www.corendonairlines.com Open in urlscan Pro
83.98.215.60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://corendonairlines.com/
Effective URL:
https://www.corendonairlines.com/nl
Submission: On February 21 via manual (February 21st 2023, 10:34:39 am UTC) from DE — Scanned from NL

Summary HTTP 182 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 67 IPs in 11 countries across 50 domains to perform 182 HTTP transactions. The main IP is 83.98.215.60, located in Netherlands and belongs to SENTIA, NL. The main domain is www.corendonairlines.com. The Cisco Umbrella rank of the primary domain is 73451.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 31st 2022. Valid for: a year.

This is the only time www.corendonairlines.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 39	83.98.215.60 83.98.215.60	8315 (SENTIA) (SENTIA)
2	2a02:26f0:350... 2a02:26f0:3500:18::1724:a29a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2606:4700:7::... 2606:4700:7::a29f:863d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:803::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:f70... 2a02:26f0:f700:3a4::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1	52.222.214.93 52.222.214.93	16509 (AMAZON-02) (AMAZON-02)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
2	2a03:2880:f04... 2a03:2880:f042:110:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2.23.97.97 2.23.97.97	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2.18.79.135 2.18.79.135	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80e::2003	15169 (GOOGLE) (GOOGLE)
1	13.227.219.3 13.227.219.3	16509 (AMAZON-02) (AMAZON-02)
7 8	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
1	52.29.181.78 52.29.181.78	16509 (AMAZON-02) (AMAZON-02)
2 4	67.220.226.238 67.220.226.238	16509 (AMAZON-02) (AMAZON-02)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2 6	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
1	18.66.147.116 18.66.147.116	16509 (AMAZON-02) (AMAZON-02)
11	2606:4700:7::... 2606:4700:7::a29f:853d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.220.56.53 54.220.56.53	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
2	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	35.157.7.227 35.157.7.227	16509 (AMAZON-02) (AMAZON-02)
2 2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
4	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
2	92.123.38.97 92.123.38.97	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	18.196.105.110 18.196.105.110	16509 (AMAZON-02) (AMAZON-02)
2	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
2	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
2	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	104.18.24.185 104.18.24.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	52.211.39.111 52.211.39.111	16509 (AMAZON-02) (AMAZON-02)
2	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
2 4	18.192.131.171 18.192.131.171	16509 (AMAZON-02) (AMAZON-02)
2	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.197.252.47 18.197.252.47	16509 (AMAZON-02) (AMAZON-02)
2	70.42.32.127 70.42.32.127	13789 (INTERNAP-...) (INTERNAP-BLK3)
2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2600:1f18:612... 2600:1f18:612b:4216:ce25:c445:cadd:c70b	14618 (AMAZON-AES) (AMAZON-AES)
2	104.64.175.239 104.64.175.239	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.77.226.36 54.77.226.36	16509 (AMAZON-02) (AMAZON-02)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
2	34.255.170.214 34.255.170.214	16509 (AMAZON-02) (AMAZON-02)
2	3.135.11.80 3.135.11.80	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
182	67

39 83.98.215.60 (Netherlands) 3 redirects

ASN8315 (SENTIA, NL)

corendonairlines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.corendonairlines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:18::1724:a29a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:7::a29f:863d (United States)

ASN13335 (CLOUDFLARENET, US)

corendonairlines.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eitri.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:803::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f700:3a4::f09 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

9774452.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-93.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f042:110:face:b00c:0:3 (Marseille, France)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.23.97.97 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-97-97.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.79.135 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-135.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-3.ams54.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638::1c (France) 7 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.181.78 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-181-78.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.220.226.238 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fledge-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.23 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-116.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:7::a29f:853d (United States)

ASN13335 (CLOUDFLARENET, US)

carrier.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
segment.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aryuder.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
location.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
corendonairlines.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
inference.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.56.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-56-53.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.157.7.227 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-7-227.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.46 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.38.97 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-38-97.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.105.110 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-105-110.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.24.185 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.211.39.111 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-39-111.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.192.131.171 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-131-171.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.252.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-252-47.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4216:ce25:c445:cadd:c70b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.64.175.239 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-175-239.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.226.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-226-36.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.170.214 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-170-214.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.135.11.80 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-11-80.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.fr.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	corendonairlines.com 3 redirects corendonairlines.com — Cisco Umbrella Rank: 68496 www.corendonairlines.com — Cisco Umbrella Rank: 73451	2 MB
21	useinsider.com corendonairlines.api.useinsider.com carrier.useinsider.com — Cisco Umbrella Rank: 30278 segment.api.useinsider.com — Cisco Umbrella Rank: 19455 assets.api.useinsider.com — Cisco Umbrella Rank: 26631 eitri.api.useinsider.com — Cisco Umbrella Rank: 26022 aryuder.api.useinsider.com — Cisco Umbrella Rank: 81519 location.api.useinsider.com — Cisco Umbrella Rank: 20022 hit.api.useinsider.com — Cisco Umbrella Rank: 17045 log.api.useinsider.com — Cisco Umbrella Rank: 13411 inference.api.useinsider.com — Cisco Umbrella Rank: 56800	180 KB
17	criteo.com 7 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3845 gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2771 sslwidget.criteo.com — Cisco Umbrella Rank: 1808 dis.criteo.com — Cisco Umbrella Rank: 683	54 KB
7	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 9774452.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	3 KB
6	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 519 fledge-eu.creativecdn.com — Cisco Umbrella Rank: 15388	4 KB
6	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 900 trc.taboola.com — Cisco Umbrella Rank: 644 trc-events.taboola.com — Cisco Umbrella Rank: 1739 sync-t1.taboola.com — Cisco Umbrella Rank: 1276	21 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	21 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 203 secure.adnxs.com — Cisco Umbrella Rank: 385	5 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4596 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	1 KB
4	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 651	2 KB
4	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 199	3 KB
4	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 284	2 KB
4	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 936	4 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	265 B
4	google.nl www.google.nl — Cisco Umbrella Rank: 9423 adservice.google.nl — Cisco Umbrella Rank: 14363	1 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 765	101 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 628 script.hotjar.com — Cisco Umbrella Rank: 767 vars.hotjar.com — Cisco Umbrella Rank: 914 in.hotjar.com — Cisco Umbrella Rank: 1676	74 KB
3	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1399	2 KB
3	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 273	526 B
3	serving-sys.com secure-ds.serving-sys.com — Cisco Umbrella Rank: 2336 bs.serving-sys.com — Cisco Umbrella Rank: 1473	77 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 368	12 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	217 KB
3	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4119 consentcdn.cookiebot.com — Cisco Umbrella Rank: 4688	91 KB
2	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1694	535 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 581	675 B
2	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2208	439 B
2	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4413	885 B
2	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2370	365 B
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 657	1008 B
2	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 728	290 B
2	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1368	2 KB
2	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2511	377 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 396	2 KB
2	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 759	329 B
2	adform.net cm.adform.net — Cisco Umbrella Rank: 1239	325 B
2	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 337	279 B
2	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1911	344 B
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 578	227 B
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 515	69 B
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 316	478 B
2	media.net contextual.media.net — Cisco Umbrella Rank: 539	2 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 617	612 B
2	t.co t.co — Cisco Umbrella Rank: 522	583 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	137 KB
1	criteo.net csm.fr.eu.criteo.net — Cisco Umbrella Rank: 6933	203 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 28719	153 B
1	gstatic.com fonts.gstatic.com	15 KB
1	33across.com ssc-cms.33across.com — Cisco Umbrella Rank: 838	73 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 623	15 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 905	44 KB
182	50

	Domain	Requested by
37	www.corendonairlines.com	1 redirects www.corendonairlines.com
8	gum.criteo.com	7 redirects dynamic.criteo.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.corendonairlines.com
5	creativecdn.com	2 redirects www.corendonairlines.com creativecdn.com
4	ad.360yield.com	2 redirects
4	dpm.demdex.net	2 redirects
4	dis.criteo.com
4	x.bidswitch.net	2 redirects
4	aax-eu.amazon-adsystem.com	2 redirects www.corendonairlines.com
4	www.facebook.com	www.corendonairlines.com
4	analytics.tiktok.com	www.corendonairlines.com analytics.tiktok.com
3	r.casalemedia.com	1 redirects www.corendonairlines.com
3	ups.analytics.yahoo.com	1 redirects www.corendonairlines.com
3	ib.adnxs.com	3 redirects
3	log.api.useinsider.com	www.corendonairlines.com
3	hit.api.useinsider.com	corendonairlines.api.useinsider.com
3	assets.api.useinsider.com	corendonairlines.api.useinsider.com
3	www.google.nl	www.corendonairlines.com
3	region1.analytics.google.com	www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.corendonairlines.com
3	www.googletagmanager.com	www.corendonairlines.com www.googletagmanager.com
3	corendonairlines.api.useinsider.com	www.corendonairlines.com corendonairlines.api.useinsider.com
2	s.thebrighttag.com
2	beacon.krxd.net
2	sync-criteo.ads.yieldmo.com	www.corendonairlines.com
2	ad.yieldlab.net	www.corendonairlines.com
2	criteo-partners.tremorhub.com	www.corendonairlines.com
2	simage2.pubmatic.com	www.corendonairlines.com
2	sync.outbrain.com	www.corendonairlines.com
2	exchange.mediavine.com	www.corendonairlines.com
2	matching.ivitrack.com	www.corendonairlines.com
2	id5-sync.com	www.corendonairlines.com
2	secure.adnxs.com	www.corendonairlines.com
2	visitor.omnitagjs.com	www.corendonairlines.com
2	cm.adform.net	www.corendonairlines.com
2	eb2.3lift.com	www.corendonairlines.com
2	criteo-sync.teads.tv	www.corendonairlines.com
2	sync-t1.taboola.com	www.corendonairlines.com
2	rtb-csync.smartadserver.com	www.corendonairlines.com
2	match.sharethrough.com	www.corendonairlines.com
2	pixel.rubiconproject.com	www.corendonairlines.com
2	contextual.media.net	www.corendonairlines.com
2	cm.g.doubleclick.net	2 redirects
2	sslwidget.criteo.com	dynamic.criteo.com
2	aryuder.api.useinsider.com	corendonairlines.api.useinsider.com
2	eitri.api.useinsider.com	corendonairlines.api.useinsider.com
2	carrier.useinsider.com	corendonairlines.api.useinsider.com
2	trc-events.taboola.com	cdn.taboola.com
2	analytics.twitter.com	www.corendonairlines.com
2	t.co	www.corendonairlines.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	secure-ds.serving-sys.com	www.corendonairlines.com secure-ds.serving-sys.com
2	dynamic.criteo.com	www.googletagmanager.com
2	connect.facebook.net	www.corendonairlines.com connect.facebook.net
2	9774452.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	consent.cookiebot.com	www.corendonairlines.com consent.cookiebot.com
2	corendonairlines.com	2 redirects
1	csm.fr.eu.criteo.net
1	inference.api.useinsider.com	corendonairlines.api.useinsider.com
1	a.twiago.com
1	fonts.gstatic.com	assets.api.useinsider.com
1	in.hotjar.com	script.hotjar.com
1	location.api.useinsider.com	corendonairlines.api.useinsider.com
1	segment.api.useinsider.com	corendonairlines.api.useinsider.com
1	fledge-eu.creativecdn.com	creativecdn.com
1	vars.hotjar.com	static.hotjar.com
1	ssc-cms.33across.com	creativecdn.com
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	adservice.google.nl	adservice.google.com
1	mug.criteo.com	www.corendonairlines.com
1	adservice.google.com	9774452.fls.doubleclick.net
1	www.google.com	www.corendonairlines.com
1	script.hotjar.com	static.hotjar.com
1	trc.taboola.com	cdn.taboola.com
1	cdn.taboola.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	consentcdn.cookiebot.com	consent.cookiebot.com
182	80

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
useinsider.com
www.rtbhouse.com
policies.google.com
www.id5.io
yandex.com
www.hotjar.com
www.tiktok.com
www.media.net
pubmatic.com
twitter.com
www.improvedigital.com
www.bidswitch.com
triplelift.com
site.adform.com
www.appnexus.com
www.criteo.com
www.amazon.com
privacy.microsoft.com
www.casalemedia.com
www.facebook.com
www.taboola.com
www.sizmek.com
www.adobe.com
www.ividence.com
www.magnite.com
yieldmo.com
smartadserver.com
underdogmedia.com
policies.oath.com
www.salesforce.com
www.instagram.com
www.youtube.com
www.linkedin.com
b2b.corendonairlines.com

Subject Issuer	Validity	Valid
*.corendonairlines.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-31` - `2023-10-31`	a year	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-04` - `2023-06-06`	a year	crt.sh
useinsider.com Cloudflare Inc ECC CA-3	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-15` - `2023-06-17`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-30` - `2023-02-28`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2022-12-15` - `2024-01-15`	a year	crt.sh
secure-ds.serving-sys.com R3	`2022-12-20` - `2023-03-20`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
bs.serving-sys.com Amazon RSA 2048 M02	`2023-02-14` - `2023-05-09`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
teads.tv R3	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-10` - `2023-06-11`	4 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
itm.ivitrack.com R3	`2023-02-03` - `2023-05-04`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-02-11` - `2023-08-04`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M02	`2023-02-10` - `2023-07-01`	5 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-27` - `2023-03-22`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-23` - `2023-06-22`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.fr.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-27` - `2023-03-29`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.corendonairlines.com/nl
Frame ID: 24AC61159C2238DB9735360566416E7E
Requests: 113 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 7CA806444D77006A44CB7F22E7AAFF20
Requests: 1 HTTP requests in this frame

Frame: https://9774452.fls.doubleclick.net/activityi;dc_pre=CLHW8Zm1pv0CFRDLsgodnyYG2A;src=9774452;type=invmedia;cat=remar0;ord=2571934277564;gtm=45He32f0;auiddc=666214845.1676975672;~oref=https%3A%2F%2Fwww.corendonairlines.com%2Fnl
Frame ID: 6E53B9C8A76BDD5B222317E0F8916691
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.corendonairlines.com&origin=onetag&us_privacy=1---
Frame ID: 8773591AC24B30347BD38A5A9BAF60B6
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLHW8Zm1pv0CFRDLsgodnyYG2A;src=9774452;type=invmedia;cat=remar0;ord=2571934277564;gtm=45He32f0;auiddc=666214845.1676975672;~oref=https%3A%2F%2Fwww.corendonairlines.com%2Fnl
Frame ID: 1727E56DE99B6F71FB690FC9743FD3A3
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.nl/ddm/fls/i/dc_pre=CLHW8Zm1pv0CFRDLsgodnyYG2A;src=9774452;type=invmedia;cat=remar0;ord=2571934277564;gtm=45He32f0;auiddc=666214845.1676975672;~oref=https%3A%2F%2Fwww.corendonairlines.com%2Fnl
Frame ID: 8546BBFC083C2018DE41D7E37E31144A
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iui3?d=forester-did&ex-fargs=%3Fid%3D9f912d05-d49e-5954-da70-22da34aaaf59%26type%3D55%26m%3D4&ex-fch=416613&ex-src=https://www.corendonairlines.com/&ex-hargs=v%3D1.0%3Bc%3D592194631520236171%3Bp%3D9F912D05-D49E-5954-DA70-22DA34AAAF59&dcc=t
Frame ID: C724CB59CC00BE366A18C31419F17311
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iui3?d=forester-did&ex-fargs=%3Fid%3D9f912d05-d49e-5954-da70-22da34aaaf59%26type%3D55%26m%3D4&ex-fch=416613&ex-src=https://www.corendonairlines.com/&ex-hargs=v%3D1.0%3Bc%3D592194631520236171%3Bp%3D9F912D05-D49E-5954-DA70-22DA34AAAF59&dcc=t
Frame ID: CB7411527083AA7A34B315BB59834CBD
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/tags?id=pr_jqy07Fs1yxb1IjCgCYMm_home&id=pr_jqy07Fs1yxb1IjCgCYMm_custom_language_nl&tc=1
Frame ID: CB6A985A2CC938527EAC7E6CAEBFACAD
Requests: 2 HTTP requests in this frame

Frame: https://corendonairlines.api.useinsider.com/worker-new.html
Frame ID: 3618E883FB9DFC7472840E700D3B38D2
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
Frame ID: 862D03DA9AB2563E3B34535ADC9980DA
Requests: 1 HTTP requests in this frame

Frame: https://fledge-eu.creativecdn.com/fledge-igmembership?ntk=S6qXsm4rsi5qR0ghsLGCUmy9GgNZV8n_VtS70sEzFzCAn-ufEVDbkYu3ynZdyECwyQXwVrjxybb5DS-OsOC52Q
Frame ID: E071E1544A90882A8A284B4B6CCA493B
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/tags?type=iframe&id=pr_jqy07Fs1yxb1IjCgCYMm&ncm=1&tc=1
Frame ID: ADD6B59058055292C517EF5BBC603A50
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-u4omEpq14k_Ko5oYY4eeSRIF2VMYmkCgXK1zPg&expires=30
Frame ID: 4F35F3D6353C9BACD1401CADBF412CA8
Requests: 27 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-u4omEpq14k_Ko5oYY4eeSRIF2VMYmkCgXK1zPg&expires=30
Frame ID: B26E0DB4F8D888302B7125B8437BD1AD
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Corendon Airlines – Vliegtickets – Your Holiday Airline

Page URL History Show full URLs

http://corendonairlines.com/ HTTP 301
https://corendonairlines.com/ HTTP 301
https://www.corendonairlines.com/ HTTP 302
https://www.corendonairlines.com/nl Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Insider (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.useinsider\.\w+/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Page Statistics

182
Requests

89 %
HTTPS

32 %
IPv6

50
Domains

80
Subdomains

67
IPs

11
Countries

2940 kB
Transfer

7371 kB
Size

66
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: http://useinsider.com/privacy-policy/
Title: Insider

Search URL Search Domain Scan URL

URL: https://www.rtbhouse.com/privacy-center/
Title: RTB House

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Google

Search URL Search Domain Scan URL

URL: https://www.id5.io/privacy
Title: ID5

Search URL Search Domain Scan URL

URL: https://yandex.com/legal/privacy/
Title: Yandex

Search URL Search Domain Scan URL

URL: https://www.hotjar.com/legal/policies/privacy/
Title: Hotjar

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/legal/privacy-policy?lang=en
Title: Tiktok

Search URL Search Domain Scan URL

URL: https://www.media.net/privacy-policy
Title: Media.net

Search URL Search Domain Scan URL

URL: https://pubmatic.com/legal/privacy/
Title: PubMatic

Search URL Search Domain Scan URL

URL: https://twitter.com/en/privacy
Title: Twitter Inc.

Search URL Search Domain Scan URL

URL: https://www.improvedigital.com/privacy-policy/
Title: Improve Digital

Search URL Search Domain Scan URL

URL: https://www.bidswitch.com/privacy-policy/
Title: Bidswitch

Search URL Search Domain Scan URL

URL: https://triplelift.com/privacy/
Title: Triplelift

Search URL Search Domain Scan URL

URL: https://site.adform.com/privacy-center/platform-privacy/opt-out/
Title: Adform

Search URL Search Domain Scan URL

URL: https://www.appnexus.com/corporate-privacy-policy
Title: Appnexus

Search URL Search Domain Scan URL

URL: https://www.criteo.com/privacy/corporate-privacy-policy/
Title: Criteo

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=468496
Title: Amazon

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-US/privacystatement
Title: Microsoft

Search URL Search Domain Scan URL

URL: http://www.casalemedia.com/
Title: Casale Media

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policy.php/
Title: Meta Platforms, Inc.

Search URL Search Domain Scan URL

URL: https://www.taboola.com/privacy-policy
Title: Taboola

Search URL Search Domain Scan URL

URL: https://www.sizmek.com/privacy-policy/optedout/
Title: Sizmek

Search URL Search Domain Scan URL

URL: https://www.adobe.com/uk/privacy.html
Title: Adobe

Search URL Search Domain Scan URL

URL: http://www.ividence.com/politique-de-confidentialite/
Title: Ividence

Search URL Search Domain Scan URL

URL: https://www.magnite.com/legal/advertising-technology-privacy-policy/
Title: Telaria

Search URL Search Domain Scan URL

URL: http://yieldmo.com/privacy/
Title: Yieldmo

Search URL Search Domain Scan URL

URL: https://smartadserver.com/corporate-privacy-policy/
Title: Smart

Search URL Search Domain Scan URL

URL: https://underdogmedia.com/privacy-policy/
Title: UnderdogMedia

Search URL Search Domain Scan URL

URL: https://policies.oath.com/us/en/oath/privacy/index.html
Title: Oath

Search URL Search Domain Scan URL

URL: https://www.salesforce.com/eu/company/privacy/
Title: Salesforce

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://www.instagram.com/corendonairlines/

Search URL Search Domain Scan URL

URL: https://twitter.com/Corendon_Air

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/corendonairlines

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CorendonAirlines

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/corendon-airlines

Search URL Search Domain Scan URL

URL: https://b2b.corendonairlines.com/
Title: Agent-login

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://corendonairlines.com/ HTTP 301
https://corendonairlines.com/ HTTP 301
https://www.corendonairlines.com/ HTTP 302
https://www.corendonairlines.com/nl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://9774452.fls.doubleclick.net/activityi;src=9774452;type=invmedia;cat=remar0;ord=2571934277564;gtm=45He32f0;auiddc=666214845.1676975672;~oref=https%3A%2F%2Fwww.corendonairlines.com%2Fnl HTTP 302
https://9774452.fls.doubleclick.net/activityi;dc_pre=CLHW8Zm1pv0CFRDLsgodnyYG2A;src=9774452;type=invmedia;cat=remar0;ord=2571934277564;gtm=45He32f0;auiddc=666214845.1676975672;~oref=https%3A%2F%2Fwww.corendonairlines.com%2Fnl

Request Chain 55

https://gum.criteo.com/sid/json?origin=onetag&domain=corendonairlines.com&sn=ChromeSyncframe&so=0&topUrl=www.corendonairlines.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=7s7cT3xYODJTU1hjbFEvVXFubC9oZmtNZkFWTldQRGJlbStUUnl4RUFEQjRucGUyS2FJZ0laaVdDcTFITjd4cXNBdk55Q2dpOFM1bFFvazdLRVVlZE1nRkNlbUZoM1ZnUTcvRW54UjF2clhmS2pVell2MzNSWjBjQ1pTbDZGOXUwcXQvOW1mdzVZUFR6UDhoTUxxV2lRbGk1V1l3cXRuQlNwY2lEbHNRMlNIdDU2TFdKODM4dlFQVkNzeGFmbE5OcHoxcDhBaHpQZXJmbEE1dU52VHFXMkRpYjhreTlNaUhpMUIybXV2TnhycFIrOHdJVnpHV3NDV0VDOGZKZWE5ZUNEVjhsbEp4c0FjYTFuUHFucXZKMkQ1UXIrN2RZWXZUeWNNTFJrTVR4elJQYmh1TT18&cppv=2

Request Chain 65

https://aax-eu.amazon-adsystem.com/s/iui3?d=forester-did&ex-fargs=%3Fid%3D9f912d05-d49e-5954-da70-22da34aaaf59%26type%3D55%26m%3D4&ex-fch=416613&ex-src=https://www.corendonairlines.com/&ex-hargs=v%3D1.0%3Bc%3D592194631520236171%3Bp%3D9F912D05-D49E-5954-DA70-22DA34AAAF59 HTTP 302
https://aax-eu.amazon-adsystem.com/s/iui3?d=forester-did&ex-fargs=%3Fid%3D9f912d05-d49e-5954-da70-22da34aaaf59%26type%3D55%26m%3D4&ex-fch=416613&ex-src=https://www.corendonairlines.com/&ex-hargs=v%3D1.0%3Bc%3D592194631520236171%3Bp%3D9F912D05-D49E-5954-DA70-22DA34AAAF59&dcc=t

Request Chain 66

https://aax-eu.amazon-adsystem.com/s/iui3?d=forester-did&ex-fargs=%3Fid%3D9f912d05-d49e-5954-da70-22da34aaaf59%26type%3D55%26m%3D4&ex-fch=416613&ex-src=https://www.corendonairlines.com/&ex-hargs=v%3D1.0%3Bc%3D592194631520236171%3Bp%3D9F912D05-D49E-5954-DA70-22DA34AAAF59 HTTP 302
https://aax-eu.amazon-adsystem.com/s/iui3?d=forester-did&ex-fargs=%3Fid%3D9f912d05-d49e-5954-da70-22da34aaaf59%26type%3D55%26m%3D4&ex-fch=416613&ex-src=https://www.corendonairlines.com/&ex-hargs=v%3D1.0%3Bc%3D592194631520236171%3Bp%3D9F912D05-D49E-5954-DA70-22DA34AAAF59&dcc=t

Request Chain 68

https://creativecdn.com/tags?id=pr_jqy07Fs1yxb1IjCgCYMm_home&id=pr_jqy07Fs1yxb1IjCgCYMm_custom_language_nl HTTP 302
https://creativecdn.com/tags?id=pr_jqy07Fs1yxb1IjCgCYMm_home&id=pr_jqy07Fs1yxb1IjCgCYMm_custom_language_nl&tc=1

Request Chain 69

https://creativecdn.com/tags?type=script&id=pr_jqy07Fs1yxb1IjCgCYMm&ncm=1 HTTP 302
https://creativecdn.com/tags?type=script&id=pr_jqy07Fs1yxb1IjCgCYMm&ncm=1&tc=1

Request Chain 119

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-u4omEpq14k_Ko5oYY4eeSRIF2VMYmkCgXK1zPg&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-u4omEpq14k_Ko5oYY4eeSRIF2VMYmkCgXK1zPg&expires=30

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-qVOnfZq14k_Ko5oYY4eeSRIF2VMZgdj08rbm6g&google_cm&google_hm=ay1xVk9uZlpxMTRrX0tvNW9ZWTRlZVNSSUYyVk1aZ2RqMDhyYm02Zw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qVOnfZq14k_Ko5oYY4eeSRIF2VMZgdj08rbm6g&google_gid=CAESEBRBU2ZzwKzUbYT4dC2zkho&google_cver=1&google_ula=913071,0

Request Chain 121

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8275971854707909004

Request Chain 129

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-RqBIW5q14k_Ko5oYY4eeSRIF2VNVulDjaMjXIA HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-RqBIW5q14k_Ko5oYY4eeSRIF2VNVulDjaMjXIA&verify=true

Request Chain 133

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VNr4I5q14k_Ko5oYY4eeSRIF2VOiuviBUNUUDQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VNr4I5q14k_Ko5oYY4eeSRIF2VOiuviBUNUUDQ&C=1

Request Chain 134

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=jWyXpj2Ex0UxY3tJn1MgQOOurDGXujKA HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=jWyXpj2Ex0UxY3tJn1MgQOOurDGXujKA

Request Chain 136

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-XKCGD5q14k_Ko5oYY4eeSRIF2VONQ2QfgA5wgA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XKCGD5q14k_Ko5oYY4eeSRIF2VONQ2QfgA5wgA

Request Chain 144

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-u4omEpq14k_Ko5oYY4eeSRIF2VMYmkCgXK1zPg&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-u4omEpq14k_Ko5oYY4eeSRIF2VMYmkCgXK1zPg&expires=30

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-qVOnfZq14k_Ko5oYY4eeSRIF2VMZgdj08rbm6g&google_cm&google_hm=ay1xVk9uZlpxMTRrX0tvNW9ZWTRlZVNSSUYyVk1aZ2RqMDhyYm02Zw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qVOnfZq14k_Ko5oYY4eeSRIF2VMZgdj08rbm6g&google_gid=CAESEBRBU2ZzwKzUbYT4dC2zkho&google_cver=1&google_ula=913071,0

Request Chain 146

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8275971854707909004

Request Chain 159

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=4MeGGewAAYIsTQ6bfgB-wsZ0K3A6sbPs HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=4MeGGewAAYIsTQ6bfgB-wsZ0K3A6sbPs

Request Chain 161

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-XKCGD5q14k_Ko5oYY4eeSRIF2VONQ2QfgA5wgA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XKCGD5q14k_Ko5oYY4eeSRIF2VONQ2QfgA5wgA

Request Chain 170

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Sqv51k6Hq6xniNvVYAcnxGKbVPO9qTju

Request Chain 171

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=hcra7dkabDbX1EaduucpFMJvW6hNjkir

Request Chain 172

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=vD8bbKL9KaJLPF_qodq_2aVXEx7ZFYrL

Request Chain 173

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=jQAQ5EXvzLYA7xcRGW-35jyQaDfSFxzR

182 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request nl Show response
www.corendonairlines.com/
Redirect Chain

http://corendonairlines.com/
https://corendonairlines.com/
https://www.corendonairlines.com/
https://www.corendonairlines.com/nl

315 KB
29 KB

671ms
670ms

Document
text/html

83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),

Reverse DNS

Software

nginx /

Resource Hash

56a1b30aa2daf427a54168b36594a90870cf18ffbafe77643e2f977bd1471ad5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 21 Feb 2023 10:33:22 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: no-cache
date: Tue, 21 Feb 2023 10:33:21 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: /nl
pragma: no-cache
server: nginx

GET
H2 200 UB-1168529.JPG
www.corendonairlines.com/Images/ 134 KB
134 KB 21ms
19ms Image
image/jpeg 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.corendonairlines.com/Images/UB-1168529.JPG
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3fa18b313314502692cd6dc2d5cfd0589b50274cb48597b78f03a7a855f30cbe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:22 GMT
last-modified: Mon, 16 Jan 2023 07:52:09 GMT
server: nginx
etag: "1d9297f6f598c19"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 136857
expires: Wed, 21 Feb 2024 10:33:22 GMT

GET
H2 200 Corendon.woff2
www.corendonairlines.com/dist/fonts/ 24 KB
25 KB 69ms
67ms Font
font/woff2 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corendonairlines.com/dist/fonts/Corendon.woff2
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8a0fd511e8fab024861b69e138b8397bc4c4f2b608905dab1c91acaace782bed

Request headers

Referer: https://www.corendonairlines.com/nl
Origin: https://www.corendonairlines.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:22 GMT
last-modified: Mon, 20 Feb 2023 17:01:46 GMT
server: nginx
etag: "1d9454d03a3d878"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 24952

GET
H2 200 inter-bold.woff2
www.corendonairlines.com/dist/fonts/ 26 KB
26 KB 94ms
92ms Font
font/woff2 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corendonairlines.com/dist/fonts/inter-bold.woff2
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3bc4af6e79c64f665cbb03801390877e00318fc78e03300440065911ee4a90eb

Request headers

Referer: https://www.corendonairlines.com/nl
Origin: https://www.corendonairlines.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:22 GMT
last-modified: Mon, 20 Feb 2023 17:01:46 GMT
server: nginx
etag: "1d9454d03a3df64"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 26212

GET
H2 200 inter-bolditalic.woff2
www.corendonairlines.com/dist/fonts/ 27 KB
27 KB 120ms
119ms Font
font/woff2 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corendonairlines.com/dist/fonts/inter-bolditalic.woff2
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6c042bb21c1496851a9db2d218f609af244afec5ffe8fb5ba44a8407a076a1fd

Request headers

Referer: https://www.corendonairlines.com/nl
Origin: https://www.corendonairlines.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:22 GMT
last-modified: Mon, 20 Feb 2023 17:01:46 GMT
server: nginx
etag: "1d9454d03a3d31c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 27164

GET
H2 200 inter-italic.woff2
www.corendonairlines.com/dist/fonts/ 26 KB
26 KB 143ms
142ms Font
font/woff2 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corendonairlines.com/dist/fonts/inter-italic.woff2
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9bd9277cd0ef79f38fbfc00b6055131c512843255bc67562112750539cd7b540

Request headers

Referer: https://www.corendonairlines.com/nl
Origin: https://www.corendonairlines.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:22 GMT
last-modified: Mon, 20 Feb 2023 17:01:46 GMT
server: nginx
etag: "1d9454d03a3d008"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 26888

GET
H2 200 inter-medium.woff2
www.corendonairlines.com/dist/fonts/ 26 KB
26 KB 168ms
167ms Font
font/woff2 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corendonairlines.com/dist/fonts/inter-medium.woff2
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: bd1bf3f654092499a05f7e379268791e5bc37a0487fa2d1ed2f636328d9bc99e

Request headers

Referer: https://www.corendonairlines.com/nl
Origin: https://www.corendonairlines.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:22 GMT
last-modified: Mon, 20 Feb 2023 17:01:46 GMT
server: nginx
etag: "1d9454d03a3df18"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 26136

GET
H2 200 inter-mediumitalic.woff2
www.corendonairlines.com/dist/fonts/ 27 KB
27 KB 193ms
192ms Font
font/woff2 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corendonairlines.com/dist/fonts/inter-mediumitalic.woff2
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 80cd01b57ca291527ed58bd68dc25a9f2e477b0a7d1f067cb648e4699e8d02ba

Request headers

Referer: https://www.corendonairlines.com/nl
Origin: https://www.corendonairlines.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:22 GMT
last-modified: Mon, 20 Feb 2023 17:01:46 GMT
server: nginx
etag: "1d9454d03a3d3fc"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 27388

GET
H2 200 inter-regular.woff2
www.corendonairlines.com/dist/fonts/ 25 KB
25 KB 217ms
216ms Font
font/woff2 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corendonairlines.com/dist/fonts/inter-regular.woff2
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 36d5b4b5bc9dd897b155eaaac55eaa6928149929d192bc8c34bb81009628c401

Request headers

Referer: https://www.corendonairlines.com/nl
Origin: https://www.corendonairlines.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:22 GMT
last-modified: Mon, 20 Feb 2023 17:01:46 GMT
server: nginx
etag: "1d9454d03a3dbf8"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 25336

GET
H2 200 inter-semibold.woff2
www.corendonairlines.com/dist/fonts/ 26 KB
26 KB 242ms
241ms Font
font/woff2 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corendonairlines.com/dist/fonts/inter-semibold.woff2
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: a1eb139a044ef439c308678605a2ad8116d0ca47021ec06a2fd658625737595e

Request headers

Referer: https://www.corendonairlines.com/nl
Origin: https://www.corendonairlines.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:22 GMT
last-modified: Mon, 20 Feb 2023 17:01:46 GMT
server: nginx
etag: "1d9454d03a3dfec"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 26348

GET
H2 200 inter-semibolditalic.woff2
www.corendonairlines.com/dist/fonts/ 27 KB
27 KB 268ms
267ms Font
font/woff2 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corendonairlines.com/dist/fonts/inter-semibolditalic.woff2
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: e9b3692b629b97eb3a9a3d92937e9478a46b9bdd04f6310732b271e6bfc3c0af

Request headers

Referer: https://www.corendonairlines.com/nl
Origin: https://www.corendonairlines.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:22 GMT
last-modified: Mon, 20 Feb 2023 17:01:46 GMT
server: nginx
etag: "1d9454d03a3d358"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 27224

GET
H2 200 style.bundle.css
www.corendonairlines.com/dist/ 902 KB
83 KB 2308ms
2307ms Stylesheet
text/css 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corendonairlines.com/dist/style.bundle.css?v=jaLL9BixI7hkmF7RWfMlENwxhrSSDx8Aahny0WrpPOU
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8da2cbf418b123b864985ed159f32510dc3186b4920f1f006a19f2d16ae93ce5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:24 GMT
content-encoding: br
last-modified: Mon, 20 Feb 2023 17:01:46 GMT
server: nginx
etag: "1d9454d03ada12b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 10:33:24 GMT

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 102 KB
32 KB 102ms
26ms Script
application/javascript 2a02:26f0:3500:18::1724:a29a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fb9bd6726832b7f99cd12460df5ba2fbe2293655b76423a99510a6c7528a524c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Tue, 21 Feb 2023 10:34:31 GMT
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 10:39:43 GMT
etag: "f51f6bffcd33d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=189
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 32026
expires: Tue, 21 Feb 2023 10:37:40 GMT

GET
H2 200 ins.js Show response
corendonairlines.api.useinsider.com/ 866 KB
133 KB 97ms
39ms Script
application/javascript 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://corendonairlines.api.useinsider.com/ins.js?id=10003480

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb21e9f11316b26ed1ac54575fcdcd0c28445a5ac594cebcbcee4469721c8ab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NfT936d3QwnBGb7HffdhgJbKcmrdlLzc
cf-cache-status: HIT
x-amz-request-id: YABW85WQ20FQBGCB
age: 2134
content-encoding: br
x-amz-id-2: yhIjHR2ZAIoC+8wvxRjxtiC48NVHiQ7SoE/lT/N2vKv38iGLAWEGiO75vEn70lusUeI78wGv9J0=
x-xss-protection: 1
pragma: public
last-modified: Tue, 21 Feb 2023 01:41:08 GMT
server: cloudflare
etag: W/"7219739142bf3bbe75b37d1b613c5ccf"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 79ced47c480890d7-FRA
expires: Tue, 21 Feb 2023 10:39:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 373 KB
99 KB 200ms
108ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9LKJFD

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71cf8dedaf8f2a0ba48fb118c160f8e07d464995511e7200d62f325350ff344b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101611
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 10:34:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 108 KB
42 KB 155ms
63ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KM4CZZ7

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08207e878ca07f8098d59165a078251bda88519982aa8fee8b5d4015d10e1a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42124
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 10:34:31 GMT

GET
H2 200 UB-1168529.JPG
www.corendonairlines.com/Images// 134 KB
134 KB 272ms
271ms Image
image/jpeg 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.corendonairlines.com/Images//UB-1168529.JPG
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3fa18b313314502692cd6dc2d5cfd0589b50274cb48597b78f03a7a855f30cbe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:22 GMT
last-modified: Mon, 16 Jan 2023 07:52:09 GMT
server: nginx
etag: "1d9297f6f598c19"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 136857
expires: Wed, 21 Feb 2024 10:33:22 GMT

GET
H2 200 thumbnail.png
www.corendonairlines.com/images/ 155 B
342 B 124ms
124ms Image
image/png 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.corendonairlines.com/images/thumbnail.png
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 307d6a6a7ba68570d04f4aac6ff47a82ac484a5927b8fbd553b7ddd28c3e2438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:22 GMT
last-modified: Mon, 20 Feb 2023 17:01:46 GMT
server: nginx
etag: "1d9454d03a3b99b"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 155
expires: Wed, 21 Feb 2024 10:33:22 GMT

GET
H2 200 UB-116104119.JPG
www.corendonairlines.com/Images// 103 KB
103 KB 302ms
302ms Image
image/jpeg 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.corendonairlines.com/Images//UB-116104119.JPG
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 862a8e7f45edd5dc0b7bb3d5f536ddc849492185f1d4a8ed6caa3d065f1f7c69

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:22 GMT
last-modified: Mon, 16 Jan 2023 09:41:19 GMT
server: nginx
etag: "1d9298eaf77d31a"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 105114
expires: Wed, 21 Feb 2024 10:33:22 GMT

GET
H2 200 app.bundle.js Show response
www.corendonairlines.com/dist/ 568 KB
133 KB 1693ms
1693ms Script
application/javascript 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corendonairlines.com/dist/app.bundle.js?v=EXJDcOXGtMO0q697RIOl8AK0Wh09P6yvsa-WyK4mPuc
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 11724370e5c6b4c3b4abaf7b4483a5f002b45a1d3d3facafb1af96c8ae263ee7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:24 GMT
content-encoding: br
last-modified: Mon, 20 Feb 2023 17:01:46 GMT
server: nginx
etag: "1d9454d03ab6720"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 10:33:24 GMT

GET
H2 200 bc-v4.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame 7CA8 627 B
813 B 110ms
33ms Document
text/html 2a02:26f0:f700:3a4::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:3a4::f09 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer: https://www.corendonairlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=29668050
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 10:34:31 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Tue, 30 Jan 2024 19:42:01 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="465826_34744721_1913850588_31_1146_29_0";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 cc.js Show response
consent.cookiebot.com/123d0695-de34-4858-b30e-74e681b8aab7/ 274 KB
58 KB 62ms
62ms Script
application/x-javascript 2a02:26f0:3500:18::1724:a29a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/123d0695-de34-4858-b30e-74e681b8aab7/cc.js?renew=false&referer=www.corendonairlines.com&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5a2db673171d5ba25af9f57bef7ba5aad8924fed2604a4af804399edb55bac3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:31 GMT
content-encoding: gzip
last-modified: Tue, 21 Feb 2023 10:34:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
cross-origin-resource-policy: cross-origin
content-length: 59223
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 111 KB
44 KB 206ms
28ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-5K876XD

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9LKJFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27c5e24d5a639c05abfcca495030abd34f289e247a372e61990c699d908b235f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44508
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 10:34:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 213ms
30ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9LKJFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Feb 2023 10:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1182
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 21 Feb 2023 12:14:50 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 222ms
42ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9LKJFD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 21 Feb 2023 10:34:31 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B8362E19BE1E436BAE69F2AE91937812 Ref B: DUS30EDGE0409 Ref C: 2023-02-21T10:34:32Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/701447899/ 2 KB
1 KB 272ms
97ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/701447899/?random=1676975671955&cv=11&fst=1676975671955&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.corendonairlines.com%2Fnl&tiba=Corendon%20Airlines%20%E2%80%93%20Vliegtickets%20%E2%80%93%20Your%20Holiday%20Airline&us_privacy=1---&auid=666214845.1676975672&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9LKJFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ccc691f6c8c3b95f96f0be9c85ea717ac9d04a52bbafa661010a15ca139045f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 890
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CLHW8Zm1pv0CFRDLsgodnyYG2A;src=9774452;type=invmedia;cat=remar0;ord=2571934277564;gtm=45He32f0;auiddc=666214845.1676975672;~oref=https%3A%2F%2Fwww.corendonairlines.com%2Fnl Show response
9774452.fls.doubleclick.net/ Frame 6E53
Redirect Chain

https://9774452.fls.doubleclick.net/activityi;src=9774452;type=invmedia;cat=remar0;ord=2571934277564;gtm=45He32f0;auiddc=666214845.1676975672;~oref=https%3A%2F%2Fwww.corendonairlines.com%2Fnl?
https://9774452.fls.doubleclick.net/activityi;dc_pre=CLHW8Zm1pv0CFRDLsgodnyYG2A;src=9774452;type=invmedia;cat=remar0;ord=2571934277564;gtm=45He32f0;auiddc=666214845.1676975672;~oref=https%3A%2F%2Fw...

494 B
444 B

62ms
61ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9774452.fls.doubleclick.net/activityi;dc_pre=CLHW8Zm1pv0CFRDLsgodnyYG2A;src=9774452;type=invmedia;cat=remar0;ord=2571934277564;gtm=45He32f0;auiddc=666214845.1676975672;~oref=https%3A%2F%2Fwww.corendonairlines.com%2Fnl?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9LKJFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

25f349ba64ba7871dce41115a2deaedf5c973ad51c4e783de3edfb60e71a8cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.corendonairlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 268
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 10:34:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 10:34:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9774452.fls.doubleclick.net/activityi;dc_pre=CLHW8Zm1pv0CFRDLsgodnyYG2A;src=9774452;type=invmedia;cat=remar0;ord=2571934277564;gtm=45He32f0;auiddc=666214845.1676975672;~oref=https%3A%2F%2Fwww.corendonairlines.com%2Fnl?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hotjar-2635636.js Show response
static.hotjar.com/c/ 9 KB
4 KB 181ms
20ms Script
application/javascript 52.222.214.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2635636.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9LKJFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-93.fra56.r.cloudfront.net

Software

Resource Hash

4c6093400fe7141f278fdd8bc9afb65f4d25700dbd6a6e5c6b2c58b1e6bde72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 15
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/1e8dec7de9b60d8c07f851458882c8a2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: DK-NxGPs2GhsHN7OAxHcOWG7YwKdCdaI_0oW8PcoAc5163H7r23XtQ==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 191ms
31ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9LKJFD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100147-IAD, cache-vie6377-VIE

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1463744/ 58 KB
18 KB 172ms
15ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1463744/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9LKJFD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b3ab3e00c4423b2baeabacceb816616f3c1abda9e19424b0143da0dd9482bc9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: RgWJPuA6Dcs1nededyZHWIlmtl_L_61p
content-encoding: gzip
via: 1.1 varnish
date: Tue, 21 Feb 2023 10:34:32 GMT
x-amz-request-id: 43WVDPZRF3RVQKV7
age: 68
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 18390
x-amz-id-2: QyUKAEaZv68/83Z6bQlzJ3HJGcfHVvoJypeFk0/xo+Zluv0vnojHrCIgBujRcqAfNKRBmUJrq28=
x-served-by: cache-ams21027-AMS
last-modified: Sun, 19 Feb 2023 11:15:55 GMT
server: AmazonS3
x-timer: S1676975672.139597,VS0,VE1
etag: "173926212f5b57359f46c64605ce7f48"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 49
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 187ms
32ms Script
application/x-javascript 2a03:2880:f042:110:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f042:110:face:b00c:0:3 Marseille, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 21 Feb 2023 10:34:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: oLufX1n9m2QU9mj1IXYOF1Lye1ybTbtUsT78CJYvLBSWGFyDRPpkxnOGORIPM6NWo4YqvT4VMLnFrT8dxXUhBw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 512678718
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 43 KB
15 KB 168ms
22ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=94688

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9LKJFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

914c470b486e4b8c78749724b009d406d2d0dbefc4fa83af287971022bced896

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 43 KB
15 KB 20ms
20ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=101715

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9LKJFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6bfeb7ca159e66e9974db903db179108a9a09c6f39192825384846d83a718c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 301ms
151ms Script
application/javascript 2.23.97.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEMJLBBC77U8PGM01TAG&lib=ttq
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.97 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-97.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0916396ecfc083c63731993922392653b02ac44c379ef48552ab9e16a3377056

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-akamai-request-id: 5f4320bf
date: Tue, 21 Feb 2023 10:34:32 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-93.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=113
content-length: 1154
pragma: no-cache
server: nginx
x-tt-logid: 20230221103432D335AB84028287EC20A3
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 113,2.23.97.93
x-tt-trace-host: 01c8dc43a95bd8695202606397deadbbfdbb28d9dee56b23cf0923ea00b2533f10dd72d43971a0733ca3753cbf9a5430edb884fa80cda4b48711225719c8c309c853d22baba87e4d0ee46fb284d505df5d873b1e6ba8eec94f7614145feee29a79
expires: Tue, 21 Feb 2023 10:34:32 GMT

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 75 KB
75 KB 186ms
47ms Script
application/javascript 2.18.79.135
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073749075
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.135 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-135.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e7473c9f2a9669a45104b31ad19fc9c8570a8c0b710112402275fd686fda81c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:32 GMT
last-modified: Sun, 18 Dec 2022 11:30:40 GMT
server: AmazonS3
x-amz-request-id: 8D3CH7SDW7180ESV
x-amz-cf-pop: EWR52-C1
etag: "f1a4e674158b6b0ef75f5ba312c64b88"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 76452
x-amz-id-2: IJNHFrG7Pn0xxTOOMJNT6is3Dbj5p8whPYdJhdkTD7QwovQrVhsi83ntwJjvms14VDl5sk4uEPE=
x-amz-cf-id: lrEJvxTqCmI0PX0HPxWWBKg7wk01Cj-cb_aQOjfMXrMgmWIY5KL9ug==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
77 KB 69ms
68ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SCBF3B0ZGD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9LKJFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41396f78fe6932c8b9d829e2ba33bc201a6e813934c55d2d5fb1e18c24c6a9f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78230
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 Feb 2023 10:34:32 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
260 B 58ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-SCBF3B0ZGD&gtm=45je32f0&_p=589791448&_gaz=1&cid=1497147677.1676975672&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dr=&sid=1676975671945.cpzfm3e&sct=1&seg=0&dl=https%3A%2F%2Fwww.corendonairlines.com%2Fnl&dt=Corendon%20Airlines%20%E2%80%93%20Vliegtickets%20%E2%80%93%20Your%20Holiday%20Airline&uid=DLV%20-%20cd_userId&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SCBF3B0ZGD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.corendonairlines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 67ms
23ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SCBF3B0ZGD&cid=1497147677.1676975672&gtm=45je32f0&aip=1&uid=DLV%20-%20cd_userId
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SCBF3B0ZGD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.corendonairlines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 176ms
70ms Image
image/gif 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SCBF3B0ZGD&cid=1497147677.1676975672&gtm=45je32f0&aip=1&uid=DLV%20-%20cd_userId&z=1321789033

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 973 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 24ms
21ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-SCBF3B0ZGD&gtm=45je32f0&_p=589791448&_gaz=1&gdid=dMWZhNz&cid=1497147677.1676975672&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&dr=&sid=1676975672&sct=1&seg=0&dl=https%3A%2F%2Fwww.corendonairlines.com%2Fnl&dt=Corendon%20Airlines%20%E2%80%93%20Vliegtickets%20%E2%80%93%20Your%20Holiday%20Airline&uid=DLV%20-%20cd_userId&en=scroll&_fv=1&_ss=1&ep.debug_mode=true&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SCBF3B0ZGD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.corendonairlines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 24ms
22ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SCBF3B0ZGD&cid=1497147677.1676975672&gtm=45je32f0&aip=1&uid=DLV%20-%20cd_userId
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SCBF3B0ZGD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.corendonairlines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 167ms
75ms Image
image/gif 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SCBF3B0ZGD&cid=1497147677.1676975672&gtm=45je32f0&aip=1&uid=DLV%20-%20cd_userId&z=1787737102

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1463744/trc/3/ 2 KB
2 KB 36ms
22ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1463744/trc/3/json?tim=1676975672161&data=%7B%22id%22%3A861%2C%22ii%22%3A%22%2Fnl%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1676975672155%2C%22cv%22%3A%2220230219-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.corendonairlines.com%2Fnl%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Danalyticahouse-corendonairlines-sc-tr%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1676975672160%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.corendonairlines.com%2Fnl%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1463744/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8620d3e2ffdc339916488a8af82c79f90cc742f6d002a3831a5628780f87fc9c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Tue, 21 Feb 2023 10:34:32 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-ams21027-AMS
server: nginx
x-timer: S1676975672.195303,VS0,VE8
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 modules.20af14ada7e7ea89b431.js Show response
script.hotjar.com/ 263 KB
68 KB 74ms
17ms Script
application/javascript 13.227.219.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.20af14ada7e7ea89b431.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2635636.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-3.ams54.r.cloudfront.net

Software

Resource Hash

f7ef83a76a4d82a068af0fa519808cc2a3e367b7f77b123313cd083ed8d0d1b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 16:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 1396f0307ab4835adf6e4163507d4c8a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 65366
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68670
last-modified: Mon, 20 Feb 2023 16:24:18 GMT
etag: "0d2a8a11b8cab2bda70c2e7afba0dcee"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: PJJOab04zzQTWx43RMk4hEVwbDu66whWmXSqpLGLLyt2RU2T5ws3pw==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8773 15 KB
6 KB 68ms
26ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.corendonairlines.com&origin=onetag&us_privacy=1---

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=94688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.corendonairlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 10:34:31 GMT
server: Kestrel
server-processing-duration-in-ticks: 1003838
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
214 B 44ms
42ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=589791448&t=pageview&_s=1&dl=https%3A%2F%2Fwww.corendonairlines.com%2Fnl&ul=en-us&de=UTF-8&dt=Corendon%20Airlines%20%E2%80%93%20Vliegtickets%20%E2%80%93%20Your%20Holiday%20Airline&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABQAAAACAEKg~&cid=1497147677.1676975672&tid=UA-29038011-1&_gid=249548296.1676975672&_slc=1&gtm=45He32f0n81W9LKJFD&cd27=1497147677.1676975672&cd28=1676975671948.f695a7ce&cd29=2023-02-21T10%3A34%3A31.948%2B00%3A00&z=563215084

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.corendonairlines.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.corendonairlines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
379 B 247ms
195ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=409e2bd3-4230-4152-9ad9-ca284f72229c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b8c46341-bedb-4e03-91f6-b2da93bfe14e&tw_document_href=https%3A%2F%2Fwww.corendonairlines.com%2Fnl&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8e8v&type=javascript&version=2.3.29

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time: 175
date: Tue, 21 Feb 2023 10:34:31 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: b6c095672b65130d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: b30227a586da828daa6fdd58de807dab7e1504b4b2466299178be8db7508e25a
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 240ms
193ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=409e2bd3-4230-4152-9ad9-ca284f72229c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b8c46341-bedb-4e03-91f6-b2da93bfe14e&tw_document_href=https%3A%2F%2Fwww.corendonairlines.com%2Fnl&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8e8v&type=javascript&version=2.3.29

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time: 174
date: Tue, 21 Feb 2023 10:34:32 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5d02e562dfa451b8
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 3e6eca6cb8a45c9d7dc7474db39d4ddac50a64b77b88e54db8e01fc1894014e5
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
204 B 245ms
200ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=5412a612-b2f0-4838-8df8-5bcff7c22883&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b8c46341-bedb-4e03-91f6-b2da93bfe14e&tw_document_href=https%3A%2F%2Fwww.corendonairlines.com%2Fnl&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8e8v&type=javascript&version=2.3.29

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time: 181
date: Tue, 21 Feb 2023 10:34:31 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 59272dc793c8dc52
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: b30227a586da828daa6fdd58de807dab7e1504b4b2466299178be8db7508e25a
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
216 B 225ms
198ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=5412a612-b2f0-4838-8df8-5bcff7c22883&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b8c46341-bedb-4e03-91f6-b2da93bfe14e&tw_document_href=https%3A%2F%2Fwww.corendonairlines.com%2Fnl&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8e8v&type=javascript&version=2.3.29

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time: 178
date: Tue, 21 Feb 2023 10:34:32 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 8748e15e05e64cb3
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 3e6eca6cb8a45c9d7dc7474db39d4ddac50a64b77b88e54db8e01fc1894014e5
content-length: 43

GET
H2 200 282460029033284 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 97ms
96ms Script
application/x-javascript 2a03:2880:f042:110:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/282460029033284?v=2.9.96&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f042:110:face:b00c:0:3 Marseille, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9211279e13f681b0152d2de61e98abe01c5fff83467b8c44babe597a01a6dfda

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 21 Feb 2023 10:34:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Hbka2pAx/D0BWioisgWbUdA9sWk47NETKiXu3hgLSBhjQaIulWR1SbTHNsCnO4MkdS6RRrr2oNRL44jMR6kMpw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 512678718
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 17540484.js Show response
bat.bing.com/p/action/ 0
136 B 126ms
125ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17540484.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 21 Feb 2023 10:34:31 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E3FA8AE620F14824904239A684F194EB Ref B: DUS30EDGE0409 Ref C: 2023-02-21T10:34:32Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 200 /
www.google.com/pagead/1p-user-list/701447899/ 42 B
455 B 85ms
33ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/701447899/?random=1676975671955&cv=11&fst=1676973600000&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.corendonairlines.com%2Fnl&tiba=Corendon%20Airlines%20%E2%80%93%20Vliegtickets%20%E2%80%93%20Your%20Holiday%20Airline&fmt=3&is_vtc=1&random=3483793046&rmt_tld=0&ipr=y

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/701447899/ 42 B
154 B 69ms
68ms Image
image/gif 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/701447899/?random=1676975671955&cv=11&fst=1676973600000&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.corendonairlines.com%2Fnl&tiba=Corendon%20Airlines%20%E2%80%93%20Vliegtickets%20%E2%80%93%20Your%20Holiday%20Airline&fmt=3&is_vtc=1&random=3483793046&rmt_tld=1&ipr=y

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CLHW8Zm1pv0CFRDLsgodnyYG2A;src=9774452;type=invmedia;cat=remar0;ord=2571934277564;gtm=45He32f0;auiddc=666214845.1676975672;~oref=https%3A%2F%2Fwww.corendonairlines.com%2Fnl Show response
adservice.google.com/ddm/fls/i/ Frame 1727 493 B
644 B 162ms
70ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLHW8Zm1pv0CFRDLsgodnyYG2A;src=9774452;type=invmedia;cat=remar0;ord=2571934277564;gtm=45He32f0;auiddc=666214845.1676975672;~oref=https%3A%2F%2Fwww.corendonairlines.com%2Fnl

Requested by

Host: 9774452.fls.doubleclick.net
URL: https://9774452.fls.doubleclick.net/activityi;dc_pre=CLHW8Zm1pv0CFRDLsgodnyYG2A;src=9774452;type=invmedia;cat=remar0;ord=2571934277564;gtm=45He32f0;auiddc=666214845.1676975672;~oref=https%3A%2F%2Fwww.corendonairlines.com%2Fnl?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb43809a48cb40c0ac72f31aa1f48f08651b82739377ec5432400fb4f8b477ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9774452.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 10:34:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8773
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=corendonairlines.com&sn=ChromeSyncframe&so=0&topUrl=www.corendonairlines.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=7s7cT3xYODJTU1hjbFEvVXFubC9oZmtNZkFWTldQRGJlbStUUnl4RUFEQjRucGUyS2FJZ0laaVdDcTFITjd4cXNBdk55Q2dpOFM1bFFvazdLRVVlZE1nRkNlbUZoM1ZnUTcvRW54UjF2clhmS2pVell2MzNSWjBjQ1pTbD...

465 B
677 B

121ms
17ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=7s7cT3xYODJTU1hjbFEvVXFubC9oZmtNZkFWTldQRGJlbStUUnl4RUFEQjRucGUyS2FJZ0laaVdDcTFITjd4cXNBdk55Q2dpOFM1bFFvazdLRVVlZE1nRkNlbUZoM1ZnUTcvRW54UjF2clhmS2pVell2MzNSWjBjQ1pTbDZGOXUwcXQvOW1mdzVZUFR6UDhoTUxxV2lRbGk1V1l3cXRuQlNwY2lEbHNRMlNIdDU2TFdKODM4dlFQVkNzeGFmbE5OcHoxcDhBaHpQZXJmbEE1dU52VHFXMkRpYjhreTlNaUhpMUIybXV2TnhycFIrOHdJVnpHV3NDV0VDOGZKZWE5ZUNEVjhsbEp4c0FjYTFuUHFucXZKMkQ1UXIrN2RZWXZUeWNNTFJrTVR4elJQYmh1TT18&cppv=2

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cae8199c760a21c2b832d6b3eca75665d2bf2b76088db3c46bfe24368abed460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:32 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2952210
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=7s7cT3xYODJTU1hjbFEvVXFubC9oZmtNZkFWTldQRGJlbStUUnl4RUFEQjRucGUyS2FJZ0laaVdDcTFITjd4cXNBdk55Q2dpOFM1bFFvazdLRVVlZE1nRkNlbUZoM1ZnUTcvRW54UjF2clhmS2pVell2MzNSWjBjQ1pTbDZGOXUwcXQvOW1mdzVZUFR6UDhoTUxxV2lRbGk1V1l3cXRuQlNwY2lEbHNRMlNIdDU2TFdKODM4dlFQVkNzeGFmbE5OcHoxcDhBaHpQZXJmbEE1dU52VHFXMkRpYjhreTlNaUhpMUIybXV2TnhycFIrOHdJVnpHV3NDV0VDOGZKZWE5ZUNEVjhsbEp4c0FjYTFuUHFucXZKMkQ1UXIrN2RZWXZUeWNNTFJrTVR4elJQYmh1TT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 714868
content-length: 0
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 66ms
22ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=282460029033284&ev=PageView&dl=https%3A%2F%2Fwww.corendonairlines.com%2Fnl&rl=&if=false&ts=1676975672404&sw=1600&sh=1200&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676975672403.1273520448&it=1676975672228&coo=false&rqm=GET

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 21 Feb 2023 10:34:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 67ms
23ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=282460029033284&ev=SourceMedium&dl=https%3A%2F%2Fwww.corendonairlines.com%2Fnl&rl=&if=false&ts=1676975672407&cd[source_medium]=Direct%20Traffic&sw=1600&sh=1200&v=2.9.96&r=stable&ec=1&o=30&fbp=fb.1.1676975672403.1273520448&it=1676975672228&coo=false&rqm=GET

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 21 Feb 2023 10:34:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 dc_pre=CLHW8Zm1pv0CFRDLsgodnyYG2A;src=9774452;type=invmedia;cat=remar0;ord=2571934277564;gtm=45He32f0;auiddc=666214845.1676975672;~oref=https%3A%2F%2Fwww.corendonairlines.com%2Fnl Show response
adservice.google.nl/ddm/fls/i/ Frame 8546 194 B
515 B 180ms
70ms Document
text/html 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/ddm/fls/i/dc_pre=CLHW8Zm1pv0CFRDLsgodnyYG2A;src=9774452;type=invmedia;cat=remar0;ord=2571934277564;gtm=45He32f0;auiddc=666214845.1676975672;~oref=https%3A%2F%2Fwww.corendonairlines.com%2Fnl

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLHW8Zm1pv0CFRDLsgodnyYG2A;src=9774452;type=invmedia;cat=remar0;ord=2571934277564;gtm=45He32f0;auiddc=666214845.1676975672;~oref=https%3A%2F%2Fwww.corendonairlines.com%2Fnl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 10:34:32 GMT
expires: Tue, 21 Feb 2023 10:34:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main.MTUwODYwN2I3MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 252 KB
67 KB 35ms
34ms Script
application/javascript 2.23.97.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTUwODYwN2I3MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEMJLBBC77U8PGM01TAG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.97 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-97.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 19f144b44d3778408985644b62b52c3f33eb31b728ba16600cb62bf80dbdff2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-akamai-request-id: 5f4321b9
date: Tue, 21 Feb 2023 10:34:32 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230214141044303DBCC0BFA19B35B445
vary: Accept-Encoding
x-cache: TCP_HIT from a2-23-97-93.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01d30c91a4b292e348be464c933b619bd359c5261ba1f7658a5322cdf76cf803724630ee301587f4c8b4008ffdebc6552af50a35d8a8378857e968031c01046f8f23d6da467fdde3ff54733c46420a758bf47b2c3772a8d386ebc0db0b72072fd6
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 68324

GET
H2 200 identify_b415b.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 34ms
33ms Script
application/javascript 2.23.97.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_b415b.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTUwODYwN2I3MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.97 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-97.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-akamai-request-id: 5f432253
date: Tue, 21 Feb 2023 10:34:32 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230214141040117D56ECAC95964A6D3D
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-23-97-93.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 011557f8ab42bedf06d1720c6382a39b4982aad2a519eb1384c77c669130a434adf7dc32869f9cb812fe6964b2698c1f2dd476d030252d96ddc8d70bea86b0e15c93c70e4c6295dccc4b090611e941a1351dee3201d9a4948ddb8223bb8ea95069
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30838

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
692 B 335ms
335ms Ping
text/plain 2.23.97.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTUwODYwN2I3MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.97 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-97.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.corendonairlines.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 581222ad.5f4322af
date: Tue, 21 Feb 2023 10:34:32 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-93.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 297,2.23.97.93
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=199, inner; dur=198
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202302211034324F4C612755A5D45B0E06
x-cache-remote: TCP_MISS from a23-220-106-6.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 201,23.220.106.6
x-tt-trace-host: 01c8dc43a95bd8695202606397deadbbfdb3c14fde1146ef6a922cb7aba35d096735a42b899b279f354899d7fa9bd8eb0d69899dcadf69206cffe152f98c866ff33e97855b7652329c1eff60451daba0025da4f4b56bc33cd9505bef142a11f0a14db100004001583696334c45857a3036
expires: Tue, 21 Feb 2023 10:34:32 GMT

GET
H2 200 1073749075 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/ 134 B
426 B 123ms
31ms XHR
application/octet-stream 2.18.79.135
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/1073749075
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073749075
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.135 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-135.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 40e73aedc7be391eae4f30e8fc0c08200915e1120805c12c2066925be9be4d62

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: F4zSb2IQ3LN_YWLDMj0gAVUZ37aSh8E6
content-encoding: gzip
date: Tue, 21 Feb 2023 10:34:32 GMT
last-modified: Fri, 06 Jan 2023 17:03:33 GMT
server: AmazonS3
x-amz-cf-pop: ATL58-P4
etag: "88679b67af8e1dd49ca34d799bdc26cc"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=189
accept-ranges: bytes
x-amz-cf-id: l3w6NkrZpigPU_oGeRgpUnyEPuIVnQ2sJCBkanvTCQNDU3E1sMTaEQ==
content-length: 124

GET
H2 200 Serving Show response
bs.serving-sys.com/ 2 KB
1 KB 153ms
21ms Script
text/html 52.29.181.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=1073749075&dispType=js&sync=0&sessionid=3519769772426872716&pageurl=$$https%3A%2F%2Fwww.corendonairlines.com%2Fnl$$&activityValues=$$Session%3D4604905903620552308$$&ns=0&rnd=5237754852906631&uinadv=%7B%7D&ccpaconsent=1---&ccpastatus=0
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073749075
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.181.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-181-78.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cdb5513cf622f1ba0372f15295bc81ecfedbfac7234e824f126350e3b481f442

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:32 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 633
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 20ms
19ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=282460029033284&ev=Microdata&dl=https%3A%2F%2Fwww.corendonairlines.com%2Fnl&rl=&if=false&ts=1676975672907&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Corendon%20Airlines%20%E2%80%93%20Vliegtickets%20%E2%80%93%20Your%20Holiday%20Airline%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22Corendon%20Airlines%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.corendonairlines.com%2Fnl%22%2C%22og%3Atitle%22%3A%22Corendon%20Airlines%20%E2%80%93%20Vliegtickets%20%E2%80%93%20Your%20Holiday%20Airline%22%2C%22og%3Adescription%22%3A%22Klaar%20om%20het%20luchtruim%20te%20kiezen%20met%20de%20scherp%20geprijsde%20tickets%20van%20Corendon%20Airlines%3F%20Geniet%20nu%20van%20speciale%20aanbiedingen%20en%20exclusieve%20kortingen%20bij%20Corendon%20Airlines!%20%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.corendonairlines.com%2Fimages%2Femail%2Fcai-logo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.96&r=stable&ec=2&o=30&fbp=fb.1.1676975672403.1273520448&it=1676975672228&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 21 Feb 2023 10:34:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

iui3
aax-eu.amazon-adsystem.com/s/ Frame C724
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iui3?d=forester-did&ex-fargs=%3Fid%3D9f912d05-d49e-5954-da70-22da34aaaf59%26type%3D55%26m%3D4&ex-fch=416613&ex-src=https://www.corendonairlines.com/&ex-hargs=v%...
https://aax-eu.amazon-adsystem.com/s/iui3?d=forester-did&ex-fargs=%3Fid%3D9f912d05-d49e-5954-da70-22da34aaaf59%26type%3D55%26m%3D4&ex-fch=416613&ex-src=https://www.corendonairlines.com/&ex-hargs=v%...

43 B
855 B

188ms
188ms

Image
image/gif

67.220.226.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/iui3?d=forester-did&ex-fargs=%3Fid%3D9f912d05-d49e-5954-da70-22da34aaaf59%26type%3D55%26m%3D4&ex-fch=416613&ex-src=https://www.corendonairlines.com/&ex-hargs=v%3D1.0%3Bc%3D592194631520236171%3Bp%3D9F912D05-D49E-5954-DA70-22DA34AAAF59&dcc=t

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

HTTP/1.1

Server

67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Feb 2023 10:34:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: C7V8PJVQGCPFGVQMD37C
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 21 Feb 2023 10:34:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SE5KV8TXC0NR73GYVZ5K
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iui3?d=forester-did&ex-fargs=%3Fid%3D9f912d05-d49e-5954-da70-22da34aaaf59%26type%3D55%26m%3D4&ex-fch=416613&ex-src=https://www.corendonairlines.com/&ex-hargs=v%3D1.0%3Bc%3D592194631520236171%3Bp%3D9F912D05-D49E-5954-DA70-22DA34AAAF59&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

iui3
aax-eu.amazon-adsystem.com/s/ Frame CB74
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iui3?d=forester-did&ex-fargs=%3Fid%3D9f912d05-d49e-5954-da70-22da34aaaf59%26type%3D55%26m%3D4&ex-fch=416613&ex-src=https://www.corendonairlines.com/&ex-hargs=v%...
https://aax-eu.amazon-adsystem.com/s/iui3?d=forester-did&ex-fargs=%3Fid%3D9f912d05-d49e-5954-da70-22da34aaaf59%26type%3D55%26m%3D4&ex-fch=416613&ex-src=https://www.corendonairlines.com/&ex-hargs=v%...

43 B
855 B

206ms
206ms

Image
image/gif

67.220.226.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

HTTP/1.1

Server

67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Feb 2023 10:34:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VVPZAR3MFQ0QNRCXZ6PQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 21 Feb 2023 10:34:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FJ57X9X6CEHSH3GKQXAF
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iui3?d=forester-did&ex-fargs=%3Fid%3D9f912d05-d49e-5954-da70-22da34aaaf59%26type%3D55%26m%3D4&ex-fch=416613&ex-src=https://www.corendonairlines.com/&ex-hargs=v%3D1.0%3Bc%3D592194631520236171%3Bp%3D9F912D05-D49E-5954-DA70-22DA34AAAF59&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1463744/log/3/ 0
253 B 387ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1463744/log/3/unip?en=pre_d_eng_tb&tos=1573&scd=0&ssd=1&est=1676975672158&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1676975673731&vi=1676975672155&ri=b7ab3ad8696093f7cb441da1f22f2c72&ref=null&cv=20230219-9-RELEASE&item-url=https%3A%2F%2Fwww.corendonairlines.com%2Fnl
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1463744/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: https://www.corendonairlines.com
pragma: no-cache
date: Tue, 21 Feb 2023 10:34:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2

200

tags Show response
creativecdn.com/ Frame CB6A
Redirect Chain

https://creativecdn.com/tags?id=pr_jqy07Fs1yxb1IjCgCYMm_home&id=pr_jqy07Fs1yxb1IjCgCYMm_custom_language_nl
https://creativecdn.com/tags?id=pr_jqy07Fs1yxb1IjCgCYMm_home&id=pr_jqy07Fs1yxb1IjCgCYMm_custom_language_nl&tc=1

364 B
651 B

21ms
21ms

Document
text/html

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/tags?id=pr_jqy07Fs1yxb1IjCgCYMm_home&id=pr_jqy07Fs1yxb1IjCgCYMm_custom_language_nl&tc=1
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: fea5cfd0adfd46d352496260b428bce7b04a6874b25c3f5682ade8dbcb6e52d1

Request headers

Referer: https://www.corendonairlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-encoding: gzip
content-length: 293
content-type: text/html;charset=utf-8
date: Tue, 21 Feb 2023 10:34:34 GMT Tue, 21 Feb 2023 10:34:34 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
vary: Origin, Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Tue, 21 Feb 2023 10:34:34 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://creativecdn.com/tags?id=pr_jqy07Fs1yxb1IjCgCYMm_home&id=pr_jqy07Fs1yxb1IjCgCYMm_custom_language_nl&tc=1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
vary: Origin

GET
H2

200

tags Show response
creativecdn.com/
Redirect Chain

https://creativecdn.com/tags?type=script&id=pr_jqy07Fs1yxb1IjCgCYMm&ncm=1
https://creativecdn.com/tags?type=script&id=pr_jqy07Fs1yxb1IjCgCYMm&ncm=1&tc=1

1 KB
963 B

14ms
14ms

Script
application/javascript

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/tags?type=script&id=pr_jqy07Fs1yxb1IjCgCYMm&ncm=1&tc=1
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: f065bde12a500e6068068c523895b96039b7f6db7ae221f7014ef578e6ecddcf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:34 GMT, Tue, 21 Feb 2023 10:34:34 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
access-control-max-age: 3600
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 591
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 21 Feb 2023 10:34:34 GMT
vary: Origin
access-control-max-age: 3600
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST
location: https://creativecdn.com/tags?type=script&id=pr_jqy07Fs1yxb1IjCgCYMm&ncm=1&tc=1
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sprite-img2-572cd3a3eb565919a4c05e0820e6b5c2.png
www.corendonairlines.com/dist/images/ 59 KB
59 KB 17ms
17ms Image
image/png 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.corendonairlines.com/dist/images/sprite-img2-572cd3a3eb565919a4c05e0820e6b5c2.png
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/dist/style.bundle.css?v=jaLL9BixI7hkmF7RWfMlENwxhrSSDx8Aahny0WrpPOU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 87bb6c29e57f25b7c8fecb09a4cb7771ca5cb3ad45116998b53b50e0669215a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/dist/style.bundle.css?v=jaLL9BixI7hkmF7RWfMlENwxhrSSDx8Aahny0WrpPOU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:25 GMT
last-modified: Mon, 20 Feb 2023 17:01:46 GMT
server: nginx
etag: "1d9454d03a353da"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 60122
expires: Wed, 21 Feb 2024 10:33:25 GMT

GET
H2 200 down-grad-400787ba1f9bad77212cfc5299689058.png
www.corendonairlines.com/dist/images/ 7 KB
8 KB 34ms
33ms Image
image/png 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.corendonairlines.com/dist/images/down-grad-400787ba1f9bad77212cfc5299689058.png
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/dist/style.bundle.css?v=jaLL9BixI7hkmF7RWfMlENwxhrSSDx8Aahny0WrpPOU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 473ed43174faf0f6cdd28ae24d3fd318fd1c179b1f82fb22cb831a63cae84bea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/dist/style.bundle.css?v=jaLL9BixI7hkmF7RWfMlENwxhrSSDx8Aahny0WrpPOU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:25 GMT
last-modified: Mon, 20 Feb 2023 17:01:46 GMT
server: nginx
etag: "1d9454d03a3a44e"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7502
expires: Wed, 21 Feb 2024 10:33:25 GMT

GET
H2 200 up-grad-1c750d8be19af84e8829f104e5cdc79b.png
www.corendonairlines.com/dist/images/ 7 KB
7 KB 58ms
58ms Image
image/png 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.corendonairlines.com/dist/images/up-grad-1c750d8be19af84e8829f104e5cdc79b.png
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/dist/style.bundle.css?v=jaLL9BixI7hkmF7RWfMlENwxhrSSDx8Aahny0WrpPOU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 057e51d6fa207193dc8eb5f7ec1118c8dc87d8bcb933680e5c8f8e5c4c9a099f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/dist/style.bundle.css?v=jaLL9BixI7hkmF7RWfMlENwxhrSSDx8Aahny0WrpPOU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:25 GMT
last-modified: Mon, 20 Feb 2023 17:01:46 GMT
server: nginx
etag: "1d9454d03a3a5ef"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7407
expires: Wed, 21 Feb 2024 10:33:25 GMT

GET
H2 204 0
bat.bing.com/action/ 0
287 B 42ms
41ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17540484&tm=gtm002&Ver=2&mid=0779a7b3-a36a-4f40-82b4-902840e2795c&sid=55103e90b1d311ed8550b127745988e0&vid=55104f70b1d311ed81c7cb6cf93de325&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Corendon%20Airlines%20%E2%80%93%20Vliegtickets%20%E2%80%93%20Your%20Holiday%20Airline&p=https%3A%2F%2Fwww.corendonairlines.com%2Fnl&r=&lt=3385&evt=pageLoad&sv=1&rn=960691

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 21 Feb 2023 10:34:33 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1BD407E594384B84AC550377A220FE6F Ref B: DUS30EDGE0409 Ref C: 2023-02-21T10:34:34Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b9fd86690946ba379f55.js Show response
www.corendonairlines.com/dist/ 23 KB
6 KB 77ms
75ms Script
application/javascript 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corendonairlines.com/dist/b9fd86690946ba379f55.js
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/dist/app.bundle.js?v=EXJDcOXGtMO0q697RIOl8AK0Wh09P6yvsa-WyK4mPuc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: c84f2e7dfa457c0a03f5acfe7e3bece9d2d47ffb3bd2ce98cdb6c756361509c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:25 GMT
content-encoding: br
last-modified: Mon, 20 Feb 2023 17:01:46 GMT
server: nginx
etag: "1d9454d03a3e58a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 10:33:25 GMT

GET
H2 200 65224d31d976c518020b.js Show response
www.corendonairlines.com/dist/ 33 KB
7 KB 122ms
121ms Script
application/javascript 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corendonairlines.com/dist/65224d31d976c518020b.js
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/dist/app.bundle.js?v=EXJDcOXGtMO0q697RIOl8AK0Wh09P6yvsa-WyK4mPuc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 26a545fef98a7ea255d26a1a3897b9561881feefb1643c947c6a15b3c07f224a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:25 GMT
content-encoding: br
last-modified: Mon, 20 Feb 2023 17:01:46 GMT
server: nginx
etag: "1d9454d03a33bed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 10:33:25 GMT

GET
H2 200 9f15e9f71113f0eceb02.js Show response
www.corendonairlines.com/dist/ 56 KB
11 KB 212ms
211ms Script
application/javascript 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corendonairlines.com/dist/9f15e9f71113f0eceb02.js
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/dist/app.bundle.js?v=EXJDcOXGtMO0q697RIOl8AK0Wh09P6yvsa-WyK4mPuc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 866a2f1026d99cb4ec3994d30b5b90d7d54233b7f1a788e56e26e9e6df7dff1a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:25 GMT
content-encoding: br
last-modified: Mon, 20 Feb 2023 17:01:46 GMT
server: nginx
etag: "1d9454d03a367c9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 10:33:25 GMT

GET
H2 200 676316c393eb05297495.js Show response
www.corendonairlines.com/dist/ 30 KB
9 KB 170ms
170ms Script
application/javascript 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corendonairlines.com/dist/676316c393eb05297495.js
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/dist/app.bundle.js?v=EXJDcOXGtMO0q697RIOl8AK0Wh09P6yvsa-WyK4mPuc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: bd3bb55e39b1a69eb6bf949889265a9389de05662b4ce943c3f933824cad2624

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:25 GMT
content-encoding: br
last-modified: Mon, 20 Feb 2023 17:01:46 GMT
server: nginx
etag: "1d9454d03a3c094"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 10:33:25 GMT

GET
H2 200 worker-new.html Show response
corendonairlines.api.useinsider.com/ Frame 3618 10 KB
3 KB 32ms
32ms Document
text/html 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://corendonairlines.api.useinsider.com/worker-new.html
Requested by: Host: corendonairlines.api.useinsider.com
URL: https://corendonairlines.api.useinsider.com/ins.js?id=10003480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d14eef971fe22bc95e984724c991e7a9c15aca71ee67a6f91703cabdbadf68

Request headers

Referer: https://www.corendonairlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
age: 2112
cache-control: public, max-age=1382400
cf-cache-status: HIT
cf-ray: 79ced48bda2490d7-FRA
content-encoding: br
content-type: text/html
date: Tue, 21 Feb 2023 10:34:34 GMT
expires: Thu, 09 Mar 2023 10:34:34 GMT
last-modified: Mon, 20 Feb 2023 04:00:24 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame CB6A 0
73 B 410ms
112ms Image
text/plain 67.202.105.23
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?us_privacy=USP&xi=52&xu=MKaxClZgspqVRCJ3nHX8
Requested by: Host: creativecdn.com
URL: https://creativecdn.com/tags?id=pr_jqy07Fs1yxb1IjCgCYMm_home&id=pr_jqy07Fs1yxb1IjCgCYMm_custom_language_nl&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-105.static.steadfastdns.net
Software: 33XP011 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creativecdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-33x-status: 2000208
date: Tue, 21 Feb 2023 10:34:34 GMT
server: 33XP011

GET
H2 200 box-e031119f9e9e307a08fa610f85dbfb52.html Show response
vars.hotjar.com/ Frame 862D 2 KB
1 KB 79ms
19ms Document
text/html 18.66.147.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2635636.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-116.fra60.r.cloudfront.net

Software

Resource Hash

f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.corendonairlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1545868
cache-control: max-age=31536000
content-encoding: br
content-length: 1034
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 13:10:06 GMT
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-cf-id: Gerrew9pGWUp5i0TVjfz53ySvvAducjAlLdLu6trKMIzHU9xDB_jlw==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 fledge-igmembership Show response
fledge-eu.creativecdn.com/ Frame E071 1 KB
889 B 50ms
14ms Document
text/html 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://fledge-eu.creativecdn.com/fledge-igmembership?ntk=S6qXsm4rsi5qR0ghsLGCUmy9GgNZV8n_VtS70sEzFzCAn-ufEVDbkYu3ynZdyECwyQXwVrjxybb5DS-OsOC52Q
Requested by: Host: creativecdn.com
URL: https://creativecdn.com/tags?id=pr_jqy07Fs1yxb1IjCgCYMm_home&id=pr_jqy07Fs1yxb1IjCgCYMm_custom_language_nl&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: 5b33f0ecb70ab74d96bd8b7a54752a95fde3c5dbf8dcbeb8888c7cf4187ed6dd

Request headers

Referer: https://creativecdn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
content-length: 441
content-type: text/html;charset=utf-8
date: Tue, 21 Feb 2023 10:34:34 GMT Tue, 21 Feb 2023 10:34:34 GMT
expires: Wed, 22 Feb 2023 10:34:34 GMT
origin-trial: Anlqio5K3Dr7Hn1oMh2faiLECLxb8MnD1hPnDOlNZXdzpbZV9L2LOKjgHGwWMDoiHq67q8SjUmjQZj10YLJwfgIAAABxeyJvcmlnaW4iOiJodHRwczovL2NyZWF0aXZlY2RuLmNvbTo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhwaXJ5IjoxNjgwNjUyNzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
vary: Accept-Encoding

GET
H2 200 tags Show response
creativecdn.com/ Frame ADD6 26 B
377 B 17ms
16ms Document
text/html 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/tags?type=iframe&id=pr_jqy07Fs1yxb1IjCgCYMm&ncm=1&tc=1
Requested by: Host: creativecdn.com
URL: https://creativecdn.com/tags?type=script&id=pr_jqy07Fs1yxb1IjCgCYMm&ncm=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Referer: https://www.corendonairlines.com/nl
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 26
content-type: text/html;charset=utf-8
date: Tue, 21 Feb 2023 10:34:34 GMT Tue, 21 Feb 2023 10:34:34 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
vary: Origin, Accept-Encoding

OPTIONS
H2 204 z
carrier.useinsider.com/y/v2/ Frame 0
0 114ms
65ms Preflight 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carrier.useinsider.com/y/v2/z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,partner
Access-Control-Request-Method: POST
Origin: https://www.corendonairlines.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: content-type,partner
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 79ced48c6c713635-FRA
date: Tue, 21 Feb 2023 10:34:34 GMT
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 z Show response
carrier.useinsider.com/y/v2/ 466 B
498 B 63ms
63ms XHR
application/json 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carrier.useinsider.com/y/v2/z
Requested by: Host: corendonairlines.api.useinsider.com
URL: https://corendonairlines.api.useinsider.com/ins.js?id=10003480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0c6f663d2b3de59d73dc2c2604df30c72c9a01944e0a8cbd3160957125abe58

Request headers

Referer: https://www.corendonairlines.com/
accept-language: nl-NL,nl;q=0.9
partner: corendonairlines
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cf-ray: 79ced48cdd693635-FRA

GET
H2 200 1676975674269691220c6d3.d41848cc Show response
segment.api.useinsider.com/v4/segments/ 927 B
776 B 127ms
71ms XHR
application/json 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://segment.api.useinsider.com/v4/segments/1676975674269691220c6d3.d41848cc?partnerid=10003480&fields=5c88e322f768c23c323703a7d0188305,00b2f556900ca82c23b165958ff75679,ecdf439b191aa54ccdc06cdd5a17229a&
Requested by: Host: corendonairlines.api.useinsider.com
URL: https://corendonairlines.api.useinsider.com/ins.js?id=10003480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7154380a61ab794fa1b5cd3d470e7869cf311ab9937068548b2f907634a481f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cf-ray: 79ced48c7ac53615-FRA

GET
H2 200 info.min.css
assets.api.useinsider.com/css/ 70 KB
6 KB 47ms
32ms Stylesheet
text/css 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.api.useinsider.com/css/info.min.css

Requested by

Host: corendonairlines.api.useinsider.com
URL: https://corendonairlines.api.useinsider.com/ins.js?id=10003480

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34692b432f55be19b52784ef9da14cd88c3bb8c6f9e4240e236ee74623d45464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86585
x-xss-protection: 1
pragma: public
last-modified: Mon, 20 Feb 2023 04:00:24 GMT
server: cloudflare
etag: W/"63f2f058-1196b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 79ced48c7b2890d7-FRA
expires: Fri, 24 Feb 2023 10:34:34 GMT

GET
H2 200 info.js Show response
eitri.api.useinsider.com/static/ 43 KB
13 KB 45ms
30ms Script
application/javascript 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eitri.api.useinsider.com/static/info.js
Requested by: Host: corendonairlines.api.useinsider.com
URL: https://corendonairlines.api.useinsider.com/ins.js?id=10003480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 660d61bcfc108439d367bcb498d2efd584ad4ae96d9bd3e717df3963b9c3a54b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
x-amz-version-id: PLeg_3n9iS9JjP5qEDtNlUN_v3fREgdd
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2023 10:18:51 GMT
server: cloudflare
x-amz-request-id: 75YQRRYRZ65AKHSN
age: 903
etag: W/"be36102db7af4f1eaaeacfac38284151"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 79ced48c7b2d90d7-FRA
x-amz-id-2: HYHjvYX0G8MATH/l9l3fN1mtgqu8NApHuVfxxSFp+EgnRe+CT6loUqHgvwko7k7yBZQ4Q2HLvyk=
expires: Tue, 21 Feb 2023 10:39:34 GMT

GET
H2 200 status Show response
aryuder.api.useinsider.com/ 17 B
905 B 82ms
66ms XHR
application/json 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aryuder.api.useinsider.com/status?p=corendonairlines&j=136&c=1895&u=1676975674269691220c6d3.d41848cc

Requested by

Host: corendonairlines.api.useinsider.com
URL: https://corendonairlines.api.useinsider.com/ins.js?id=10003480

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfc473568861e3affbe9b9936ee4268d936a564282647a3f69218ef755dc10d2

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=8cGPFmKstsAD0BL6PiunlIh3HkNwfR6i906Fy1uz06M-1676975674-0-AV6YYzv576qGk5TxGlQkJzMRpASJdlYaFOQbqMB_BtrcH9uZOXiCjxTztdDQ9RCJJjPW8albcZbUEvJU-bq_0wVd0YCmuPEXvsGqI_Fp1-Czh6H9_rN5S1-Ui6vdRdyfIIkHUqSG9-kjj9DDoTOHT_g"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-frame-options: DENY
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=8cGPFmKstsAD0BL6PiunlIh3HkNwfR6i906Fy1uz06M-1676975674-0-AV6YYzv576qGk5TxGlQkJzMRpASJdlYaFOQbqMB_BtrcH9uZOXiCjxTztdDQ9RCJJjPW8albcZbUEvJU-bq_0wVd0YCmuPEXvsGqI_Fp1-Czh6H9_rN5S1-Ui6vdRdyfIIkHUqSG9-kjj9DDoTOHT_g; report-to cf-csp-endpoint
cf-ray: 79ced48c8cb63635-FRA
content-length: 17

GET
H2 200 / Show response
location.api.useinsider.com/ 252 B
525 B 77ms
60ms XHR
application/json 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://location.api.useinsider.com/?v=2&pId=10003480&
Requested by: Host: corendonairlines.api.useinsider.com
URL: https://corendonairlines.api.useinsider.com/ins.js?id=10003480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36d18081e9c642ef08bf49685a591275f053eede8ff20b0a9edef4aa278bc0cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: application/json
cache-control: no-cache, private
cf-ray: 79ced48c9cbf3635-FRA

GET
H2 200 opt-in-dialog.css
assets.api.useinsider.com/css/ 3 KB
1 KB 29ms
28ms Stylesheet
text/css 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.api.useinsider.com/css/opt-in-dialog.css

Requested by

Host: corendonairlines.api.useinsider.com
URL: https://corendonairlines.api.useinsider.com/ins.js?id=10003480

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9f895f84701ca7fd9dd678004f9d7be765bb7c7c7b8409ea080f645d581b163

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86585
cf-polished: origSize=4371
x-xss-protection: 1
pragma: public
cf-bgj: minify
last-modified: Mon, 20 Feb 2023 04:00:24 GMT
server: cloudflare
etag: W/"63f2f058-1113"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 79ced48cebbb90d7-FRA
expires: Fri, 24 Feb 2023 10:34:34 GMT

GET
H2 200 native-push-sdk.js Show response
eitri.api.useinsider.com/static/ 19 KB
6 KB 33ms
33ms Script
application/javascript 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eitri.api.useinsider.com/static/native-push-sdk.js
Requested by: Host: corendonairlines.api.useinsider.com
URL: https://corendonairlines.api.useinsider.com/ins.js?id=10003480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c59fc1c06b40b938ff98fba2e6c3d2d102f40337e7e719a34666d53c54a36509

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
x-amz-version-id: dPtkPJQWReivfT6PD_X40F1XsLq2PI0v
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2023 10:18:51 GMT
server: cloudflare
x-amz-request-id: 75YQSG00N81EJ36X
age: 886
etag: W/"f1b20ee236d718a3fa0cfbd5050df509"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 79ced48cebbc90d7-FRA
x-amz-id-2: AM7J35uf8pJvYxli4tPx5n5kd3BsR0q8QxahGh4LEWO3EgkvOvjQ4i56uVUbrAbl6lWdWQLVL4Y=
expires: Tue, 21 Feb 2023 10:39:34 GMT

GET
H2 200 6528.24 Show response
corendonairlines.api.useinsider.com/api/info/ 63 KB
11 KB 124ms
124ms XHR
application/javascript 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://corendonairlines.api.useinsider.com/api/info/6528.24?pa=shopping-trigger&
Requested by: Host: corendonairlines.api.useinsider.com
URL: https://corendonairlines.api.useinsider.com/ins.js?id=10003480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70b0893eea07de0675ee5410d662c54e7239c0d10b01baa3d8345bb9a12173e7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
x-amz-version-id: .VfS3_LKgwllnTWc4v_96mItfCXlrRr3
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 07 Feb 2023 17:01:00 GMT
server: cloudflare
x-amz-request-id: DZJJPBFVT5RAKC3F
etag: W/"c49cb6609b31e1440c1b20c21796dbbd"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 79ced48ced903635-FRA
x-amz-id-2: MBm1xMv4NZ41SAXdu1CO7bRu4VfpqEvRULuCZKTiA53Q1pRy5M/lFlMtxvHw0azdLxd09TZeuaI=
expires: Tue, 21 Feb 2023 14:34:34 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2635636/ 148 B
323 B 128ms
44ms XHR
application/json 54.220.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2635636/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.20af14ada7e7ea89b431.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.56.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-56-53.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e06e9fa0c40a8cc645b697a45747eb06cb230ca0a48862a26847435d314ab228

Request headers

Referer: https://www.corendonairlines.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
332 B 65ms
55ms XHR
text/plain 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: corendonairlines.api.useinsider.com
URL: https://corendonairlines.api.useinsider.com/ins.js?id=10003480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.corendonairlines.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: a62b2b74-2e80-4007-92eb-7c37094efa37
cf-ray: 79ced48d1dc83635-FRA
content-length: 16

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
297 B 60ms
60ms XHR
text/plain 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: corendonairlines.api.useinsider.com
URL: https://corendonairlines.api.useinsider.com/ins.js?id=10003480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.corendonairlines.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: 2678420f-963a-47cd-87e9-f52c0ea991ab
cf-ray: 79ced48d1dc93635-FRA
content-length: 16

POST
H2 200 cheapestandpopulardestinations Show response
www.corendonairlines.com/nl/dealsandoffers/ 4 KB
704 B 34ms
33ms XHR
text/html 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corendonairlines.com/nl/dealsandoffers/cheapestandpopulardestinations
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/dist/app.bundle.js?v=EXJDcOXGtMO0q697RIOl8AK0Wh09P6yvsa-WyK4mPuc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8a4a38f8336e0a57791f432b570b7d19eabf33a1e2dbcd53595b2ef483c8147c

Request headers

Accept: */*
Referer: https://www.corendonairlines.com/nl
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 21 Feb 2023 10:33:25 GMT
content-encoding: br
server: nginx
content-length: 573
vary: Accept-Encoding
content-type: text/html; charset=utf-8

POST
H2 200 lowestprices Show response
www.corendonairlines.com/nl/dealsandoffers/ 10 KB
838 B 78ms
78ms XHR
text/html 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corendonairlines.com/nl/dealsandoffers/lowestprices
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/dist/app.bundle.js?v=EXJDcOXGtMO0q697RIOl8AK0Wh09P6yvsa-WyK4mPuc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2b0277e99716004201734a632ecfbe1ce0a279556a5511dec23ed38d71b7dffd

Request headers

Accept: */*
Referer: https://www.corendonairlines.com/nl
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 21 Feb 2023 10:33:25 GMT
content-encoding: br
server: nginx
content-length: 707
vary: Accept-Encoding
content-type: text/html; charset=utf-8

POST
H2 200 interestpointtypesselection Show response
www.corendonairlines.com/nl/discoverpossibilities/ 1 KB
517 B 73ms
73ms XHR
text/html 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corendonairlines.com/nl/discoverpossibilities/interestpointtypesselection?cityId=0
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/dist/app.bundle.js?v=EXJDcOXGtMO0q697RIOl8AK0Wh09P6yvsa-WyK4mPuc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 51701d50677ed286bb66d492b1af60d0b9f17c5c7a480628aa79a5c9762baae2

Request headers

Accept: */*
Referer: https://www.corendonairlines.com/nl
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 21 Feb 2023 10:33:25 GMT
content-encoding: br
server: nginx
content-length: 386
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 09:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 21 Feb 2023 10:58:16 GMT

GET
H2 200 UB-912132519.JPG
www.corendonairlines.com/Images// 142 KB
143 KB 53ms
53ms Image
image/jpeg 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.corendonairlines.com/Images//UB-912132519.JPG
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: d4b53d7b278da387fb535b94ef691c2ce6053d54ab196232da0a3f59115a4d68

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:25 GMT
last-modified: Mon, 12 Sep 2022 11:25:19 GMT
server: nginx
etag: "1d8c69a56bc0027"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 145831
expires: Wed, 21 Feb 2024 10:33:25 GMT

GET
H2 200 UB-91213255.JPG
www.corendonairlines.com/Images// 74 KB
75 KB 85ms
84ms Image
image/jpeg 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.corendonairlines.com/Images//UB-91213255.JPG
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: dcdb6daf95439f769d4be1b83c3a85464355700baec077adfe668472716e513a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:25 GMT
last-modified: Mon, 12 Sep 2022 11:25:05 GMT
server: nginx
etag: "1d8c69a4e64d7b1"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 76081
expires: Wed, 21 Feb 2024 10:33:25 GMT

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
94 B 78ms
62ms Image
image/gif 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5jb3JlbmRvbmFpcmxpbmVzLmNvbS9ubCIsInJlZmVyZXIiOiJodHRwczovL3d3dy5jb3JlbmRvbmFpcmxpbmVzLmNvbS9ubCIsInVzZXJJZCI6IjE2NzY5NzU2NzQyNjk2OTEyMjBjNmQzLmQ0MTg0OGNjIiwicGxhdGZvcm0iOiJ3ZWIiLCJ0Ijoic3RvcmVMb2ciLCJ0eXBlIjoid2ViUHVzaCIsImxvZ1R5cGUiOiJuYXRpdmUtcGVybWlzc2lvbi1pbXByZXNzaW9uIiwiYnJvd3NlciI6IkNocm9tZSIsImlzTW9iaWxlIjpmYWxzZSwidXNlcklEIjoiMTY3Njk3NTY3NDI2OTY5MTIyMGM2ZDMuZDQxODQ4Y2MiLCJsYW5ndWFnZSI6Im5sX05MIn0%3D&t=w&pn=corendonairlines
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79ced48ded0490d7-FRA
content-length: 42
content-type: image/gif

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
94 B 70ms
55ms Image
image/gif 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5jb3JlbmRvbmFpcmxpbmVzLmNvbS9ubCIsInJlZmVyZXIiOiJodHRwczovL3d3dy5jb3JlbmRvbmFpcmxpbmVzLmNvbS9ubCIsInVzZXJJZCI6IjE2NzY5NzU2NzQyNjk2OTEyMjBjNmQzLmQ0MTg0OGNjIiwicGxhdGZvcm0iOiJ3ZWIiLCJ0Ijoic3RvcmVMb2ciLCJ0eXBlIjoid2ViUHVzaCIsImxvZ1R5cGUiOiJwdXNoLXJlcXVlc3QiLCJicm93c2VyIjoiQ2hyb21lIiwiaXNNb2JpbGUiOmZhbHNlLCJ1c2VySUQiOiIxNjc2OTc1Njc0MjY5NjkxMjIwYzZkMy5kNDE4NDhjYyIsImxhbmd1YWdlIjoibmxfTkwifQ%3D%3D&t=w&pn=corendonairlines
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79ced48ded0690d7-FRA
content-length: 42
content-type: image/gif

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
139 B 53ms
53ms Image
image/gif 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5jb3JlbmRvbmFpcmxpbmVzLmNvbS9ubCIsInJlZmVyZXIiOiJodHRwczovL3d3dy5jb3JlbmRvbmFpcmxpbmVzLmNvbS9ubCIsInVzZXJJZCI6IjE2NzY5NzU2NzQyNjk2OTEyMjBjNmQzLmQ0MTg0OGNjIiwicGxhdGZvcm0iOiJ3ZWIiLCJjYW1wSWQiOjY1MjgsInR5cGUiOiJjYW1wLXN0ZXAxIiwidGFibGUiOiJjYW1wTG9ncyJ9&t=c&pn=corendonairlines
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79ced48ded0390d7-FRA
content-length: 42
content-type: image/gif

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v16/ 14 KB
15 KB 131ms
35ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: assets.api.useinsider.com
URL: https://assets.api.useinsider.com/css/info.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.api.useinsider.com/
Origin: https://www.corendonairlines.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 08:59:05 GMT
x-content-type-options: nosniff
age: 524129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14380
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:11:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 08:59:05 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 33ms
32ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=589791448&t=event&ni=true&_s=1&dl=https%3A%2F%2Fwww.corendonairlines.com%2Fnl&ul=en-us&de=UTF-8&dt=Corendon%20Airlines%20%E2%80%93%20Vliegtickets%20%E2%80%93%20Your%20Holiday%20Airline&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Enhanced%20Ecommerce&ea=Promotion%20Impressions&el=Home%20Page%20Main%20Slider&_u=aCDAAEALQAAAACAMKg~&cid=1497147677.1676975672&tid=UA-29038011-1&_gid=249548296.1676975672&gtm=45He32f0n81W9LKJFD&cd23=342&cd24=&cd25=Home&cd27=1497147677.1676975672&cd28=1676975674468.sbmhzpkr&cd29=2023-02-21T10%3A34%3A34.468%2B00%3A00&z=1219131220

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 00:42:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35541
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 33ms
32ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=589791448&t=event&ni=true&_s=1&dl=https%3A%2F%2Fwww.corendonairlines.com%2Fnl&ul=en-us&de=UTF-8&dt=Corendon%20Airlines%20%E2%80%93%20Vliegtickets%20%E2%80%93%20Your%20Holiday%20Airline&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Enhanced%20Ecommerce&ea=Promotion%20Impressions&el=Home%20Page%20Main%20Slider&_u=aCDAAEALQAAAACAMKg~&cid=1497147677.1676975672&tid=UA-29038011-1&_gid=249548296.1676975672&gtm=45He32f0n81W9LKJFD&cd23=342&cd24=&cd25=Home&cd27=1497147677.1676975672&cd28=1676975674481.x5vllsmm&cd29=2023-02-21T10%3A34%3A34.481%2B00%3A00&promo1id=1028&promo1nm=Otel%20Kampanyasi%20NL&promo1cr=%2Fnl%2Fontdek%2Faanbiedingen%2Fhotel-reservation-campaign-2023&promo1ps=2&z=2001452544

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 00:42:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35541
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 33ms
33ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=589791448&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.corendonairlines.com%2Fnl&ul=en-us&de=UTF-8&dt=Corendon%20Airlines%20%E2%80%93%20Vliegtickets%20%E2%80%93%20Your%20Holiday%20Airline&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Insider&ea=Yas_en%20Copy-impressions-shoppingtrigger&el=(builder%20ID%3A%203220)%20-%20Variation%20Ratio%3A%20100%25&_u=aCDAAEALQAAAACAMKg~&cid=1497147677.1676975672&tid=UA-29038011-1&_gid=249548296.1676975672&gtm=45He32f0n81W9LKJFD&cd23=342&cd24=&cd25=Home&cd27=1497147677.1676975672&cd28=1676975674533.3w6m7vdf&cd29=2023-02-21T10%3A34%3A34.533%2B00%3A00&promo1id=1028&promo1nm=Otel%20Kampanyasi%20NL&promo1cr=%2Fnl%2Fontdek%2Faanbiedingen%2Fhotel-reservation-campaign-2023&promo1ps=2&z=1058509908

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 00:42:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35541
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 populerinterestpoints Show response
www.corendonairlines.com/nl/discoverpossibilities/ 3 KB
658 B 914ms
914ms XHR
text/html 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corendonairlines.com/nl/discoverpossibilities/populerinterestpoints?cityId=0&interestPointTypeId=3
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/dist/app.bundle.js?v=EXJDcOXGtMO0q697RIOl8AK0Wh09P6yvsa-WyK4mPuc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5121feb803519652e3ee3ab84ccbfc090fc3aa17b4c871b78fb4fa77579d1ce3

Request headers

Accept: */*
Referer: https://www.corendonairlines.com/nl
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 21 Feb 2023 10:33:26 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 responsive-layout.min.css
assets.api.useinsider.com/css/ 24 KB
1 KB 31ms
31ms Stylesheet
text/css 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.api.useinsider.com/css/responsive-layout.min.css

Requested by

Host: corendonairlines.api.useinsider.com
URL: https://corendonairlines.api.useinsider.com/ins.js?id=10003480

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89991b490c5f09cf8656108b9c271717a015a6350058374c2f961f96cb681a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86571
x-xss-protection: 1
pragma: public
last-modified: Mon, 20 Feb 2023 04:00:24 GMT
server: cloudflare
etag: W/"63f2f058-5e18"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 79ced48e3d5a90d7-FRA
expires: Fri, 24 Feb 2023 10:34:34 GMT

GET
H2 200 CI-917155330202.JPEG
www.corendonairlines.com/Images//large/ 115 KB
116 KB 29ms
28ms Image
image/jpeg 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.corendonairlines.com/Images//large/CI-917155330202.JPEG
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4b55c1f9efedfd600de3c92e510af038d3ae06c7d1837251151f275cbaab7936

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:25 GMT
last-modified: Mon, 17 Sep 2018 13:53:32 GMT
server: nginx
etag: "1d44e8dd1ef9ac6"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 117958
expires: Wed, 21 Feb 2024 10:33:25 GMT

GET
H2 200 CI-121181229261.JPEG
www.corendonairlines.com/Images//large/ 82 KB
82 KB 62ms
61ms Image
image/jpeg 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.corendonairlines.com/Images//large/CI-121181229261.JPEG
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8cd7beb8605346ac38374923b46fc96564f65002a8002cfb7228733d832bf49f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:25 GMT
last-modified: Thu, 21 Jan 2021 17:12:29 GMT
server: nginx
etag: "1d6f01898f2fbdb"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 83803
expires: Wed, 21 Feb 2024 10:33:25 GMT

GET
H2 200 CI-311123947899.JPEG
www.corendonairlines.com/Images//large/ 98 KB
98 KB 81ms
80ms Image
image/jpeg 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.corendonairlines.com/Images//large/CI-311123947899.JPEG
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: f0213b281db7560ec64480d16747aa1e08d0c48882e3fe9c0c0363659193188f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:25 GMT
last-modified: Mon, 11 Mar 2019 11:39:48 GMT
server: nginx
etag: "1d4d7ff218ad23d"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 100413
expires: Wed, 21 Feb 2024 10:33:25 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ 15 KB
7 KB 184ms
38ms Script
application/x-javascript 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=94688&v=5.13.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=P4NSul9QRSUyQkdneGVXMFEyR3ZpQ1hMaWIzTm96ZVRoZEp4VlNleCUyQnY4NzBRNlRHMSUyRkVqemVBSk9yQ1NBVHozRnRnSVpiRm9XMWRoMTZpM21HcU9hWkElMkJHbldaa3JrNHQlMkZkM3hXZWJ4eWZFVGZFV1hqcld4V2hhTUgzY3Y0YjJvZ1haTFklMkYySzRnWHo3NzJHMUhBVTJoWWVESERQUnducVo3ZlBwSWdOb3RTSXd3OU0lM0Q&tld=corendonairlines.com&dy=1&fu=https%253A%252F%252Fwww.corendonairlines.com%252Fnl&dtycbr=12916&cs=1---&cv=1

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=94688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9ffd6d59160e19c062885ee955e9c2aad6cce353ace0427f65ec6738f020b30c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 12119478
timing-allow-origin: *
expires: 0

GET
H2 200 event Show response
sslwidget.criteo.com/ 21 KB
7 KB 192ms
49ms Script
application/x-javascript 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=101715&v=5.13.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis%26a%3D%255B94688%252C101715%255D&adce=1&bundle=P4NSul9QRSUyQkdneGVXMFEyR3ZpQ1hMaWIzTm96ZVRoZEp4VlNleCUyQnY4NzBRNlRHMSUyRkVqemVBSk9yQ1NBVHozRnRnSVpiRm9XMWRoMTZpM21HcU9hWkElMkJHbldaa3JrNHQlMkZkM3hXZWJ4eWZFVGZFV1hqcld4V2hhTUgzY3Y0YjJvZ1haTFklMkYySzRnWHo3NzJHMUhBVTJoWWVESERQUnducVo3ZlBwSWdOb3RTSXd3OU0lM0Q&tld=corendonairlines.com&dy=1&fu=https%253A%252F%252Fwww.corendonairlines.com%252Fnl&dtycbr=38558&cs=1---&cv=1

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=94688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ba3f20e670bd61e901ec3090e28b5ec04bedddaa75fe9bb9bfe4f9d19f8764ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 22617243
timing-allow-origin: *
expires: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 22ms
21ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=282460029033284&ev=SourceMedium&dl=https%3A%2F%2Fwww.corendonairlines.com%2Fnl&rl=&if=false&ts=1676975674707&cd[utm_source]=undefined&cd[utm_medium]=undefined&cd[utm_campaign_name]=undefined&cd[utm_campaign_term]=undefined&sw=1600&sh=1200&v=2.9.96&r=stable&ec=3&o=30&fbp=fb.1.1676975672403.1273520448&it=1676975672228&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 21 Feb 2023 10:34:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 UB-912132519.JPG
www.corendonairlines.com/Images// 142 KB
143 KB 18ms
17ms Image
image/jpeg 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.corendonairlines.com/Images//UB-912132519.JPG
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/dist/app.bundle.js?v=EXJDcOXGtMO0q697RIOl8AK0Wh09P6yvsa-WyK4mPuc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: d4b53d7b278da387fb535b94ef691c2ce6053d54ab196232da0a3f59115a4d68

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:25 GMT
last-modified: Mon, 12 Sep 2022 11:25:19 GMT
server: nginx
etag: "1d8c69a56bc0027"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 145831
expires: Wed, 21 Feb 2024 10:33:25 GMT

GET
H2 200 UB-91213255.JPG
www.corendonairlines.com/Images// 74 KB
75 KB 46ms
46ms Image
image/jpeg 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.corendonairlines.com/Images//UB-91213255.JPG
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/dist/app.bundle.js?v=EXJDcOXGtMO0q697RIOl8AK0Wh09P6yvsa-WyK4mPuc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: dcdb6daf95439f769d4be1b83c3a85464355700baec077adfe668472716e513a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:25 GMT
last-modified: Mon, 12 Sep 2022 11:25:05 GMT
server: nginx
etag: "1d8c69a4e64d7b1"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 76081
expires: Wed, 21 Feb 2024 10:33:25 GMT

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 4F35
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-u4omEpq14k_Ko5oYY4eeSRIF2VMYmkCgXK1zPg&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-u4omEpq14k_Ko5oYY4eeSRIF2VMYmkCgXK1zPg&expires=30

43 B
345 B

28ms
28ms

Image
image/gif

35.157.7.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-u4omEpq14k_Ko5oYY4eeSRIF2VMYmkCgXK1zPg&expires=30
Protocol: H2
Server: 35.157.7.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-7-227.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-u4omEpq14k_Ko5oYY4eeSRIF2VMYmkCgXK1zPg&expires=30
date: Tue, 21 Feb 2023 10:34:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 4F35
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-qVOnfZq14k_Ko5oYY4eeSRIF2VMZgdj08rbm6g&google_cm&google_hm=ay1xVk9uZlpxMTRrX0tvNW9ZWTRlZVNSSUYyVk1aZ2RqM...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qVOnfZq14k_Ko5oYY4eeSRIF2VMZgdj08rbm6g&google_gid=CAESEBRBU2ZzwKzUbYT4dC2zkho&google_cver=1&google_ula=913071,0

43 B
369 B

14ms
14ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qVOnfZq14k_Ko5oYY4eeSRIF2VMZgdj08rbm6g&google_gid=CAESEBRBU2ZzwKzUbYT4dC2zkho&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 653605
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qVOnfZq14k_Ko5oYY4eeSRIF2VMZgdj08rbm6g&google_gid=CAESEBRBU2ZzwKzUbYT4dC2zkho&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 4F35
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8275971854707909004

43 B
370 B

52ms
16ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8275971854707909004

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 905249
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 21 Feb 2023 10:34:34 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 95.211.95.248; 95.211.95.248; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1cad4346-1de3-48b3-8e3a-7f5a7b8e1eb1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8275971854707909004
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 4F35 237 B
979 B 247ms
169ms Image
image/gif 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-zGXWKJq14k_Ko5oYY4eeSRIF2VP2WGv-mv4wEA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 21 Feb 2023 10:34:35 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 237
x-mnet-hl2: E
expires: Tue, 21 Feb 2023 10:34:35 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 4F35 0
239 B 98ms
20ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-gYZAhpq14k_Ko5oYY4eeSRIF2VPF5xT8Q1jWDQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 4F35 0
35 B 120ms
21ms Image
text/plain 18.196.105.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-k_w19Zq14k_Ko5oYY4eeSRIF2VMB3EbUO9DFnw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.105.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-105-110.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:35 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 4F35 43 B
114 B 130ms
21ms Image
image/gif 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-x2-muJq14k_Ko5oYY4eeSRIF2VPLLxN684oRVQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 4F35 0
98 B 112ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-V1g05Jq14k_Ko5oYY4eeSRIF2VNS3lpObKYZRQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:35 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12614

GET
H2 200 um
criteo-sync.teads.tv/ Frame 4F35 23 B
172 B 153ms
47ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-uSTEnpq14k_Ko5oYY4eeSRIF2VOW5Ruwz9FFWw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Tue, 21 Feb 2023 10:34:35 GMT
pragma: no-cache
date: Tue, 21 Feb 2023 10:34:35 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 4F35 37 B
140 B 72ms
20ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-smMZoJq14k_Ko5oYY4eeSRIF2VN_TxOWqmgi_g&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 4F35
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-RqBIW5q14k_Ko5oYY4eeSRIF2VNVulDjaMjXIA
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-RqBIW5q14k_Ko5oYY4eeSRIF2VNVulDjaMjXIA&verify=true

0
121 B

23ms
23ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-RqBIW5q14k_Ko5oYY4eeSRIF2VNVulDjaMjXIA&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:35 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-RqBIW5q14k_Ko5oYY4eeSRIF2VNVulDjaMjXIA&verify=true
date: Tue, 21 Feb 2023 10:34:35 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 4F35 43 B
163 B 92ms
25ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-VdJ-x5q14k_Ko5oYY4eeSRIF2VMSt_HckiNYrQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:35 GMT
last-modified: Fri, 18 Nov 2022 14:41:46 GMT
server: nginx
accept-ranges: bytes
etag: "637799aa-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 4F35 49 B
235 B 97ms
23ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-mlllQ5q14k_Ko5oYY4eeSRIF2VPIe0HKi6jbAQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:34 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame 4F35 43 B
1 KB 43ms
14ms Image
image/gif 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-SrA7GZq14k_Ko5oYY4eeSRIF2VOy6mPB0DVlXQ&seg=130915

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Feb 2023 10:34:35 GMT
AN-X-Request-Uuid: a50adec7-271b-4cc1-9256-fdacbb7ecfa5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 95.211.95.248; 95.211.95.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
r.casalemedia.com/ Frame 4F35
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VNr4I5q14k_Ko5oYY4eeSRIF2VOiuviBUNUUDQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VNr4I5q14k_Ko5oYY4eeSRIF2VOiuviBUNUUDQ&C=1

43 B
322 B

39ms
39ms

Image
image/gif

104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VNr4I5q14k_Ko5oYY4eeSRIF2VOiuviBUNUUDQ&C=1
Protocol: H2
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wup1CTFDQmYjRh7mwZwYPcBZa8fH2M38Jh1UPtTZxwkBQg5x8TdtMOT5UZGR2nbTy8vyNckWGQtTLagt%2F6YE9zSW5d425rEbpPHboXEd7aCcSFGFKzShsTmTLFQuCh1tuz73"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 79ced4918d50bbd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9bnumyrstABoVSGLvFHBOWcCuZsr5nd9H4tOCoAtvZ4dF0SvDvojqLw9hRvzcREJmuoXJ3wjrejIsjNwnOBL%2FZVf%2BZ1gTryGcb9O5Y5rJkt1akdVbBFOw571ziVk%2FSvHw59"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-VNr4I5q14k_Ko5oYY4eeSRIF2VOiuviBUNUUDQ&C=1
cache-control: no-cache
cf-ray: 79ced4914ca5bbd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 4F35
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=jWyXpj2Ex0UxY3tJn1MgQOOurDGXujKA
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=jWyXpj2Ex0UxY3tJn1MgQOOurDGXujKA

42 B
942 B

40ms
39ms

Image
image/gif

52.211.39.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=jWyXpj2Ex0UxY3tJn1MgQOOurDGXujKA

Protocol

HTTP/1.1

Server

52.211.39.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-39-111.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v046-0c9e579d2.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: P8SRf/tXTY0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v046-04d38696b.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 1+V4RLFrQxM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=jWyXpj2Ex0UxY3tJn1MgQOOurDGXujKA
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 4F35 43 B
1 KB 74ms
22ms Image
image/gif 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-V8lf3Jq14k_Ko5oYY4eeSRIF2VM5Qqvf3uwzOA

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 21 Feb 2023 10:34:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 4F35
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-XKCGD5q14k_Ko5oYY4eeSRIF2VONQ2QfgA5wgA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XKCGD5q14k_Ko5oYY4eeSRIF2VONQ2QfgA5wgA

43 B
449 B

24ms
23ms

Image
image/gif

18.192.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XKCGD5q14k_Ko5oYY4eeSRIF2VONQ2QfgA5wgA
Protocol: H2
Server: 18.192.131.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-131-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Feb 2023 10:34:35 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XKCGD5q14k_Ko5oYY4eeSRIF2VONQ2QfgA5wgA
date: Tue, 21 Feb 2023 10:34:35 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 4F35 42 B
274 B 60ms
24ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-5nGIf5q14k_Ko5oYY4eeSRIF2VOfpC5CNMnLHg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 4F35 0
885 B 74ms
21ms Image
text/html 18.197.252.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-FzboP5q14k_Ko5oYY4eeSRIF2VMBUFg7WZkoPg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.252.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-252-47.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:35 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 4F35 0
145 B 355ms
87ms Image
text/plain 70.42.32.127
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-3MoLWJq14k_Ko5oYY4eeSRIF2VO0cJ7C52CzqQ&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 10:34:35 GMT
Cache-Control: no-cache
X-TraceId: eabfa7920b666e9636525d7726b037dd
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 4F35 42 B
579 B 68ms
14ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-g-gXb5q14k_Ko5oYY4eeSRIF2VPylVWaFVIa1Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 21 Feb 2023 10:34:33 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 4F35 43 B
182 B 395ms
105ms Image
image/gif 2600:1f18:612b:4216:ce25:c445:cadd:c70b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-pWYTAZq14k_Ko5oYY4eeSRIF2VPx1ho8BAefew
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:ce25:c445:cadd:c70b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 21 Feb 2023 10:34:35 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 4F35 0
360 B 167ms
53ms Image
text/plain 104.64.175.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-r1DJ3Jq14k_Ko5oYY4eeSRIF2VPHe7fidfZyUg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.64.175.239 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-175-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Feb 2023 10:34:35 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Mon, 20 Feb 2023 10:34:35 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 4F35 43 B
220 B 136ms
32ms Image
image/gif 54.77.226.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-HQ1ZOZq14k_Ko5oYY4eeSRIF2VMuk2V_ULRg5w&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.226.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-226-36.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 21 Feb 2023 10:34:35 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame B26E
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-u4omEpq14k_Ko5oYY4eeSRIF2VMYmkCgXK1zPg&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-u4omEpq14k_Ko5oYY4eeSRIF2VMYmkCgXK1zPg&expires=30

43 B
345 B

24ms
23ms

Image
image/gif

35.157.7.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-u4omEpq14k_Ko5oYY4eeSRIF2VMYmkCgXK1zPg&expires=30
Protocol: H2
Server: 35.157.7.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-7-227.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-u4omEpq14k_Ko5oYY4eeSRIF2VMYmkCgXK1zPg&expires=30
date: Tue, 21 Feb 2023 10:34:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame B26E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-qVOnfZq14k_Ko5oYY4eeSRIF2VMZgdj08rbm6g&google_cm&google_hm=ay1xVk9uZlpxMTRrX0tvNW9ZWTRlZVNSSUYyVk1aZ2RqM...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qVOnfZq14k_Ko5oYY4eeSRIF2VMZgdj08rbm6g&google_gid=CAESEBRBU2ZzwKzUbYT4dC2zkho&google_cver=1&google_ula=913071,0

43 B
369 B

15ms
15ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qVOnfZq14k_Ko5oYY4eeSRIF2VMZgdj08rbm6g&google_gid=CAESEBRBU2ZzwKzUbYT4dC2zkho&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 734065
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qVOnfZq14k_Ko5oYY4eeSRIF2VMZgdj08rbm6g&google_gid=CAESEBRBU2ZzwKzUbYT4dC2zkho&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame B26E
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8275971854707909004

43 B
370 B

21ms
20ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8275971854707909004

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1401704
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 21 Feb 2023 10:34:35 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 95.211.95.248; 95.211.95.248; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 957eb7f6-05cc-4d2d-af6d-0bc3971bbcaa
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8275971854707909004
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame B26E 237 B
980 B 171ms
170ms Image
image/gif 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-zGXWKJq14k_Ko5oYY4eeSRIF2VP2WGv-mv4wEA

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 21 Feb 2023 10:34:35 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 237
x-mnet-hl2: E
expires: Tue, 21 Feb 2023 10:34:35 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame B26E 0
239 B 22ms
21ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-gYZAhpq14k_Ko5oYY4eeSRIF2VPF5xT8Q1jWDQ&expires=30
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame B26E 0
34 B 20ms
19ms Image
text/plain 18.196.105.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-k_w19Zq14k_Ko5oYY4eeSRIF2VMB3EbUO9DFnw
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.105.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-105-110.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:35 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame B26E 43 B
113 B 22ms
22ms Image
image/gif 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-x2-muJq14k_Ko5oYY4eeSRIF2VPLLxN684oRVQ
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B26E 0
98 B 15ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-V1g05Jq14k_Ko5oYY4eeSRIF2VNS3lpObKYZRQ
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:35 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12759

GET
H2 200 um
criteo-sync.teads.tv/ Frame B26E 23 B
172 B 52ms
50ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-uSTEnpq14k_Ko5oYY4eeSRIF2VOW5Ruwz9FFWw
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Tue, 21 Feb 2023 10:34:35 GMT
pragma: no-cache
date: Tue, 21 Feb 2023 10:34:35 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame B26E 37 B
139 B 23ms
22ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-smMZoJq14k_Ko5oYY4eeSRIF2VN_TxOWqmgi_g&dongle=013b
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame B26E 0
17 B 25ms
24ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-RqBIW5q14k_Ko5oYY4eeSRIF2VNVulDjaMjXIA

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:35 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame B26E 43 B
162 B 26ms
25ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-VdJ-x5q14k_Ko5oYY4eeSRIF2VMSt_HckiNYrQ
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:35 GMT
last-modified: Fri, 18 Nov 2022 14:41:46 GMT
server: nginx
accept-ranges: bytes
etag: "637799aa-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame B26E 49 B
94 B 25ms
24ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-mlllQ5q14k_Ko5oYY4eeSRIF2VPIe0HKi6jbAQ

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:34 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
content-length: 49
expires: 0

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame B26E 43 B
1 KB 13ms
13ms Image
image/gif 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-SrA7GZq14k_Ko5oYY4eeSRIF2VOy6mPB0DVlXQ&seg=130915

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Feb 2023 10:34:35 GMT
AN-X-Request-Uuid: 5cbbbab8-a919-44ce-bcbb-7e69e79db57c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 95.211.95.248; 95.211.95.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rum
r.casalemedia.com/ Frame B26E 43 B
783 B 124ms
124ms Image
image/gif 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VNr4I5q14k_Ko5oYY4eeSRIF2VOiuviBUNUUDQ
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1uEGxbt8RhcA%2Fdib2apJdywDK3MezAmUNbE5OFu%2FCKFMmpUwha0Lf%2F1enulgfStA9CSXZkRDvkJPW20%2FF3IHi9sqnzW%2BboJ%2BjqwmYHs7L%2FY2rendq%2FVpOe%2BnL1Y99IhXg%2FA%2F"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 79ced491cebb30ca-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame B26E
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=4MeGGewAAYIsTQ6bfgB-wsZ0K3A6sbPs
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=4MeGGewAAYIsTQ6bfgB-wsZ0K3A6sbPs

42 B
942 B

33ms
33ms

Image
image/gif

52.211.39.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=4MeGGewAAYIsTQ6bfgB-wsZ0K3A6sbPs

Protocol

HTTP/1.1

Server

52.211.39.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-39-111.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-0040bba41.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Ndg5o6azSx4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v046-0e6191e5e.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: tK/C01GoSCQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=4MeGGewAAYIsTQ6bfgB-wsZ0K3A6sbPs
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame B26E 43 B
1 KB 24ms
22ms Image
image/gif 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-V8lf3Jq14k_Ko5oYY4eeSRIF2VM5Qqvf3uwzOA

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 21 Feb 2023 10:34:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame B26E
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-XKCGD5q14k_Ko5oYY4eeSRIF2VONQ2QfgA5wgA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XKCGD5q14k_Ko5oYY4eeSRIF2VONQ2QfgA5wgA

43 B
448 B

24ms
23ms

Image
image/gif

18.192.131.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XKCGD5q14k_Ko5oYY4eeSRIF2VONQ2QfgA5wgA
Protocol: H2
Server: 18.192.131.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-131-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Feb 2023 10:34:35 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XKCGD5q14k_Ko5oYY4eeSRIF2VONQ2QfgA5wgA
date: Tue, 21 Feb 2023 10:34:35 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame B26E 42 B
103 B 22ms
19ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-5nGIf5q14k_Ko5oYY4eeSRIF2VOfpC5CNMnLHg
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:34 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame B26E 0
884 B 22ms
20ms Image
text/html 18.197.252.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-FzboP5q14k_Ko5oYY4eeSRIF2VMBUFg7WZkoPg
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.252.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-252-47.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:35 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame B26E 0
145 B 340ms
86ms Image
text/plain 70.42.32.127
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-3MoLWJq14k_Ko5oYY4eeSRIF2VO0cJ7C52CzqQ&initiator=partner
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 10:34:35 GMT
Cache-Control: no-cache
X-TraceId: cb5b88aa945df1351ef7d687d49791c4
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame B26E 42 B
429 B 16ms
13ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-g-gXb5q14k_Ko5oYY4eeSRIF2VPylVWaFVIa1Q
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 21 Feb 2023 10:34:34 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame B26E 43 B
183 B 322ms
103ms Image
image/gif 2600:1f18:612b:4216:ce25:c445:cadd:c70b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-pWYTAZq14k_Ko5oYY4eeSRIF2VPx1ho8BAefew
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:ce25:c445:cadd:c70b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 21 Feb 2023 10:34:35 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame B26E 0
525 B 158ms
48ms Image
text/plain 104.64.175.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-r1DJ3Jq14k_Ko5oYY4eeSRIF2VPHe7fidfZyUg

Requested by

Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.64.175.239 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-175-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Feb 2023 10:34:35 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Mon, 20 Feb 2023 10:34:35 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame B26E 43 B
219 B 79ms
33ms Image
image/gif 54.77.226.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-HQ1ZOZq14k_Ko5oYY4eeSRIF2VMuk2V_ULRg5w&pn_id=criteo&ext=1
Requested by: Host: www.corendonairlines.com
URL: https://www.corendonairlines.com/nl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.226.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-226-36.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 21 Feb 2023 10:34:35 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame B26E 43 B
153 B 113ms
37ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-TfMoj5q14k_Ko5oYY4eeSRIF2VM8coEKYAulOQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Feb 2023 10:34:35 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame B26E
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Sqv51k6Hq6xniNvVYAcnxGKbVPO9qTju

0
337 B

131ms
32ms

Image
text/plain

34.255.170.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Sqv51k6Hq6xniNvVYAcnxGKbVPO9qTju
Protocol: H2
Server: 34.255.170.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-170-214.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-served-by: beacon-n020-dub-prod.krxd.net
date: Tue, 21 Feb 2023 10:34:35 GMT
cache-control: private, no-cache, no-store
x-request-time: D=20 t=1676975675
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Sqv51k6Hq6xniNvVYAcnxGKbVPO9qTju
date: Tue, 21 Feb 2023 10:34:34 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1011948
content-length: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 4F35
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=hcra7dkabDbX1EaduucpFMJvW6hNjkir

0
338 B

121ms
30ms

Image
text/plain

34.255.170.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=hcra7dkabDbX1EaduucpFMJvW6hNjkir
Protocol: H2
Server: 34.255.170.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-170-214.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-served-by: beacon-n022-dub-prod.krxd.net
date: Tue, 21 Feb 2023 10:34:35 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1676975675
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=hcra7dkabDbX1EaduucpFMJvW6hNjkir
date: Tue, 21 Feb 2023 10:34:34 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1373747
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame 4F35
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=vD8bbKL9KaJLPF_qodq_2aVXEx7ZFYrL

35 B
268 B

408ms
112ms

Image
image/gif

3.135.11.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=vD8bbKL9KaJLPF_qodq_2aVXEx7ZFYrL
Protocol: H2
Server: 3.135.11.80 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-135-11-80.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:35 GMT
x-bt-requestid: 5605a621-b1d3-11ed-a221-0000ac17014b
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=vD8bbKL9KaJLPF_qodq_2aVXEx7ZFYrL
date: Tue, 21 Feb 2023 10:34:34 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 793678
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame B26E
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=jQAQ5EXvzLYA7xcRGW-35jyQaDfSFxzR

35 B
267 B

408ms
113ms

Image
image/gif

3.135.11.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=jQAQ5EXvzLYA7xcRGW-35jyQaDfSFxzR
Protocol: H2
Server: 3.135.11.80 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-135-11-80.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:35 GMT
x-bt-requestid: 5605a620-b1d3-11ed-93ba-0000ac170158
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=jQAQ5EXvzLYA7xcRGW-35jyQaDfSFxzR
date: Tue, 21 Feb 2023 10:34:34 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1132638
content-length: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1463744/log/3/ 0
252 B 13ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1463744/log/3/unip?en=pre_d_eng_tb&tos=4574&scd=0&ssd=1&est=1676975672158&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1676975676732&vi=1676975672155&ri=b7ab3ad8696093f7cb441da1f22f2c72&ref=null&cv=20230219-9-RELEASE&item-url=https%3A%2F%2Fwww.corendonairlines.com%2Fnl
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1463744/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: https://www.corendonairlines.com
pragma: no-cache
date: Tue, 21 Feb 2023 10:34:36 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 predict Show response
inference.api.useinsider.com/ 43 B
302 B 74ms
60ms XHR
text/plain 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://inference.api.useinsider.com/predict?pid=10003480&uid=1676975674269691220c6d3.d41848cc&sid=l0z73a8b-9s95-kq7n-d5bo-wmu5fco36soa_1676975674&a=ltpd
Requested by: Host: corendonairlines.api.useinsider.com
URL: https://corendonairlines.api.useinsider.com/ins.js?id=10003480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd1249d5a567ef4bd61c11d8b6f0698d32565b0bd1d70b2ab5d26251a058fcc5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cf-ray: 79ced4a329353635-FRA

GET
H2 200 status Show response
aryuder.api.useinsider.com/ 17 B
308 B 59ms
59ms XHR
application/json 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aryuder.api.useinsider.com/status?p=corendonairlines&j=136&c=1895&u=1676975674269691220c6d3.d41848cc

Requested by

Host: corendonairlines.api.useinsider.com
URL: https://corendonairlines.api.useinsider.com/ins.js?id=10003480

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfc473568861e3affbe9b9936ee4268d936a564282647a3f69218ef755dc10d2

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:34:37 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cf-ray: 79ced4a3292f3635-FRA
content-length: 17

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
321 B 62ms
62ms XHR
text/plain 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: corendonairlines.api.useinsider.com
URL: https://corendonairlines.api.useinsider.com/ins.js?id=10003480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.corendonairlines.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 21 Feb 2023 10:34:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: ea16f9e4-7c38-4579-a9d4-1eaf7c36c052
cf-ray: 79ced4a369923635-FRA
content-length: 16

GET
H2 200 tpe
csm.fr.eu.criteo.net/1.0/ 43 B
203 B 84ms
24ms Image
image/gif 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://csm.fr.eu.criteo.net/1.0/tpe?cpp=2pzJMnx4bEtvaGRvUzUwM2tzdm9GS3BUYWdaaEhaejdHRmM0azZvemU2UWFTdFFBb0FoQjdPVEpieFJKZkJqa0crRlliK3B2V242d3FMZDFHVU5ZQVpZaDZuQT09fA&cppv=2&p=%7B%22cp%22%3A%5B%7B%22c%22%3Afalse%2C%22ct%22%3A%22widget%22%2C%22dlt%22%3A95%2C%22rdt%22%3A0%2C%22rpt%22%3A1%2C%22rqt%22%3A38%2C%22sct%22%3A25%2C%22tct%22%3A48%7D%2C%7B%22c%22%3Afalse%2C%22ct%22%3A%22widget%22%2C%22dlt%22%3A0%2C%22rdt%22%3A0%2C%22rpt%22%3A1%2C%22rqt%22%3A49%2C%22sct%22%3A0%2C%22tct%22%3A0%7D%5D%2C%22mtp%22%3A%7B%22cqt%22%3A0%2C%22it%22%3A11%7D%7D&dtycbr=91008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:38 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 18ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-SCBF3B0ZGD&gtm=45je32f0&_p=589791448&gdid=dMWZhNz&cid=1497147677.1676975672&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&dr=&sid=1676975672&sct=1&seg=0&dl=https%3A%2F%2Fwww.corendonairlines.com%2Fnl&dt=Corendon%20Airlines%20%E2%80%93%20Vliegtickets%20%E2%80%93%20Your%20Holiday%20Airline&uid=DLV%20-%20cd_userId&_s=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SCBF3B0ZGD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.corendonairlines.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 10:34:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.corendonairlines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UB-1027154615.JPG
www.corendonairlines.com/Images// 109 KB
109 KB 17ms
17ms Image
image/jpeg 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.corendonairlines.com/Images//UB-1027154615.JPG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: fbfb67ae69ccbafb6afce32ae0e144e350c4174088b2780bb1b8bb86d77838d4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:30 GMT
last-modified: Thu, 27 Oct 2022 13:46:15 GMT
server: nginx
etag: "1d8ea0a7b819ef8"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 111480
expires: Wed, 21 Feb 2024 10:33:30 GMT

GET
H2 200 UB-1027154716.JPG
www.corendonairlines.com/Images// 54 KB
54 KB 49ms
49ms Image
image/jpeg 83.98.215.60
SENTIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.corendonairlines.com/Images//UB-1027154716.JPG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.98.215.60 , Netherlands, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 21bc9845f67a8386b36ef99dad1a7b27262bac7137ea7efc4b331f5607808f33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.corendonairlines.com/nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:33:30 GMT
last-modified: Thu, 27 Oct 2022 13:47:16 GMT
server: nginx
etag: "1d8ea0a9fdcd20b"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 55307
expires: Wed, 21 Feb 2024 10:33:30 GMT

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.corendonairlines.com/	1970-01-20 09:52:28	Name: .AspNetCore.Cookies Value: CfDJ8FbFeRf_5CVBlawIBjJdi4kTVVtCBfrg34US22vgeaHb-i8a9WrQkQx1VIR1MvIbgj-yFGIdEG-3mmbMB9XQE-kxQHfvKirp_MDhg7pjGb8IlwYeBHhwbwwm58n2RvNiM0vestVNrnt2hbjbvSSV2yDEXls9eiJmn2nfBBxl8_7DwPFRLqKfK5wDXza-_g5KUSET_h30Rjq3ofcHU9r23xI0P3sBTWgbICG8NjcYRaaCAksNnZRGMqF5ZKhwDss_3MLGJvle7z1Jm08V2Is3Lz7hQ5k2Gckd5RBMS91jMhGyQ1erJbihsYtwE7qGCEGyFaQ7Bn5Sv4i4PKAjD8njRPamOyrH3-WKlesjw_8zK5JxfMvV7W0-OZGKn_KSHvZ9wKcph3C1HLadnYVtmlC-qzVGLgKfc-FGwq_VA7-Bs6WK_ovyCyGZnGya-aAnY5BbwvwFJJE-is3ZI4xAfFzyEwLM_0L23a9nRQkylvvjG9jXrkZC_ixj6w0A10oezwP07wilWJnmzfjHVfdGI5gBmqRX1hdgidmx7Zdj8_oDdUXXjbEq_iSSJbTJFj_dW0G7U1Q6Wce5Rzpt3TyRVdCzWn8jbqlWJK455ynV8qpc8Uf5LBrJP_aqWCHEBasYIyVfVm-Ovk3MM3S0dzHbqAiH2xm5YHdPaLoNegvWYbAsoUnnDqUPNtnzISDtxJkLEP-OCeYKN9DQxowrFZfju1j4p71Qs_ogJRMrz_xULg0e5v6CXu1VwS3i2RsyCgFJQ6H9qBx-KAj1uvL1R4PPYluDG6_StS4vlY71MLiAEIbT05Qr3W7muUDEEsHSQ3Hb-k2B03lntcknk8Znndn7FRfST5zq9C1zoX7MSSFSAHt8Pjm2wING5i5W7hnmWlBhFNcBt_CmLdgUg3cHPWQjKW1LWzWXbcCZBpREdlZpxYFPUYZd-z4qPHSlP_6BYN_yhfVXWYcGGBdHZgE46tNjFrgdSBDqqeWdrWRe60yKPUwgxPrsUvyD3aCZnmvwINDaipS3lEdOR62ikJjSWozuImaDwZlMAfZqd43lYQdw9fHjUHEeisDCGxeYX5r4GnUEckvyoXfKOOw0wx3AO7iQ-Dss-gEOLMpSSvfJZRWwbfeF3xlcKtU2orkXc4L4DqHphbHUpLhN4TQOGjMI1b8EaUrf413_2pGpMTUTR-grOQWVygWvjiuXVGq8UtazKupiQ_G8LN2BRy4OOpL_DODupS8woccNF-1tB0f12oujJQcapbVTtmH0iDFTkmuO9jym3ZF9fL5DhDA_iyQGXs5Pe-QhYH7nx0STs3Uuc7EM4tl6qhcAo2ah2kTN0TECw2RSqxcReoE80wYoBUl3tmaic0Pr9ygJigYyggAe4zAuQy2OLZNcxQaD9t709aKOdCijAU260MACgKSl7qyioB6FdtqekYgZpv6tn0ZKvt0tj3MoVWgB7NSBm6CtUx_CHfVmhjpneyx_Rbt68CziLf32XRYSED8
www.corendonairlines.com/	1970-01-20 09:51:02	Name: SelectedCurrencyCode Value: EUR
www.corendonairlines.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.3cP1kRLzlhs Value: CfDJ8FbFeRf_5CVBlawIBjJdi4ngceAXKyAcgpu6g0wQp3Frbpy1w7TZY4aft9Q_EJubf8aZ0lCbA4-nSAgLo0pq-jDNMGB2erTthUhQxwOjI4j_Fme4pq4B-PAJpODj5EjKB7HJyhcsQ4QNJgek_ViyiSs
.useinsider.com/	1970-01-20 09:49:37	Name: __cf_bm Value: NjQ3gNGbep8hp2Pn.a4DDVjxk0ha4U9o_xb_9OFr91A-1676975671-0-AWk+QvkzdKOY6LUYazpzLXxHw/gI1EZ0Cr/wiuVlcWIwr6yH9aU6YOWRGCB+nLrmA2yZKBEp1msYaYooqsUSSZA=
.corendonairlines.com/	1970-01-20 11:59:11	Name: _gcl_au Value: 1.1.666214845.1676975672
.corendonairlines.com/	1970-01-20 19:25:35	Name: _ga Value: GA1.2.1497147677.1676975672
.corendonairlines.com/	1970-01-20 09:51:02	Name: _gid Value: GA1.2.249548296.1676975672
.criteo.com/	1970-01-20 19:11:11	Name: uid Value: bd5dda19-96ba-413b-87a8-66c066b20b2e
.corendonairlines.com/	1970-01-20 11:59:11	Name: _fbp Value: fb.1.1676975672403.1273520448
.tiktok.com/	1970-01-20 19:11:11	Name: _ttp Value: 2M2pkD91JbgD66greEP6yEgiyRJ
.corendonairlines.com/	1970-01-20 19:18:59	Name: cto_bundle Value: P4NSul9QRSUyQkdneGVXMFEyR3ZpQ1hMaWIzTm96ZVRoZEp4VlNleCUyQnY4NzBRNlRHMSUyRkVqemVBSk9yQ1NBVHozRnRnSVpiRm9XMWRoMTZpM21HcU9hWkElMkJHbldaa3JrNHQlMkZkM3hXZWJ4eWZFVGZFV1hqcld4V2hhTUgzY3Y0YjJvZ1haTFklMkYySzRnWHo3NzJHMUhBVTJoWWVESERQUnducVo3ZlBwSWdOb3RTSXd3OU0lM0Q
.t.co/	1970-01-20 19:25:35	Name: muc_ads Value: 1d488496-e271-4bb9-938c-1f345618b45a
.twitter.com/	1970-01-20 19:25:35	Name: personalization_id Value: "v1_WusEmEGeweXneQlxIFBtFg=="
.corendonairlines.com/	1970-01-20 19:11:11	Name: _tt_enable_cookie Value: 1
.corendonairlines.com/	1970-01-20 19:11:11	Name: _ttp Value: 9xt-7iuuzdBONayEccDlM37HaDN
bs.serving-sys.com/	1969-12-31 23:59:59	Name: OT_1073749075 Value: 1
.serving-sys.com/	1970-01-20 11:59:11	Name: OT2 Value: 1001Nj1s7O
.serving-sys.com/	1970-01-20 11:59:11	Name: u2 Value: dc654184-e3fc-457a-8ffa-a26788cc7f764Lh060
.amazon-adsystem.com/	1970-01-20 19:25:35	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 15:09:16	Name: ad-id Value: A5EzJCutpUsdkY-vbzdlEhs
.creativecdn.com/	1970-01-20 18:35:11	Name: ts Value: 1676975674
.creativecdn.com/	1970-01-20 18:35:11	Name: u Value: MKaxClZgspqVRCJ3nHX8
.corendonairlines.com/	1970-01-20 09:51:02	Name: _uetsid Value: 55103e90b1d311ed8550b127745988e0
.corendonairlines.com/	1970-01-20 19:11:11	Name: _uetvid Value: 55104f70b1d311ed81c7cb6cf93de325
.bing.com/	1970-01-20 19:11:11	Name: MUID Value: 2C77DA832E0366DA2141C83C2FC3679D
.corendonairlines.com/	1970-01-20 18:35:11	Name: _hjSessionUser_2635636 Value: eyJpZCI6IjM2NGE0ZWUzLTRjZDQtNTQ2NC04YmVlLTRkMGU4ZDc5YjQwMyIsImNyZWF0ZWQiOjE2NzY5NzU2NzIzMjMsImV4aXN0aW5nIjpmYWxzZX0=
.corendonairlines.com/	1970-01-20 09:49:37	Name: _hjFirstSeen Value: 1
.corendonairlines.com/	1970-01-20 09:49:35	Name: _hjIncludedInSessionSample_2635636 Value: 0
.corendonairlines.com/	1970-01-20 09:49:37	Name: _hjSession_2635636 Value: eyJpZCI6ImI2NmZhMDBmLTkwZjUtNGUyZC04ODNhLTgwMDNmMTkzOGFkMiIsImNyZWF0ZWQiOjE2NzY5NzU2NzQzODcsImluU2FtcGxlIjpmYWxzZX0=
www.corendonairlines.com/	1970-01-20 09:49:35	Name: _hjIncludedInPageviewSample Value: 1
.corendonairlines.com/	1970-01-20 09:49:37	Name: _hjAbsoluteSessionInProgress Value: 0
.corendonairlines.com/	1970-01-20 19:25:35	Name: _ga_SCBF3B0ZGD Value: GS1.1.1676975672.1.0.1676975674.58.0.0
.adnxs.com/	1970-01-20 11:59:11	Name: uuid2 Value: 8275971854707909004
.doubleclick.net/	1970-01-20 19:11:11	Name: IDE Value: AHWqTUnYfotB9xQ78LDYkbPhfO0YanFt0zNOOXkAAxE_QhZkBBuFKAdc4t_EoaDilAs
.yahoo.com/	1970-01-20 18:35:33	Name: A3 Value: d=AQABBDue9GMCEDeCEZ4bIk9spPIRkRwG8FsFEgEBAQHv9WP-YwAAAAAA_eMAAA&S=AQAAAgHtnbosg6HqoZ33YVRBqFQ
.adnxs.com/	1970-01-20 11:59:11	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2In?f00Fe!]tbPl@/D!9hy6]/Cr.>fS2i.[rO-@78R)Z4i@gH/[1KAfSEFcgjQV[5t-TR/vPHk>lo%m=GulcbpRzqF1`*bcDj+YaXh
.analytics.yahoo.com/	1970-01-20 18:35:11	Name: IDSYNC Value: 18zh~2a4a
.id5-sync.com/	1970-01-20 09:49:35	Name: cf Value:
.id5-sync.com/	1970-01-20 09:49:35	Name: cip Value:
.id5-sync.com/	1970-01-20 09:49:35	Name: cnac Value:
.id5-sync.com/	1970-01-20 09:49:35	Name: car Value:
.id5-sync.com/	1970-01-20 09:49:35	Name: gdpr Value:
.id5-sync.com/	1970-01-20 09:49:35	Name: callback Value:
.casalemedia.com/	1970-01-20 18:35:11	Name: CMID Value: Y-SeO2DoM1RsiyurctBCGAAA
.casalemedia.com/	1970-01-20 11:59:11	Name: CMPS Value: 1131
.casalemedia.com/	1970-01-20 11:59:11	Name: CMPRO Value: 1131
exchange.mediavine.com/	1970-01-20 10:09:45	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2255a13f00-b1d3-11ed-8474-8d76f681a3d3%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 10:09:45	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2255a13f00-b1d3-11ed-8474-8d76f681a3d3%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 10:09:45	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2255a13f00-b1d3-11ed-8474-8d76f681a3d3%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 10:09:45	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2255a13f00-b1d3-11ed-8474-8d76f681a3d3%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 10:09:45	Name: criteo Value: %7B%22id%22%3A%22k-FzboP5q14k_Ko5oYY4eeSRIF2VMBUFg7WZkoPg%22%2C%22version%22%3A%22criteo%22%7D
.bidswitch.net/	1970-01-20 18:35:11	Name: c Value: 1676975675
.bidswitch.net/	1970-01-20 18:35:11	Name: tuuid_lu Value: 1676975675
.media.net/	1970-01-20 10:32:47	Name: data-c-ts Value: 1676975675
.media.net/	1970-01-20 10:32:47	Name: data-c Value: k-zGXWKJq14k_Ko5oYY4eeSRIF2VP2WGv-mv4wEA~~3
.pubmatic.com/	1970-01-20 10:32:47	Name: KRTBCOOKIE_97 Value: 3385-uid:k-g-gXb5q14k_Ko5oYY4eeSRIF2VPylVWaFVIa1Q&KRTB&23144-uid:k-g-gXb5q14k_Ko5oYY4eeSRIF2VPylVWaFVIa1Q&KRTB&23286-uid:k-g-gXb5q14k_Ko5oYY4eeSRIF2VPylVWaFVIa1Q&KRTB&23287-uid:k-g-gXb5q14k_Ko5oYY4eeSRIF2VPylVWaFVIa1Q
.360yield.com/	1970-01-20 11:59:11	Name: tuuid_lu Value: 1676975675
.bidswitch.net/	1970-01-20 18:35:11	Name: tuuid Value: c8fb6ab3-1db4-4005-980b-70fe5086d373
.pubmatic.com/	1970-01-20 10:32:47	Name: PugT Value: 1676975674
.360yield.com/	1970-01-20 11:59:11	Name: tuuid Value: e7d4fd13-a52b-40c6-9d15-ebec7bc6f2c3
.360yield.com/	1970-01-20 11:59:11	Name: umeh Value: !38,0,1739183675,-1
.360yield.com/	1970-01-20 11:59:11	Name: um Value: !38,VSBK39iqFCXFuADbNZSBCKNIrGHjC9ks1din3c.Ito.O4dpj7CfbsPo2mZvvI930fYCsIs9B,1684751675
.dpm.demdex.net/	1970-01-20 14:08:47	Name: dpm Value: 12423282054276220523014002335978055036
.demdex.net/	1970-01-20 14:08:47	Name: demdex Value: 12423282054276220523014002335978055036
.media.net/	1970-01-20 18:35:11	Name: visitor-id Value: 3199772758818465000V10
.krxd.net/	1970-01-20 14:08:47	Name: _kuid_ Value: PZIRdxm-

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9774452.fls.doubleclick.net
a.twiago.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.yieldlab.net
adservice.google.com
adservice.google.nl
analytics.tiktok.com
analytics.twitter.com
aryuder.api.useinsider.com
assets.api.useinsider.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
carrier.useinsider.com
cdn.taboola.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
contextual.media.net
corendonairlines.api.useinsider.com
corendonairlines.com
creativecdn.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
csm.fr.eu.criteo.net
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
eitri.api.useinsider.com
exchange.mediavine.com
fledge-eu.creativecdn.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hit.api.useinsider.com
ib.adnxs.com
id5-sync.com
in.hotjar.com
inference.api.useinsider.com
location.api.useinsider.com
log.api.useinsider.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.thebrighttag.com
script.hotjar.com
secure-ds.serving-sys.com
secure.adnxs.com
segment.api.useinsider.com
simage2.pubmatic.com
ssc-cms.33across.com
sslwidget.criteo.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
t.co
trc-events.taboola.com
trc.taboola.com
ups.analytics.yahoo.com
vars.hotjar.com
visitor.omnitagjs.com
www.corendonairlines.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleoptimize.com
www.googletagmanager.com
x.bidswitch.net
104.111.217.42
104.18.24.185
104.244.42.131
104.244.42.5
104.64.175.239
13.227.219.3
141.226.228.48
142.250.186.102
151.101.129.44
162.19.138.117
178.250.0.163
178.250.1.11
178.250.1.9
18.156.0.31
18.192.131.171
18.196.105.110
18.197.252.47
18.66.147.116
185.184.8.90
185.255.84.152
185.64.189.110
185.86.139.93
185.89.210.153
185.89.210.46
199.232.16.157
2.18.79.135
2.23.97.97
2001:4860:4802:34::36
216.58.212.130
2600:1f18:612b:4216:ce25:c445:cadd:c70b
2606:4700:7::a29f:853d
2606:4700:7::a29f:863d
2620:1ec:c11::200
2a00:1450:4001:801::2004
2a00:1450:4001:801::200e
2a00:1450:4001:828::200e
2a00:1450:400c:c07::9a
2a00:1450:400d:803::2008
2a00:1450:400d:804::2002
2a00:1450:400d:805::2002
2a00:1450:400d:80a::2002
2a00:1450:400d:80d::2003
2a00:1450:400d:80e::2003
2a02:2638:3::e
2a02:2638::1c
2a02:2638::21
2a02:26f0:3500:18::1724:a29a
2a02:26f0:f700:3a4::f09
2a03:2880:f042:110:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.135.11.80
34.117.157.22
34.255.170.214
35.157.7.227
37.157.3.20
52.211.39.111
52.222.214.93
52.29.181.78
54.220.56.53
54.77.226.36
67.202.105.23
67.220.226.238
69.173.144.138
70.42.32.127
76.223.111.18
83.98.215.60
85.215.5.31
92.123.38.97
057e51d6fa207193dc8eb5f7ec1118c8dc87d8bcb933680e5c8f8e5c4c9a099f
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
08207e878ca07f8098d59165a078251bda88519982aa8fee8b5d4015d10e1a5c
0916396ecfc083c63731993922392653b02ac44c379ef48552ab9e16a3377056
11724370e5c6b4c3b4abaf7b4483a5f002b45a1d3d3facafb1af96c8ae263ee7
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
19f144b44d3778408985644b62b52c3f33eb31b728ba16600cb62bf80dbdff2e
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
21bc9845f67a8386b36ef99dad1a7b27262bac7137ea7efc4b331f5607808f33
25f349ba64ba7871dce41115a2deaedf5c973ad51c4e783de3edfb60e71a8cde
26a545fef98a7ea255d26a1a3897b9561881feefb1643c947c6a15b3c07f224a
27c5e24d5a639c05abfcca495030abd34f289e247a372e61990c699d908b235f
2b0277e99716004201734a632ecfbe1ce0a279556a5511dec23ed38d71b7dffd
307d6a6a7ba68570d04f4aac6ff47a82ac484a5927b8fbd553b7ddd28c3e2438
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34692b432f55be19b52784ef9da14cd88c3bb8c6f9e4240e236ee74623d45464
36d18081e9c642ef08bf49685a591275f053eede8ff20b0a9edef4aa278bc0cc
36d5b4b5bc9dd897b155eaaac55eaa6928149929d192bc8c34bb81009628c401
3b3ab3e00c4423b2baeabacceb816616f3c1abda9e19424b0143da0dd9482bc9
3bc4af6e79c64f665cbb03801390877e00318fc78e03300440065911ee4a90eb
3fa18b313314502692cd6dc2d5cfd0589b50274cb48597b78f03a7a855f30cbe
40e73aedc7be391eae4f30e8fc0c08200915e1120805c12c2066925be9be4d62
41396f78fe6932c8b9d829e2ba33bc201a6e813934c55d2d5fb1e18c24c6a9f6
473ed43174faf0f6cdd28ae24d3fd318fd1c179b1f82fb22cb831a63cae84bea
4b55c1f9efedfd600de3c92e510af038d3ae06c7d1837251151f275cbaab7936
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6093400fe7141f278fdd8bc9afb65f4d25700dbd6a6e5c6b2c58b1e6bde72b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5121feb803519652e3ee3ab84ccbfc090fc3aa17b4c871b78fb4fa77579d1ce3
51701d50677ed286bb66d492b1af60d0b9f17c5c7a480628aa79a5c9762baae2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56a1b30aa2daf427a54168b36594a90870cf18ffbafe77643e2f977bd1471ad5
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a2db673171d5ba25af9f57bef7ba5aad8924fed2604a4af804399edb55bac3d
5b33f0ecb70ab74d96bd8b7a54752a95fde3c5dbf8dcbeb8888c7cf4187ed6dd
5ccc691f6c8c3b95f96f0be9c85ea717ac9d04a52bbafa661010a15ca139045f
660d61bcfc108439d367bcb498d2efd584ad4ae96d9bd3e717df3963b9c3a54b
6bfeb7ca159e66e9974db903db179108a9a09c6f39192825384846d83a718c8e
6c042bb21c1496851a9db2d218f609af244afec5ffe8fb5ba44a8407a076a1fd
70b0893eea07de0675ee5410d662c54e7239c0d10b01baa3d8345bb9a12173e7
70d14eef971fe22bc95e984724c991e7a9c15aca71ee67a6f91703cabdbadf68
71cf8dedaf8f2a0ba48fb118c160f8e07d464995511e7200d62f325350ff344b
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
80cd01b57ca291527ed58bd68dc25a9f2e477b0a7d1f067cb648e4699e8d02ba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8620d3e2ffdc339916488a8af82c79f90cc742f6d002a3831a5628780f87fc9c
862a8e7f45edd5dc0b7bb3d5f536ddc849492185f1d4a8ed6caa3d065f1f7c69
866a2f1026d99cb4ec3994d30b5b90d7d54233b7f1a788e56e26e9e6df7dff1a
87bb6c29e57f25b7c8fecb09a4cb7771ca5cb3ad45116998b53b50e0669215a7
89991b490c5f09cf8656108b9c271717a015a6350058374c2f961f96cb681a4b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a0fd511e8fab024861b69e138b8397bc4c4f2b608905dab1c91acaace782bed
8a4a38f8336e0a57791f432b570b7d19eabf33a1e2dbcd53595b2ef483c8147c
8cd7beb8605346ac38374923b46fc96564f65002a8002cfb7228733d832bf49f
8da2cbf418b123b864985ed159f32510dc3186b4920f1f006a19f2d16ae93ce5
914c470b486e4b8c78749724b009d406d2d0dbefc4fa83af287971022bced896
9211279e13f681b0152d2de61e98abe01c5fff83467b8c44babe597a01a6dfda
9bd9277cd0ef79f38fbfc00b6055131c512843255bc67562112750539cd7b540
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9ffd6d59160e19c062885ee955e9c2aad6cce353ace0427f65ec6738f020b30c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1eb139a044ef439c308678605a2ad8116d0ca47021ec06a2fd658625737595e
a7154380a61ab794fa1b5cd3d470e7869cf311ab9937068548b2f907634a481f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9f895f84701ca7fd9dd678004f9d7be765bb7c7c7b8409ea080f645d581b163
ba3f20e670bd61e901ec3090e28b5ec04bedddaa75fe9bb9bfe4f9d19f8764ce
bb21e9f11316b26ed1ac54575fcdcd0c28445a5ac594cebcbcee4469721c8ab8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb43809a48cb40c0ac72f31aa1f48f08651b82739377ec5432400fb4f8b477ad
bd1bf3f654092499a05f7e379268791e5bc37a0487fa2d1ed2f636328d9bc99e
bd3bb55e39b1a69eb6bf949889265a9389de05662b4ce943c3f933824cad2624
c0c6f663d2b3de59d73dc2c2604df30c72c9a01944e0a8cbd3160957125abe58
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c59fc1c06b40b938ff98fba2e6c3d2d102f40337e7e719a34666d53c54a36509
c84f2e7dfa457c0a03f5acfe7e3bece9d2d47ffb3bd2ce98cdb6c756361509c5
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cae8199c760a21c2b832d6b3eca75665d2bf2b76088db3c46bfe24368abed460
cd1249d5a567ef4bd61c11d8b6f0698d32565b0bd1d70b2ab5d26251a058fcc5
cdb5513cf622f1ba0372f15295bc81ecfedbfac7234e824f126350e3b481f442
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfc473568861e3affbe9b9936ee4268d936a564282647a3f69218ef755dc10d2
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d4b53d7b278da387fb535b94ef691c2ce6053d54ab196232da0a3f59115a4d68
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
dcdb6daf95439f769d4be1b83c3a85464355700baec077adfe668472716e513a
e06e9fa0c40a8cc645b697a45747eb06cb230ca0a48862a26847435d314ab228
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7473c9f2a9669a45104b31ad19fc9c8570a8c0b710112402275fd686fda81c3
e9b3692b629b97eb3a9a3d92937e9478a46b9bdd04f6310732b271e6bfc3c0af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0213b281db7560ec64480d16747aa1e08d0c48882e3fe9c0c0363659193188f
f065bde12a500e6068068c523895b96039b7f6db7ae221f7014ef578e6ecddcf
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
f7ef83a76a4d82a068af0fa519808cc2a3e367b7f77b123313cd083ed8d0d1b4
f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e
fb9bd6726832b7f99cd12460df5ba2fbe2293655b76423a99510a6c7528a524c
fbfb67ae69ccbafb6afce32ae0e144e350c4174088b2780bb1b8bb86d77838d4
fea5cfd0adfd46d352496260b428bce7b04a6874b25c3f5682ade8dbcb6e52d1
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

www.corendonairlines.com Open in urlscan Pro 83.98.215.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

182 Requests

89 %HTTPS

32 %IPv6

50 Domains

80 Subdomains

67 IPs

11 Countries

2940 kBTransfer

7371 kBSize

66 Cookies

38 Outgoing links

Page URL History

Redirected requests

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

www.corendonairlines.com Open in urlscan Pro
83.98.215.60 Public Scan

Screenshot
Live screenshot

Full Image

182
Requests

89 %
HTTPS

32 %
IPv6

50
Domains

80
Subdomains

67
IPs

11
Countries

2940 kB
Transfer

7371 kB
Size

66
Cookies

182 HTTP transactions
1 data transactions