hulvintch.com Open in urlscan Pro
2606:4700:3035::6818:6dbe Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://owl.li/dBjE30qCimE#P8AoDbqDzLjDKDPcodzqoGgNh5TCHYq8mAY4CCiTcL1Tr8RDXm
Effective URL:
https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
Submission: On May 01 via manual (May 1st 2020, 5:33:16 pm UTC) from CA

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 12 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3035::6818:6dbe, located in United States and belongs to CLOUDFLARENET, US. The main domain is hulvintch.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 17th 2020. Valid for: 7 months.

This is the only time hulvintch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.183.132.164 54.183.132.164	16509 (AMAZON-02) (AMAZON-02)
1 1	54.183.130.144 54.183.130.144	16509 (AMAZON-02) (AMAZON-02)
1 2	103.83.36.180 103.83.36.180	136171 (MEDHAHOST...) (MEDHAHOSTING-AS-AP Medha Hosting)
1 13	2606:4700:303... 2606:4700:3035::6818:6dbe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::681b:b37f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:815::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::681f:592e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	138.197.64.238 138.197.64.238	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
27	10

1 54.183.132.164 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ow.ly

owl.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.183.130.144 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ow.ly

ow.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.83.36.180 (Asheville, United States) 1 redirects

ASN136171 (MEDHAHOSTING-AS-AP Medha Hosting, IN)
PTR: tinton.surection.com

zharewardss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3035::6818:6dbe (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hulvintch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::681b:b37f (United States)

ASN13335 (CLOUDFLARENET, US)

api.mdsyzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::681f:592e (United States)

ASN13335 (CLOUDFLARENET, US)

api.mdsyzz.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.197.64.238 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

beacon.hulvintch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	hulvintch.com 1 redirects hulvintch.com beacon.hulvintch.com	132 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	zharewardss.com 1 redirects zharewardss.com	1 KB
1	mdsyzz.info api.mdsyzz.info	630 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	180 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	160 B
1	googletagmanager.com www.googletagmanager.com	30 KB
1	mdsyzz.com api.mdsyzz.com	1 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	ow.ly 1 redirects ow.ly	188 B
1	owl.li 1 redirects owl.li	108 B
27	12

	Domain	Requested by
13	hulvintch.com	1 redirects zharewardss.com hulvintch.com
3	www.google-analytics.com	1 redirects www.googletagmanager.com hulvintch.com
2	zharewardss.com	1 redirects
1	beacon.hulvintch.com	hulvintch.com
1	api.mdsyzz.info	api.mdsyzz.com
1	www.google.de	hulvintch.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.googletagmanager.com	hulvintch.com
1	api.mdsyzz.com	hulvintch.com
1	cdn.onesignal.com	hulvintch.com
1	ow.ly	1 redirects
1	owl.li	1 redirects
27	13

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-17` - `2020-10-09`	7 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
beacon.hulvintch.com Let's Encrypt Authority X3	`2020-03-20` - `2020-06-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
Frame ID: B0BCF5623DF4662825F0E6A62041D0A8
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://owl.li/dBjE30qCimE HTTP 301
http://ow.ly/dBjE30qCimE HTTP 301
http://zharewardss.com/r/3b2b0d6a-b211-473c-b7ba-010fd61c34c1/?lpid=b4aa9aff-f7c8-4e5a-a75f-0910eac... Page URL
https://zharewardss.com/r2/3b2b0d6a-b211-473c-b7ba-010fd61c34c1////341e2ee1-d8a8-4521-b79d-ac80bc55e... HTTP 302
http://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fn... HTTP 301
https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fn... Page URL

Page Statistics

27
Requests

74 %
HTTPS

69 %
IPv6

12
Domains

13
Subdomains

10
IPs

3
Countries

185 kB
Transfer

551 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://owl.li/dBjE30qCimE HTTP 301
http://ow.ly/dBjE30qCimE HTTP 301
http://zharewardss.com/r/3b2b0d6a-b211-473c-b7ba-010fd61c34c1/?lpid=b4aa9aff-f7c8-4e5a-a75f-0910eac84c7c Page URL
https://zharewardss.com/r2/3b2b0d6a-b211-473c-b7ba-010fd61c34c1////341e2ee1-d8a8-4521-b79d-ac80bc55e153/?lpid=b4aa9aff-f7c8-4e5a-a75f-0910eac84c7c&fctr=0 HTTP 302
http://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email= HTTP 301
https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://owl.li/dBjE30qCimE HTTP 301
http://ow.ly/dBjE30qCimE HTTP 301
http://zharewardss.com/r/3b2b0d6a-b211-473c-b7ba-010fd61c34c1/?lpid=b4aa9aff-f7c8-4e5a-a75f-0910eac84c7c

Request Chain 8

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1092493689&t=pageview&_s=1&dl=https%3A%2F%2Fhulvintch.com%2F%2Fca-aircanada%2F%3Fs1%3D1FM%26s2%3D341e2ee1-d8a8-4521-b79d-ac80bc55e153%26s3%3D%26s4%3D%26s5%3D%26Fname%3D%26Lname%3D%26Email%3D&dr=http%3A%2F%2Fzharewardss.com%2Fr%2F3b2b0d6a-b211-473c-b7ba-010fd61c34c1%2F%3Flpid%3Db4aa9aff-f7c8-4e5a-a75f-0910eac84c7c&ul=en-us&de=UTF-8&dt=Air%20Canada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=7027073&gjid=28061570&cid=1916162758.1588354377&tid=UA-148357412-5&_gid=261143195.1588354377&_r=1&gtm=2ou4m0&z=1764247416 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-148357412-5&cid=1916162758.1588354377&jid=7027073&_gid=261143195.1588354377&gjid=28061570&_v=j81&z=1764247416 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-148357412-5&cid=1916162758.1588354377&jid=7027073&_v=j81&z=1764247416 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-148357412-5&cid=1916162758.1588354377&jid=7027073&_v=j81&z=1764247416&slf_rd=1&random=2111061740

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
zharewardss.com/r/3b2b0d6a-b211-473c-b7ba-010fd61c34c1/
Redirect Chain

http://owl.li/dBjE30qCimE
http://ow.ly/dBjE30qCimE
http://zharewardss.com/r/3b2b0d6a-b211-473c-b7ba-010fd61c34c1/?lpid=b4aa9aff-f7c8-4e5a-a75f-0910eac84c7c

723 B
888 B

458ms
277ms

Document
text/html

103.83.36.180
MEDHAHOSTING-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL: http://zharewardss.com/r/3b2b0d6a-b211-473c-b7ba-010fd61c34c1/?lpid=b4aa9aff-f7c8-4e5a-a75f-0910eac84c7c
Protocol: HTTP/1.1
Server: 103.83.36.180 Asheville, United States, ASN136171 (MEDHAHOSTING-AS-AP Medha Hosting, IN),
Reverse DNS: tinton.surection.com
Software: nginx /
Resource Hash: 4826da15d91eb35d9e4fc8f8c6779bebd8a6605de07e3466f0c895459c52f3df

Request headers

Host: zharewardss.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Fri, 01 May 2020 17:32:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: dafa4087-991b-4b07-9f37-fd4c8cd08393=341e2ee1-d8a8-4521-b79d-ac80bc55e153; Version=1; Expires=Sun, 31-May-2020 17:32:55 GMT; Max-Age=2592000; Domain=zharewardss.com; Path=/ dafa4087-991b-4b07-9f37-fd4c8cd08393-check=341e2ee1-d8a8-4521-b79d-ac80bc55e153; Version=1; Expires=Fri, 01-May-2020 17:42:55 GMT; Max-Age=600; Domain=zharewardss.com; Path=/
Cache-Control: no-cache
Expires: Fri, 01 May 2020 17:32:55 GMT
Content-Encoding: gzip

Redirect headers

Location: http://zharewardss.com/r/3b2b0d6a-b211-473c-b7ba-010fd61c34c1/?lpid=b4aa9aff-f7c8-4e5a-a75f-0910eac84c7c
Connection: close
Content-Length: 0

GET
H2

200

Primary Request / Show response
hulvintch.com//ca-aircanada/
Redirect Chain

https://zharewardss.com/r2/3b2b0d6a-b211-473c-b7ba-010fd61c34c1////341e2ee1-d8a8-4521-b79d-ac80bc55e153/?lpid=b4aa9aff-f7c8-4e5a-a75f-0910eac84c7c&fctr=0
http://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=

2 KB
1 KB

204ms
183ms

Document
text/html

2606:4700:3035::6818:6dbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
Requested by: Host: zharewardss.com
URL: http://zharewardss.com/r/3b2b0d6a-b211-473c-b7ba-010fd61c34c1/?lpid=b4aa9aff-f7c8-4e5a-a75f-0910eac84c7c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6dbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e84e646510bc6f878f7d00c655d1afa4be0179fc622b021900071381d7f32a3e

Request headers

:method: GET
:authority: hulvintch.com
:scheme: https
:path: //ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://zharewardss.com/r/3b2b0d6a-b211-473c-b7ba-010fd61c34c1/?lpid=b4aa9aff-f7c8-4e5a-a75f-0910eac84c7c
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://zharewardss.com/r/3b2b0d6a-b211-473c-b7ba-010fd61c34c1/?lpid=b4aa9aff-f7c8-4e5a-a75f-0910eac84c7c#P8AoDbqDzLjDKDPcodzqoGgNh5TCHYq8mAY4CCiTcL1Tr8RDXm

Response headers

status: 200
date: Fri, 01 May 2020 17:32:56 GMT
content-type: text/html
set-cookie: __cfduid=d0c627abc5b0d403c667f03c2168b7a3b1588354376; expires=Sun, 31-May-20 17:32:56 GMT; path=/; domain=.hulvintch.com; HttpOnly; SameSite=Lax; Secure
last-modified: Fri, 27 Mar 2020 00:26:11 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58cb3ea49f7ad711-FRA
content-encoding: br
cf-request-id: 0272e57ae20000d711d7936200000001

Redirect headers

Date: Fri, 01 May 2020 17:32:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 01 May 2020 18:32:56 GMT
Location: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 58cb3ea45c6ad6b5-FRA
cf-request-id: 0272e57abb0000d6b5f1a35200000001

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 47ms
12ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f29c510c4b21638d69fb6e6513fcb03ded2d50e2347644ddb214fd760a9372c

Request headers

Referer: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 17:32:56 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 1250
etag: W/"9d9aed5a8d74707da3c47d0230168852"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 58cb3ea65eac64b5-FRA
cf-request-id: 0272e57bf3000064b5b2253200000001
expires: Sat, 02 May 2020 05:32:56 GMT

GET
H2 200 auto-push.min.js Show response
api.mdsyzz.com/ 2 KB
1 KB 180ms
144ms Script
application/x-javascript 2606:4700:3035::681b:b37f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mdsyzz.com/auto-push.min.js
Requested by: Host: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:b37f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6f33ce26a4bdaece7c1c98289ad21dbe60b540046f588711d3d8f3d89eff5401

Request headers

Referer: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 17:32:56 GMT
content-encoding: br
status: 200
cf-cache-status: DYNAMIC
last-modified: Tue, 03 Mar 2020 19:01:31 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"eaf5f1268ef1d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cf-ray: 58cb3ea65b750631-FRA
cf-request-id: 0272e57bf50000063101968200000001

GET
H2 200 bundle.6dfe1b4189a7440f6dad.css
hulvintch.com//ca-aircanada/ 18 KB
4 KB 74ms
73ms Stylesheet
text/css 2606:4700:3035::6818:6dbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hulvintch.com//ca-aircanada/bundle.6dfe1b4189a7440f6dad.css?t=1585268758881
Requested by: Host: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6dbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86ceb94f229b99cf04bf8489bbf8c4b3adea6240d57b24517d4c8b929226f16b

Request headers

Referer: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 17:32:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 27 Mar 2020 00:26:11 GMT
server: cloudflare
etag: W/"492d-5a1cb25f80ec0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 58cb3ea61bb2d711-FRA
cf-request-id: 0272e57bd20000d711d7950200000001

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 80 KB
30 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-148357412-5

Requested by

Host: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

538652ba2530db19581ef3769769ba8b7a781f479c701db4dbcae8c98fbce6c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 17:32:56 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30218
x-xss-protection: 0
last-modified: Fri, 01 May 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 May 2020 17:32:56 GMT

GET
H2 200 1.b88e5d55.chunk.js Show response
hulvintch.com//ca-aircanada/js/ 176 KB
57 KB 314ms
312ms Script
application/javascript 2606:4700:3035::6818:6dbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hulvintch.com//ca-aircanada/js/1.b88e5d55.chunk.js
Requested by: Host: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6dbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6f14d64314e6d6abc89fbfcbaa0812537d1685be06615cc430b820924b2900d

Request headers

Referer: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 17:32:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 27 Mar 2020 00:26:11 GMT
server: cloudflare
etag: W/"2c10c-5a1cb25f80ec0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 58cb3ea61bb5d711-FRA
cf-request-id: 0272e57bd20000d711d7951200000001

GET
H2 200 app.98887b6b.js Show response
hulvintch.com//ca-aircanada/js/ 164 KB
24 KB 249ms
248ms Script
application/javascript 2606:4700:3035::6818:6dbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hulvintch.com//ca-aircanada/js/app.98887b6b.js
Requested by: Host: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6dbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc6045fe6f173971d2ebc81e44a79219025595a9db14b36794f101b234357989

Request headers

Referer: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 17:32:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 27 Mar 2020 00:26:11 GMT
server: cloudflare
etag: W/"290d9-5a1cb25f80ec0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 58cb3ea61bb6d711-FRA
cf-request-id: 0272e57bd30000d711d7952200000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-148357412-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 2196
date: Fri, 01 May 2020 16:56:20 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18174
expires: Fri, 01 May 2020 18:56:20 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1092493689&t=pageview&_s=1&dl=https%3A%2F%2Fhulvintch.com%2F%2Fca-aircanada%2F%3Fs1%3D1FM%26s2%3D341e2ee1-d8a8-4521-b79d-ac80bc55e153%26s3%3D...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-148357412-5&cid=1916162758.1588354377&jid=7027073&_gid=261143195.1588354377&gjid=28061570&_v=j81&z=1764247416
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-148357412-5&cid=1916162758.1588354377&jid=7027073&_v=j81&z=1764247416
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-148357412-5&cid=1916162758.1588354377&jid=7027073&_v=j81&z=1764247416&slf_rd=1&random=2111061740

42 B
109 B

20ms
20ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-148357412-5&cid=1916162758.1588354377&jid=7027073&_v=j81&z=1764247416&slf_rd=1&random=2111061740

Requested by

Host: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 May 2020 17:32:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 May 2020 17:32:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-148357412-5&cid=1916162758.1588354377&jid=7027073&_v=j81&z=1764247416&slf_rd=1&random=2111061740
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cbc620d8-c883-4e66-97e7-24f8f0874e9f Show response
api.mdsyzz.info/rest/v1/p-apps/get-id/ 117 B
630 B 126ms
72ms XHR
text/plain 2606:4700:3035::681f:592e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mdsyzz.info/rest/v1/p-apps/get-id/cbc620d8-c883-4e66-97e7-24f8f0874e9f?url=https://hulvintch.com
Requested by: Host: api.mdsyzz.com
URL: https://api.mdsyzz.com/auto-push.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:592e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: de9badb0d03462c266b06536df80bb8a2a15b45fe5f92009710e74456f5c57fc

Request headers

Referer: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 17:32:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
cf-request-id: 0272e57cc20000c2e50995d200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 58cb3ea79fbdc2e5-FRA
expires: -1

GET
H2 200 collect
www.google-analytics.com/ 35 B
101 B 6ms
6ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1092493689&t=event&_s=2&dl=https%3A%2F%2Fhulvintch.com%2F%2Fca-aircanada%2F%3Fs1%3D1FM%26s2%3D341e2ee1-d8a8-4521-b79d-ac80bc55e153%26s3%3D%26s4%3D%26s5%3D%26Fname%3D%26Lname%3D%26Email%3D&dr=http%3A%2F%2Fzharewardss.com%2Fr%2F3b2b0d6a-b211-473c-b7ba-010fd61c34c1%2F%3Flpid%3Db4aa9aff-f7c8-4e5a-a75f-0910eac84c7c&ul=en-us&de=UTF-8&dt=Air%20Canada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pageload&ea=load&el=INITIAL_LOAD&_u=KEBAAUAB~&jid=&gjid=&cid=1916162758.1588354377&tid=UA-148357412-5&_gid=261143195.1588354377&gtm=2ou4m0&z=1690569289

Requested by

Host: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Mar 2020 08:14:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2971109
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 reviews.json Show response
hulvintch.com//ca-aircanada/public/ 1007 B
570 B 84ms
83ms XHR
application/json 2606:4700:3035::6818:6dbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hulvintch.com//ca-aircanada/public/reviews.json
Requested by: Host: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/js/1.b88e5d55.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6dbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f54f6e81f5e8663c01d6babdd65cba27107046d7143d0932222839ba2ecb83

Request headers

Accept: application/json, text/plain, */*
Referer: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 17:32:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 27 Mar 2020 00:26:11 GMT
server: cloudflare
etag: W/"3ef-5a1cb25f80ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
status: 200
cf-ray: 58cb3ea86a08d711-FRA
cf-request-id: 0272e57d3d0000d711d797f200000001

GET
H2 200 badges.min.png
hulvintch.com//ca-aircanada/public/ 38 KB
38 KB 167ms
166ms Image
image/png 2606:4700:3035::6818:6dbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hulvintch.com//ca-aircanada/public/badges.min.png
Requested by: Host: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6dbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f0b401615e4e7deea4229742fed404a884ce660a710e1a01526f8345e3a09f4

Request headers

Referer: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 17:32:57 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 27 Mar 2020 00:26:11 GMT
server: cloudflare
etag: "9828-5a1cb25f80ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58cb3ea86a0cd711-FRA
content-length: 38952
cf-request-id: 0272e57d3e0000d711d7980200000001

GET
H2 200 6a210a28-f088-4ed8-a8d7-d0fdc7053265 Show response
beacon.hulvintch.com/s/ 9 KB
2 KB 441ms
142ms XHR
text/plain 138.197.64.238
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.hulvintch.com/s/6a210a28-f088-4ed8-a8d7-d0fdc7053265
Requested by: Host: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/js/1.b88e5d55.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.197.64.238 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Kestrel /
Resource Hash: fbb1626af30dd8438545c23c7229cace53d67552676aa5fe71f3d011af693f9f

Request headers

Accept: application/json, text/plain, */*
Referer: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 17:32:56 GMT
content-encoding: gzip
server: Kestrel
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H2 200 star--filled.min.png
hulvintch.com//ca-aircanada/public/ 373 B
475 B 143ms
143ms Image
image/png 2606:4700:3035::6818:6dbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hulvintch.com//ca-aircanada/public/star--filled.min.png
Requested by: Host: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6dbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 912919a62239947a65629300cbe5316164e74322b3b6024bf1e30ed986fa2a9f

Request headers

Referer: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 17:32:57 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 27 Mar 2020 00:26:11 GMT
server: cloudflare
etag: "175-5a1cb25f80ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58cb3ea8eba3d711-FRA
content-length: 373
cf-request-id: 0272e57d930000d711d7985200000001

GET
H2 200 star--empty.min.png
hulvintch.com//ca-aircanada/public/ 368 B
494 B 78ms
78ms Image
image/png 2606:4700:3035::6818:6dbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hulvintch.com//ca-aircanada/public/star--empty.min.png
Requested by: Host: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6dbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bef77cfdbfbfef2309ff4153b2a56fc522134069b77a594c4e5526c565b85b27

Request headers

Referer: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 17:32:57 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 27 Mar 2020 00:26:11 GMT
server: cloudflare
etag: "170-5a1cb25f80ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58cb3ea8eba8d711-FRA
content-length: 368
cf-request-id: 0272e57d930000d711d7986200000001

GET
H2 200 logo.png
hulvintch.com//ca-aircanada/public/ 3 KB
3 KB 74ms
73ms Image
image/png 2606:4700:3035::6818:6dbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hulvintch.com//ca-aircanada/public/logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6dbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ae5c14ad81451b95e3c865a0794756d1a53f6d9c2dc8c62788cb998f7bd2040

Request headers

Referer: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 17:32:57 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 27 Mar 2020 00:26:11 GMT
server: cloudflare
etag: "bd8-5a1cb25f80ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58cb3eab4a7dd711-FRA
content-length: 3032
cf-request-id: 0272e57f100000d711d79ac200000001

GET
H2 200 ca.png
hulvintch.com//ca-aircanada/public/ 411 B
513 B 148ms
148ms Image
image/png 2606:4700:3035::6818:6dbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hulvintch.com//ca-aircanada/public/ca.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6dbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b95b5c51edd7493ecbaa6e671b5569b5c9e93077bf52c67df4452b4d36542eef

Request headers

Referer: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 17:32:57 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 27 Mar 2020 00:26:11 GMT
server: cloudflare
etag: "19b-5a1cb25f80ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58cb3eab4a7fd711-FRA
content-length: 411
cf-request-id: 0272e57f100000d711d79ad200000001

GET
H2 200 comments.json Show response
hulvintch.com//ca-aircanada/public/ 1 KB
738 B 68ms
68ms XHR
application/json 2606:4700:3035::6818:6dbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hulvintch.com//ca-aircanada/public/comments.json
Requested by: Host: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/js/1.b88e5d55.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6dbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d92d2d0f4076b73a1bde6ea257cd37125061edbd26afcd71ac65df4db79daefd

Request headers

Accept: application/json, text/plain, */*
Referer: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 17:32:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 27 Mar 2020 00:26:11 GMT
server: cloudflare
etag: W/"514-5a1cb25f80ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
status: 200
cf-ray: 58cb3eab4a83d711-FRA
cf-request-id: 0272e57f100000d711d79ae200000001

GET
H2 200 comments.json Show response
hulvintch.com//ca-aircanada/public/ 1 KB
607 B 285ms
285ms XHR
application/json 2606:4700:3035::6818:6dbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hulvintch.com//ca-aircanada/public/comments.json
Requested by: Host: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/js/1.b88e5d55.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:6dbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d92d2d0f4076b73a1bde6ea257cd37125061edbd26afcd71ac65df4db79daefd

Request headers

Accept: application/json, text/plain, */*
Referer: https://hulvintch.com//ca-aircanada/?s1=1FM&s2=341e2ee1-d8a8-4521-b79d-ac80bc55e153&s3=&s4=&s5=&Fname=&Lname=&Email=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 17:32:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 27 Mar 2020 00:26:11 GMT
server: cloudflare
etag: W/"514-5a1cb25f80ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
status: 200
cf-ray: 58cb3eab4a84d711-FRA
cf-request-id: 0272e57f110000d711d79af200000001

GET L%C3%A9aLefebvre.png
hulvintch.com//ca-aircanada/public/ 0
0

GET genevaross.png
hulvintch.com//ca-aircanada/public/ 0
0

GET AntonRousseau.png
hulvintch.com//ca-aircanada/public/ 0
0

GET ChristinaGomez.png
hulvintch.com//ca-aircanada/public/ 0
0

GET StacyWoods.png
hulvintch.com//ca-aircanada/public/ 0
0

GET SeabVon-Jones.png
hulvintch.com//ca-aircanada/public/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/public/L%C3%A9aLefebvre.png

Domain: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/public/genevaross.png

Domain: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/public/AntonRousseau.png

Domain: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/public/ChristinaGomez.png

Domain: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/public/StacyWoods.png

Domain: hulvintch.com
URL: https://hulvintch.com//ca-aircanada/public/SeabVon-Jones.png

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hulvintch.com/	1970-01-19 09:14:00	Name: _gid Value: GA1.2.261143195.1588354377
.hulvintch.com/	1970-01-20 02:43:46	Name: _ga Value: GA1.2.1916162758.1588354377
.hulvintch.com/	1970-01-19 09:12:34	Name: _gat_gtag_UA_148357412_5 Value: 1
.hulvintch.com/	1970-01-19 09:55:46	Name: __cfduid Value: d0c627abc5b0d403c667f03c2168b7a3b1588354376

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	URL: https://hulvintch.com//ca-aircanada/js/1.b88e5d55.chunk.js(Line 9) Message: i18next: languageChanged en
console-api	log	URL: https://hulvintch.com//ca-aircanada/js/1.b88e5d55.chunk.js(Line 9) Message: i18next: initialized [object Object]
console-api	log	URL: https://hulvintch.com//ca-aircanada/js/1.b88e5d55.chunk.js(Line 9) Message: i18next: languageChanged ca
console-api	log	URL: https://hulvintch.com//ca-aircanada/js/app.98887b6b.js(Line 1) Message: ACTION: LOAD_FLOW_START
console-api	log	URL: https://hulvintch.com//ca-aircanada/js/app.98887b6b.js(Line 1) Message: stateChange: loading: true
console-api	log	URL: https://hulvintch.com//ca-aircanada/js/app.98887b6b.js(Line 1) Message: stateChange: error: false
console-api	log	URL: https://hulvintch.com//ca-aircanada/js/app.98887b6b.js(Line 1) Message: ACTION: LOAD_FLOW_SUCCESS
console-api	log	URL: https://hulvintch.com//ca-aircanada/js/app.98887b6b.js(Line 1) Message: stateChange: loading: false
console-api	log	URL: https://hulvintch.com//ca-aircanada/js/app.98887b6b.js(Line 1) Message: stateChange: error: false
console-api	log	URL: https://hulvintch.com//ca-aircanada/js/app.98887b6b.js(Line 1) Message: stateChange: flow: [object Object]
console-api	log	URL: https://hulvintch.com//ca-aircanada/js/app.98887b6b.js(Line 1) Message: stateChange: flow: [object Object],[object Object],[object Object]
console-api	log	URL: https://hulvintch.com//ca-aircanada/js/app.98887b6b.js(Line 1) Message: stateChange: activeBlock: [object Object]
console-api	log	URL: https://hulvintch.com//ca-aircanada/js/app.98887b6b.js(Line 1) Message: stateChange: activeBlockId: CSDkySx4icwyawjiBkLTP
console-api	log	URL: https://hulvintch.com//ca-aircanada/js/app.98887b6b.js(Line 1) Message: stateChange: activeBlockIndex: 0
console-api	log	URL: https://hulvintch.com//ca-aircanada/js/app.98887b6b.js(Line 1) Message: stateChange: activeQuestion: [object Object]
console-api	log	URL: https://hulvintch.com//ca-aircanada/js/app.98887b6b.js(Line 1) Message: stateChange: activeQuestionId: HQi2lsjgsz07nRv9vt864
console-api	log	URL: https://hulvintch.com//ca-aircanada/js/app.98887b6b.js(Line 1) Message: stateChange: activeQuestionIndex: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mdsyzz.com
api.mdsyzz.info
beacon.hulvintch.com
cdn.onesignal.com
hulvintch.com
ow.ly
owl.li
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
zharewardss.com
hulvintch.com
103.83.36.180
138.197.64.238
2606:4700:3035::6818:6dbe
2606:4700:3035::681b:b37f
2606:4700:3035::681f:592e
2606:4700::6812:e234
2a00:1450:4001:806::2003
2a00:1450:4001:809::2008
2a00:1450:4001:815::2004
2a00:1450:4001:81b::200e
2a00:1450:400c:c0c::9c
54.183.130.144
54.183.132.164
4826da15d91eb35d9e4fc8f8c6779bebd8a6605de07e3466f0c895459c52f3df
4ae5c14ad81451b95e3c865a0794756d1a53f6d9c2dc8c62788cb998f7bd2040
538652ba2530db19581ef3769769ba8b7a781f479c701db4dbcae8c98fbce6c0
6f33ce26a4bdaece7c1c98289ad21dbe60b540046f588711d3d8f3d89eff5401
7f0b401615e4e7deea4229742fed404a884ce660a710e1a01526f8345e3a09f4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86ceb94f229b99cf04bf8489bbf8c4b3adea6240d57b24517d4c8b929226f16b
912919a62239947a65629300cbe5316164e74322b3b6024bf1e30ed986fa2a9f
9f29c510c4b21638d69fb6e6513fcb03ded2d50e2347644ddb214fd760a9372c
b95b5c51edd7493ecbaa6e671b5569b5c9e93077bf52c67df4452b4d36542eef
bef77cfdbfbfef2309ff4153b2a56fc522134069b77a594c4e5526c565b85b27
d92d2d0f4076b73a1bde6ea257cd37125061edbd26afcd71ac65df4db79daefd
dc6045fe6f173971d2ebc81e44a79219025595a9db14b36794f101b234357989
de9badb0d03462c266b06536df80bb8a2a15b45fe5f92009710e74456f5c57fc
e6f14d64314e6d6abc89fbfcbaa0812537d1685be06615cc430b820924b2900d
e84e646510bc6f878f7d00c655d1afa4be0179fc622b021900071381d7f32a3e
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f54f6e81f5e8663c01d6babdd65cba27107046d7143d0932222839ba2ecb83
fbb1626af30dd8438545c23c7229cace53d67552676aa5fe71f3d011af693f9f

hulvintch.com Open in urlscan Pro 2606:4700:3035::6818:6dbe Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

27 Requests

74 %HTTPS

69 %IPv6

12 Domains

13 Subdomains

10 IPs

3 Countries

185 kBTransfer

551 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

4 Cookies

18 Console Messages

Indicators

hulvintch.com Open in urlscan Pro
2606:4700:3035::6818:6dbe Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

74 %
HTTPS

69 %
IPv6

12
Domains

13
Subdomains

10
IPs

3
Countries

185 kB
Transfer

551 kB
Size

4
Cookies

27 HTTP transactions
0 data transactions