booking.fedafone.com Open in urlscan Pro
104.21.46.9  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

• https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%22widget_id%22%3A%22whitelabel_en%22%2C%22trace_id%22%3A%22Zz5ea9f02ff9324d21b129a8f-456941%22%2C%22promo_id%22%3A%224238%22%7D%7D%5D%7D HTTP 302
• https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_en%22,%22trace_id%22:%22Zz5ea9f02ff9324d21b129a8f-456941%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web

Request Chain 41

• https://travelpayouts.com/powered_by/powered_by.js HTTP 301
• https://www.travelpayouts.com/powered_by/powered_by.js

Request Chain 42

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10247.39DirUEbIve_0kwR5N4Eu_5nICXdFGvTjI0MYewepZ2Q-m0N-izfsA5sIJelr3P8.ZmsOD3P5xYTujZcAO3N3qRNHCqc%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=10247.3V2DSsRmXsPC0UxC8iyuHn8iUbUAhPsW4Dpy8L-qEZDWkPKO0fm701hcJzegQv4pRCXFo7fEcLN0ktL3at3dUDInvwh9OROUVyPz5srRLegGNLNGCGm_Zb1vYDo5PULCxXbNfhRkvNM7rD_fsVWqBR2d4Jo7gkAxp3NdeXEwP47Y9nizY-Nv5PKwgRJBnR_yYOJjWKtlLDqCJHgThiI_N8u0qLnmdBCC-MTza5adXkw%2C.eR4vH7gNfaw_4O9kFxcIoMIktoI%2C HTTP 302
• https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10247.mn2r3ExSoc75ke6X-qd0vGmjSi7G6XEkPFscPQdXNEeZYKAp18mglQibClUox66wAaJBObSqq4vI4iTAJJ50yo4QWVW9B8TXnNmTUm7BSjjJbCFaaJRYzx8iTPgsZT8xik7XDstV4fVMR8hgyPmabUA973jorrSP0UDt7L2yhCZG12h9f_FBgEeb2K1ScPgLEpAcdZbSn0c1xkNlRYs6Ag%2C%2C.cx5-0pSkXen52JXL4jougtbjMLg%2C

Request Chain 49

• https://mc.yandex.com/watch/94107031?wmode=7&page-url=https%3A%2F%2Fbooking.fedafone.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A878785851934%3Ahid%3A3111232%3Az%3A-600%3Ai%3A20240113025446%3Aet%3A1705150487%3Ac%3A1%3Arn%3A268158815%3Arqn%3A1%3Au%3A1705150487977252397%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C342%2C353%2C10%2C0%2C0%2C%2C1517%2C119%2C%2C%2C%2C2245%3Aco%3A0%3Acpf%3A1%3Ans%3A1705150483530%3Agi%3AR0ExLjEuOTg4MTM0NTIyLjE3MDUxNTA0ODU%3D%3Afp%3A2374%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705150487%3At%3ASearch%20Flights%20and%20Hotels&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ecs(0)ti(1) HTTP 302
• https://mc.yandex.com/watch/94107031/1?wmode=7&page-url=https%3A%2F%2Fbooking.fedafone.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A878785851934%3Ahid%3A3111232%3Az%3A-600%3Ai%3A20240113025446%3Aet%3A1705150487%3Ac%3A1%3Arn%3A268158815%3Arqn%3A1%3Au%3A1705150487977252397%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C342%2C353%2C10%2C0%2C0%2C%2C1517%2C119%2C%2C%2C%2C2245%3Aco%3A0%3Acpf%3A1%3Ans%3A1705150483530%3Agi%3AR0ExLjEuOTg4MTM0NTIyLjE3MDUxNTA0ODU%3D%3Afp%3A2374%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705150487%3At%3ASearch%20Flights%20and%20Hotels&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ecs%280%29ti%281%29

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response booking.fedafone.com/	23 KB 7 KB	717ms 353ms	Document text/html	104.21.46.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.fedafone.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.46.9 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9fb621514ac6d58a4478c4e9e3251a9b16672f7424a31ae7067486802b7bedd1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 844dca1c598f17f1-EWR content-encoding br content-type text/html; charset=utf-8 date Sat, 13 Jan 2024 12:54:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddxmPM5CItqEifnsA9eULIooZN2DBW1M%2BVFAQF%2FCVHtXV8U7k6oSRMcJujViBXXoxWbAn7pUsSo8uoP251it%2B3D6nlRB1qoG9TZ6QaQxazPTV0iIionHKlgl2MFbfePi6p%2BKfPmfCQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-request-id 0ce2efad7af51eaa13e9f61bef353c5f
GET H2	200	whitelabel_en.js Show response booking.fedafone.com/widgets/	7 KB 2 KB	264ms 261ms	Script application/javascript	104.21.46.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.fedafone.com/widgets/whitelabel_en.js?v=002&rtl=false&locale=en Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.46.9 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 037139d9e12f9cfc67dec462e1e5c28778c436ca2aaf1564d067fd6ef9465703 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:44 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-promo-id 4238 alt-svc h3=":443"; ma=86400 x-request-id c72315ac0b5014e146a9f43450fd5e53 server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKRFrgTPk3HVVEhhdEjy4fSVeo2zvaqDPDVd%2Fs1zLyOXWdt%2BR15kvd%2F5VuwgbLqOy1W38yvMhBNuY2wlv5zq7gcbm9lLoKeg9fQFb9Y9CoyHX2qxZPNotxeOnXTeOp9%2BtM%2FZdjmRNg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control private, max-age=0 cf-ray 844dca1eab2217f1-EWR timing-allow-origin * link </mewtwo/styles.css?locale=en&rtl=false&v=002>; rel=preload; as=style, </widgets_static/whitelabel_en.js?locale=en&rtl=false&v=002>; rel=preload; as=script x-robots-tag noindex
GET H2	200	main.en.js Show response booking.fedafone.com/	786 KB 174 KB	698ms 696ms	Script application/javascript	104.21.46.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.fedafone.com/main.en.js Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.46.9 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf1ce4af51cd6f61c6ed3e342d8cf0cfcaa3f42c8fed9eae148956441e6be21a Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:44 GMT content-encoding br cf-cache-status MISS last-modified Saturday, 13-Jan-2024 12:54:44 UTC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"655f48eb-c4616" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAq%2BE4AGUmMwxuVbUiv8Iiyna8aYR0EfdlEIoGkmDpu7Dh9c8R6yBPExHpb3bD98swN%2FuIL0p0MqQVsiWLLUTyaHbJ4vdcn9cp%2Bvu7P8vKwT9ED49bGJwmgsFay38mp%2BEUhxiq%2F6aw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 844dca1eab2317f1-EWR alt-svc h3=":443"; ma=86400 x-request-id 70a93e6084a3d7dc8889c86264888e1f expires Sat, 13 Jan 2024 13:24:44 GMT
GET H2	200	main.css booking.fedafone.com/	2 MB 449 KB	567ms 566ms	Stylesheet text/css	104.21.46.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.fedafone.com/main.css Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.46.9 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6a65995d7bba8bd213f762de09336de1adf9da139b46c64b5ad3cee83898e1d Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:44 GMT content-encoding br cf-cache-status MISS last-modified Saturday, 13-Jan-2024 12:54:44 UTC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"655f4821-1b90e0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYoUiGuUA%2BhPl1ecUAlHTz1IUe7mAdWyPoplEZYQeEGKFXVssJQBQxfjCuQd4AJxfqn18vIAEcQNjRWWi2Yz2q2MuS6DqabKx5ETDbHk1Hvl5yGtGlSr2NLVkMteNBhVj2uLy3GZeg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 844dca1eab2017f1-EWR alt-svc h3=":443"; ma=86400 x-request-id df4f97507d00e5dca2ede2c5865f436a expires Sat, 13 Jan 2024 13:24:44 GMT
GET H2	200	pace.min.js Show response cdn.jsdelivr.net/npm/pace-js@latest/	13 KB 5 KB	333ms 10ms	Script application/javascript	151.101.65.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/pace-js@latest/pace.min.js Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.229 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 82a77b6138e0fc1b5fa964b0b093af9dd97407173c8052262c4917413f3eaa3d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Sat, 13 Jan 2024 12:54:44 GMT x-content-type-options nosniff content-encoding br age 41712 x-jsd-version 1.2.4 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 4820 x-served-by cache-fra-etou8220055-FRA, cache-lga21926-LGA x-jsd-version-type version etag W/"32a2-Fn2gm82FWGTw/aA8sOg4QOKZwEg" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	flash.css www.fedafone.com/assets/css/	2 KB 795 B	696ms 674ms	Stylesheet text/css	104.21.46.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fedafone.com/assets/css/flash.css?v=13 Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.46.9 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bf6cb4b5e2155551717cfbb00478775d1a17c1eb3a3c06e00b8aba517e68b5f6 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:44 GMT content-encoding br cf-cache-status MISS last-modified Sat, 08 Jul 2023 21:06:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"802-6000020a03f89-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KwyWU2YMBKlY1sCWw%2FDZBExwctAjUha7%2FCGT4DDRG8TmSlqjG4N9NZUjUnxz%2Bw1n6FUvRtUrhAfQJKjsQkhpBdGcFC7eIJ3aIJ9KgSzzzYCVytVUdIBe%2FPX41JV2VW%2B05Y8"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 844dca1ecb3017f1-EWR alt-svc h3=":443"; ma=86400
GET H2	200	theme.min.css www.fedafone.com/assets/css/	310 KB 46 KB	1119ms 1097ms	Stylesheet text/css	104.21.46.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fedafone.com/assets/css/theme.min.css?v=12 Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.46.9 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 354e182a9aaf2d5ef98b8e6a4ef7938fa6426cfa0fbad63850a7c943595f2405 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:45 GMT content-encoding br cf-cache-status MISS last-modified Mon, 31 Jul 2023 22:06:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"4d69a-601cfa6216b91-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcIEsiN%2F2MmhA49iAhhnBH2AdqJfCEbk6rZG6fvoByu0SvVGyTj1qu5lo9MaOpYtu9oCR4wLNby4SRtMcn0wP3wNciqJCqVR2XjMsbslqWmFKc668T9d5QQRsMPzOpepZ7bR"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 844dca1ecb3117f1-EWR alt-svc h3=":443"; ma=86400
GET H2	200	fbooking.png www.fedafone.com/assets/img/	86 KB 87 KB	3777ms 3756ms	Image image/png	104.21.46.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.fedafone.com/assets/img/fbooking.png?v=10 Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.46.9 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 724e3bba71bdefc92daff117ba507abe60f25e0c8855fe2827d9427fc924c4a0 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:48 GMT cf-cache-status MISS last-modified Mon, 19 Jun 2023 17:51:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1587c-5fe7f2ecf92dc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQaVRpHqzncq9eH6kDPj0rDBR4kNp09X9Lj38GH0pDCKm6vxFPava9PWibQmxGFfeiLsfNwA4FBM8xPoW1LBeAg%2BwvYsn7A057%2BbPdkelTFL2vqJ2llg%2B%2BtzfbvFKwzeyW05"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 844dca1ecb3217f1-EWR alt-svc h3=":443"; ma=86400 content-length 88188
GET H2	200	js Show response www.googletagmanager.com/gtag/	276 KB 91 KB	393ms 58ms	Script application/javascript	142.251.167.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-XB5G5G3L3D Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f97.1e100.net Software Google Tag Manager / Resource Hash 70040221b9e8175c9c140459e2e62cf34c2708a1f60296957f32366debdd97d0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:44 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93405 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 13 Jan 2024 12:54:44 GMT
GET H2	200	90MNp12RID8yDowq Show response wa.fedafone.com/pixel/	5 KB 2 KB	384ms 363ms	Script application/javascript	104.21.46.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wa.fedafone.com/pixel/90MNp12RID8yDowq Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.46.9 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2dedc7ba4e0bc32ec700c493b97b6c385fe5cd69e6cf5720bb3f8d05a81e20a2 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma cache date Sat, 13 Jan 2024 12:54:44 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ukq5%2BkHpasguYf7SzFWAz5sslMvIB1cuEJjuSYl4HSnMgYw4BS3RLJE6LKyqb3QATJBnPV1ZlUTSG6nui7KNg2wo5YgfUdUuAsDdKiIqINBl9hEFFKgO6txZRKc1XsHNch4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=300 cf-ray 844dca20ec1517f1-EWR alt-svc h3=":443"; ma=86400 expires Sat, 13 Jan 2024 12:59:44 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	202 KB 71 KB	365ms 30ms	Script application/javascript	142.251.167.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-M47KB56 Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f97.1e100.net Software Google Tag Manager / Resource Hash 7de13a3b611a885d48aba65e9c9db3a40e8930021ea7caf88d5ddda1d70b6afb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:44 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72790 x-xss-protection 0 last-modified Sat, 13 Jan 2024 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 13 Jan 2024 12:54:44 GMT
GET H2	200	styles.css booking.fedafone.com/mewtwo/	167 KB 15 KB	450ms 449ms	Stylesheet text/css	104.21.46.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.fedafone.com/mewtwo/styles.css?locale=en&rtl=false&v=002 Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.46.9 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:44 GMT content-encoding br cf-cache-status MISS last-modified Saturday, 13-Jan-2024 12:54:44 UTC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6548cf09-29ce6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlDwSm7rEpAa43M3UZ9SgTyqYFYSwzfqqDayjJ2MUNIItzIcgquzeI5vQWg8B5J7tZLI2ljFEaIdy3%2BjsVr4ZnoJObWo8IyUhpb1nPp1SaEE2vKToa1Ug%2FDIVLYApZaYeFajfJEAPA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 844dca204bdd17f1-EWR alt-svc h3=":443"; ma=86400 x-request-id f1121179dd2421e2ab657cbdcc752291 expires Sat, 13 Jan 2024 13:24:44 GMT
GET H2	200	whitelabel_en.js Show response booking.fedafone.com/widgets_static/	309 KB 57 KB	515ms 514ms	Script application/javascript	104.21.46.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.fedafone.com/widgets_static/whitelabel_en.js?locale=en&rtl=false&v=002 Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.46.9 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e52b29ccac7ffce1e5f4d5dd23f016d2dfd9080830d83f1c227cfa69f56e1438 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:45 GMT content-encoding br cf-cache-status MISS last-modified Saturday, 13-Jan-2024 12:54:44 UTC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6548cf0c-4d278" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2uAV4RgMKnnNHNAA%2F0HUPAwiYkJxIRtCArb0Z9uk4T%2FgzQ9eU3QUmCusU9kJgorItp74%2BcZu2IhjRKANQcklZQcqQbZPShDR7czVJfwKGXthCsfqkbMCRyuixJ1PCfOOVqxjzTuZQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 844dca204bde17f1-EWR alt-svc h3=":443"; ma=86400 x-request-id 5b7fd3bbf296657e4bd4208a96f99970 expires Sat, 13 Jan 2024 13:24:44 GMT
GET H2	200	set mamka.aviasales.ru/third_party_cookies/	0 277 B	320ms 92ms	Image text/plain	185.106.81.236 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2024-01-13T12%3A54%3A45.050Z Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:45 GMT server nginx access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type text/plain charset=UTF-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	255 KB 87 KB	40ms 39ms	Script application/javascript	142.251.167.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-6C1GFWKMT9&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-M47KB56 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f97.1e100.net Software Google Tag Manager / Resource Hash c996cd75e97cabbd4b61e324bbce54a5d99c1ca6bec5f6c1734e1d15eb84e4c5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 88705 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 13 Jan 2024 12:54:45 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	339ms 9ms	Script text/javascript	216.239.38.178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-M47KB56 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.38.178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 13 Jan 2024 11:51:49 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 3776 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sat, 13 Jan 2024 13:51:49 GMT
POST H2	204	collect www.google-analytics.com/g/	0 165 B	264ms 25ms	Ping text/plain	216.239.38.178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-6C1GFWKMT9&gtm=45je41a0v893968163z878526466&_p=1705150484279&gcd=11l1l1l1l1&dma=0&cid=988134522.1705150485&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705150485&sct=1&seg=0&dl=https%3A%2F%2Fbooking.fedafone.com%2F&dt=Search%20Flights%20and%20Hotels&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1642 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-6C1GFWKMT9&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.38.178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sat, 13 Jan 2024 12:54:45 GMT server Golfe2 content-type text/plain access-control-allow-origin https://booking.fedafone.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	css2 fonts.googleapis.com/	10 KB 1 KB	360ms 26ms	Stylesheet text/css	172.253.122.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Manrope:wght@400;500;600;700;800&display=swap Requested by Host: www.fedafone.com URL: https://www.fedafone.com/assets/css/theme.min.css?v=12 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f95.1e100.net Software ESF / Resource Hash 749dca6f8da3c6de7a5cb65b6c289ddb5d971e667293f23c1b19c0994bafb264 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 13 Jan 2024 12:54:45 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 13 Jan 2024 10:57:35 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 13 Jan 2024 12:54:45 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	16 B 107 B	25ms 24ms	XHR text/plain	216.239.38.178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1787513275&t=pageview&_s=1&dl=https%3A%2F%2Fbooking.fedafone.com%2F&ul=en-us&de=UTF-8&dt=Search%20Flights%20and%20Hotels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=663416198&gjid=1512507950&cid=988134522.1705150485&tid=UA-70090146-9&_gid=1613322.1705150485&_r=1&_slc=1&gtm=45He41a0n81M47KB56v78526466&gcd=11l1l1l1l1&dma=0&z=1223464808 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.38.178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 478e24551e2c62c09dad71685f8ffcb22a0e3d6d3d4d4274d4a6b337b56189fc Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://booking.fedafone.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 13 Jan 2024 12:54:45 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://booking.fedafone.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	2 B 149 B	358ms 23ms	XHR text/plain	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-70090146-9&cid=988134522.1705150485&jid=663416198&gjid=1512507950&_gid=1613322.1705150485&_u=YADAAEAAAAAAACAAI~&z=1210569579 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software Golfe2 / Resource Hash 6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://booking.fedafone.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sat, 13 Jan 2024 12:54:45 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://booking.fedafone.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	243 KB 84 KB	34ms 33ms	Script application/javascript	142.251.167.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-1HXW6H26GB&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f97.1e100.net Software Google Tag Manager / Resource Hash d172d107cfb07aae1cd13987ca29e83b7439c003b5b52a7536b41841a30ffdfd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 86006 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 13 Jan 2024 12:54:45 GMT
GET H2	200	set mamka.aviasales.ru/third_party_cookies/	0 276 B	94ms 94ms	Image text/plain	185.106.81.236 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2024-01-13T12%3A54%3A45.484Z&mamka_attempts=1 Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:45 GMT server nginx access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type text/plain charset=UTF-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 0
POST H2	204	collect analytics.google.com/g/	0 257 B	359ms 24ms	Ping text/plain	172.253.115.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-1HXW6H26GB&gtm=45je41a0v9126237212&_p=1705150484279&_gaz=1&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=988134522.1705150485&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fbooking.fedafone.com%2F&dt=Search%20Flights%20and%20Hotels&sid=1705150485&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2041 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-1HXW6H26GB&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f138.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sat, 13 Jan 2024 12:54:45 GMT server Golfe2 content-type text/plain access-control-allow-origin https://booking.fedafone.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 257 B	255ms 23ms	Ping text/plain	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1HXW6H26GB&cid=988134522.1705150485&gtm=45je41a0v9126237212&aip=1&dma=0&gcd=11l1l1l1l2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-1HXW6H26GB&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sat, 13 Jan 2024 12:54:45 GMT server Golfe2 content-type text/plain access-control-allow-origin https://booking.fedafone.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	202 KB 70 KB	878ms 289ms	Script application/javascript	93.158.134.119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:46 GMT content-encoding br strict-transport-security max-age=31536000 last-modified Wed, 27 Dec 2023 07:32:12 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "658bd2fc-11627" content-type application/javascript access-control-allow-origin * cache-control max-age=3600 timing-allow-origin * content-length 71207 expires Sat, 13 Jan 2024 13:54:46 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	276 KB 91 KB	48ms 47ms	Script application/javascript	142.251.167.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-XB5G5G3L3D&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-M47KB56 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f97.1e100.net Software Google Tag Manager / Resource Hash 4ce2b101cd06e77091eca677ca62fb7c9f1d34efb7532c3bd425d0e698a50534 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93431 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 13 Jan 2024 12:54:45 GMT
GET H2	200	xn7gYHE41ni1AdIRggexSg.woff2 fonts.gstatic.com/s/manrope/v15/	24 KB 24 KB	354ms 16ms	Font font/woff2	172.253.62.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Manrope:wght@400;500;600;700;800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.62.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bc-in-f94.1e100.net Software sffe / Resource Hash 14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://booking.fedafone.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 09:10:32 GMT x-content-type-options nosniff age 272654 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24376 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:22:16 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 09 Jan 2025 09:10:32 GMT
GET H2	200	sp.js Show response static.aviasales.com/snowplow/19.20.1/	43 KB 14 KB	355ms 17ms	Script application/x-javascript	13.225.214.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.aviasales.com/snowplow/19.20.1/sp.js Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/main.en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-37.ewr50.r.cloudfront.net Software / Resource Hash 5b7961e43ba73a1ec7a400060934040077aef584ce1a6ab0185d9c41ce029d32 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 06 Jul 2023 05:08:11 GMT content-encoding gzip via 1.1 04d5f6961d9b76b97c908d8ed9816378.cloudfront.net (CloudFront) last-modified Wed, 03 May 2023 09:21:11 GMT x-amz-cf-pop EWR50-C1 age 16530395 etag W/"56c168eae5c685d285eeaf940c1f21d5" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript cache-control public,max-age=31536000 alt-svc h3=":443"; ma=86400 x-amz-cf-id TLMhiIjbi5cbwzELP1TKwoANn53agCu5k4T9hEKMoY4AwYK540e7VQ==
GET H2	200	whitelabel_en.js Show response booking.fedafone.com/widgets/	7 KB 2 KB	318ms 318ms	Script application/javascript	104.21.46.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.fedafone.com/widgets/whitelabel_en.js Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/main.en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.46.9 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 861a216c85bca7977bd8fee75258a611cac4b595c9293797a2898d2538704f6b Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:46 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-promo-id 4238 alt-svc h3=":443"; ma=86400 x-request-id b374d827639e1e4128a933e1849beda2 server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iG0FxUuFYK0IEBYTT2C9r3lKLTZGlAibWf5X8bjANd27A9EC0ikWZwOJ9AJTmg%2BzU12hZM026sbQp3BN34Pq0hKhiYxvFx4j3ljBIgTiJsVM61aToqZuS3cFkdOYQpnwPssp0hgOXQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control private, max-age=0 cf-ray 844dca28882817f1-EWR timing-allow-origin * link </mewtwo/styles.css>; rel=preload; as=style, </widgets_static/whitelabel_en.js>; rel=preload; as=script x-robots-tag noindex
GET DATA	200 OK	truncated /	863 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9ceddb5c380cb8111a0beb07fcf991cc290b7a8d8afbe21c8a9831d419d6b467 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	currency-regular-webfont.woff2 www.travelpayouts.com/currency_fonts/	4 KB 4 KB	285ms 96ms	Font application/octet-stream	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://www.travelpayouts.com/currency_fonts/currency-regular-webfont.woff2 Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/main.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 4ba3cac275ae4d06824607aa55da87e077a60cc9608aa0d6d8b6004922573d2e Request headers Referer https://booking.fedafone.com/ Origin https://booking.fedafone.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:46 GMT last-modified Tue, 10 Oct 2023 03:23:58 GMT server nginx etag "6524c3ce-e08" content-type application/octet-stream access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 3592 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	tp.png www.travelpayouts.com/powered_by/img/	4 KB 4 KB	290ms 114ms	Image image/png	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://www.travelpayouts.com/powered_by/img/tp.png Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 2485b6352182e9b84c6010dedea330b64058983d22008327a64fd7d9b10df905 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:46 GMT last-modified Mon, 13 Nov 2023 11:56:56 GMT server nginx content-type image/png cache-control no-store, no-cache accept-ranges bytes x-robots-tag noindex content-length 3584 x-request-id a1ac1a5e1c5b0b0df6b76ca39d786015
POST H2	200	90MNp12RID8yDowq wa.fedafone.com/pixel-track/	0 383 B	167ms 166ms	Ping text/html	104.21.46.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wa.fedafone.com/pixel-track/90MNp12RID8yDowq Requested by Host: wa.fedafone.com URL: https://wa.fedafone.com/pixel/90MNp12RID8yDowq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.46.9 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://booking.fedafone.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 13 Jan 2024 12:54:46 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oi%2FDMWJTQqXCri3e%2BSiDG9oCsArcxLkyapRqk7djFhsZGwZK90JQ3p%2Fr8G09CMeaM%2B3E0QUhD6TTMYz17%2FK0XffHWua5CNS36OdxwtxHvFKfRHb%2BnAmk9dfbpO%2BuiNDrz80%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods POST, OPTIONS access-control-allow-origin * content-type text/html; charset=UTF-8 cf-ray 844dca28d85117f1-EWR access-control-allow-headers Content-Type alt-svc h3=":443"; ma=86400
POST H2	204	collect www.google-analytics.com/g/	0 54 B	23ms 23ms	Ping text/plain	216.239.38.178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-XB5G5G3L3D&gtm=45je41a0v9128785352&_p=1705150484279&gcd=11l1l1l1l1&dma=0&cid=988134522.1705150485&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705150485&sct=1&seg=0&dl=https%3A%2F%2Fbooking.fedafone.com%2F&dt=Search%20Flights%20and%20Hotels&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2390 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-XB5G5G3L3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.38.178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sat, 13 Jan 2024 12:54:45 GMT server Golfe2 content-type text/plain access-control-allow-origin https://booking.fedafone.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	361ms 26ms	Image image/gif	172.253.115.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-70090146-9&cid=988134522.1705150485&jid=663416198&_u=YADAAEAAAAAAACAAI~&z=658447722 Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.147 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f147.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sat, 13 Jan 2024 12:54:46 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated /	348 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0cd533223411d5bab615e57af6eab20ecd15e20bc76f12487a38c0daf82e54cc Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	set mamka.aviasales.ru/third_party_cookies/	0 276 B	92ms 92ms	Image text/plain	185.106.81.236 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2024-01-13T12%3A54%3A46.081Z&mamka_attempts=2 Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:46 GMT server nginx access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type text/plain charset=UTF-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 0
GET H2	200	styles.css booking.fedafone.com/mewtwo/	167 KB 16 KB	440ms 440ms	Stylesheet text/css	104.21.46.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.fedafone.com/mewtwo/styles.css Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.46.9 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:46 GMT content-encoding br cf-cache-status MISS last-modified Saturday, 13-Jan-2024 12:54:46 UTC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6548cf09-29ce6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKhfvwyMYn9PXzEodh1g2MiwFD8%2BqjGJ90EFLw09cbWErlNBGTqMeK01eVvChGuOEQf5dPs7g94wkuEn%2F0AJc7d%2BKFo%2BaESvvzLT3Zt7NRGvab9Z1byLMhLSH%2FDyVf5Y8kJgpG7Z6w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 844dca2a896e17f1-EWR alt-svc h3=":443"; ma=86400 x-request-id 52d0957935b166e68d97dfd207506af7 expires Sat, 13 Jan 2024 13:24:46 GMT
GET H2	200	whitelabel_en.js Show response booking.fedafone.com/widgets_static/	309 KB 57 KB	489ms 488ms	Script application/javascript	104.21.46.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.fedafone.com/widgets_static/whitelabel_en.js Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.46.9 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e52b29ccac7ffce1e5f4d5dd23f016d2dfd9080830d83f1c227cfa69f56e1438 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:46 GMT content-encoding br cf-cache-status MISS last-modified Saturday, 13-Jan-2024 12:54:46 UTC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6548cf0c-4d278" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Lgk3je1crZjr3x%2BaCkI7xeNMnB5e%2FItJq0ljY7kvUY7VH8joVFCEzPJKsCzZpKGmgwUV44D%2B4Dk8v3QytlXhn%2ByQ7MUjgmfqdqEaRhQgbYTpIeZ%2B%2FePCRXjFEtvP82PDemuPFBDqg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 844dca2a897317f1-EWR alt-svc h3=":443"; ma=86400 x-request-id 01c519d1e34da5c5d67e96cfe0df7984 expires Sat, 13 Jan 2024 13:24:46 GMT
GET H2	200	j.gif avsplow.com/a/ Redirect Chain https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%2... https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_en%22,%22trace_id%22:%22Zz5ea9f02f...	43 B 388 B	91ms 90ms	Image image/gif	188.42.198.44 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_en%22,%22trace_id%22:%22Zz5ea9f02ff9324d21b129a8f-456941%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Server 188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:46 GMT server nginx p3p policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO" access-control-allow-origin * content-type image/gif cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 43 Redirect headers date Sat, 13 Jan 2024 12:54:46 GMT server nginx p3p policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO" location https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_en%22,%22trace_id%22:%22Zz5ea9f02ff9324d21b129a8f-456941%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 0
GET H2	200	styles.css booking.fedafone.com/mewtwo/	167 KB 16 KB	423ms 423ms	Stylesheet text/css	104.21.46.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.fedafone.com/mewtwo/styles.css?v=002 Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/widgets_static/whitelabel_en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.46.9 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:47 GMT content-encoding br cf-cache-status MISS last-modified Saturday, 13-Jan-2024 12:54:46 UTC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6548cf09-29ce6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niaLxpkSAVLva2fSEL4Xp1%2BOkwchm2dDOFoDXATnpqtON2vwVkLRR%2FnV2nSRgF5J1U1P%2FGZKdqBht5HgKyN3t8JbnOAcxVI%2BpQH9B6TEli5Y4IxCtZO82jMoFM6VyBgYCqk596B71g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 844dca2dbba017f1-EWR alt-svc h3=":443"; ma=86400 x-request-id f89a307a51ce17893054ce192b529127 expires Sat, 13 Jan 2024 13:24:46 GMT
GET H2	200	whereami Show response booking.fedafone.com/	132 B 458 B	100ms 100ms	Script application/x-javascript	104.21.46.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.fedafone.com/whereami?locale=en&callback=mewtwoForms.geoIPSetter.lang_en Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/widgets_static/whitelabel_en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.46.9 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2615ad48947097dce3f7fc51e8628ee5c531b3f74fe6b7a3b7f76e516876cd1c Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:46 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcC%2BkaSGEAzXwOen4rZHStih6vprieTgKr5H5k4VhVPoYX3WmpJ77Lf%2BWZQMtlBWDwP8O2GcUeQRWxTMvcnWUJPYwj4pIM0nS8mS6c1MphmQdZryL5E1nSV%2F80bec3Tr4gL5r7dYNQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cf-ray 844dca2dbba917f1-EWR alt-svc h3=":443"; ma=86400 x-request-id 3938066c46ca3ff63ef8c1155b4fbfd5
GET H2	200	powered_by.js Show response www.travelpayouts.com/powered_by/ Redirect Chain https://travelpayouts.com/powered_by/powered_by.js https://www.travelpayouts.com/powered_by/powered_by.js	40 KB 14 KB	212ms 212ms	Script application/javascript	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://www.travelpayouts.com/powered_by/powered_by.js Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 1da316975270755e27f6558b9a5f979d30e6e981d98354c84f171e59bb2b55fc Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:46 GMT content-encoding br last-modified Mon, 13 Nov 2023 11:56:56 GMT server nginx vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control no-store, no-cache x-robots-tag noindex x-request-id 6cc842f37d800125304f36f6f2232459 Redirect headers location https://www.travelpayouts.com/powered_by/powered_by.js date Sat, 13 Jan 2024 12:54:46 GMT server nginx content-length 178 content-type text/html
GET H2	200	sync_cookie_image_finish mc.yandex.ru/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10247.39DirUEbIve_0kwR5N4Eu_5nICXdFGvTjI0MYewepZ2Q-m0N-izfsA5sIJelr3P8.ZmsOD3P5xYTujZcAO3N3qRNHCqc%2C https://mc.yandex.com/sync_cookie_image_decide?token=10247.3V2DSsRmXsPC0UxC8iyuHn8iUbUAhPsW4Dpy8L-qEZDWkPKO0fm701hcJzegQv4pRCXFo7fEcLN0ktL3at3dUDInvwh9OROUVyPz5srRLegGNLNGCGm_Zb1vYDo5PULCxXbNfhRkvN... https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10247.mn2r3ExSoc75ke6X-qd0vGmjSi7G6XEkPFscPQdXNEeZYKAp18mglQibClUox66wAaJBObSqq4vI4iTAJJ50yo4QWVW9B8TXnNmTUm7BSjjJb...	43 B 584 B	150ms 150ms	Image image/gif	93.158.134.119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10247.mn2r3ExSoc75ke6X-qd0vGmjSi7G6XEkPFscPQdXNEeZYKAp18mglQibClUox66wAaJBObSqq4vI4iTAJJ50yo4QWVW9B8TXnNmTUm7BSjjJbCFaaJRYzx8iTPgsZT8xik7XDstV4fVMR8hgyPmabUA973jorrSP0UDt7L2yhCZG12h9f_FBgEeb2K1ScPgLEpAcdZbSn0c1xkNlRYs6Ag%2C%2C.cx5-0pSkXen52JXL4jougtbjMLg%2C Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Server 93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:47 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10247.mn2r3ExSoc75ke6X-qd0vGmjSi7G6XEkPFscPQdXNEeZYKAp18mglQibClUox66wAaJBObSqq4vI4iTAJJ50yo4QWVW9B8TXnNmTUm7BSjjJbCFaaJRYzx8iTPgsZT8xik7XDstV4fVMR8hgyPmabUA973jorrSP0UDt7L2yhCZG12h9f_FBgEeb2K1ScPgLEpAcdZbSn0c1xkNlRYs6Ag%2C%2C.cx5-0pSkXen52JXL4jougtbjMLg%2C date Sat, 13 Jan 2024 12:54:47 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 500 B	145ms 144ms	Image image/gif	93.158.134.119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:46 GMT strict-transport-security max-age=31536000 last-modified Mon, 25 Dec 2023 13:57:02 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "65898a2e-2b" content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 43 expires Sat, 13 Jan 2024 13:54:46 GMT
GET H2	200	tp_white.png www.travelpayouts.com/powered_by/img/	3 KB 3 KB	93ms 93ms	Image image/png	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://www.travelpayouts.com/powered_by/img/tp_white.png Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 2b987833855741a74ca43f6003d83d784ed04ff8a496ea912ea48a1433f87f84 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:47 GMT last-modified Mon, 13 Nov 2023 11:56:56 GMT server nginx content-type image/png cache-control no-store, no-cache accept-ranges bytes x-robots-tag noindex content-length 2672 x-request-id d4290b5ff90a636c3400436abe1de2bf
GET DATA	200 OK	truncated /	611 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 96ad6831131d0457d3dc1720ee07fd8fc5f35f95c0465aa0dc1391ac115bd5f7 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	381 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3e4f1087d75f2bcd98e67eada6d74e15d0f2e611c0cb01674977d6f96072f232 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	129 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 790b10738b3b7f50952abf4131fa62ea2a14b15099ac36db0f201ab55f16d23b Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	903 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c68573d57af2167a699c645236af00bf91e103bca25e851b7e6245605fdcacda Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	1 Show response mc.yandex.com/watch/94107031/ Redirect Chain https://mc.yandex.com/watch/94107031?wmode=7&page-url=https%3A%2F%2Fbooking.fedafone.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3A... https://mc.yandex.com/watch/94107031/1?wmode=7&page-url=https%3A%2F%2Fbooking.fedafone.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%...	427 B 546 B	147ms 147ms	Fetch application/json	93.158.134.119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/94107031/1?wmode=7&page-url=https%3A%2F%2Fbooking.fedafone.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A878785851934%3Ahid%3A3111232%3Az%3A-600%3Ai%3A20240113025446%3Aet%3A1705150487%3Ac%3A1%3Arn%3A268158815%3Arqn%3A1%3Au%3A1705150487977252397%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C342%2C353%2C10%2C0%2C0%2C%2C1517%2C119%2C%2C%2C%2C2245%3Aco%3A0%3Acpf%3A1%3Ans%3A1705150483530%3Agi%3AR0ExLjEuOTg4MTM0NTIyLjE3MDUxNTA0ODU%3D%3Afp%3A2374%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705150487%3At%3ASearch%20Flights%20and%20Hotels&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ecs%280%29ti%281%29 Requested by Host: booking.fedafone.com URL: https://booking.fedafone.com/ Protocol H2 Server 93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 6f2c09fd3077ebd228c0a24f6489e4f463fb2e5d31645952a8d756492127c205 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sat, 13 Jan 2024 12:54:47 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Sat, 13-Jan-2024 12:54:47 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://booking.fedafone.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 427 x-xss-protection 1; mode=block expires Sat, 13-Jan-2024 12:54:47 GMT Redirect headers pragma no-cache date Sat, 13 Jan 2024 12:54:47 GMT strict-transport-security max-age=31536000 last-modified Sat, 13-Jan-2024 12:54:47 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/94107031/1?wmode=7&page-url=https%3A%2F%2Fbooking.fedafone.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A878785851934%3Ahid%3A3111232%3Az%3A-600%3Ai%3A20240113025446%3Aet%3A1705150487%3Ac%3A1%3Arn%3A268158815%3Arqn%3A1%3Au%3A1705150487977252397%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C342%2C353%2C10%2C0%2C0%2C%2C1517%2C119%2C%2C%2C%2C2245%3Aco%3A0%3Acpf%3A1%3Ans%3A1705150483530%3Agi%3AR0ExLjEuOTg4MTM0NTIyLjE3MDUxNTA0ODU%3D%3Afp%3A2374%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705150487%3At%3ASearch%20Flights%20and%20Hotels&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ecs%280%29ti%281%29 access-control-allow-origin https://booking.fedafone.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Sat, 13-Jan-2024 12:54:47 GMT
GET H2	200	set mamka.aviasales.ru/third_party_cookies/	0 276 B	91ms 91ms	Image text/plain	185.106.81.236 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2024-01-13T12%3A54%3A48.688Z&mamka_attempts=3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 12:54:48 GMT server nginx access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type text/plain charset=UTF-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 0
POST H2	204	collect www.google-analytics.com/g/	0 54 B	23ms 23ms	Ping text/plain	216.239.38.178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-6C1GFWKMT9&gtm=45je41a0v893968163&_p=1705150484279&gcd=11l1l1l1l1&dma=0&cid=988134522.1705150485&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705150485&sct=1&seg=0&dl=https%3A%2F%2Fbooking.fedafone.com%2F&dt=Search%20Flights%20and%20Hotels&en=scroll&epn.percent_scrolled=90&_et=42&tfd=6686 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-6C1GFWKMT9&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.38.178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sat, 13 Jan 2024 12:54:50 GMT server Golfe2 content-type text/plain access-control-allow-origin https://booking.fedafone.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	94107031 mc.yandex.com/webvisor/	43 B 0	714ms 286ms	Fetch image/gif	93.158.134.119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/94107031?wv-part=1&wv-type=7&wmode=0&wv-hit=3111232&page-url=https%3A%2F%2Fbooking.fedafone.com%2F&rn=603909392&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1705150491%3Aw%3A1600x1200%3Av%3A1201%3Az%3A-600%3Ai%3A20240113025450%3Au%3A1705150487977252397%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Ast%3A1705150491&t=gdpr(14)ti(1) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://booking.fedafone.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 13 Jan 2024 12:54:51 GMT strict-transport-security max-age=31536000 last-modified Sat, 13-Jan-2024 12:54:51 GMT content-type image/gif access-control-allow-origin https://booking.fedafone.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sat, 13-Jan-2024 12:54:51 GMT
POST H2	204	collect www.google-analytics.com/g/	0 54 B	24ms 23ms	Ping text/plain	216.239.38.178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-XB5G5G3L3D&gtm=45je41a0v9128785352&_p=1705150484279&gcd=11l1l1l1l1&dma=0&cid=988134522.1705150485&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705150485&sct=1&seg=0&dl=https%3A%2F%2Fbooking.fedafone.com%2F&dt=Search%20Flights%20and%20Hotels&en=scroll&epn.percent_scrolled=90&_et=13&tfd=7409 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-XB5G5G3L3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.38.178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://booking.fedafone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sat, 13 Jan 2024 12:54:50 GMT server Golfe2 content-type text/plain access-control-allow-origin https://booking.fedafone.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	94107031 mc.yandex.com/webvisor/	43 B 0	314ms 285ms	Fetch image/gif	93.158.134.119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/94107031?wv-part=1&wv-type=7&wmode=0&wv-hit=3111232&page-url=https%3A%2F%2Fbooking.fedafone.com%2F&rn=869613786&browser-info=we%3A1%3Aet%3A1705150491%3Aw%3A1600x1200%3Av%3A1201%3Az%3A-600%3Ai%3A20240113025451%3Au%3A1705150487977252397%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Ast%3A1705150491&t=gdpr(14)ti(1) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://booking.fedafone.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 13 Jan 2024 12:54:51 GMT strict-transport-security max-age=31536000 last-modified Sat, 13-Jan-2024 12:54:51 GMT content-type image/gif access-control-allow-origin https://booking.fedafone.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sat, 13-Jan-2024 12:54:51 GMT