e.cheaptickets.be - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 18.185.190.229, located in Frankfurt am Main, Germany and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is e.cheaptickets.be.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on April 10th 2018. Valid for: 2 years.

This is the only time e.cheaptickets.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	18.185.190.229 18.185.190.229	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	104.16.218.81 104.16.218.81	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
5	3

1 18.185.190.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-190-229.eu-central-1.compute.amazonaws.com

e.cheaptickets.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.218.81 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

s1.travix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	gstatic.com fonts.gstatic.com	29 KB
2	travix.com s1.travix.com	3 KB
1	cheaptickets.be e.cheaptickets.be	4 KB
5	3

	Domain	Requested by
2	fonts.gstatic.com	e.cheaptickets.be
2	s1.travix.com	e.cheaptickets.be
1	e.cheaptickets.be
5	3

This site contains links to these domains. Also see Links.

Domain
www.cheaptickets.be

Subject Issuer	Validity	Valid
e.cheaptickets.be COMODO RSA Domain Validation Secure Server CA	`2018-04-10` - `2020-04-12`	2 years	crt.sh
travix.com CloudFlare Inc ECC CA-2	`2019-11-14` - `2020-10-09`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-12-10` - `2020-03-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://e.cheaptickets.be/2/4/1737/3/eQMD6T9oN4Otj96dkL95YeSSVfRQ2OELobXG8P6U5lmq1hdmVohJGLFtPFCv2JN23hjq2Ml1HM-0Ms3_BEhn3A
Frame ID: ECAE2852A91AEB77B65A0F6E3F6C4611
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

5
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

36 kB
Transfer

49 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cheaptickets.be/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request eQMD6T9oN4Otj96dkL95YeSSVfRQ2OELobXG8P6U5lmq1hdmVohJGLFtPFCv2JN23hjq2Ml1HM-0Ms3_BEhn3A Show response
e.cheaptickets.be/2/4/1737/3/ 19 KB
4 KB 784ms
761ms Document
text/html 18.185.190.229
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://e.cheaptickets.be/2/4/1737/3/eQMD6T9oN4Otj96dkL95YeSSVfRQ2OELobXG8P6U5lmq1hdmVohJGLFtPFCv2JN23hjq2Ml1HM-0Ms3_BEhn3A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.185.190.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-185-190-229.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a855ab778d643c19253c772d8e003ec92e1d8fe57eb5f7733f5f39a6f1d05c57

Request headers

:method: GET
:authority: e.cheaptickets.be
:scheme: https
:path: /2/4/1737/3/eQMD6T9oN4Otj96dkL95YeSSVfRQ2OELobXG8P6U5lmq1hdmVohJGLFtPFCv2JN23hjq2Ml1HM-0Ms3_BEhn3A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
server: nginx
date: Wed, 15 Jan 2020 17:00:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 cheaptickets_be_XL@2X.png
s1.travix.com/assets/email/cheaptickets/logo/ 2 KB
2 KB 60ms
28ms Image
image/webp 104.16.218.81
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.travix.com/assets/email/cheaptickets/logo/cheaptickets_be_XL@2X.png

Requested by

Host: e.cheaptickets.be
URL: https://e.cheaptickets.be/2/4/1737/3/eQMD6T9oN4Otj96dkL95YeSSVfRQ2OELobXG8P6U5lmq1hdmVohJGLFtPFCv2JN23hjq2Ml1HM-0Ms3_BEhn3A

Protocol

H2

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.218.81 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

04f28290d6d0eab2284105ad345a80f5880077773c7a2c2e0a926a0308dba6f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://e.cheaptickets.be/2/4/1737/3/eQMD6T9oN4Otj96dkL95YeSSVfRQ2OELobXG8P6U5lmq1hdmVohJGLFtPFCv2JN23hjq2Ml1HM-0Ms3_BEhn3A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 17:00:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27275
cf-polished: origFmt=png, origSize=4186
cf-ray: 55596794ccc62b74-AMS
status: 200
content-disposition: inline; filename="cheaptickets_be_XL@2X.webp"
strict-transport-security: max-age=0
content-length: 1920
x-amz-id-2: hN5/rRbWHjplhE6vSgBGA9tMW+yzyw+y/ALG6M12zUqs5GzTQ/ukeWa7KIhe2VL4Hy13ZEP60Ss=
last-modified: Fri, 27 Nov 2015 11:27:17 GMT
server: cloudflare
etag: "54df7cd0c95424f6895c67dc247405dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: 58C43783929AC9B0
cf-bgj: imgq:100
cache-control: public, max-age=86400
x-amz-version-id: jcRps4YsHb.nwxWxMaMKHTW4fM94mf9l
accept-ranges: bytes
content-type: image/webp
expires: Thu, 16 Jan 2020 17:00:12 GMT

GET
H2 200 CT_Arrow.png
s1.travix.com/assets/email/ 180 B
832 B 58ms
26ms Image
image/webp 104.16.218.81
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.travix.com/assets/email/CT_Arrow.png

Requested by

Host: e.cheaptickets.be
URL: https://e.cheaptickets.be/2/4/1737/3/eQMD6T9oN4Otj96dkL95YeSSVfRQ2OELobXG8P6U5lmq1hdmVohJGLFtPFCv2JN23hjq2Ml1HM-0Ms3_BEhn3A

Protocol

H2

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.218.81 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

88fc41668c0ba3d4cbee2e90d580cbf204c0baf9904189a213713abb71457114

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://e.cheaptickets.be/2/4/1737/3/eQMD6T9oN4Otj96dkL95YeSSVfRQ2OELobXG8P6U5lmq1hdmVohJGLFtPFCv2JN23hjq2Ml1HM-0Ms3_BEhn3A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 17:00:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 30141
cf-polished: origFmt=png, origSize=571
cf-ray: 55596794ccc92b74-AMS
status: 200
content-disposition: inline; filename="CT_Arrow.webp"
strict-transport-security: max-age=0
content-length: 180
x-amz-id-2: RGsqRQ73CGFHcVTaSWfndV9al6H2UdszVE2enu+axJNgoFDWUv8X1t5WbVdZlktqxOHygL6gZGE=
last-modified: Thu, 04 May 2017 06:56:02 GMT
server: cloudflare
etag: "cac84f5c78046118615ed1fe027b7b5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: 2CE196C6671C905F
cf-bgj: imgq:100
cache-control: public, max-age=86400
x-amz-version-id: c4yF0FDiBBiIfE2iOySxQS4R53bFjxPI
accept-ranges: bytes
content-type: image/webp
expires: Thu, 16 Jan 2020 17:00:12 GMT

GET
H2 200 2UX7WLTfW3W8TclTUvlFyQ.woff
fonts.gstatic.com/s/roboto/v15/ 18 KB
18 KB 8ms
7ms Font
font/woff 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v15/2UX7WLTfW3W8TclTUvlFyQ.woff

Requested by

Host: e.cheaptickets.be
URL: https://e.cheaptickets.be/2/4/1737/3/eQMD6T9oN4Otj96dkL95YeSSVfRQ2OELobXG8P6U5lmq1hdmVohJGLFtPFCv2JN23hjq2Ml1HM-0Ms3_BEhn3A

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

97bb9863429ae97fcc0cd6c80d30c3f7454d0b218d4758e24c30bda441bd39d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://e.cheaptickets.be/2/4/1737/3/eQMD6T9oN4Otj96dkL95YeSSVfRQ2OELobXG8P6U5lmq1hdmVohJGLFtPFCv2JN23hjq2Ml1HM-0Ms3_BEhn3A
Origin: https://e.cheaptickets.be

Response headers

date: Wed, 08 Jan 2020 20:48:40 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Jan 2015 22:47:37 GMT
server: sffe
age: 591092
content-type: font/woff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 18520
x-xss-protection: 0
expires: Thu, 07 Jan 2021 20:48:40 GMT

GET
H2 200 ZlHXuwtpE8FTBbgZOP8bFaCWcynf_cDxXwCLxiixG1c.woff
fonts.gstatic.com/s/khand/v4/ 10 KB
11 KB 7ms
6ms Font
font/woff 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/khand/v4/ZlHXuwtpE8FTBbgZOP8bFaCWcynf_cDxXwCLxiixG1c.woff

Requested by

Host: e.cheaptickets.be
URL: https://e.cheaptickets.be/2/4/1737/3/eQMD6T9oN4Otj96dkL95YeSSVfRQ2OELobXG8P6U5lmq1hdmVohJGLFtPFCv2JN23hjq2Ml1HM-0Ms3_BEhn3A

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ef54f4c174076b11f8aa490a248a55f1ed3274c8cbccd26ab82763d2f8249027

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://e.cheaptickets.be/2/4/1737/3/eQMD6T9oN4Otj96dkL95YeSSVfRQ2OELobXG8P6U5lmq1hdmVohJGLFtPFCv2JN23hjq2Ml1HM-0Ms3_BEhn3A
Origin: https://e.cheaptickets.be

Response headers

date: Wed, 08 Jan 2020 20:48:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Aug 2014 21:08:15 GMT
server: sffe
age: 591092
content-type: font/woff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10676
x-xss-protection: 0
expires: Thu, 07 Jan 2021 20:48:40 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

e.cheaptickets.be
fonts.gstatic.com
s1.travix.com
104.16.218.81
18.185.190.229
2a00:1450:4001:81d::2003
04f28290d6d0eab2284105ad345a80f5880077773c7a2c2e0a926a0308dba6f4
88fc41668c0ba3d4cbee2e90d580cbf204c0baf9904189a213713abb71457114
97bb9863429ae97fcc0cd6c80d30c3f7454d0b218d4758e24c30bda441bd39d3
a855ab778d643c19253c772d8e003ec92e1d8fe57eb5f7733f5f39a6f1d05c57
ef54f4c174076b11f8aa490a248a55f1ed3274c8cbccd26ab82763d2f8249027

e.cheaptickets.be Open in urlscan Pro 18.185.190.229 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

36 kBTransfer

49 kBSize

0 Cookies

1 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

e.cheaptickets.be Open in urlscan Pro
18.185.190.229 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

36 kB
Transfer

49 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions