:57 GMT
/
www.google.com/pagead/1p-user-list/1048537815/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1048537815/?random=1654265200725&cv=9&fst=1654264800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa610&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&tiba=IATA%20-%20Fraudulent%20emails%20%26%20websites&async=1&fmt=3&is_vtc=1&random=1631928310&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 14:06:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1048537815/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1048537815/?random=1654265200725&cv=9&fst=1654264800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa610&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&tiba=IATA%20-%20Fraudulent%20emails%20%26%20websites&async=1&fmt=3&is_vtc=1&random=1631928310&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 14:06:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Fri, 03 Jun 2022 14:06:41 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3F65 		63 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f57e35d2c8b2159b3c45674b28891458c48da2379f88c37f0c74f7a2476d8d40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 03 Jun 2022 14:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
29962
x-xss-protection
0
remote.js
www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/ Frame 3F65 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be491f084ae9823aa8c2e070956bb2b036f4591b53e827edf112887551fc31b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/FuDFLKPtzfw?enablejsapi=1&origin=https%3A%2F%2Fwww.iata.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 16:03:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
165776
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37805
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 00:19:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 01 Jun 2023 16:03:44 GMT
zkn2XJXs9kfP2MQuCF5C6xKG5fA8wNFR23g3TMMQUJA.js
www.google.com/js/th/ Frame 3F65 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/zkn2XJXs9kfP2MQuCF5C6xKG5fA8wNFR23g3TMMQUJA.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce49f65c95ecf647cfd8c42e085e42eb1286e5f03cc0d151db78374cc3105090
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 10:38:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
12504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13752
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Jun 2023 10:38:16 GMT
embed.js
www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/ Frame 3F65 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67660c72f074afc0e674822efc3f9589c3e857a2af72f68ed28d86274f489d20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/FuDFLKPtzfw?enablejsapi=1&origin=https%3A%2F%2Fwww.iata.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 16:01:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
165907
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8078
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 00:19:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 01 Jun 2023 16:01:34 GMT
/
www.google.com/pagead/1p-user-list/1048537815/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1048537815/?random=1654265200697&cv=9&fst=1654264800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg610&sendb=1&data=dynx_pagetype%3Dother&frm=0&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&tiba=IATA%20-%20Fraudulent%20emails%20%26%20websites&async=1&fmt=3&is_vtc=1&random=1603408343&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 14:06:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1048537815/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1048537815/?random=1654265200697&cv=9&fst=1654264800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg610&sendb=1&data=dynx_pagetype%3Dother&frm=0&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&tiba=IATA%20-%20Fraudulent%20emails%20%26%20websites&async=1&fmt=3&is_vtc=1&random=1603408343&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 14:06:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 3F65 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
AKedOLRNB-M1o_uodXmDanWKXovM3P08T_DMaR9r6oFlCw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 3F65 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLRNB-M1o_uodXmDanWKXovM3P08T_DMaR9r6oFlCw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/FuDFLKPtzfw?enablejsapi=1&origin=https%3A%2F%2Fwww.iata.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
556cbed3274b1eb583dcc4fbc6ac3d2ca8b5c3d2f037187d0a3675d0302ae0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 12:41:39 GMT
x-content-type-options
nosniff
age
5102
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2219
x-xss-protection
0
server
fife
etag
"vde"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 17 Nov 2021 10:56:56 GMT
sddefault.webp
i.ytimg.com/vi_webp/FuDFLKPtzfw/ Frame 3F65 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/FuDFLKPtzfw/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/FuDFLKPtzfw?enablejsapi=1&origin=https%3A%2F%2Fwww.iata.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b7b57d8f3b84d0fb3cf4ac9bec992b8c9fe155746f4d19da8adc8a9f87fc8e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:41 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18258
x-xss-protection
0
server
sffe
etag
"1592998798"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 03 Jun 2022 16:06:41 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4245951-1&cid=1986310223.1654265200&jid=1344446812&_u=aChAiEAjBAAAAE~&z=1370522436
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 14:06:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4245951-1&cid=1986310223.1654265200&jid=1344446812&_u=aChAiEAjBAAAAE~&z=1370522436
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 14:06:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=100680477116283&ev=PageView&dl=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&rl=&if=false&ts=1654265201035&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1654265201034.1038999458&it=1654265200703&coo=false&rqm=GET
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 03 Jun 2022 14:06:41 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2424939317556213&ev=PageView&dl=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&rl=&if=false&ts=1654265201036&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1654265201034.1038999458&it=1654265200703&coo=false&rqm=GET
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 03 Jun 2022 14:06:41 GMT
clarity.js
l.clarity.ms/s/0.6.34/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.clarity.ms/s/0.6.34/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/17148711
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:41 GMT
content-encoding
br
etag
"1d875c3602cd454"
last-modified
Wed, 01 Jun 2022 14:25:00 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
23150
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 3F65 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 14:06:41 GMT
generate_204
www.youtube.com/ Frame 3F65 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?1YYVvA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/FuDFLKPtzfw?enablejsapi=1&origin=https%3A%2F%2Fwww.iata.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/FuDFLKPtzfw?enablejsapi=1&origin=https%3A%2F%2Fwww.iata.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/102/ Frame 3F65 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/102/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0bc3be07587388188143cb937f57c41c1921c60d0ad0c1a278c9099b6fc26a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 17:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15092
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 15:13:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 03 Jun 2022 17:02:46 GMT
steps
track-v2.funnelytics.io/ 		47 B
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track-v2.funnelytics.io/steps
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.97.121.83 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-97-121-83.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
4568479123ddfd59c9f7ac7607a044c7d03e3a3744dc762a8a7e5bd921a364c9

Request headers

Referer
https://www.iata.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 03 Jun 2022 14:06:41 GMT
x-amzn-requestid
297d8ce5-afa4-4f3f-8fd9-e6e12d090f35
x-amz-apigw-id
TJhJuFPaYosFhfA=
x-amzn-trace-id
Root=1-629a1571-30ed088418a69ebe290c8c89;Sampled=0
content-length
47
content-type
application/json
aee1f25c-547b-492c-b2d8-674ebb2ad70e
track-v2.funnelytics.io/settings/ 		92 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track-v2.funnelytics.io/settings/aee1f25c-547b-492c-b2d8-674ebb2ad70e
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.97.121.83 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-97-121-83.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
1ebcef30d8031dfb0d098615774c9c48d21f083c80246b4b938e5fb600afd8ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Jun 2022 14:06:41 GMT
x-amzn-requestid
ac211802-0af6-447d-8102-48969d04293a
x-amz-apigw-id
TJhJuFQ6YosFg9Q=
x-amzn-trace-id
Root=1-629a1571-46c0d62c0fc3b3434657e615;Sampled=0
content-length
92
content-type
application/json
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3F65 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4fa6f3037810e659e440d7d729ba4a958409f112f13485e85edb4125cd44893b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 03 Jun 2022 14:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Fri, 03 Jun 2022 14:06:41 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=100680477116283&ev=Microdata&dl=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&rl=&if=false&ts=1654265201543&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22IATA%20-%20Fraudulent%20emails%20%26%20websites%22%2C%22meta%3Adescription%22%3A%22How%20to%20detect%20fraudulent%20e-mail%20messages%20seeking%20payment%20and%20how%20to%20report%20it%20to%20IATA.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Email%20%26%20Website%20Fraud%20Protection%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F%22%2C%22og%3Adescription%22%3A%22How%20to%20detect%20fraudulent%20e-mail%20messages%20seeking%20payment%20and%20how%20to%20report%20it%20to%20IATA.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.iata.org%2Fcontentassets%2F6e0927d8067d467fba40b977ad76dd3e%2Ffraudulent-emails.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1654265201034.1038999458&it=1654265200703&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 03 Jun 2022 14:06:41 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2424939317556213&ev=Microdata&dl=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&rl=&if=false&ts=1654265201552&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22IATA%20-%20Fraudulent%20emails%20%26%20websites%22%2C%22meta%3Adescription%22%3A%22How%20to%20detect%20fraudulent%20e-mail%20messages%20seeking%20payment%20and%20how%20to%20report%20it%20to%20IATA.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Email%20%26%20Website%20Fraud%20Protection%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F%22%2C%22og%3Adescription%22%3A%22How%20to%20detect%20fraudulent%20e-mail%20messages%20seeking%20payment%20and%20how%20to%20report%20it%20to%20IATA.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.iata.org%2Fcontentassets%2F6e0927d8067d467fba40b977ad76dd3e%2Ffraudulent-emails.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1654265201034.1038999458&it=1654265200703&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 03 Jun 2022 14:06:41 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 69EC 		42 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttUwU4xXFYFRsUgCnnSf0EWnzfW8mdOpX_UGo4-CxTQfbZWwMDh05fbf6RPZwHDob-dGXuOXbIzQLjJ5tVAmLyzj1LLjwefjS5oSWaLzWxZRE7FSYR&sig=Cg0ArKJSzCP4Xwq8Sff0EAE&id=lidar2&mcvt=1014&p=389,1315,539,1495&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20220601&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1506114118&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654265200459&rpt=162&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 14:06:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
l.clarity.ms/ 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.clarity.ms/collect
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.iata.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
https://www.iata.org
date
Fri, 03 Jun 2022 14:06:41 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022053101&st=env
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
32af1efe4b6a543bfa3a10887d93a4653d3b7fd31c2d44e7be89268234ea2dd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 14:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10533
x-xss-protection
0
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-96-194.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 14:06:42 GMT
content-encoding
gzip
X-Pardot-Route
16b0ab393667a33fe86adedc3141e88c
last-modified
Thu, 02 Jun 2022 13:57:48 GMT
Server
PardotServer
etag
"1547-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
1946
expires
Sun, 02 Jun 2024 14:06:42 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=6C6D961501F8409296307E04230078E1&RedC=c.clarity.ms&MXFR=3E15DA55E19A6A500A6DCBEDE59A646E
  • https://c.clarity.ms/c.gif?CtsSyncId=6C6D961501F8409296307E04230078E1&MUID=080C0BFFBA7E6B920E8B1A47BBF56AA4
42 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=6C6D961501F8409296307E04230078E1&MUID=080C0BFFBA7E6B920E8B1A47BBF56AA4
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 14:06:41 GMT
last-modified
Fri, 20 May 2022 21:53:17 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"17a28a3946cd81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 03 Jun 2022 14:06:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 16BBE7C38C9941ABA1F797EB110BA2A2 Ref B: FRA31EDGE0614 Ref C: 2022-06-03T14:06:42Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=6C6D961501F8409296307E04230078E1&MUID=080C0BFFBA7E6B920E8B1A47BBF56AA4
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
iframe_api
www.youtube.com/ 		980 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.iata.org
URL: https://www.iata.org/en/youandiata/fraudulent-emails-websites/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
88ba15c9bc1ab764a5d87136d8ce4db46e53073f7463d91e8f5050a40545d5d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 03 Jun 2022 14:06:41 GMT
2292256604327176
connect.facebook.net/signals/config/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2292256604327176?v=2.9.61&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ab57b0d42dc163615de4c88a1821829ab86901b8210aee0bd194b6438d1be096
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
2266
x-xss-protection
0
pragma
public
x-fb-debug
ChsmP1xKZNeyZBQCMH6C6Qr6xe5HoLHs46fcqZ/JmkZ474aIdoDXpRX2kBVNlvj4Ny1wr4/LDv2VKEl+nmpohQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 03 Jun 2022 14:06:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://www.iata.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Fri, 03 Jun 2022 14:06:41 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		96 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d7a92c71031958d5a686652af4ca493e95b3f8d2801c5b97c57d10d685417346
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.iata.org/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
28833912-77C7-4099-B9A1-5EE154FA17FA
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Fri, 03 Jun 2022 14:06:41 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2292256604327176&ev=PageView&dl=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&rl=&if=false&ts=1654265201880&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=28&it=1654265200703&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 03 Jun 2022 14:06:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 14:06:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5BBE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iata.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4737
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 12:47:45 GMT
expires
Sat, 03 Jun 2023 12:47:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F290 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dd6eb9aea8938c9c632f89897fc7feddaa8adcaaaa8fe1c637764638438b606f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WRiV7maZkkHbOt-QRpOLow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.iata.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-WRiV7maZkkHbOt-QRpOLow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 14:06:42 GMT
expires
Fri, 03 Jun 2022 14:06:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
analytics
pi.pardot.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=85500&account_id=124902&title=IATA%20-%20Fraudulent%20emails%20%26%20websites&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-96-194.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
540d3ba6702e277e7c3ccb680a42d9f96f3def6e61a59058e52d7aea967ffea5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 03 Jun 2022 14:06:42 GMT
content-encoding
gzip
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
vary
Accept-Encoding,User-Agent
Connection
keep-alive
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains
Content-Type
text/javascript; charset=utf-8
Content-Length
552
Server
PardotServer
expires
Thu, 19 Nov 1981 08:52:00 GMT
QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js
pagead2.googlesyndication.com/bg/ Frame 5BBE 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 12:06:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
7190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13800
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Jun 2023 12:06:52 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F290 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022053101&jk=4411649661836215&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 5BBE 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2HvWIw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 14:06:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
analytics
go.updates.iata.org/ 		50 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.updates.iata.org/analytics?conly=true&visitor_id=916550807&visitor_id_sign=f662859c04f1706b746a93689511e189cad76b9343a39a4f7e6b8f0ef89c265fea0884ad8a9e80c984a35760792be25e595a4278&pi_opt_in=&campaign_id=85500&account_id=124902&title=IATA%20-%20Fraudulent%20emails%20%26%20websites&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=85500&account_id=124902&title=IATA%20-%20Fraudulent%20emails%20%26%20websites&url=https%3A%2F%2Fwww.iata.org%2Fen%2Fyouandiata%2Ffraudulent-emails-websites%2F&referrer=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-96-194.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 03 Jun 2022 14:06:43 GMT
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
vary
User-Agent
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
50
Server
PardotServer
expires
Thu, 19 Nov 1981 08:52:00 GMT
collect
l.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.clarity.ms/collect
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.iata.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
https://www.iata.org
date
Fri, 03 Jun 2022 14:06:42 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022053101&jk=4411649661836215&bg=!zc6lzorNAAao8wy8iPM7ACkAdvg8WlA-PMsa-u3Q0c7sHGAWaGA5W0o8x9KiDbKLQsxc9745SIL9tAIAAABRUgAAAAFoAQeZAqVZS_QWfjAfyrPWaJqyhVq6thFMRrjLW6DooOSTiLAK5sFNFKtkCHL7xxLDyMtR5yuQ4l_N0ebfLO5Jod1WPJ9iQ_t8IaXihFxD_9eVh5G2PrrOzSnpXQ8u3Lv9GBOnDB4NEBYkyJzQ3mrVN6UYwVTk5It5PDUjW8BrOa90ISlvg70J4Y8PWQprcCfFvmcgeogaP3nnIf3UsrMSP0GSTfn90jeeJJ4v0oEOGgg3WqmR5E2tLC_-RdvHCdYcr7CJMqdC_a7nlSn1cJpHGd5JYH5oNkJWBBZFbXOK5ZqADXIZUF268gxPlZtz4SBnLdhrDnUkLXuRP5MGUrlOhZsO1Tt5qzTVDQS2hl-Ul9cRIyZ4-vd1VIQ11L_v-aiL14_uhbi9MKZgnWyuMw82ApGojjWqiPoi58yU7CTDk2bz6J0fgIQDutAtUTNDVLno3qC9I92ZUebBULQtmhIpjb2eJHIhSdZpAOcopfuL6dGNgw63vvN-dl6xkf6okfCKHLxH3YypdqcVxAZjpe4yCJ7ONGbRtXuePS3Y0oxam7qa3rUFJV8N75NV2ptRfhTfVLQVPtlnyr5FTaaE3MismLdOpqQxGmpRswc9AE5gH0gwI8NXsHXC2-W3rQFSHQxJRBlAzMFR7zJDJUMRe2zTacp-WFoFs7D_T4au54gU6ahuFtvXjpROzSCytdDgWPNiO4zMv5S0aFi-EuNNoRFw0RxQBsDD9p4XHoeF1d2F8WNrI_mvnhZ7NbDOZ0FJGO64IrZMJ4Ohmw8TjguviwrUd6AX4dDxs4s1p3SKXuAqbuz2EtzMXKxvtoSbT0KmhxRS84pK2dfYEhiW-cNGctsISy3fCfuMeD1-1KHXSgKV8BUyBPcHUGyxC7Wt-yNV8lkd9X9XRQ1fqMsXew
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iata.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
log_event
www.youtube.com/youtubei/v1/ Frame 3F65 		28 B
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/FuDFLKPtzfw?enablejsapi=1&origin=https%3A%2F%2Fwww.iata.org
X-YouTube-Client-Version
1.20220531.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtLeDlBcm9Ja3VlWSjwquiUBg%3D%3D
X-YouTube-Ad-Signals
dt=1654265200895&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C456%2C256&vis=1&wgl=true&ca_type=image&bid=ANyPxKp2Be0snZDoC82j9VYAnqfk090q-yXnd3jw1Dq_aV9I2vK919CvWuCrZAVkSYp6QKMXGx3ZFHOHa-ZZXJ_6acAsgN4luQ

Response headers

date
Fri, 03 Jun 2022 14:06:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Fri, 03 Jun 2022 14:06:43 GMT
collect
l.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.clarity.ms/collect
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.iata.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
https://www.iata.org
date
Fri, 03 Jun 2022 14:06:44 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube.com
URL
https://www.youtube.com/s/player/02208bb4/www-player.css
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/02208bb4/www-embed-player.vflset/www-embed-player.js
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/02208bb4/fetch-polyfill.vflset/fetch-polyfill.js
Domain
www.youtube.com
URL
https://www.youtube.com/embed/FuDFLKPtzfw

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| dataLayer object| googletag object| appInsights object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| FindApi object| api object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime function| jQuery function| $ function| SlideMenu function| C2S function| parcelRequire function| PrepareUniversalAnalyticsDataLayer object| AI object| Microsoft function| __extends function| _endsWith object| google_tag_manager function| hj object| _hjSettings string| piAId string| piCId string| piHostname object| _iaq function| fbq function| _fbq string| GoogleAnalyticsObject function| ga function| twq function| onYouTubeIframeAPIReady string| _linkedin_data_partner_id string| pageURL string| pagePath undefined| id string| page_type object| google_tag_params undefined| len undefined| temp_id object| funnelytics object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaplugins object| gaData object| twttr function| UET function| UET_init function| UET_push object| ueto_335a9c636d object| uetq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| gtag object| _sz function| lintrk boolean| _already_called_lintrk object| cookies object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytExports object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ function| clarity object| GoogleGcLKhOms function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piResponse object| google_image_requests

51 Cookies

Domain/Path Name / Value
www.iata.org/ Name: EPi:StateMarker
Value: true
.www.iata.org/ Name: ARRAffinity
Value: 99e8330a2c362ae7d4c66d874cba06ea82c9cc4edca82069bf9120d47ee097d4
.www.iata.org/ Name: ARRAffinitySameSite
Value: 99e8330a2c362ae7d4c66d874cba06ea82c9cc4edca82069bf9120d47ee097d4
.youtube.com/ Name: YSC
Value: Ri3vZ7dcETg
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: Kx9AroIkueY
.iata.org/ Name: __gads
Value: ID=dde1888fec82bb08-22d94925a7cd0057:T=1654265200:S=ALNI_MaS_eWrHTe9G4fLjQNw3t6B4AGh3A
www.iata.org/ Name: ai_user
Value: /3FYj|2022-06-03T14:06:40.471Z
.iata.org/ Name: _gcl_au
Value: 1.1.972561733.1654265201
.doubleclick.net/ Name: IDE
Value: AHWqTUl1fXQJizPg5d6Hgi1pdVAbbcb5qkOTilm2DE6IkzYy4uWHhMHKR6I2GrQR778
.iata.org/ Name: _ga
Value: GA1.2.1986310223.1654265200
.iata.org/ Name: _gid
Value: GA1.2.384480679.1654265201
.iata.org/ Name: is
Value: 6741dcf4-607d-4b5a-a97f-0f469ceaa584
.iata.org/ Name: iv
Value: 11bb559e-2a05-46f1-b9ea-3d79a9c63987
.bing.com/ Name: MUID
Value: 080C0BFFBA7E6B920E8B1A47BBF56AA4
.iata.org/ Name: _uetsid
Value: 64051470e34611ec972f93a2e6163e1c
.iata.org/ Name: _uetvid
Value: 64053830e34611ec8fa0fd8c74825f0e
.iata.org/ Name: nmstat
Value: 85670749-eb23-fbf2-e8d1-9b3006970510
.iata.org/ Name: _dc_gtm_UA-4245951-1
Value: 1
.t.co/ Name: muc_ads
Value: f7974446-926a-4d14-89f7-fa7e8274225d
.twitter.com/ Name: personalization_id
Value: "v1_/SUCQ1nbsOo9tp7zjL9J+g=="
6126171.global.siteimproveanalytics.io/ Name: AWSELBCORS
Value: 1BF185CB12C799AC7E8F30E4356ECAB670474BBE588D8C794434013018C6F025CF05C90678F60F8BC4542034736A388120A7C60680E5CEA23BDF794F89C7883D26F01C0A24
www.clarity.ms/ Name: CLID
Value: 2e152d6b1d9f45d49ff8e7d7429bca9c.20220603.20230603
www.iata.org/ Name: ai_session
Value: Q3kMK|1654265201014.9|1654265201014.9
.iata.org/ Name: _hjSessionUser_1723475
Value: eyJpZCI6Ijg4YmQ4NGI5LTkwZGMtNTEyZS1iNmEzLWU3OTk0YWZkOWQyMiIsImNyZWF0ZWQiOjE2NTQyNjUyMDA4NTYsImV4aXN0aW5nIjpmYWxzZX0=
.iata.org/ Name: _hjFirstSeen
Value: 1
www.iata.org/ Name: _hjIncludedInSessionSample
Value: 1
.iata.org/ Name: _hjSession_1723475
Value: eyJpZCI6ImM4MTljMDRiLWM2NTAtNDk5My1iZmQ3LWZlNDgyMmU0NDg1ZSIsImNyZWF0ZWQiOjE2NTQyNjUyMDEwMjAsImluU2FtcGxlIjp0cnVlfQ==
.iata.org/ Name: _hjAbsoluteSessionInProgress
Value: 0
.linkedin.com/ Name: UserMatchHistory
Value: AQIoW2NpOAHgQQAAAYEp48EduJXo-vlZ8dttAQXXoURKgNqtNFJCMaOWg9NOdgCILRjSrTEBRkk0kg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLB05aJdu1vCwAAAYEp48Ed2bJeIQB7V64e3m9HD10vIHibQBniuKSndrK8IrTkOfaGYA1zqLsw0aL3OF0WVQ
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&c164cb13-8cf6-4516-8575-406341efbe93"
.linkedin.com/ Name: lidc
Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2320:u=1:x=1:i=1654265200:t=1654351600:v=2:sig=AQE_eGRmq9SgoDkkhgl6_BrcgsStIahH"
.iata.org/ Name: _fbp
Value: fb.1.1654265201034.1038999458
.iata.org/ Name: _fs
Value: ddfb5b00-664a-471e-923f-54008e720336
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202206031406414ab686e8-1300-4106-88f4-e5dd74f06100AQG_W5EQ78HQ-OPXkJijtALPRpWtRD7e"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTQyNjUyMDE7MjswMjFdHCpAWplRJEkQHJ2pKvEx+Ggge1OuqutC70jIRwRJIA==
.iata.org/ Name: _clck
Value: 19f6j3c|1|f20|0
.iata.org/ Name: _clsk
Value: d9oze4|1654265202051|1|1|l.clarity.ms/collect
.c.bing.com/ Name: SRM_B
Value: 080C0BFFBA7E6B920E8B1A47BBF56AA4
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 080C0BFFBA7E6B920E8B1A47BBF56AA4
.c.clarity.ms/ Name: ANONCHK
Value: 0
.pardot.com/ Name: visitor_id123902
Value: 916550807
.pardot.com/ Name: visitor_id123902-hash
Value: f662859c04f1706b746a93689511e189cad76b9343a39a4f7e6b8f0ef89c265fea0884ad8a9e80c984a35760792be25e595a4278
pi.pardot.com/ Name: lpv123902
Value: aHR0cHM6Ly93d3cuaWF0YS5vcmcvZW4veW91YW5kaWF0YS9mcmF1ZHVsZW50LWVtYWlscy13ZWJzaXRlcy8%3D
www.iata.org/ Name: visitor_id123902
Value: 916550807
www.iata.org/ Name: visitor_id123902-hash
Value: f662859c04f1706b746a93689511e189cad76b9343a39a4f7e6b8f0ef89c265fea0884ad8a9e80c984a35760792be25e595a4278
go.updates.iata.org/ Name: visitor_id123902
Value: 916550807
go.updates.iata.org/ Name: visitor_id123902-hash
Value: f662859c04f1706b746a93689511e189cad76b9343a39a4f7e6b8f0ef89c265fea0884ad8a9e80c984a35760792be25e595a4278

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3bd2e09113cc6e4d09b08ddddff4975f.safeframe.googlesyndication.com
6126171.global.siteimproveanalytics.io
a.usea01.idio.episerver.net
adservice.google.com
adservice.google.de
analytics.twitter.com
az416426.vo.msecnd.net
bat.bing.com
c.bing.com
c.clarity.ms
cdn.funnelytics.io
connect.facebook.net
dc.services.visualstudio.com
dl.episerver.net
fonts.gstatic.com
go.updates.iata.org
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
l.clarity.ms
pagead2.googlesyndication.com
pi.pardot.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.usea01.idio.episerver.net
script.hotjar.com
securepubads.g.doubleclick.net
siteimproveanalytics.com
snap.licdn.com
static.ads-twitter.com
static.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
t.co
tpc.googlesyndication.com
track-v2.funnelytics.io
vars.hotjar.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.iata.org
www.linkedin.com
www.youtube.com
yt3.ggpht.com
www.youtube.com
104.244.42.197
104.244.42.3
13.107.42.14
13.69.106.217
142.250.185.98
142.250.186.66
172.64.145.46
18.158.135.185
18.64.103.63
199.232.188.157
20.120.65.166
20.234.93.27
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:4400::ac40:9912
2606:4700::6812:8ae
2620:1ec:21::14
2620:1ec:27::cafe:1375
2620:1ec:c11::200
2a00:1450:4001:803::200a
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2008
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2016
2a00:1450:400c:c1b::9c
2a02:26f0:3500:16::215:14a0
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3120::3
3.97.121.83
52.54.96.194
65.9.63.33
99.86.4.14
99.86.4.6
05bc542bcd29803a843c851c578dda9c21c9d6fddb1d360f9c297838f720460f
0edc1b4ed8293e574b9a97e181d42c3eed961cb17e8defd4c04486b7be57cab6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
119101d5459b2e6b26f4d52811b09306847a6457bcdbfec0bef9da37c3045e13
13698941495ff490324b2d3e6c83183d928945f2d29bd5a667e3a6fd4e8137e1
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
158d06fec406363800e7188324534c4db142cc1b0939dd8c60768dfb9647de24
1a7a922bda1091ff0b65e50ee843815cf7550093e5959e9c70fc0b2eda482819
1abdca285184c77e57fbb838894039027e8fb09e2a47f8d5864b6c5a505015e4
1c75a093de0fd2824bd456d9dfc892ae79bd7649d8d7f722a30d97bfd9c8eb06
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1ebcef30d8031dfb0d098615774c9c48d21f083c80246b4b938e5fb600afd8ad
217c6406583ff202cf56d73f214fbb40f9b4f9ff14c4f5d674504876e51461e4
21d5553376e1ef3fb62091daaa999dea7de514a5fdcd73b91252d617872367ec
21eba3ff57a32f5bd00b3628fe1f38519d8ef4437f83bd70f1b5c61ab8c8a1fe
23a1a6f198b4d909350fa59d97d61ffcc56410ed6c85bb0f10dfb1885ed7e9b1
26d7e53c0a97c35d480f6bc6703f772d837d689e9594d70205a5b44d7594be82
275c6f44bfaaca1124f23e1bec4917dfc1bbdef49ea9134f6d531af151a6b332
28b6eceea9ce4d68cbb4b8a8afeeea47432c6b6240fad1f214c2ad76fb4eef75
2da1d1a73c33dcf371bb3cf4e8e797a794cd90b0fed14957d32263b360810903
30bff88d3fe3e4c255b611f47f523ff8f05fdcc2f23970e109cc3cebb534c97f
324a3be3c88d864090180621534b3c1e7d97e1f24839312a547e9a3ad9d47207
32af1efe4b6a543bfa3a10887d93a4653d3b7fd31c2d44e7be89268234ea2dd7
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
36fed3049d021e34a2d5c1fc2060940e1c36003317650ce5bf4b3eb7337cb0b0
3aecc883e28cf7548536b73aa1a455a4c008d14eb7f0819e8b7ac64e068ea98a
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99
3d875163a7d10a7c95d258a3a134f7dfa6f446392bc420edbff6a0eea3281f03
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855
4568479123ddfd59c9f7ac7607a044c7d03e3a3744dc762a8a7e5bd921a364c9
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4c3c7d261d28afdd73d3b2041feb1498e0c7f17bd44e10cbfa565eeee51acefc
4f1ae9117422a229514d32064db2fce3fc7ff0da2bf1ec87b98b3955146098c4
4fa6f3037810e659e440d7d729ba4a958409f112f13485e85edb4125cd44893b
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
535b0b3550bc47892462d2c0cc7ac69da16168a034ca3cf5cf514981f4c1723a
5368b6460d4729e397d27eda0c6d8973636a626518e27790cae3ffe4c88401e2
540d3ba6702e277e7c3ccb680a42d9f96f3def6e61a59058e52d7aea967ffea5
556cbed3274b1eb583dcc4fbc6ac3d2ca8b5c3d2f037187d0a3675d0302ae0d1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57daf5dedb7b3fde8cf10b877dafa9c333a384c6ac7f92f6dd9550f2c84ef07c
5ea8d337774acc6768f6026b9b171baacde0542e358e021b873f82bf2ffe9bf3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623aab405058e30a77d9161bd1a4e1ba46549e2b7937db37205dbdb772852662
67660c72f074afc0e674822efc3f9589c3e857a2af72f68ed28d86274f489d20
67a6bd65b52dc5c19b55065830dafdc47885846bad2672ba893331f98442a5c0
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7a2437d8d8cde4bb9e436c55e36652ee771fe2e87658f2b16734169197bd1ab1
7b7b57d8f3b84d0fb3cf4ac9bec992b8c9fe155746f4d19da8adc8a9f87fc8e1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
87c411bc73a95995fb9486459d614cfe211993eb7d4fa4905e5c0c3369a12c2b
88ba15c9bc1ab764a5d87136d8ce4db46e53073f7463d91e8f5050a40545d5d8
89aae21d524dad8ead1b06cc4c4b65f9ce29dcc62a84997076bd0de123c93423
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cd023f437e110d80ed29030d97f7218d03755ddfff27ab266972962421d478a
8f507919484d4d8e30b48508e5aac0f4cfe0738c9c386133363063c2f756e6c8
9097e1ff17fbb8acade8627483d0471e77677fb494adff42037dbfc39303a937
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
962619938836452f4f7ec7eba630cdad8d5a4d5e1bbc4b7cb5e5353380825772
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b1d0d26733bb3ce6b891aa82306458b5260987e31acc178eef6fb57453654a4
9fa5f4494a80ecf219df87f5a3bedccc280a4a458e72a12732411ec531731bb4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ffd1b704018c9f7d710aff2c8e9382c4e598e7362a943c2099824322caf7d6
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab57b0d42dc163615de4c88a1821829ab86901b8210aee0bd194b6438d1be096
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0
b4086c3011c4f3f281712e3e9c5497bc0ac91e00a9580f01c248c32e59d9a73e
b668e843499461acaf97c3e2b7c4a55940f37e6b083168928b538f9736213f63
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
bda277a4ba0af74a71829d0503828c4f976d0c56187bf9dfb4f7c017d99179d2
be491f084ae9823aa8c2e070956bb2b036f4591b53e827edf112887551fc31b0
c0bc3be07587388188143cb937f57c41c1921c60d0ad0c1a278c9099b6fc26a6
c94292e38c0a05307b9bd07bba86f98b9c35d402b52d83f3f520e97bc1d6be65
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
ce49f65c95ecf647cfd8c42e085e42eb1286e5f03cc0d151db78374cc3105090
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
d1a77a4fd2792da534255900f459062af122e7d012bf9edf746c4936aa41100e
d33a733a766b90ab20fbde6332294484a146c39caf68db556eaf65914eaefac5
d4f8b44fdef980d0b8195a4e2565e5da017d150bfe0fc5551c0c5f22cfbaac66
d7a92c71031958d5a686652af4ca493e95b3f8d2801c5b97c57d10d685417346
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7ef80bc6599d31bf817c22ec75791d2ce917035db0c06dc8dbce08d801cbd12
d8f70c48bf953347fb2e121c648d7f24ccb4b82af68a5b1084ac45c83d541c85
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
dd6afc5ca21e20fba6c0f8063017e22fcbcf5f94d9ad50db0b5320133f0cfbb4
dd6eb9aea8938c9c632f89897fc7feddaa8adcaaaa8fe1c637764638438b606f
e126139717a0ecc2ad609a2335163fe5261ed5e5abf37b538d02b06f06bf8472
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6d0297916d332cc646f0e4550dd376e8444ad3df576d7bea7dcf9fed3bfc3b
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f0ebfaf921c463ec79bd40c998894c772380bbeb1faac6fb675354c8c189baa2
f57e35d2c8b2159b3c45674b28891458c48da2379f88c37f0c74f7a2476d8d40
f5cacda73a7b677180e4428c3d0345b49d890c98bd25eb3db239c3f96efbee22
f7a0dbff813bc7c5605b8a86f87c6aaf78793b501ad00953f5fe4fc3beee65e5
f895f430bf2ff8521abc607b39cf7db048c529f6476e4dc7266f1925b89641a8
f90a365ef6c57ff79ef72d8644c530fb104dd27bb97c0c70a952bd8c9dfe56b9
f971b49334fbfa54f5a868c369879349f60685eda0c4376bd3c0638644be260c