urlscan.io logo urlscan.io
SecurityTrails logo

www.cheapoair.com Open in urlscan Pro
92.122.104.91  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.travelweeklyupdate.com/ClicksHandler.ashx?audid=54808123&lguid=5ad44eb58d8d4a338e985bd13dd2de49&cmpid=1105644&c=7&pcg=T...
Effective URL: https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Submission: On March 20 via manual from EG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 11 domains to perform 26 HTTP transactions. The main IP is 92.122.104.91, located in Ascension Island and belongs to AKAMAI-AS, US. The main domain is www.cheapoair.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 29th 2019. Valid for: 2 years.
This is the only time www.cheapoair.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 64.61.14.236 7029 (WINDSTREAM)
3 92.122.104.91 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 152.199.19.160 15133 (EDGECAST)
11 23.36.239.60 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 143.204.201.128 16509 (AMAZON-02)
1 2600:9000:214... 16509 (AMAZON-02)
2 2600:9000:214... 16509 (AMAZON-02)
2 51.140.6.23 8075 (MICROSOFT...)
26 11
1    64.61.14.236 (Wayne, United States)

ASN7029 (WINDSTREAM, US)
PTR: static-64-61-14-236.isp.broadviewnet.net
www.travelweeklyupdate.com
3    92.122.104.91 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-104-91.deploy.static.akamaitechnologies.com
www.cheapoair.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
11    23.36.239.60 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-239-60.deploy.static.akamaitechnologies.com
c.fareportal.com
1    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    143.204.201.128 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-128.fra53.r.cloudfront.net
cdn.branch.io
1    2600:9000:214f:bc00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.link
2    2600:9000:214f:d600:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)
api2.branch.io
2    51.140.6.23 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Domain Requested by
11 c.fareportal.com www.cheapoair.com
az416426.vo.msecnd.net
c.fareportal.com
3 www.cheapoair.com www.cheapoair.com
az416426.vo.msecnd.net
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 api2.branch.io az416426.vo.msecnd.net
2 code.jquery.com www.cheapoair.com
1 app.link cdn.branch.io
1 cdn.branch.io www.cheapoair.com
1 geolocation.onetrust.com www.cheapoair.com
1 az416426.vo.msecnd.net www.cheapoair.com
1 cdn.jsdelivr.net www.cheapoair.com
1 ajax.googleapis.com www.cheapoair.com
1 www.travelweeklyupdate.com 1 redirects
26 12
Subject Issuer Validity Valid
www.cheapoair.com
DigiCert SHA2 Extended Validation Server CA		 2019-04-29 -
2021-05-18		 2 years crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
ssl363648.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-02-22 -
2020-08-30		 6 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2018-03-30 -
2020-03-30		 2 years crt.sh
www.fareportal.com
GeoTrust RSA CA 2018		 2019-09-11 -
2020-12-10		 a year crt.sh
*.onetrust.com
DigiCert SHA2 Secure Server CA		 2018-03-12 -
2020-06-14		 2 years crt.sh
*.branch.io
DigiCert SHA2 Secure Server CA		 2018-12-05 -
2020-12-08		 2 years crt.sh
appipv4.link
Amazon		 2019-08-19 -
2020-09-19		 a year crt.sh
dc.services.visualstudio.com
Microsoft IT TLS CA 5		 2020-03-17 -
2022-03-17		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Frame ID: D5609B52D40B6F5E7287EEE32B1C9DEF
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.travelweeklyupdate.com/ClicksHandler.ashx?audid=54808123&lguid=5ad44eb58d8d4a338e985bd13dd2de49&cmp... HTTP 302
    https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123 Page URL

Page Statistics

26
Requests

100 %
HTTPS

50 %
IPv6

11
Domains

12
Subdomains

11
IPs

5
Countries

730 kB
Transfer

2155 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.travelweeklyupdate.com/ClicksHandler.ashx?audid=54808123&lguid=5ad44eb58d8d4a338e985bd13dd2de49&cmpid=1105644&c=7&pcg=Transactional&pct=Transactional&uname=&imap=&ipha= HTTP 302
    https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request coronavirus-alert
www.cheapoair.com/flights/
Redirect Chain
  • http://www.travelweeklyupdate.com/ClicksHandler.ashx?audid=54808123&lguid=5ad44eb58d8d4a338e985bd13dd2de49&cmpid=1105644&c=7&pcg=Transactional&pct=Transactional&uname=&imap=&ipha=
  • https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
209 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.104.91 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-104-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1db0a88b125fd911cfb4a4e4e7bc5b41bc525dbc72ffcfb248cb416e051a2563

Request headers

:method
GET
:authority
www.cheapoair.com
:scheme
https
:path
/flights/coronavirus-alert?cmpid=1105644&audid=54808123
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
text/html; charset=utf-8
x-transactions
a9beb5a1-986a-4aba-8726-baed77103686
gcms-cache-ttl-min
60
request-context
appId=cid-v1:9576f485-1f86-42e3-a3d6-a08ca24b628a
access-control-expose-headers
Request-Context
x-geoipcountrycode3
US
x-geoiplatitude1
34.03960
x-geoiplongitude1
-118.26610
x-ipadress
23.62.239.178
x-realipaddress
107.184.81.86
x-forwarded-for
107.184.81.86, 23.36.15.4
x-proxy-cache
HIT
x-proxy-server
lpnginx63
x-misc
0
x-geocontinentcode
NA
x-geocontinentname
North America
fp-x-edge-cachecontrol
!no-store, cache-maxage=60m
fp-x-edge-cache-enabled
1
content-encoding
gzip
content-length
41884
cache-control
private, max-age=2256
expires
Fri, 20 Mar 2020 15:00:52 GMT
date
Fri, 20 Mar 2020 14:23:16 GMT
vary
Accept-Encoding
set-cookie
uid=NDhkM2YwODMxZTY3ZTc2Nw==; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.cheapoair.com fplocation=regioncode=EU; expires=Sun, 19-Apr-2020 14:23:16 GMT; path=/ AKA_A2=A; expires=Fri, 20-Mar-2020 15:23:16 GMT; path=/; domain=cheapoair.com; secure; HttpOnly ak_bmsc=BFCE3EF0EE2920157AC099F905F253E4C16C5E90321F0000D4D1745EA954605D~plJq8VHqzq8pDNNfIFuwNdln8X/s0w0xQdVeiLx0Q/G4wuZAIS8zqnZEoZDXmwjbqs/KJX0Z7bMgEf+Vq21bfCtH89C/uL0C7Kb9k+vbQqAfHyKoUG63U7B8AJO1EetmAVbQCQsPmufeM44DM8wU86+ict232a+/6rtnUa+Ifv2BepHZ31i4DX8JAsPszHKHUHNagf/FVb1O7Djl9CdwmvL0LleJrqoEdQA2PlVqG6OtA=; expires=Fri, 20 Mar 2020 16:23:16 GMT; max-age=7200; path=/; domain=.cheapoair.com; HttpOnly
link
<https://horologium.iad.appboy.com>;rel="preconnect",<https://geolocation.onetrust.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://m.cheapoair.com>;rel="preconnect"
akamai-x-true-edgecontrol-ttl
3600

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Fri, 20 Mar 2020 14:23:15 GMT
Content-Length
201
Set-Cookie
SRVNAME=tw2; path=/
cmsresourcecombiner.ashx
www.cheapoair.com/cmshandlers/ 		270 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/cmshandlers/cmsresourcecombiner.ashx?bn=React-with-image-deals_css&gcms-srv
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.104.91 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-104-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
316255783b98328763fb148bcdbc07d0f3a29091febba78fcbc5487e8f1da596

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 20 Mar 2020 14:23:16 GMT
content-encoding
gzip
fp-x-edge-cache-enabled
1
vary
Accept-Encoding
akamai-x-true-edgecontrol-ttl
21600
content-type
text/css; charset=utf-8
status
200
access-control-expose-headers
Request-Context
cache-control
max-age=16288
gcms-cache-ttl-min
360
request-context
appId=cid-v1:9576f485-1f86-42e3-a3d6-a08ca24b628a
fp-x-edge-cachecontrol
!no-store, cache-maxage=360m
content-length
43826
expires
Fri, 20 Mar 2020 18:54:44 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 31 Jan 2020 00:20:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4284185
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Jan 2021 00:20:11 GMT
jquery.validate.min.js
cdn.jsdelivr.net/jquery.validation/1.16.0/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery.validation/1.16.0/jquery.validate.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 20 Mar 2020 14:23:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
20673322
cf-ray
5770170e1c043260-FRA
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams21035-AMS, cache-hhn4049-HHN
server
cloudflare
etag
W/"5a1e-IUhhlLqiLrEVX+mL969jFOd3PMc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
jquery-ui.js
code.jquery.com/ui/1.12.1/ 		509 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 20 Mar 2020 14:23:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Sep 2016 16:34:16 GMT
Server
nginx
ETag
W/"57d97c08-7f20a"
Vary
Accept-Encoding
X-HW
1584714196.dop057.fr8.shc,1584714196.dop057.fr8.t,1584714196.cds132.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
124434
jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 		35 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Fri, 20 Mar 2020 14:23:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Sep 2016 16:34:16 GMT
Server
nginx
ETag
W/"57d97c08-8c85"
Vary
Accept-Encoding
X-HW
1584714196.dop040.fr8.shc,1584714196.dop040.fr8.t,1584714196.cds010.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
8323
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AAA) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 20 Mar 2020 14:23:16 GMT
content-encoding
gzip
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
423
x-cache
HIT
status
200
content-length
22495
x-ms-lease-status
unlocked
last-modified
Tue, 04 Feb 2020 19:23:51 GMT
server
ECAcc (ama/8AAA)
etag
0x8D7A9A7C460F06C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6729d534-001e-00bc-7ec2-fef395000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
icon-sprite.png
c.fareportal.com/gcms/portals/2/react_widget/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/gcms/portals/2/react_widget/img/icon-sprite.png
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.239.60 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-239-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
84e1cbbc6561435ad408e9890db087f56d5bcc31dc6480ba4294ef4b269fe14e

Request headers

Referer
https://www.cheapoair.com/cmshandlers/cmsresourcecombiner.ashx?bn=React-with-image-deals_css&gcms-srv
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 20 Mar 2020 14:23:16 GMT
last-modified
Thu, 31 Oct 2019 10:58:34 GMT
server
AkamaiNetStorage
access-control-allow-origin
*
etag
"794b2f1b04ce044efd76ed6d6b35b1f1:1572535518"
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
14282
settings.js
c.fareportal.com/gcms/portals/2/react-b4/script/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/2/react-b4/script/settings.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.239.60 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-239-60.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
333253a5380cd8c198f1ee3b8aad6e459cc6708a434efd79ce55a812e98164c8

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Origin
https://www.cheapoair.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Mar 2020 14:23:16 GMT
content-encoding
br
last-modified
Fri, 14 Feb 2020 21:51:44 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"2f63bd29b31011897bb0f80a424db239:1578909605"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
2084
runtime.bundle.8d6c24a8e1d3a342a869.js
c.fareportal.com/vd/hp/gcms/92/2.0.0/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/vd/hp/gcms/92/2.0.0/runtime.bundle.8d6c24a8e1d3a342a869.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.239.60 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-239-60.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
b6273c93e23ce807e25c168a4f61b5fc65309e7a1589d661b2c07453fa846fd7

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Origin
https://www.cheapoair.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Mar 2020 14:23:16 GMT
content-encoding
br
last-modified
Sat, 22 Feb 2020 15:41:56 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"aad21fb96c31a67df511c329d9177c5d:1577344235"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
1044
vendor.bundle.8d6c24a8e1d3a342a869.js
c.fareportal.com/vd/hp/gcms/92/2.0.0/ 		235 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/vd/hp/gcms/92/2.0.0/vendor.bundle.8d6c24a8e1d3a342a869.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.239.60 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-239-60.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
a165a1c3d55a584d58e4ec47f920e1236e62c410a10c0db3ba867ba8e949bdae

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Origin
https://www.cheapoair.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Mar 2020 14:23:16 GMT
content-encoding
br
last-modified
Mon, 13 Jan 2020 22:00:56 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"07a00cf9e2e4668d6bd8758fe88ac9ad:1577344235"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
67828
main.bundle.8d6c24a8e1d3a342a869.js
c.fareportal.com/vd/hp/gcms/92/2.0.0/ 		236 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/vd/hp/gcms/92/2.0.0/main.bundle.8d6c24a8e1d3a342a869.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.239.60 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-239-60.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
bddab32f9809eb3690678ff2de968119fafdde6d4cff3209856693769ba23f6b

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Origin
https://www.cheapoair.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Mar 2020 14:23:16 GMT
content-encoding
br
last-modified
Mon, 09 Mar 2020 01:31:11 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"e3a7f9a116ac24f319f9fa1d34b4a1e6:1577344235"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
45750
coa-credit-card-bg.jpg
c.fareportal.com/vd/coa/travel/r6/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/vd/coa/travel/r6/images/coa-credit-card-bg.jpg
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.239.60 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-239-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3cf2d4d5c22554ce9a4a8894a885edd30440bf02c242ad647b9d0adc76b6f069

Request headers

Referer
https://www.cheapoair.com/cmshandlers/cmsresourcecombiner.ashx?bn=React-with-image-deals_css&gcms-srv
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 20 Mar 2020 14:23:16 GMT
last-modified
Thu, 14 Dec 2017 23:40:06 GMT
server
AkamaiNetStorage
access-control-allow-origin
*
etag
"014ed0a56e9ce71c37041da332c4a460:1581610582.997469"
content-type
image/jpeg
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
11307
coa-credit-card.png
c.fareportal.com/gcms/portals/2/react_widget/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/gcms/portals/2/react_widget/img/coa-credit-card.png
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.239.60 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-239-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0f849206d89fdb4ebc8c4f95051673c77ad087f72bf1a927577136254b1c710b

Request headers

Referer
https://www.cheapoair.com/cmshandlers/cmsresourcecombiner.ashx?bn=React-with-image-deals_css&gcms-srv
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 20 Mar 2020 14:23:16 GMT
last-modified
Thu, 31 Oct 2019 10:58:34 GMT
server
AkamaiNetStorage
access-control-allow-origin
*
etag
"b5ac69b63d824bf6fadaa1ecbd11fba8:1572535517"
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
13399
Landing-Pages-QR.png
c.fareportal.com/gcms/portals/2/responsive/images/sem/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/gcms/portals/2/responsive/images/sem/Landing-Pages-QR.png
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.239.60 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-239-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0bdf220420e757b578a0da6fa91496882f6dddbbe9592b17b09f83ead27c5faf

Request headers

Referer
https://www.cheapoair.com/cmshandlers/cmsresourcecombiner.ashx?bn=React-with-image-deals_css&gcms-srv
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 20 Mar 2020 14:23:16 GMT
last-modified
Thu, 31 Oct 2019 10:58:51 GMT
server
AkamaiNetStorage
access-control-allow-origin
*
etag
"33ee27838d075544c79948f2195e4cc1:1572537241"
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
4203
svgicons.txt
c.fareportal.com/gcms/portals/2/responsive-b4/include/ 		255 KB
255 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/2/responsive-b4/include/svgicons.txt
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.239.60 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-239-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5c3e3df3791c1731315781fee789a97656d2ec32b27e0d8d7f29f77d3a8a8f18

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Origin
https://www.cheapoair.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Mar 2020 14:23:16 GMT
last-modified
Wed, 18 Dec 2019 10:08:19 GMT
server
AkamaiNetStorage
etag
"e11c4581ca3645b4a73fd19c1aba991e:1576663702"
status
200
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
260769
vendors~LoginMenuV1.bundle.8d6c24a8e1d3a342a869.js
c.fareportal.com/vd/hp/gcms/92/2.0.0/ 		33 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/vd/hp/gcms/92/2.0.0/vendors~LoginMenuV1.bundle.8d6c24a8e1d3a342a869.js
Requested by
Host: c.fareportal.com
URL: https://c.fareportal.com/vd/hp/gcms/92/2.0.0/runtime.bundle.8d6c24a8e1d3a342a869.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.239.60 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-239-60.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
a4ca363fdc37179f5b9ad065740619e93e3e3c3a65a87a17dc356b92820c10ef

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 20 Mar 2020 14:23:16 GMT
content-encoding
br
last-modified
Mon, 06 Jan 2020 09:13:04 GMT
server
Akamai Resource Optimizer
x-akamai-pragma-client-ip
173.205.9.115, 165.225.106.120
access-control-allow-origin
*
etag
"5bf8c22de91bd6d24c7708ed4fb7509a:1577344235"
x-serial
6196
vary
Accept-Encoding
content-type
application/x-javascript
status
200
x-check-cacheable
YES
cache-control
max-age=604800
accept-ranges
bytes
content-length
7318
LoginMenuV1.bundle.8d6c24a8e1d3a342a869.js
c.fareportal.com/vd/hp/gcms/92/2.0.0/ 		45 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/vd/hp/gcms/92/2.0.0/LoginMenuV1.bundle.8d6c24a8e1d3a342a869.js
Requested by
Host: c.fareportal.com
URL: https://c.fareportal.com/vd/hp/gcms/92/2.0.0/runtime.bundle.8d6c24a8e1d3a342a869.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.239.60 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-239-60.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
de297d2ce1da5b7da4ad6f04d4e6c37d65754d400e398cd44b704cf378f87da0

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 20 Mar 2020 14:23:16 GMT
content-encoding
br
last-modified
Tue, 03 Mar 2020 23:31:00 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"d15fe565a90a2bdcf70889d3db631fab:1577344234"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
7112
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		200 B
528 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ce739feda8de2994011ebf120933fd411e0ed2fffd8c0e3bb2ef860a039bdae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 20 Mar 2020 14:23:16 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
5770171078dfd6b1-FRA
branch-latest.min.js
cdn.branch.io/ 		75 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.201.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-128.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5195d160b2cedd371c62cbaf0ce26b99e9aef6a5806f058ee70bdda0df2411e6

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
5NEyz9ePT.A.Hfn17SKcv6g53e3taZh3
Content-Encoding
gzip
Last-Modified
Thu, 12 Mar 2020 19:32:20 GMT
Server
AmazonS3
Age
219
ETag
"67a51b90fbb116852bdaf4b663e4c5bc"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
Cache-Control
max-age=300
Date
Fri, 20 Mar 2020 14:19:37 GMT
X-Amz-Cf-Pop
FRA53-C1
Connection
keep-alive
Content-Length
22645
X-Amz-Cf-Id
1ZQG5BY-g4EID53Wc0icwsB787KA8oe8-Kwssp2gizitNb6ZBna0aA==
affiliatetracking
www.cheapoair.com/home/ 		4 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/home/affiliatetracking?cmpid=1105644&audid=54808123&fpappid=0&fpurl=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fcoronavirus-alert%3Fcmpid%3D1105644%26audid%3D54808123
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.104.91 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-104-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Sec-Fetch-Dest
empty
Request-Id
|G2n5k.c/N3+
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 20 Mar 2020 14:23:16 GMT
cache-control
private
content-length
4
akamai-x-true-edgecontrol-ttl
-1
content-type
application/json; charset=utf-8
_r
app.link/ 		90 B
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.link/_r?sdk=web2.52.7&branch_key=key_live_ngxRNbzgpC0SVPJ5m6ACWonlsqeJ7Fsw&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:bc00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.13.6.2 / Express
Resource Hash
be6dbeae3385069013b8be8139aec3eeba6f779351858ba082577650cdeaee9c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 20 Mar 2020 14:23:16 GMT
Via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Server
openresty/1.13.6.2
X-Amz-Cf-Pop
FRA53-C1
X-Powered-By
Express
X-Cache
Miss from cloudfront
Content-Type
text/javascript; charset=utf-8
Connection
keep-alive
Content-Length
90
ETag
W/"5a-Ls5SD/3AuaKd+pUE2r1ey7qXnek"
X-Amz-Cf-Id
uflffRqfwKZrOLF85vtgL37c6KUGjXz1xy48nfFhTrM-34KJTstvOg==
open
api2.branch.io/v1/ 		266 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/open
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:d600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
fad236edd79f746008a325f9d23928ae5071ac49cc4868c9a0a64922e62290e4

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Origin
https://www.cheapoair.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 20 Mar 2020 14:23:16 GMT
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
server
openresty/1.13.6.2
x-amz-cf-pop
FRA53-C1
status
200
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
content-length
266
x-amz-cf-id
pcd2-6bFD2GH5m31tWbbM4wOBN_R7ousvAopWi9eC3iNueRe9V_bnw==
track
dc.services.visualstudio.com/v2/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
POST
Origin
https://www.cheapoair.com
Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,sdk-context

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 20 Mar 2020 14:23:16 GMT
X-Content-Type-Options
nosniff
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length
0
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
POST
track
dc.services.visualstudio.com/v2/ 		96 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
71bd0d2b5d94777f6b12d5ec5f3a3e8d25a274a93287a3c3555b3b679a1eb47f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Origin
https://www.cheapoair.com
Sec-Fetch-Dest
empty
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
06ABB06D-2FBA-4167-B733-416508EF21A4
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Date
Fri, 20 Mar 2020 14:23:16 GMT
Access-Control-Max-Age
3600
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length
96
pageview
api2.branch.io/v1/ 		28 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:d600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.13.6.2 / Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer
https://www.cheapoair.com/flights/coronavirus-alert?cmpid=1105644&audid=54808123
Origin
https://www.cheapoair.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 20 Mar 2020 14:23:17 GMT
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
server
openresty/1.13.6.2
x-amz-cf-pop
FRA53-C1
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
status
200
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
28
x-amz-cf-id
0XMK4lV8TUg23HO0RxX3Oia6HWUobokGPc8nlocqLO3bhrnEGqA7wg==

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| getCookie undefined| script undefined| s boolean| isGDPR object| appInsights object| pageConfig object| trustPilotReview object| FEATURES function| $ function| jQuery function| removeAllErrors function| resetForm string| headerPhoneNo object| AI object| Microsoft function| __extends function| _endsWith object| xhttp boolean| simplifiedWidget object| cockpitSetting string| publicPath boolean| isGCMS object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| iLn string| device object| errors object| aiLogger function| AnalyticsServiceLogEvent boolean| adLoaded object| googleAdTags string| starEl string| starRating string| numOfReview string| reviewDate string| tpRating function| phonenumber number| slideIndex function| currentSlide function| showSlides undefined| winWidth boolean| nowInteractClosed boolean| isPopUpOpen function| nowIntPoupClose string| bookByText string| tncTxt string| couponCode string| expiryText string| discountText string| inventText object| popUpArray function| openPopup function| closePopup function| toogleClass function| openTab function| displaywhybook function| hidewhybook object| jsonp object| accItem object| accHD function| toggleItem function| rudrSwitchTab object| interlinkList object| reviewblock object| reviewblockul function| showGG function| PostTicketingFees function| TaxesFeesInfo function| ServiceFeesInfo function| NLTC function| BaggageFeesInfo function| termsAndCond function| showTerms function| BestPriceInfo function| bbb function| sendSMS function| sendSMSUsPhone function| isValidUSPhoneNumber function| reFormatMobileNo function| inputOnChange function| clearMessage string| gdprdata string| gdprSignData function| getUrlParameter function| setGDPRCookie function| InvokeGTMContainer boolean| blogSlider function| jsonFeed object| branch

11 Cookies

Domain/Path Name / Value
.cheapoair.com/ Name: bm_sv
Value: 23EC94B180F7902320BE6B0C07639B7B~88d62x161vKnaHXBqpTCWn8tBuwPzGInHMZvi3vWDouDIDirfNzIrOYJE3A6jZ+/FVvKM8DYJKXRXASDD65lHGy1xqc/NZZdUM9fQG8R2ioLGuDY9Al/FkKZ9b2s2vv/bLzuu7OE3umwy84bh06okwF+Q72yl9aY24Qnl7dNkDM=
.cheapoair.com/ Name: audid
Value: 54808123
www.cheapoair.com/ Name: ASP.NET_SessionId
Value: c1ardqidz4lmsxqery1pq52o
www.cheapoair.com/ Name: ai_user
Value: 2E+vq|2020-03-20T14:23:16.388Z
.cheapoair.com/ Name: ak_bmsc
Value: BFCE3EF0EE2920157AC099F905F253E4C16C5E90321F0000D4D1745EA954605D~plJq8VHqzq8pDNNfIFuwNdln8X/s0w0xQdVeiLx0Q/G4wuZAIS8zqnZEoZDXmwjbqs/KJX0Z7bMgEf+Vq21bfCtH89C/uL0C7Kb9k+vbQqAfHyKoUG63U7B8AJO1EetmAVbQCQsPmufeM44DM8wU86+ict232a+/6rtnUa+Ifv2BepHZ31i4DX8JAsPszHKHUHNagf/FVb1O7Djl9CdwmvL0LleJrqoEdQA2PlVqG6OtA=
.cheapoair.com/ Name: AKA_A2
Value: A
.cheapoair.com/ Name: FPTraveller
Value: FPUserId=-3
www.cheapoair.com/ Name: ai_session
Value: qTOio|1584714196563.91|1584714196563.91
www.cheapoair.com/ Name: fplocation
Value: regioncode=EU
www.cheapoair.com/ Name: NSC_difbqpbjs.dpn-gqofyu-cbm
Value: 30dfa3db5b5ac42cf66ddc4b047965ba257dcefb1700d5d8e911e0dd1f017a1408817cc4
.cheapoair.com/ Name: uid
Value: NDhkM2YwODMxZTY3ZTc2Nw==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api2.branch.io
app.link
az416426.vo.msecnd.net
c.fareportal.com
cdn.branch.io
cdn.jsdelivr.net
code.jquery.com
dc.services.visualstudio.com
geolocation.onetrust.com
www.cheapoair.com
www.travelweeklyupdate.com
143.204.201.128
152.199.19.160
2001:4de0:ac19::1:b:1a
23.36.239.60
2600:9000:214f:bc00:19:9934:6a80:93a1
2600:9000:214f:d600:11:f728:3040:93a1
2606:4700:10::6814:b844
2606:4700::6810:5614
2a00:1450:4001:806::200a
51.140.6.23
64.61.14.236
92.122.104.91
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0bdf220420e757b578a0da6fa91496882f6dddbbe9592b17b09f83ead27c5faf
0f849206d89fdb4ebc8c4f95051673c77ad087f72bf1a927577136254b1c710b
1db0a88b125fd911cfb4a4e4e7bc5b41bc525dbc72ffcfb248cb416e051a2563
316255783b98328763fb148bcdbc07d0f3a29091febba78fcbc5487e8f1da596
333253a5380cd8c198f1ee3b8aad6e459cc6708a434efd79ce55a812e98164c8
3cf2d4d5c22554ce9a4a8894a885edd30440bf02c242ad647b9d0adc76b6f069
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
5195d160b2cedd371c62cbaf0ce26b99e9aef6a5806f058ee70bdda0df2411e6
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5c3e3df3791c1731315781fee789a97656d2ec32b27e0d8d7f29f77d3a8a8f18
5ce739feda8de2994011ebf120933fd411e0ed2fffd8c0e3bb2ef860a039bdae
71bd0d2b5d94777f6b12d5ec5f3a3e8d25a274a93287a3c3555b3b679a1eb47f
84e1cbbc6561435ad408e9890db087f56d5bcc31dc6480ba4294ef4b269fe14e
a165a1c3d55a584d58e4ec47f920e1236e62c410a10c0db3ba867ba8e949bdae
a4ca363fdc37179f5b9ad065740619e93e3e3c3a65a87a17dc356b92820c10ef
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6273c93e23ce807e25c168a4f61b5fc65309e7a1589d661b2c07453fa846fd7
bddab32f9809eb3690678ff2de968119fafdde6d4cff3209856693769ba23f6b
be6dbeae3385069013b8be8139aec3eeba6f779351858ba082577650cdeaee9c
de297d2ce1da5b7da4ad6f04d4e6c37d65754d400e398cd44b704cf378f87da0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fad236edd79f746008a325f9d23928ae5071ac49cc4868c9a0a64922e62290e4