www.cheapoair.com Open in urlscan Pro
23.48.224.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.cheapoair.com/
Effective URL:
https://www.cheapoair.com/
Submission: On January 19 via manual (January 19th 2024, 8:14:00 am UTC) from US — Scanned from US

Summary HTTP 195 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 63 IPs in 3 countries across 56 domains to perform 195 HTTP transactions. The main IP is 23.48.224.109, located in Secaucus, United States and belongs to AKAMAI-ASN1, NL. The main domain is www.cheapoair.com. The Cisco Umbrella rank of the primary domain is 93920.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on December 14th 2023. Valid for: a year.

This is the only time www.cheapoair.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	23.48.224.108 23.48.224.108	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	23.48.224.109 23.48.224.109	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.164.96.69 18.164.96.69	16509 (AMAZON-02) (AMAZON-02)
38	23.192.10.35 23.192.10.35	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.48.224.107 23.48.224.107	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.164.116.119 18.164.116.119	16509 (AMAZON-02) (AMAZON-02)
1	23.46.224.158 23.46.224.158	16625 (AKAMAI-AS) (AKAMAI-AS)
2	72.21.81.200 72.21.81.200	15133 (EDGECAST) (EDGECAST)
1	172.64.155.119 172.64.155.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.251.167.84 142.251.167.84	15169 (GOOGLE) (GOOGLE)
1	23.56.212.182 23.56.212.182	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.251.35.174 142.251.35.174	15169 (GOOGLE) (GOOGLE)
2	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
11	66.198.179.166 66.198.179.166	6453 (AS6453) (AS6453)
4	142.250.80.104 142.250.80.104	15169 (GOOGLE) (GOOGLE)
2	20.42.73.140 20.42.73.140	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.85.61.115 52.85.61.115	16509 (AMAZON-02) (AMAZON-02)
1	34.238.149.65 34.238.149.65	14618 (AMAZON-AES) (AMAZON-AES)
1	68.70.205.3 68.70.205.3	44239 (PROINITY ...) (PROINITY PROINITY)
5	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.138.128.100 108.138.128.100	16509 (AMAZON-02) (AMAZON-02)
1	212.54.153.104 212.54.153.104	50292 (STRATOGEN ) (STRATOGEN )
1	52.22.50.55 52.22.50.55	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
2	142.250.65.174 142.250.65.174	15169 (GOOGLE) (GOOGLE)
1	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
1	54.247.156.204 54.247.156.204	16509 (AMAZON-02) (AMAZON-02)
1	74.119.119.131 74.119.119.131	19750 (AS-CRITEO) (AS-CRITEO)
2	142.251.40.228 142.251.40.228	15169 (GOOGLE) (GOOGLE)
6 8	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
2	35.81.173.170 35.81.173.170	16509 (AMAZON-02) (AMAZON-02)
5	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2 2	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
1 3	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
5 7	68.67.160.114 68.67.160.114	29990 (ASN-APPNEX) (ASN-APPNEX)
11 13	3.213.247.157 3.213.247.157	14618 (AMAZON-AES) (AMAZON-AES)
3 3	52.201.6.220 52.201.6.220	14618 (AMAZON-AES) (AMAZON-AES)
7 7	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	51.222.241.145 51.222.241.145	16276 (OVH) (OVH)
2 2	35.175.21.104 35.175.21.104	14618 (AMAZON-AES) (AMAZON-AES)
2	23.46.224.23 23.46.224.23	16625 (AKAMAI-AS) (AKAMAI-AS)
2	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
2	23.105.12.120 23.105.12.120	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	23.51.57.155 23.51.57.155	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
4	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
2	23.40.179.31 23.40.179.31	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	195.244.31.10 195.244.31.10	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
2	23.46.225.71 23.46.225.71	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	63.251.28.234 63.251.28.234	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 4	34.233.7.187 34.233.7.187	14618 (AMAZON-AES) (AMAZON-AES)
6 6	174.129.117.7 174.129.117.7	14618 (AMAZON-AES) (AMAZON-AES)
2 2	13.225.63.112 13.225.63.112	16509 (AMAZON-02) (AMAZON-02)
1 1	199.38.167.131 199.38.167.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.165.1.37 54.165.1.37	14618 (AMAZON-AES) (AMAZON-AES)
2	44.217.105.65 44.217.105.65	14618 (AMAZON-AES) (AMAZON-AES)
2	70.42.32.63 70.42.32.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	44.218.163.194 44.218.163.194	14618 (AMAZON-AES) (AMAZON-AES)
2	52.71.125.247 52.71.125.247	14618 (AMAZON-AES) (AMAZON-AES)
2	52.85.61.41 52.85.61.41	16509 (AMAZON-02) (AMAZON-02)
1 1	50.116.194.23 50.116.194.23	6336 (TURN-US-ASN) (TURN-US-ASN)
1	3.233.89.241 3.233.89.241	14618 (AMAZON-AES) (AMAZON-AES)
1	34.212.4.35 34.212.4.35	16509 (AMAZON-02) (AMAZON-02)
2 4	34.233.8.30 34.233.8.30	14618 (AMAZON-AES) (AMAZON-AES)
2	13.225.214.50 13.225.214.50	16509 (AMAZON-02) (AMAZON-02)
2	52.226.36.235 52.226.36.235	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.244.159.189 54.244.159.189	16509 (AMAZON-02) (AMAZON-02)
1 1	34.199.184.22 34.199.184.22	14618 (AMAZON-AES) (AMAZON-AES)
1	34.202.176.34 34.202.176.34	14618 (AMAZON-AES) (AMAZON-AES)
195	63

1 23.48.224.108 (Secaucus, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-108.deploy.static.akamaitechnologies.com

www.cheapoair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.48.224.109 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-109.deploy.static.akamaitechnologies.com

www.cheapoair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-69.jfk50.r.cloudfront.net

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 23.192.10.35 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-10-35.deploy.static.akamaitechnologies.com

c.fareportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.48.224.107 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-107.deploy.static.akamaitechnologies.com

p11.techlab-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.116.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-119.jfk50.r.cloudfront.net

consent.api.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.46.224.158 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-224-158.deploy.static.akamaitechnologies.com

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.81.200 (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.155.119 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.167.84 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f84.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.212.182 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-212-182.deploy.static.akamaitechnologies.com

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.35.174 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 66.198.179.166 (United States)

ASN6453 (AS6453, US)

launchpadapiassignment.azure.fareportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.80.104 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.42.73.140 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-115.ewr53.r.cloudfront.net

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.238.149.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-149-65.compute-1.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.70.205.3 (United States)

ASN44239 (PROINITY PROINITY, CH)

cdn.nowinteract.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-100.jfk50.r.cloudfront.net

lantern.roeyecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.54.153.104 (Edison, United States)

ASN50292 (STRATOGEN , GB)
PTR: s104-153-54-212.cust.stratogen.net

us1.nowinteract.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.50.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-50-55.compute-1.amazonaws.com

52.22.50.55	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.174 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.247.156.204 (Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-156-204.eu-west-1.compute.amazonaws.com

lantern.roeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.228 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 74.119.119.139 (United States) 6 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.81.173.170 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-173-170.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 68.67.160.114 (Jersey City, United States) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 3.213.247.157 (Ashburn, United States) 11 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-247-157.compute-1.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.201.6.220 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-6-220.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.71.131.137 (United States) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.222.241.145 (Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: haproxy-ca-013.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.175.21.104 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-21-104.compute-1.amazonaws.com

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.46.224.23 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-224-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.105.12.120 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.51.57.155 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-155.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.40.179.31 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-179-31.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.46.225.71 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-225-71.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.28.234 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.233.7.187 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-7-187.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 174.129.117.7 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-117-7.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.63.112 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-112.ewr53.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.165.1.37 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-1-37.compute-1.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.217.105.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-105-65.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.218.163.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-218-163-194.compute-1.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.71.125.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-125-247.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.61.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-41.ewr53.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.116.194.23 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)
PTR: d-atl1.turn.com

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.89.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-89-241.compute-1.amazonaws.com

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.212.4.35 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-4-35.us-west-2.compute.amazonaws.com

gs.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.233.8.30 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-8-30.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.214.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-50.ewr50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.226.36.235 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

launchpad-eventhubs.servicebus.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.244.159.189 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-159-189.us-west-2.compute.amazonaws.com

px.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.184.22 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-184-22.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.176.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-176-34.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	fareportal.com c.fareportal.com — Cisco Umbrella Rank: 81522 launchpadapiassignment.azure.fareportal.com — Cisco Umbrella Rank: 80016	958 KB
14	cheapoair.com 1 redirects www.cheapoair.com — Cisco Umbrella Rank: 93920	111 KB
13	mediawallahscript.com 11 redirects partner.mediawallahscript.com — Cisco Umbrella Rank: 3161	9 KB
13	criteo.com gum.criteo.com — Cisco Umbrella Rank: 423 Failed sslwidget.criteo.com — Cisco Umbrella Rank: 2254 dis.criteo.com — Cisco Umbrella Rank: 608	14 KB
9	google.com accounts.google.com — Cisco Umbrella Rank: 23 apis.google.com — Cisco Umbrella Rank: 106 analytics.google.com — Cisco Umbrella Rank: 154 www.google.com — Cisco Umbrella Rank: 2	104 KB
7	liadm.com 6 redirects i.liadm.com — Cisco Umbrella Rank: 550 i6.liadm.com — Cisco Umbrella Rank: 2884	4 KB
7	adsrvr.org 7 redirects match.adsrvr.org — Cisco Umbrella Rank: 357 insight.adsrvr.org — Cisco Umbrella Rank: 637	3 KB
7	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 253 secure.adnxs.com — Cisco Umbrella Rank: 490	6 KB
7	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	169 KB
5	bing.com bat.bing.com — Cisco Umbrella Rank: 376 c.bing.com — Cisco Umbrella Rank: 247	14 KB
4	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 239	2 KB
4	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 698	2 KB
4	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 358	170 B
4	mountain.com dx.mountain.com — Cisco Umbrella Rank: 5561 px.mountain.com — Cisco Umbrella Rank: 5699 gs.mountain.com — Cisco Umbrella Rank: 11991	10 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	333 KB
4	techlab-cdn.com p11.techlab-cdn.com — Cisco Umbrella Rank: 3589	59 KB
3	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1743	2 KB
3	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 412	1 KB
3	crwdcntrl.net 3 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 853	974 B
3	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 373	2 KB
3	osano.com cmp.osano.com — Cisco Umbrella Rank: 5210 consent.api.osano.com — Cisco Umbrella Rank: 9295	62 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1811 beacon.krxd.net — Cisco Umbrella Rank: 784	557 B
2	windows.net launchpad-eventhubs.servicebus.windows.net — Cisco Umbrella Rank: 113768
2	agkn.com aa.agkn.com — Cisco Umbrella Rank: 544	1 KB
2	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 662	689 B
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 508	560 B
2	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 2565
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 870	1021 B
2	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 829	574 B
2	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1144	1 KB
2	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1421	2 KB
2	rezync.com 2 redirects live.rezync.com — Cisco Umbrella Rank: 1645	2 KB
2	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 562	1 KB
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 727	1 KB
2	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 731	521 B
2	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 773	1 KB
2	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2620	441 B
2	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1704	745 B
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669	1 KB
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 381	2 KB
2	media.net contextual.media.net — Cisco Umbrella Rank: 709	1 KB
2	imrworldwide.com 2 redirects obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 4870	675 B
2	rqtrk.eu 2 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 3537	659 B
2	nowinteract.com cdn.nowinteract.com — Cisco Umbrella Rank: 88676 us1.nowinteract.com — Cisco Umbrella Rank: 128157	23 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 729	922 B
2	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2383	44 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1389 c.go-mpulse.net — Cisco Umbrella Rank: 624	50 KB
1	steelhousemedia.com px.steelhousemedia.com — Cisco Umbrella Rank: 11265	319 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1381	432 B
1	pippio.com pippio.com — Cisco Umbrella Rank: 790	571 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 841	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 657	15 KB
1	roeye.com lantern.roeye.com — Cisco Umbrella Rank: 8916	153 B
1	roeyecdn.com lantern.roeyecdn.com — Cisco Umbrella Rank: 8890	2 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4433	11 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 567	258 B
195	56

	Domain	Requested by
38	c.fareportal.com	www.cheapoair.com c.fareportal.com
14	www.cheapoair.com	1 redirects www.cheapoair.com
13	partner.mediawallahscript.com	11 redirects
11	launchpadapiassignment.azure.fareportal.com	www.cheapoair.com
8	gum.criteo.com	www.cheapoair.com gum.criteo.com
6	i.liadm.com	6 redirects
6	match.adsrvr.org	6 redirects
5	ib.adnxs.com	3 redirects
4	dpm.demdex.net	2 redirects
4	ad.360yield.com	2 redirects
4	ups.analytics.yahoo.com	www.cheapoair.com
4	dis.criteo.com
4	www.googletagmanager.com	www.cheapoair.com
4	accounts.google.com	www.cheapoair.com
4	p11.techlab-cdn.com	www.cheapoair.com
3	r.casalemedia.com	1 redirects www.cheapoair.com
3	eb2.3lift.com	1 redirects www.cheapoair.com
3	sync.crwdcntrl.net	3 redirects
3	x.bidswitch.net	1 redirects www.cheapoair.com
3	bat.bing.com	www.cheapoair.com
2	launchpad-eventhubs.servicebus.windows.net	www.cheapoair.com
2	aa.agkn.com
2	s.ad.smaato.net	www.cheapoair.com
2	match.sharethrough.com	www.cheapoair.com
2	trends.revcontent.com	www.cheapoair.com
2	simage2.pubmatic.com	www.cheapoair.com
2	sync.outbrain.com	www.cheapoair.com
2	jadserve.postrelease.com	www.cheapoair.com
2	c.bing.com	www.cheapoair.com
2	exchange.mediavine.com	www.cheapoair.com
2	live.rezync.com	2 redirects
2	ads.stickyadstv.com	www.cheapoair.com
2	tags.bluekai.com
2	visitor.omnitagjs.com	www.cheapoair.com
2	hb.yahoo.net	www.cheapoair.com
2	criteo-sync.teads.tv	www.cheapoair.com
2	sync-t1.taboola.com	www.cheapoair.com
2	rtb-csync.smartadserver.com	www.cheapoair.com
2	pixel.rubiconproject.com	www.cheapoair.com
2	contextual.media.net	www.cheapoair.com
2	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	2 redirects
2	ws.rqtrk.eu	2 redirects
2	secure.adnxs.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	px.mountain.com	www.cheapoair.com
2	www.google.com
2	analytics.google.com	www.cheapoair.com
2	googleads.g.doubleclick.net	www.cheapoair.com
2	dc.services.visualstudio.com	www.cheapoair.com
2	securepubads.g.doubleclick.net	www.cheapoair.com
2	az416426.vo.msecnd.net	www.cheapoair.com
2	consent.api.osano.com	www.cheapoair.com
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	insight.adsrvr.org	1 redirects
1	px.steelhousemedia.com
1	gs.mountain.com	www.cheapoair.com
1	i6.liadm.com
1	d.turn.com	1 redirects
1	pippio.com
1	p.rfihub.com	1 redirects
1	sslwidget.criteo.com	www.cheapoair.com
1	static.criteo.net	www.cheapoair.com
1	lantern.roeye.com
1	stats.g.doubleclick.net	www.cheapoair.com
1	us1.nowinteract.com	www.cheapoair.com
1	lantern.roeyecdn.com	www.cheapoair.com
1	cdn.nowinteract.com	www.cheapoair.com
1	dx.mountain.com	www.cheapoair.com
1	www.dwin1.com	www.cheapoair.com
1	apis.google.com	www.cheapoair.com
1	c.go-mpulse.net	www.cheapoair.com
1	geolocation.onetrust.com	www.cheapoair.com
1	s.go-mpulse.net	www.cheapoair.com
1	cmp.osano.com	www.cheapoair.com
195	75

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.facebook.com
twitter.com
www.instagram.com
www.tiktok.com
www.fareportal.com
www.cheapoair.org

Subject Issuer	Validity	Valid
www.cheapoair.com DigiCert SHA2 Extended Validation Server CA	`2023-12-14` - `2024-12-05`	a year	crt.sh
*.osano.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
www.fareportal.com GeoTrust RSA CA 2018	`2023-07-27` - `2024-07-26`	a year	crt.sh
p11.techlab-cdn.com R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
*.api.osano.com Amazon RSA 2048 M03	`2023-09-27` - `2024-10-25`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.azure.fareportal.com Go Daddy Secure Certificate Authority - G2	`2023-10-08` - `2024-11-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
in.applicationinsights.azure.com Microsoft Azure RSA TLS Issuing CA 04	`2023-11-17` - `2024-11-11`	a year	crt.sh
*.dwin1.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2023-06-12` - `2024-06-23`	a year	crt.sh
*.nowinteract.com Sectigo RSA Organization Validation Secure Server CA	`2023-05-23` - `2024-06-22`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.roeyecdn.com Amazon RSA 2048 M01	`2023-10-04` - `2024-10-30`	a year	crt.sh
52.22.50.55 Sectigo RSA Domain Validation Secure Server CA	`2023-02-14` - `2024-02-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.roeye.com Amazon RSA 2048 M03	`2023-11-26` - `2024-12-24`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
hb.yahoo.net R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-04-05` - `2024-05-03`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
revcontent.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-16`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
servicebus.windows.net Microsoft Azure TLS Issuing CA 06	`2024-01-12` - `2024-06-27`	5 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.cheapoair.com/
Frame ID: 9302BE66F93ADD682E1274915FEDCDA4
Requests: 129 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.cheapoair.com&origin=onetag&us_privacy=1-N-
Frame ID: 534E8063822E53D13728DBDA4554833D
Requests: 3 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&google_gid=CAESEJiYk3eIAoRcloQolnIO-z0&google_cver=1&google_ula=913071,0
Frame ID: 59B50E4649B4D12225DEC34D025EC8FC
Requests: 30 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&google_gid=CAESEJiYk3eIAoRcloQolnIO-z0&google_cver=1&google_ula=913071,0
Frame ID: 3AE1BA1DF848116D60A721A4FE24BC48
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cheap Airline Tickets, Hotels & Car Rentals | CheapOairIATANARC accredited agencyAstaNorton securedPCI + DDS CertifiedMaster cardVisa cardDiscover cardAmex cardDiners clubpaypaltop10facebooktwitter

Page URL History Show full URLs

http://www.cheapoair.com/ HTTP 301
https://www.cheapoair.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js
accounts\.google\.com/gsi/client

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

195
Requests

79 %
HTTPS

0 %
IPv6

56
Domains

75
Subdomains

63
IPs

3
Countries

2005 kB
Transfer

6650 kB
Size

119
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://itunes.apple.com/us/app/cheapoair-flights-hotels-cars/id436858222?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.fp.cheapoair

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cheapoair
Title: Connect with Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/cheapoair
Title: Connect with Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cheapoair/
Title: Connect with Instagram

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@cheapoair
Title: Connect with TikTok

Search URL Search Domain Scan URL

URL: http://www.fareportal.com/category/press-releases/
Title: Press Room

Search URL Search Domain Scan URL

URL: https://www.fareportal.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: http://www.cheapoair.org/
Title: Social Responsibility

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.cheapoair.com/ HTTP 301
https://www.cheapoair.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&google_cm&google_hm=ay1sS3hHakJCUVdWSjNjT0dTWFJmWTVIZFdTam1TV21TZ05vN3M0dw&us_privacy=1-N- HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&google_gid=CAESEJiYk3eIAoRcloQolnIO-z0&google_cver=1&google_ula=913071,0

Request Chain 133

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-0pz6YxBQWVJ3cOGSXRfY5HdWSjl4EsDI1W9OeQ&expires=30&us_privacy=1-N- HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-0pz6YxBQWVJ3cOGSXRfY5HdWSjl4EsDI1W9OeQ&expires=30&us_privacy=1-N-

Request Chain 134

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID&us_privacy=1-N- HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID%26us_privacy%3D1-N- HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3868332357203809149&us_privacy=1-N-

Request Chain 135

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&custom=&tag_format=img&tag_action=sync&custom=&cb=56a70774-ffa9-4076-8955-8e4723122573&us_privacy=1-N- HTTP 302
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=56a70774-ffa9-4076-8955-8e4723122573&us_privacy=1-N-&final=true&reqid=b0a080d0-b6a2-11ee-a41f-bd5b4c2d569e&timestamp=2024-01-19T08%3A13%3A55.934Z HTTP 302
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=3868332357203809149&tag_format=img&tag_action=sync HTTP 302
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=b0a821f1-b6a2-11ee-bf46-fbe0b4b0f28d?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=b0a821f1-b6a2-11ee-bf46-fbe0b4b0f28d?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=e7fb01c263ec12f562962e88e594bc3d&tag_format=img&tag_action=sync&cb=63198165 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=a7604688-10be-41f7-a962-999de7f171d3&tag_format=img&tag_action=sync&cb= HTTP 302
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=b0a821f1-b6a2-11ee-bf46-fbe0b4b0f28d&cb=1705652036972&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2130%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1705652036972 HTTP 302
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=cd70d323-630f-46b1-9511-0ad826c068fe&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1705652036972 HTTP 302
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync HTTP 302
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=b16f1b70-b6a2-11ee-9fb6-d71d5cede3d8

Request Chain 141

https://eb2.3lift.com/xuid?mid=2711&xuid=k-vEbbcRBQWVJ3cOGSXRfY5HdWSjkOGfOesVNctw&dongle=013b&us_privacy=1-N- HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-vEbbcRBQWVJ3cOGSXRfY5HdWSjkOGfOesVNctw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=1-N-

Request Chain 145

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40&us_privacy=1-N- HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=ODpQcKMnnq6dDhy_mqkKIzPcj8gvcr2O

Request Chain 146

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-e_NT0xBQWVJ3cOGSXRfY5HdWSjlBs7Lzi4ZCNg&us_privacy=1-N- HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-e_NT0xBQWVJ3cOGSXRfY5HdWSjlBs7Lzi4ZCNg&us_privacy=1-N-&C=1

Request Chain 148

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-1wHlQBBQWVJ3cOGSXRfY5HdWSjn7ErWaP-gtAg&us_privacy=1-N- HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1wHlQBBQWVJ3cOGSXRfY5HdWSjn7ErWaP-gtAg&us_privacy=1-N-

Request Chain 149

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_SQtshBQWVJ3cOGSXRfY5HdWSjnSj7t7cdTOAg&us_privacy=1-N- HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_SQtshBQWVJ3cOGSXRfY5HdWSjnSj7t7cdTOAg&us_privacy=1-N-&_li_chk=true&previous_uuid=2a941ad54a16418bac68f1578462170b HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=2a941ad5-4a16-418b-ac68-f1578462170b&us_privacy=1-N- HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=77c3b9aa-e9b0-4f44-acd0-2a0d3a46f3b6%3A1705652036.7281566&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D77c3b9aa-e9b0-4f44-acd0-2a0d3a46f3b6%253A1705652036.7281566%26pid%3D500040%26it%3D1%26iv%3D77c3b9aa-e9b0-4f44-acd0-2a0d3a46f3b6%253A1705652036.7281566%26_%3D1705652036.7303934&cb=1705652036.7304354 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=978477423367306059&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D77c3b9aa-e9b0-4f44-acd0-2a0d3a46f3b6%253A1705652036.7281566%26pid%3D500040%26it%3D1%26iv%3D77c3b9aa-e9b0-4f44-acd0-2a0d3a46f3b6%253A1705652036.7281566%26_%3D1705652036.7303934 HTTP 302
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=77c3b9aa-e9b0-4f44-acd0-2a0d3a46f3b6%3A1705652036.7281566&pid=500040&it=1&iv=77c3b9aa-e9b0-4f44-acd0-2a0d3a46f3b6%3A1705652036.7281566&_=1705652036.7303934 HTTP 303
https://pippio.com/api/sync?it=1&pid=500040&_=1705652036.7303934&iv=77c3b9aa-e9b0-4f44-acd0-2a0d3a46f3b6:1705652036.7281566

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&google_cm&google_hm=ay1sS3hHakJCUVdWSjNjT0dTWFJmWTVIZFdTam1TV21TZ05vN3M0dw&us_privacy=1-N- HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&google_gid=CAESEJiYk3eIAoRcloQolnIO-z0&google_cver=1&google_ula=913071,0

Request Chain 160

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID&us_privacy=1-N- HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3868332357203809149&us_privacy=1-N-

Request Chain 161

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&custom=&tag_format=img&tag_action=sync&custom=&cb=56a70774-ffa9-4076-8955-8e4723122573&us_privacy=1-N- HTTP 302
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=3868332357203809149&tag_format=img&tag_action=sync HTTP 302
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=b0a821f1-b6a2-11ee-bf46-fbe0b4b0f28d?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=e7fb01c263ec12f562962e88e594bc3d&tag_format=img&tag_action=sync&cb=232393440 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=a7604688-10be-41f7-a962-999de7f171d3&tag_format=img&tag_action=sync&cb= HTTP 302
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=b0a821f1-b6a2-11ee-bf46-fbe0b4b0f28d&cb=1705652036972&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2130%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1705652036972 HTTP 302
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=bb80ea33-6439-4ceb-bc6e-2cc3bcd74274&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1705652036972 HTTP 302
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync HTTP 302
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=b16f1b70-b6a2-11ee-b489-7530d5baf48f

Request Chain 171

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40&us_privacy=1-N- HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=v7kmZVkW1zesqWl06puqmzwIoE23lSIm

Request Chain 174

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-1wHlQBBQWVJ3cOGSXRfY5HdWSjn7ErWaP-gtAg&us_privacy=1-N- HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1wHlQBBQWVJ3cOGSXRfY5HdWSjn7ErWaP-gtAg&us_privacy=1-N-

Request Chain 175

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_SQtshBQWVJ3cOGSXRfY5HdWSjnSj7t7cdTOAg&us_privacy=1-N- HTTP 303
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D&us_privacy=1-N- HTTP 302
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4456526877555796754&us_privacy=1-N- HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1-N- HTTP 302
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=a7604688-10be-41f7-a962-999de7f171d3 HTTP 303
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=a7604688-10be-41f7-a962-999de7f171d3

Request Chain 186

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40&us_privacy=1-N- HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=quzjZDPF2n4dOehHDunA3XMzlOfHhwK1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=quzjZDPF2n4dOehHDunA3XMzlOfHhwK1

Request Chain 187

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40&us_privacy=1-N- HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=CtNGCd4nwALQ0e0QAnJbLUBHA3Or4xZt HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=CtNGCd4nwALQ0e0QAnJbLUBHA3Or4xZt

Request Chain 191

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40&us_privacy=1-N- HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=IEwNyJy4_8Doj3Ysu73C6sn4GBHMTQyH

Request Chain 192

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40&us_privacy=1-N- HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=Jy7V2jKJB-BcnBSnsJ-k_B9H4dsQjViA

Request Chain 196

https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=b0888c7c-b6a2-11ee-9877-fd432b54a1e6&gdpr=&gdpr_consent= HTTP 302
https://px.steelhousemedia.com/tdsync?tdid=a7604688-10be-41f7-a962-999de7f171d3&shguid=b0888c7c-b6a2-11ee-9877-fd432b54a1e6

Request Chain 197

https://insight.adsrvr.org/track/evnt/?adv=yj80w04&ct=0:x3p2nz3&fmt=3 HTTP 302
https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=a7604688-10be-41f7-a962-999de7f171d3 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=a7604688-10be-41f7-a962-999de7f171d3

195 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.cheapoair.com/
Redirect Chain

http://www.cheapoair.com/
https://www.cheapoair.com/

45 KB
17 KB

186ms
105ms

Document
text/html

23.48.224.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.109 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 094fec4c77fbffa956200605d9460defb0b2d1e5edd254510d51a7a4a5e8e970

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

akamai-x-true-edgecontrol-ttl: -1
cache-control: private
content-encoding: gzip
content-length: 15974
content-type: text/html; charset=utf-8
cteonnt-length: 41000
date: Fri, 19 Jan 2024 08:13:52 GMT
link: <https://cmp.osano.com>;rel="preconnect",<https://p11.techlab-cdn.com>;rel="preconnect",<https://az416426.vo.msecnd.net>;rel="preconnect",<https://securepubads.g.doubleclick.net>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect" <https://c.fareportal.com>;rel="preconnect"
server-timing: cdn-cache; desc=MISS edge; dur=26 origin; dur=35 ak_p; desc="1705652032256_398664781_1240548193_6091_4601_17_42_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 14161 0 pmb=mNONE,1mTOE,1mRUM,2

Redirect headers

Akamai-X-True-EdgeControl-TTL: -1
Connection: keep-alive
Content-Length: 0
Date: Fri, 19 Jan 2024 08:13:52 GMT
Location: https://www.cheapoair.com/
Server-Timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1705652032174_398664780_2662481850_6_5435_17_0_-";dur=1

GET
H2 200 e0c03701e6674333ac6612d1f1af9c9db0012acbc25 Show response
www.cheapoair.com/assets/ 148 KB
52 KB 106ms
57ms Script
application/javascript 23.48.224.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.109 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4831d8a2c36bd1a29021499cda181b9418e33fc2bd80dbb57c74391414b91a24

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:52 GMT
content-encoding: gzip
content-md5: 3+xWPHh5S+V10Iu5X+mNCA==
akamai-x-true-edgecontrol-ttl: -1
server-timing: edge; dur=1, origin; dur=11, cdn-cache; desc=MISS, ak_p; desc="1705652032466_398664781_1240548455_1181_1850_17_0_146";dur=1
content-length: 53007
last-modified: Mon, 24 Jul 2023 11:48:52 GMT
etag: 0x8DB8C3BF3C79779
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 08:23:52 GMT

GET
H2 200 privacyservice.js Show response
www.cheapoair.com/complianceservice/dist/92/ 19 KB
9 KB 183ms
135ms Script
application/javascript 23.48.224.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cheapoair.com/complianceservice/dist/92/privacyservice.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.109 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bcb82d5e6bea6260514b9c95cbba81e97415f7df9d3753790c510f3e774c2ddf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:52 GMT
content-encoding: gzip
last-modified: Thu, 18 Jan 2024 15:32:33 GMT
etag: W/"4dd2-18d1d33d668"
vary: Accept-Encoding
akamai-x-true-edgecontrol-ttl: -1
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
server-timing: cdn-cache; desc=MISS, edge; dur=58, origin; dur=29, ak_p; desc="1705652032466_398664781_1240548454_8648_5267_17_0_219";dur=1
accept-ranges: bytes
content-length: 8303
expires: Fri, 19 Jan 2024 08:13:52 GMT

GET
H2 200 osano.js Show response
cmp.osano.com/AzyzrsTwNKZBT35Me/c9b10c4f-707c-44a9-8fb8-ec798b50ec13/ 236 KB
61 KB 177ms
49ms Script
application/javascript 18.164.96.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/AzyzrsTwNKZBT35Me/c9b10c4f-707c-44a9-8fb8-ec798b50ec13/osano.js

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-69.jfk50.r.cloudfront.net

Software

CloudFront /

Resource Hash

637e1ecadcb728a3ed9958cab50697305f76a4d92ce2cc59f82c39df2a4de1da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:54:44 GMT
content-encoding: br
via: 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P5
age: 47948
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 62017
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 18 Jan 2024 18:50:49 GMT
server: CloudFront
etag: "274aa4e756b225bd24e403da5195bbe5"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: vJ5-aPRhRfHe-AT8NAMCrK0og5NxnGQemlJQslu5YGaUY9xDxxQzGA==

GET
H2 200 resources.js Show response
c.fareportal.com/vd/coa/travel/js/ 78 KB
18 KB 253ms
110ms Script
application/x-javascript 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fareportal.com/vd/coa/travel/js/resources.js?v=1.39
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 1bec00b8d0146e832f7a444a942a7946af7c79f0ebc5ea86a36177d1552f817e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:52 GMT
content-encoding: br
last-modified: Thu, 28 Sep 2023 12:12:05 GMT
server: Akamai Resource Optimizer
etag: "97da06a7555a98987511f155f714f720:1695896570.540365"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652032566_3501798919_10128754_115_3105_20_0_219";dur=1
accept-ranges: bytes
content-length: 18521

GET
H2 200 vendor.b8015adfdffc65ea5f01.css
c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/ 3 KB
1 KB 243ms
101ms Stylesheet
text/css 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/vendor.b8015adfdffc65ea5f01.css
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: aae02b968ec8b56633ee16a87597ab1fefc125f16c7cb9b49f47031989e0f824

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:52 GMT
content-encoding: br
last-modified: Mon, 18 Dec 2023 18:36:44 GMT
server: Akamai Resource Optimizer
etag: "e2cb002b4625b63ae32656c9d050c867:1702915511.107196"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652032512_3501798919_10128752_429_767_20_0_255";dur=1
accept-ranges: bytes
content-length: 766

GET
H2 200 main.4868d26fb7ed5bcaf2ac.css
c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/ 674 KB
119 KB 194ms
52ms Stylesheet
text/css 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/main.4868d26fb7ed5bcaf2ac.css
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 320e2922606df398a0dbe334d25d763eedbadd8a76b486c8e18aecc8ab81f96c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:52 GMT
content-encoding: br
last-modified: Mon, 18 Dec 2023 18:11:48 GMT
server: Akamai Resource Optimizer
etag: "51a6a6d2df55a1c0164892e0e66f31c9:1702915507.581004"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652032566_3501798919_10128753_129_3127_20_45_255";dur=1
accept-ranges: bytes
content-length: 121960

GET
H2 200 runtime.bundle.c4346b1dba48e9135dfe.js Show response
c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/ 6 KB
2 KB 255ms
114ms Script
application/x-javascript 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/runtime.bundle.c4346b1dba48e9135dfe.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: cbf73f2bd7be70d4b638b386c217063b44bdb7d11e86e5efbea0d7f72dbc5899

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:52 GMT
content-encoding: br
last-modified: Mon, 08 Jan 2024 12:40:39 GMT
server: Akamai Resource Optimizer
etag: "d280b5621ec267c383490cf3d1641ee7:1704715945.771488"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652032566_3501798919_10128755_93_3073_20_0_219";dur=1
accept-ranges: bytes
content-length: 1982

GET
H2 200 vendor.bundle.58cf1defa35160eabb8c.js Show response
c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/ 467 KB
91 KB 254ms
114ms Script
application/x-javascript 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/vendor.bundle.58cf1defa35160eabb8c.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 67f3f393a90d9c645367330b2830cef85609885c5c0a587a4874f18d3b4bf839

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:52 GMT
content-encoding: br
last-modified: Mon, 18 Dec 2023 17:45:11 GMT
server: Akamai Resource Optimizer
etag: "65c4b4cc49b488ff7ad04370cb9b0972:1702915511.434688"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652032566_3501798919_10128756_135_3050_20_0_219";dur=1
accept-ranges: bytes
content-length: 92554

GET
H2 200 main.bundle.bdce95d51ea7fef5dd27.js Show response
c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/ 1 MB
189 KB 266ms
126ms Script
application/x-javascript 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/main.bundle.bdce95d51ea7fef5dd27.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 2352c8be250b4ccaeef97c27c70113ca220df01db3e510f307ecc434e630227c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:52 GMT
content-encoding: br
last-modified: Mon, 08 Jan 2024 12:42:02 GMT
server: Akamai Resource Optimizer
etag: "96867e7db5626c87231dc423509c508a:1704715944.869558"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1705652032566_3501798919_10128757_248_3047_20_0_219";dur=1
accept-ranges: bytes
content-length: 193548

GET
H2 200 65319_1825202461.js Show response
p11.techlab-cdn.com/e/ 54 KB
18 KB 162ms
45ms Fetch
application/javascript 23.48.224.107
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/65319_1825202461.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.107 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-107.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ad80a3f6b1b1b869088b872381b3179a21dccc4e465ec0a00c92824f6462c258

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:52 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 14:24:26 GMT
content-md5: TBz6CQ/Qf16sF8+q5U3Ixg==
etag: 0x8DA7C6E5C88AF92
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
timing-allow-origin: *
content-length: 18223
expires: Fri, 19 Jan 2024 08:23:52 GMT

GET
H2 200 65257_1825232097.js Show response
p11.techlab-cdn.com/e/ 14 KB
6 KB 158ms
42ms Fetch
application/javascript 23.48.224.107
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/65257_1825232097.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.107 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-107.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74a7a53097f5335e794968f4f7c27d089701fd635c8698c5f5fda7f30356cacb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:52 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 12:38:55 GMT
content-md5: 7rdGFe+/Y2zHt4sXxqkzxw==
etag: 0x8DAD39902829531
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
timing-allow-origin: *
content-length: 6061
expires: Fri, 19 Jan 2024 08:23:52 GMT

GET
H2 200 64885_1825202523.js Show response
p11.techlab-cdn.com/e/ 3 KB
2 KB 197ms
81ms Fetch
application/javascript 23.48.224.107
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/64885_1825202523.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.107 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-107.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 422aa4e7ba5ff626a830dbbee358cb5055122a03b5c36b5f7608e1b34999e529

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:52 GMT
content-encoding: gzip
last-modified: Sun, 24 Apr 2022 12:00:07 GMT
content-md5: DnvBZTKTbXGPNtxH2P6zMg==
etag: 0x8DA25E9F9A41165
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
timing-allow-origin: *
content-length: 1470
expires: Fri, 19 Jan 2024 08:23:52 GMT

GET
H2 200 65226_1825232128.js Show response
p11.techlab-cdn.com/e/ 70 KB
33 KB 180ms
65ms Fetch
application/javascript 23.48.224.107
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/65226_1825232128.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.107 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-107.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 02433a62f3bc96003e78509ec45872fe3330c330204fa77415039f40a043224b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:52 GMT
content-encoding: gzip
last-modified: Thu, 06 Jul 2023 07:07:50 GMT
content-md5: sYBscgCVtSaJQGvZdsVDxw==
etag: 0x8DB7DEFB5BB50C7
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
timing-allow-origin: *
content-length: 32997
expires: Fri, 19 Jan 2024 08:23:52 GMT

POST
H2 204 record Show response
consent.api.osano.com/ 0
438 B 138ms
137ms XHR
text/plain 18.164.116.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.api.osano.com/record
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-119.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.cheapoair.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
via: 1.1 00266a01055b9f1e1ad959f077c1d96a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
x-amzn-trace-id: Root=1-65aa2f40-13f03c6f0b0368c14ff9f3cf
x-amzn-requestid: 33f4273e-df6d-42d1-b129-11bfc6f4d31a
x-cache: Miss from cloudfront
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With
x-amz-apigw-id: RxxSMF9nIAMEaqQ=
x-amz-cf-id: 1WhHfVQMemBt6HXDr3smPvzlFUlnBhT1L7zzjqkADvMilq1UAbga0Q==

OPTIONS
H2 200 record
consent.api.osano.com/ Frame 0
0 192ms
51ms Preflight
application/json 18.164.116.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.api.osano.com/record
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-119.jfk50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cheapoair.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 19 Jan 2024 08:13:52 GMT
via: 1.1 00266a01055b9f1e1ad959f077c1d96a.cloudfront.net (CloudFront)
x-amz-apigw-id: RxxSLG0OoAMEtxg=
x-amz-cf-id: VMtGwtNagydrQ2no-qRzESXzFKvd2rB8q0b5f7QPns0f9d5-KbKotw==
x-amz-cf-pop: JFK50-P6
x-amzn-requestid: 9d622856-7290-41ad-85d6-233c1475b4bb
x-cache: Miss from cloudfront

GET
BLOB 200
OK 42b7277a-7087-49e3-a90e-a8c6e283393e
https://www.cheapoair.com/ 9 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cheapoair.com/42b7277a-7087-49e3-a90e-a8c6e283393e
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a64103cbcf116b3219a2d93b9bb4f0a267fa8214cf72460531004703fc3ea49

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 9049
Content-Type: application/javascript

GET
H2 200 TDGEG-YRX2P-V9HJU-3FC6S-QQHMB Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 154ms
40ms Script
application/javascript 23.46.224.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/TDGEG-YRX2P-V9HJU-3FC6S-QQHMB
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.46.224.158 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-46-224-158.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:52 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Tue, 02 Jan 2024 00:43:32 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

POST
H2 200 get Show response
www.cheapoair.com/appsetting/defaultsetting/ 3 KB
2 KB 129ms
119ms XHR
application/json 23.48.224.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cheapoair.com/appsetting/defaultsetting/get
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.109 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9064782323510e94279e3809576141afe6bb6b126699588317b28dd8949afc05

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cheapoair.com/
x-client-id: home_landing
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

request-context: appId=cid-v1:9557e990-01fc-432d-921c-cd4ab066753f
pragma: no-cache
date: Fri, 19 Jan 2024 08:13:53 GMT
content-encoding: br
akamai-x-true-edgecontrol-ttl: -1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cheapoair.com
cache-control: private, no-cache, no-store, must-revalidate
server-timing: cdn-cache; desc=MISS, edge; dur=24, origin; dur=52, ak_p; desc="1705652033001_398664781_1240549269_7654_3395_20_0_219";dur=1
content-length: 1465
expires: -1

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 111ms
36ms Script
application/x-javascript 72.21.81.200
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (cha/81AB) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Jan 2024 08:13:53 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1250
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (cha/81AB)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4b0dfc53-f01e-00b1-53ac-4ac5cd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Fri, 19 Jan 2024 08:43:53 GMT

GET
H2 200 interactiveIconOptimizedV2.svg Show response
c.fareportal.com/vd/coa/travel/js/ 390 KB
133 KB 147ms
63ms XHR
image/svg+xml 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fareportal.com/vd/coa/travel/js/interactiveIconOptimizedV2.svg?v=1.01
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: dd24633484c99d990cc787393a0ddc7bcb15530217830a8ef083b6bfc31c61e1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cheapoair.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
content-encoding: gzip
last-modified: Tue, 03 Oct 2023 05:10:34 GMT
server: Akamai Resource Optimizer
etag: "f335fa4a46b405c4ac0fe97109fe6121:1695897751.301623"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=15, origin; dur=0, ak_p; desc="1705652033189_3501798919_10128802_1497_1012_20_42_219";dur=1
accept-ranges: bytes
content-length: 135917

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 80 B
258 B 130ms
41ms Script
text/javascript 172.64.155.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3239179c231e92d869dc4aaf0f98ec1788ab57525000014e6ae0bbf4a39a0afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 847d9ef7a8a061b1-ORD
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 RedirectionBanner.bundle.9904cde66ca6be130118.js Show response
c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/ 3 KB
1 KB 118ms
43ms Script
application/x-javascript 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/RedirectionBanner.bundle.9904cde66ca6be130118.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 567a45907bd0951f8291802412271c7ff76051191d177eba5bd3901c6e03419b

Request headers

Referer: https://www.cheapoair.com/
Origin: https://www.cheapoair.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
content-encoding: br
last-modified: Mon, 08 Jan 2024 12:17:06 GMT
server: Akamai Resource Optimizer
etag: "c492fa03b097ea643b78e6274053814a:1704715936.616459"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033233_3501798919_10128804_47_761_20_0_146";dur=1
accept-ranges: bytes
content-length: 1073

GET
H2 200 HeroBannerContent.bundle.4fb0e4a61f2ed312f6ae.js Show response
c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/ 6 KB
2 KB 67ms
44ms Script
application/x-javascript 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/HeroBannerContent.bundle.4fb0e4a61f2ed312f6ae.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 554677bb470eb3f3c437fd35db8661958363aad5ae63913df3dbb05d30fe1b50

Request headers

Referer: https://www.cheapoair.com/
Origin: https://www.cheapoair.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
content-encoding: br
last-modified: Mon, 18 Dec 2023 17:57:58 GMT
server: Akamai Resource Optimizer
etag: "25fe95a85e89f67bf8c92c118d92d3f3:1702915496.00441"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033233_3501798919_10128805_53_696_20_0_146";dur=1
accept-ranges: bytes
content-length: 1479

GET
H2 200 SuperDealAndRecentSearch.bundle.e487b55b1f5dd42ebb0a.js Show response
c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/ 38 KB
10 KB 85ms
84ms Script
application/x-javascript 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/SuperDealAndRecentSearch.bundle.e487b55b1f5dd42ebb0a.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: de471845407a4527ca5c4af420bd2396fb4b00e6e984cabf5c5e3bf9958fe4c5

Request headers

Referer: https://www.cheapoair.com/
Origin: https://www.cheapoair.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
content-encoding: br
last-modified: Mon, 08 Jan 2024 12:50:34 GMT
server: Akamai Resource Optimizer
etag: "91f034b73cfbe8190ae1eeba4babcbfa:1704715937.193556"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033252_3501798919_10128809_48_1026_20_0_146";dur=1
accept-ranges: bytes
content-length: 9447

GET
H2 200 Footer.bundle.219bf4a018d0c48adf3e.js Show response
c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/ 70 KB
12 KB 86ms
86ms Script
application/x-javascript 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/Footer.bundle.219bf4a018d0c48adf3e.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 8513d46c8e882c4e4f7c31d69e9365c3b196addb293c55c385095e87a136762e

Request headers

Referer: https://www.cheapoair.com/
Origin: https://www.cheapoair.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
content-encoding: br
last-modified: Mon, 08 Jan 2024 12:18:29 GMT
server: Akamai Resource Optimizer
etag: "b12722e91ae324e80b65d75d7dfc990b:1704715929.213406"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033264_3501798919_10128814_140_1403_20_0_146";dur=1
accept-ranges: bytes
content-length: 12126

POST
H2 200 get Show response
www.cheapoair.com/appsetting/defaultsetting/ 3 KB
2 KB 133ms
132ms XHR
application/json 23.48.224.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cheapoair.com/appsetting/defaultsetting/get
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.109 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4ad14dd8fd118a33727be20ddf106459417dc92f8d3644bd9197e3e907d3fe62

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cheapoair.com/
x-client-id: home_landing
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

request-context: appId=cid-v1:9557e990-01fc-432d-921c-cd4ab066753f
pragma: no-cache
date: Fri, 19 Jan 2024 08:13:53 GMT
content-encoding: br
akamai-x-true-edgecontrol-ttl: -1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cheapoair.com
cache-control: private, no-cache, no-store, must-revalidate
server-timing: cdn-cache; desc=MISS, edge; dur=25, origin; dur=63, ak_p; desc="1705652033268_398664781_1240549631_8745_3847_19_0_219";dur=1
content-length: 1464
expires: -1

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02901fba8dee60381dc695f28684d3eb3ee9adf3c93fbd0d9081e630c75ca175

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 345 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3df7fa7bdc166e4d7ce3816c02945c209d8112ca6600d646733e40d2ec82a9c1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 450 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cb2b184d0ee7dd3b41dfdd630dd1e0157dd103e689d9b835ba74a391f73bb8a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 344 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b950930f33aa68dc4a4eccf3ee71dbaaee20e1dabf9d39d4489fd686956fe543

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 promocode Show response
www.cheapoair.com/promocodeapi/ 2 KB
3 KB 108ms
107ms XHR
application/json 23.48.224.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cheapoair.com/promocodeapi/promocode
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.109 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7cce00e71ef84b22807ee074fc5c7e00c7a6eeb9f74c2849c71ffba5ee0b1326

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cheapoair.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
etag: W/"952-uQK3jKIJ+f9Vz8+KQBllHY1mKYI"
akamai-x-true-edgecontrol-ttl: -1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cheapoair.com
server-timing: cdn-cache; desc=MISS, edge; dur=24, origin; dur=33, ak_p; desc="1705652033327_398664781_1240549727_5803_3578_19_0_219";dur=1
access-control-allow-headers: Origin, X-Requested- With, Content-Type, Accept
content-length: 2386
request-context: appId=cid-v1:eb616296-80ab-4c3e-9a2a-1528dec0802b

GET
H2 200 COA-agent-pic.png
c.fareportal.com/gcms/portals/2/rweb/images/ 34 KB
34 KB 49ms
41ms Image
image/png 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.fareportal.com/gcms/portals/2/rweb/images/COA-agent-pic.png?v=1
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 87e046445da0f8f77f07f53bfbaed78dd4d532a112fb2f3a4e2c29fb7c3e8966

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
last-modified: Tue, 12 Dec 2023 08:09:33 GMT
server: AkamaiNetStorage
etag: "5639a41ada9887add8f5fa6326543971:1702368576.185667"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033353_3501798919_10128842_20_1013_26_0_146";dur=1
accept-ranges: bytes
content-length: 34343

GET
H2 200 COA-agent-pic.png
c.fareportal.com/gcms/portals/2/rweb/images/ 34 KB
34 KB 51ms
43ms Image
image/png 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.fareportal.com/gcms/portals/2/rweb/images/COA-agent-pic.png
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 87e046445da0f8f77f07f53bfbaed78dd4d532a112fb2f3a4e2c29fb7c3e8966

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
last-modified: Tue, 12 Dec 2023 08:09:33 GMT
server: AkamaiNetStorage
etag: "5639a41ada9887add8f5fa6326543971:1702368576.185667"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033353_3501798919_10128843_18_1002_26_0_146";dur=1
accept-ranges: bytes
content-length: 34343

GET
H2 200 add-appdownloadbanner.png
c.fareportal.com/vd/coa/travel/r6/images/ 12 KB
13 KB 51ms
44ms Image
image/png 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.fareportal.com/vd/coa/travel/r6/images/add-appdownloadbanner.png
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: eb3bf9c8f018a4ad38ab1b15de683e575128531c58281c9a5efeb814603f7ba3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
last-modified: Tue, 02 May 2023 11:46:57 GMT
server: AkamaiNetStorage
etag: "daa8605b126a30c1a407dc029283cd5f:1683028019.579191"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033355_3501798919_10128844_30_664_26_0_146";dur=1
accept-ranges: bytes
content-length: 12786

POST
H2 200 set Show response
www.cheapoair.com/appsetting/currency/ 196 B
609 B 154ms
147ms XHR
application/json 23.48.224.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cheapoair.com/appsetting/currency/set
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.109 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c7d1c8487db5109c6793ad452b5a688d6e28e7bfb22f2ca34f1ac04a25c3d03c

Request headers

Access-Control-Allow-Origin: *
Accept: application/json, text/plain, */*
Referer: https://www.cheapoair.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

request-context: appId=cid-v1:9557e990-01fc-432d-921c-cd4ab066753f
pragma: no-cache
date: Fri, 19 Jan 2024 08:13:53 GMT
content-encoding: br
akamai-x-true-edgecontrol-ttl: -1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cheapoair.com
cache-control: private, no-cache, no-store, must-revalidate
server-timing: cdn-cache; desc=MISS, edge; dur=25, origin; dur=76, ak_p; desc="1705652033351_398664781_1240549777_10061_4059_24_0_219";dur=1
content-length: 183
expires: -1

GET
H2 200 GetGeoAirportDetail Show response
www.cheapoair.com/fapiv2/dmsqservice/v1/Air/ 401 B
559 B 131ms
128ms XHR
application/json 23.48.224.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cheapoair.com/fapiv2/dmsqservice/v1/Air/GetGeoAirportDetail
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.109 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 88d2a7c187ba4dc4b67c8349b7bbf654d09cd1ae2782797e6b9a83c09ebfd5c7

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cheapoair.com/
Request-Id: |nKKqV.Lw1N3
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
content-encoding: br
api-supported-versions: 1.0
akamai-x-true-edgecontrol-ttl: -1
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=23, origin; dur=58, ak_p; desc="1705652033396_398664781_1240549841_8038_6669_23_0_219";dur=1
content-length: 238
request-context: appId=cid-v1:3b2adc4c-34ae-4147-9c8e-12519ff5f78f

GET
BLOB 200
OK 3b44381b-0edc-421e-bd64-8d62a0add515
https://www.cheapoair.com/ 9 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cheapoair.com/3b44381b-0edc-421e-bd64-8d62a0add515
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c331f9262f76902481619012ddef1e3a72bae0b3e3170d5edec7747b21d3e504

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 9049
Content-Type: application/javascript

GET
BLOB 200
OK 032d65c9-9440-46dc-abe8-cf378afdc4fa
https://www.cheapoair.com/ 9 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cheapoair.com/032d65c9-9440-46dc-abe8-cf378afdc4fa
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9eb47b058f3fbf47aebfea791061d6d54e96ef43fee16035323d1e77f7c9ac1c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 9049
Content-Type: application/javascript

GET
H2 204 / Show response
www.cheapoair.com/profiles/publicapi/v1/personnote/ 0
514 B 103ms
102ms XHR
text/plain 23.48.224.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cheapoair.com/profiles/publicapi/v1/personnote/?&category_=recentsearchairv2&take_=10
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.109 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-Debug: false
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.cheapoair.com/
X-AID: YzI1ZjEyOWJhODgyNWRlMw==
X-DomainId: www.cheapoair.com
Request-Id: |nKKqV.PXXSF

Response headers

expires: Thu, 18 Jan 2024 08:13:53 GMT
date: Fri, 19 Jan 2024 08:13:53 GMT
x-correlation-id: 2ad36274-79e3-4067-9d53-cf79954fe009
request-context: appId=cid-v1:b3ee8068-36a4-44fa-8f68-1dcc8838081e
x-machinestamp: crm-noteapi-core-66ccb84bbd-nk628
akamai-x-true-edgecontrol-ttl: -1
cache-control: no-cache, public
x-proxy-server: profilengx2
server-timing: cdn-cache; desc=MISS, edge; dur=23, origin; dur=35, ak_p; desc="1705652033456_398664781_1240549933_5772_4629_22_0_219";dur=1
x-proxy-cache: BYPASS

GET
H2 200 download_app_banner.webp
c.fareportal.com/gcms/portals/2/rweb/images/ 22 KB
22 KB 48ms
43ms Image
image/webp 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.fareportal.com/gcms/portals/2/rweb/images/download_app_banner.webp
Requested by: Host: c.fareportal.com
URL: https://c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/main.4868d26fb7ed5bcaf2ac.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1e107d14350e1f94905d9e929f96be07dd55b7f885d5b9e4838650dc1217feac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/main.4868d26fb7ed5bcaf2ac.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
last-modified: Tue, 04 Jul 2023 08:20:22 GMT
server: AkamaiNetStorage
etag: "02ad46b7735f79af44ee3f7be0090506:1688458825.52299"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033481_3501798919_10128852_13_968_20_0_146";dur=1
accept-ranges: bytes
content-length: 22538

GET
H2 200 email_coupon.png
c.fareportal.com/gcms/portals/2/rweb/images/ 2 KB
2 KB 48ms
44ms Image
image/png 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.fareportal.com/gcms/portals/2/rweb/images/email_coupon.png
Requested by: Host: c.fareportal.com
URL: https://c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/main.4868d26fb7ed5bcaf2ac.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 63de91fbbeb6aae2a605f08af9b12680c4207731031d09e4165bfde84a2a78de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c.fareportal.com/vd/hp/desktop/hp/92/3.1.219/main.4868d26fb7ed5bcaf2ac.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
last-modified: Tue, 30 May 2023 10:28:29 GMT
server: AkamaiNetStorage
etag: "2287656b35cda24090220db7261276bc:1685442512.21553"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033483_3501798919_10128853_28_674_20_0_146";dur=1
accept-ranges: bytes
content-length: 1784

GET
H2 200 dynamic-footerlinks.json Show response
c.fareportal.com/vd/coa/travel/js/ 21 KB
22 KB 46ms
46ms XHR
application/json 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fareportal.com/vd/coa/travel/js/dynamic-footerlinks.json?v=1.03
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d97c5803cdcbb5d2e9f441754f4f29aea6be4106090d816ef7705f8128ac0740

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cheapoair.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
last-modified: Thu, 09 Nov 2023 10:41:48 GMT
server: AkamaiNetStorage
etag: "c7be921798530fb8ec55e218870cf105:1699526511.614138"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033485_3501798919_10128854_17_1162_20_0_219";dur=1
accept-ranges: bytes
content-length: 21880

GET
H2 200 coa_creditcard.png
c.fareportal.com/gcms/portals/2/rweb/images/ 40 KB
40 KB 44ms
42ms Image
image/png 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.fareportal.com/gcms/portals/2/rweb/images/coa_creditcard.png
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6dc6657ca61dbd3f9bd246ce09e31f6ef6f6b4ddff66f322ac7621d1852f76b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
last-modified: Mon, 29 May 2023 14:40:09 GMT
server: AkamaiNetStorage
etag: "b2bf67db1986aa517e0e50a8c2344525:1685371213.31511"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033493_3501798919_10128855_13_927_20_0_146";dur=1
accept-ranges: bytes
content-length: 40913

GET
H2 200 ios_AppD_ban.png
c.fareportal.com/gcms/portals/2/rweb/images/ 12 KB
12 KB 45ms
44ms Image
image/png 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.fareportal.com/gcms/portals/2/rweb/images/ios_AppD_ban.png
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3691a089aa0a0b3aaf66e3adc10b7a6eca3f0242f768fde61b7e9ee00195d9e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
last-modified: Tue, 13 Jun 2023 01:49:30 GMT
server: AkamaiNetStorage
etag: "e9d6c529afaaca2351256e6dda99d93b:1686620972.458321"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033495_3501798919_10128856_23_700_20_0_146";dur=1
accept-ranges: bytes
content-length: 12481

GET
H2 200 android_app_ban.png
c.fareportal.com/gcms/portals/2/rweb/images/ 8 KB
8 KB 46ms
44ms Image
image/png 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.fareportal.com/gcms/portals/2/rweb/images/android_app_ban.png
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 393af04639528492c4cf870b6bd654dfc697a13d8cccfe31eec00292052732e7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
last-modified: Tue, 13 Jun 2023 01:49:30 GMT
server: AkamaiNetStorage
etag: "e0bebdfabbbe8bfa65c36c0639dbdcdf:1686620972.32627"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033495_3501798919_10128857_28_634_20_0_146";dur=1
accept-ranges: bytes
content-length: 8087

GET
H2 200 coa_app_footer.png
c.fareportal.com/gcms/portals/2/rweb/images/ 16 KB
16 KB 51ms
49ms Image
image/png 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.fareportal.com/gcms/portals/2/rweb/images/coa_app_footer.png
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 030ab64baab1981c98d00ce2ceae7a8f7080f92d6b00cdde11be80416c3e5d78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
last-modified: Wed, 07 Jun 2023 13:00:35 GMT
server: AkamaiNetStorage
etag: "905aded1b7407701aef801642fadfb45:1686142836.813487"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033495_3501798919_10128858_28_737_20_0_146";dur=1
accept-ranges: bytes
content-length: 16356

GET
H2 200 footer-logo-desktop.webp
c.fareportal.com/vd/coa/travel/r6/images/ 12 KB
12 KB 52ms
51ms Image
image/webp 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.fareportal.com/vd/coa/travel/r6/images/footer-logo-desktop.webp
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b17f2e34090a2d4469c46a0a5724a9f404acc22a6618ecf41dc916876cccba17

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
last-modified: Wed, 26 Jul 2023 10:23:00 GMT
server: AkamaiNetStorage
etag: "31cdb607f01d404c0baf0f7fb2e19b5b:1690366984.477214"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033495_3501798919_10128859_29_786_20_0_146";dur=1
accept-ranges: bytes
content-length: 11796

GET
H2 200 / Show response
www.cheapoair.com/personalization/v1/deals/ 7 KB
7 KB 270ms
269ms XHR
application/json 23.48.224.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cheapoair.com/personalization/v1/deals/?uid=YzI1ZjEyOWJhODgyNWRlMw==&slotId=COAHomePage
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.109 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 55cf89b2e82febda511ace2a66851ef006e75e6924c5b136921d71080810b804

Request headers

accept-language: en-US,en;q=0.9
x-platform: Desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.cheapoair.com/
x-domainid: www.cheapoair.com
Request-Id: |nKKqV.pM/F6
x-api-key: 534fcaa1-6492-4dd0-b2b2-7cb59d7c8dfd

Response headers

request-context: appId=cid-v1:058a527c-682f-467f-885a-e7959f4a4743
date: Fri, 19 Jan 2024 08:13:53 GMT
api-supported-versions: 1.0
server-timing: cdn-cache; desc=MISS, edge; dur=23, origin; dur=202, ak_p; desc="1705652033493_398664781_1240549979_22523_5103_21_0_219";dur=1
content-length: 6998
akamai-x-true-edgecontrol-ttl: -1
content-type: application/json; charset=utf-8

GET
H2 200 CHI Show response
www.cheapoair.com/airautosuggestapi/autosuggest/en-US/ 6 KB
1 KB 72ms
65ms XHR
application/json 23.48.224.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cheapoair.com/airautosuggestapi/autosuggest/en-US/CHI
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.109 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 042ef531d9e24586b73be7f18b932f93d32d828bf9b2ffedd4905d892985b81a

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cheapoair.com/
x-client-id: landingpage
Request-Id: |nKKqV.fJx0G
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
content-encoding: br
akamai-x-true-edgecontrol-ttl: 43200
content-type: application/json; charset=utf-8
cache-control: public, max-age=1440
server-timing: cdn-cache; desc=HIT, edge; dur=22, origin; dur=0, ak_p; desc="1705652033563_398664781_1240550067_2227_4688_22_0_219";dur=1
content-length: 1014
request-context: appId=cid-v1:b29ed964-55be-4d9a-a676-4b5d6c4dfe26

GET
H2 200 client Show response
accounts.google.com/gsi/ 207 KB
80 KB 202ms
66ms Script
application/javascript 142.251.167.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f84.1e100.net

Software

ESF /

Resource Hash

e77b0f154ac2aff8d44ea6201fc78e6b71d565ca7a61f9335f289fbe4690d294

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-ZGaoiusuGZaiOBSuMqEg_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-ZGaoiusuGZaiOBSuMqEg_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 19 Jan 2024 08:13:53 GMT

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07e2ba526d86034f8ed82bb28f8eb0d817b3d96e7cfbe8be0359d37257086afb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 51 B
323 B 174ms
56ms XHR
application/json 23.56.212.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=TDGEG-YRX2P-V9HJU-3FC6S-QQHMB&d=www.cheapoair.com&t=5685507&v=1.720.0&sl=0&si=b398fbb8-f487-44aa-b752-92263f388628-s7i1j4&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=197772
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.56.212.182 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-212-182.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ef8e9f399b2c1b5456df765cce9f3d09e4064cb31b75a659d964f29a9cee3dc0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Jan 2024 08:13:53 GMT
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 51
Content-Type: application/json

GET
H2 200 ATL-rx.jpg
c.fareportal.com/gcms/portals/2/images/destinations/ 27 KB
27 KB 47ms
45ms Image
image/jpeg 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.fareportal.com/gcms/portals/2/images/destinations/ATL-rx.jpg
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 25e05812be38cf4998b096be208941498aacbbdbc4cd5f9df3fd89ffd4d9f4ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
last-modified: Mon, 21 Aug 2023 10:33:48 GMT
server: AkamaiNetStorage
etag: "16d186e9c9da3a6d1fa68c5e944b46b1:1692614051.314968"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033806_3501798919_10128882_77_1015_20_0_219";dur=1
accept-ranges: bytes
content-length: 27237

GET
H2 200 MIA-rx.jpg
c.fareportal.com/gcms/portals/2/images/destinations/ 34 KB
34 KB 44ms
43ms Image
image/jpeg 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.fareportal.com/gcms/portals/2/images/destinations/MIA-rx.jpg
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 00c238f932db9daa45f81c7ef29a92e7601604aa9eeb272e4a8ea9dc02c09e32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
last-modified: Mon, 21 Aug 2023 10:33:48 GMT
server: AkamaiNetStorage
etag: "d7040f0cb72c432974e2c9114f5942a8:1692614066.262911"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033806_3501798919_10128883_18_970_20_0_219";dur=1
accept-ranges: bytes
content-length: 34970

GET
H2 200 ORL-rx.jpg
c.fareportal.com/gcms/portals/2/images/destinations/ 28 KB
29 KB 45ms
44ms Image
image/jpeg 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.fareportal.com/gcms/portals/2/images/destinations/ORL-rx.jpg
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 11c6a3fca1bcfa5f89c0995739967c2d8cd6c4d0d05963b2c5083cfa8adf66b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
last-modified: Mon, 21 Aug 2023 10:33:48 GMT
server: AkamaiNetStorage
etag: "f38c3b79d0f901a31e2da8b46fd256cc:1692614069.829939"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033806_3501798919_10128884_19_982_20_0_219";dur=1
accept-ranges: bytes
content-length: 28928

GET
H2 200 style
accounts.google.com/gsi/ 533 B
586 B 56ms
55ms Stylesheet
text/css 142.251.167.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f84.1e100.net

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-A55ZhofPJNklzqdwZkPvLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-A55ZhofPJNklzqdwZkPvLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 19 Jan 2024 08:13:53 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
527 B 62ms
62ms XHR
application/json 142.251.167.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=225858352230-ns77skrj4858jjh1ekrb5u6ijv2u8igl.apps.googleusercontent.com&as=Px5z9wd343OELIa4X%2F4CLg

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f84.1e100.net

Software

ESF /

Resource Hash

c0a22dbe2c05f8d54872dfde1426f17e4f8e83999a2d4349202821b0c762f988

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RH0LKMH9lBMIMY03F4hP6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-RH0LKMH9lBMIMY03F4hP6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cheapoair.com
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
317 B 60ms
60ms XHR
application/json 142.251.167.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=225858352230-ns77skrj4858jjh1ekrb5u6ijv2u8igl.apps.googleusercontent.com&as=Px5z9wd343OELIa4X%2F4CLg

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f84.1e100.net

Software

ESF /

Resource Hash

c0a22dbe2c05f8d54872dfde1426f17e4f8e83999a2d4349202821b0c762f988

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-lSQKcY9kZw7P0GpzQngZXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-lSQKcY9kZw7P0GpzQngZXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cheapoair.com
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK cdc65fd5-a5ac-4003-93a7-ce5b72021418
https://www.cheapoair.com/ 9 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cheapoair.com/cdc65fd5-a5ac-4003-93a7-ce5b72021418
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a37fb304306a7906d299dc807b0741486eda2ef90df6f506a6b299773c68cadd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 9049
Content-Type: application/javascript

GET
BLOB 200
OK 5982b9c9-8028-483d-bed9-5c651aee6ea5
https://www.cheapoair.com/ 9 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cheapoair.com/5982b9c9-8028-483d-bed9-5c651aee6ea5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 500fbec0043e2339458506b04a71d85d06b24a561b7c7e7854d7c0da5849d552

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 9049
Content-Type: application/javascript

GET
BLOB 200
OK 79cd437b-77ac-43fd-b3b2-2110ba5664f1
https://www.cheapoair.com/ 9 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cheapoair.com/79cd437b-77ac-43fd-b3b2-2110ba5664f1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4158dfd25c98ede17fe71d0fd8082a889930366479f35136e4b9b421c72d572b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 9049
Content-Type: application/javascript

GET
BLOB 200
OK 65a3e050-54b2-4ccf-9b45-2b3df718eff4
https://www.cheapoair.com/ 9 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cheapoair.com/65a3e050-54b2-4ccf-9b45-2b3df718eff4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd447c4fd13fcbf4ec8b6b930fa5e25b3c16a1de27419b3edcb3be60688e551e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 9049
Content-Type: application/javascript

GET
BLOB 200
OK 45a78420-cc58-4a18-9696-95807796887e
https://www.cheapoair.com/ 9 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cheapoair.com/45a78420-cc58-4a18-9696-95807796887e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07fe8457e2392a45a0f6c024e429a7f8dbadc8bd72e86724005fd0d353250384

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 9049
Content-Type: application/javascript

GET
BLOB 200
OK 5e42a324-2782-45f0-b619-b28da9fd0864
https://www.cheapoair.com/ 9 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cheapoair.com/5e42a324-2782-45f0-b619-b28da9fd0864
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c4d38dd604a1b2ea84c978ebc9f54a3941da724c096616ea08020c45a06cc91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 9049
Content-Type: application/javascript

GET
BLOB 200
OK 63dbb93f-b681-44b3-baec-2afc51beea53
https://www.cheapoair.com/ 9 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cheapoair.com/63dbb93f-b681-44b3-baec-2afc51beea53
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eedef3371ed50b028179948b1be42fcaa878fe51f67c3e18be4049511302c7d0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 9049
Content-Type: application/javascript

GET
H2 200 searchpopunder.min.js Show response
c.fareportal.com/vd/coa/travel/travel_resources/resources/js/ 5 KB
2 KB 43ms
43ms Script
application/x-javascript 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fareportal.com/vd/coa/travel/travel_resources/resources/js/searchpopunder.min.js?ver=1.0
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: a6ca79956f4f1f0679f52b8cc7d4a46cafd981f474e2e1cc99fe14e847500f69

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
content-encoding: br
last-modified: Sat, 07 Oct 2023 18:40:07 GMT
server: Akamai Resource Optimizer
etag: "8c48bda39b2be47057d6acc24e5ef11f:1581617629.911694"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033958_3501798919_10128906_43_1065_20_0_146";dur=1
accept-ranges: bytes
content-length: 1629

GET
H2 200 platform.js Show response
apis.google.com/js/ 56 KB
22 KB 182ms
66ms Script
text/javascript 142.251.35.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f14.1e100.net

Software

sffe /

Resource Hash

0bcb6531cb0967359e17b655d4142b55d1eac2aed3fe5340f8ce930a7000e5d3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 Jan 2024 08:13:54 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21929
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "619578e938ea6244"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 08:13:54 GMT

GET
H2 200 tracker-0.1.min.js Show response
c.fareportal.com/vd/coa/travel/travel_resources/resources/js/ 9 KB
2 KB 52ms
52ms Script
application/x-javascript 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fareportal.com/vd/coa/travel/travel_resources/resources/js/tracker-0.1.min.js?ver=1.0
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 31754f79a9615190ad1ce94474fad549b80c6b8e6bf552ccec8cab829dff2700

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
content-encoding: br
last-modified: Sat, 24 Jun 2023 01:04:42 GMT
server: Akamai Resource Optimizer
etag: "651998745e679fdbb5ca7a1b68522ab1:1620899261.23943"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033964_3501798919_10128907_12_793_20_0_146";dur=1
accept-ranges: bytes
content-length: 1784

GET
H2 200 AnonymousUserTracking-live.js Show response
c.fareportal.com/vd/coa/travel/travel_resources/resources/js/ 5 KB
1 KB 51ms
51ms Script
application/x-javascript 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fareportal.com/vd/coa/travel/travel_resources/resources/js/AnonymousUserTracking-live.js?ver=1.0
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 3d4c57e7447b9d9618f5ea3b5c389d9760a4df7b353e92cc91755f33d908ca26

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
content-encoding: br
last-modified: Fri, 12 May 2023 03:45:06 GMT
server: Akamai Resource Optimizer
etag: "807687fc0593908dd48f01b4343ba810:1581617628.825453"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033966_3501798919_10128908_40_656_20_0_146";dur=1
accept-ranges: bytes
content-length: 983

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 173ms
83ms Script
text/javascript 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

a9504e02e9cbe3e8eb5f35f4a31b1abc5c87669d2e16a8abd9e90838e512eb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29751
x-xss-protection: 0
server: cafe
etag: 183 / 19741 / m202401110101 / config-hash: 4827389799172652304
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 08:13:54 GMT

GET
H2 200 lp-1.0.1-beta.1.js Show response
www.cheapoair.com/portals/2/launchpad/ 67 KB
17 KB 47ms
46ms Script
application/javascript 23.48.224.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cheapoair.com/portals/2/launchpad/lp-1.0.1-beta.1.js?gcms-srv
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.109 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5c359660ced1ffde76cbfdbb03a34f78bb72393a27c738b00883821daa0a92ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 25 Jan 2024 07:53:34 GMT
date: Fri, 19 Jan 2024 08:13:53 GMT
content-encoding: gzip
fp-x-static-cachecontrol: !no-store, cache-maxage=168h
x-akamai-ro-tunnel-origin-edge-control: !no-store, cache-maxage=168h
ntcoent-length: 68343
akamai-x-true-edgecontrol-ttl: 604800
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
fp-x-static: 1
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033974_398664781_1240550675_104_4866_20_0_146";dur=1
content-length: 16403
last-modified: Wed, 08 Nov 2023 05:23:14 GMT
etag: "7e13191971d91:0"
vary: Accept-Encoding
content-type: application/javascript
fp-x-edge-cache-tag: www.cheapoair.com-portals2launchpad
cache-control: max-age=517181
x-proxy-server: lpnginxhvlive1
accept-ranges: bytes
x-proxy-cache: HIT

GET
H2 200 delta-OnD-for-OT-redirection-v1.json Show response
c.fareportal.com/vd/coa/travel/js/ 13 KB
13 KB 44ms
43ms Script
application/json 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fareportal.com/vd/coa/travel/js/delta-OnD-for-OT-redirection-v1.json
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1c4df04c019b99a546156bae3270ab17014ee8cbb343e1bb0a89af5dbaaecb47

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:53 GMT
last-modified: Thu, 13 May 2021 09:46:32 GMT
server: AkamaiNetStorage
etag: "17f14b36e318e7a0c8fb7357630b8851:1620899228.398935"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652033975_3501798919_10128910_53_967_20_0_146";dur=1
accept-ranges: bytes
content-length: 12945

PUT
H2 200 AnonymousUser Show response
www.cheapoair.com/profiles/publicapi/v1/ 14 B
382 B 124ms
124ms XHR
application/json 23.48.224.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cheapoair.com/profiles/publicapi/v1/AnonymousUser?FPUserId=-3

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.109 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-109.deploy.static.akamaitechnologies.com

Software

Resource Hash

c61be1f787f42711ef1b74da0d3988057d488b163dd11dbfd174711892e67cc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.cheapoair.com/
X-DomainId: 92
Request-Id: |nKKqV.jHmLp
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: raw

Response headers

expires: Thu, 18 Jan 2024 08:13:54 GMT
pragma: no-cache
date: Fri, 19 Jan 2024 08:13:54 GMT
x-content-type-options: nosniff
x-machinestamp: NJPAPWP01114-220-80
akamai-x-true-edgecontrol-ttl: -1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cheapoair.com
cache-control: no-cache, public
x-proxy-server: profilengx2
server-timing: ak_p; desc="1705652034028_398664781_1240550738_8120_2787_19_0_219";dur=1
content-length: 14
request-context: appId=cid-v1:02a21fc1-779e-4c77-b239-6fe6d6034e38

GET
H2 200 c04162b6-da3a-4007-a572-46b9323ec8f3 Show response
launchpadapiassignment.azure.fareportal.com/api/settings/ 447 B
639 B 147ms
43ms Fetch
text/plain 66.198.179.166
AS6453

General

Check archive.org

Show headers Download Go to

Full URL

https://launchpadapiassignment.azure.fareportal.com/api/settings/c04162b6-da3a-4007-a572-46b9323ec8f3

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.198.179.166 , United States, ASN6453 (AS6453, US),

Reverse DNS

Software

Resource Hash

a5e54e6a33c72ba5fdee1b1d9953dca1305ae170596f12f02b548ae2ca797383

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 19 Jan 2024 08:13:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
request-context: appId=cid-v1:89e4f248-03ec-458b-9984-3d0f6ff95e51
content-type: text/plain; charset=utf-8

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 24ms
23ms Script
application/x-javascript 72.21.81.200
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (cha/81AB) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Jan 2024 08:13:54 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1251
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (cha/81AB)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4b0dfc53-f01e-00b1-53ac-4ac5cd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Fri, 19 Jan 2024 08:43:54 GMT

GET
BLOB 200
OK 5a48ff4a-f88c-4760-8d11-9621e6234cf1
https://www.cheapoair.com/ 9 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cheapoair.com/5a48ff4a-f88c-4760-8d11-9621e6234cf1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 358ea4a54e01dc235b5009211451ec705df0e9038143e9aa368a434d11131b2b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 9049
Content-Type: application/javascript

GET
H2 200 csas_lpgp-1.0.0.js Show response
c.fareportal.com/vd/csas/ 28 KB
9 KB 42ms
41ms Script
application/x-javascript 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fareportal.com/vd/csas/csas_lpgp-1.0.0.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: dfd56cf5d5032bbbcb37ec12983f804f8692a97d5846c76c8cfbd208d7e734c4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:54 GMT
content-encoding: br
last-modified: Mon, 05 Jun 2023 14:34:27 GMT
server: Akamai Resource Optimizer
etag: "937c4f5fed9e10c8197684be5b159376:1624970839.151862"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652034056_3501798919_10128922_15_1097_20_0_146";dur=1
accept-ranges: bytes
content-length: 8390

GET
BLOB 200
OK 6b3c8736-1684-4384-be22-1f24a493bbee
https://www.cheapoair.com/ 9 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cheapoair.com/6b3c8736-1684-4384-be22-1f24a493bbee
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18c18b43c7452bbccf345a263357bbfd6071aaf4589d33cfbdd9c6260614d0b5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 9049
Content-Type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 288 KB
96 KB 169ms
71ms Script
application/javascript 142.250.80.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K5LP946

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

17416adab491bfd2707cd483ab95644315c11cfdb4482ae2dcedfc25a9b9abbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98225
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Jan 2024 08:13:54 GMT

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 250ms
41ms Preflight 20.42.73.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.42.73.140 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://www.cheapoair.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Fri, 19 Jan 2024 08:13:54 GMT
x-content-type-options: nosniff

POST
H2 206 track Show response
dc.services.visualstudio.com/v2/ 736 B
922 B 88ms
87ms XHR
application/json 20.42.73.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.42.73.140 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5b983ba9474f96005f55d69769689f7718e70e3ad4a57a3207d76e6575bc797c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cheapoair.com/
accept-language: en-US,en;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 4EB5185F-512C-4E36-B9A7-D461AD6980D5
strict-transport-security: max-age=31536000
date: Fri, 19 Jan 2024 08:13:54 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 736

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/ 430 KB
135 KB 42ms
41ms Script
text/javascript 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

8730aafbdb6d03c6d4a37f76ebf8d504d5706fbae56686399a4b198981a0b6be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12934
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138464
x-xss-protection: 0
server: cafe
etag: 13337571285874554267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 18 Jan 2025 04:38:20 GMT

GET
H2 200 c04162b6-da3a-4007-a572-46b9323ec8f3 Show response
launchpadapiassignment.azure.fareportal.com/api/assignment/ 3 KB
3 KB 56ms
54ms Fetch
application/json 66.198.179.166
AS6453

General

Check archive.org

Show headers Download Go to

Full URL

https://launchpadapiassignment.azure.fareportal.com/api/assignment/c04162b6-da3a-4007-a572-46b9323ec8f3?subjectid=YzI1ZjEyOWJhODgyNWRlMw%3D%3D&testcode=srt&testcode=newcms100&testcode=sstcxlrefundbreakupbutton&defaultVariation=&defaultModification=&url=https://www.cheapoair.com/&referrer=&title=Cheap%20Airline%20Tickets,%20Hotels%20&%20Car%20Rentals%20|%20CheapOair&browser=[object%20Object]&screen=[object%20Object]&undefined=undefined&page_url=https://www.cheapoair.com/&page_url1=https://www.cheapoair.com/&page_url2=https://www.cheapoair.com/&page_url3=https://www.cheapoair.com/&page_url4=https://www.cheapoair.com/

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.198.179.166 , United States, ASN6453 (AS6453, US),

Reverse DNS

Software

Resource Hash

4d4a077a48e23d5ceaf9c62399f725e5cb518411d6fc7dae5a8ece336768543e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.cheapoair.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 19 Jan 2024 08:13:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
request-context: appId=cid-v1:89e4f248-03ec-458b-9984-3d0f6ff95e51
content-type: application/json; charset=utf-8

OPTIONS
H2 204 c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/assignment/ Frame 0
0 45ms
44ms Preflight 66.198.179.166
AS6453

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.198.179.166 , United States, ASN6453 (AS6453, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.cheapoair.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
date: Fri, 19 Jan 2024 08:13:54 GMT
request-context: appId=cid-v1:89e4f248-03ec-458b-9984-3d0f6ff95e51
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 11564.js Show response
www.dwin1.com/ 40 KB
11 KB 145ms
44ms Script
application/javascript 52.85.61.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/11564.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-115.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6112d5568c224f17dd2506871d996fbd247cab744d4f1a916b91577f915dc76e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: wLrZWrYFpHG_UxxVmMjh1cM1tbnlnXS5
content-encoding: gzip
via: 1.1 e5bd532dbdee524acdf00690205f3b5a.cloudfront.net (CloudFront)
date: Fri, 19 Jan 2024 08:07:34 GMT
x-amz-cf-pop: EWR53-P1
age: 381
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 17 Jan 2024 07:37:16 GMT
server: AmazonS3
etag: W/"78c67963707777c61e5b45b06009a6ca"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: OXhpnSL5vljxY5zpcPH57NXbaTd9vmXPgOk7H-EbQ6xZlX6flYkYmw==

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 21 KB
6 KB 196ms
50ms Script
application/javascript 34.238.149.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=30358&tdr=&plh=https%3A%2F%2Fwww.cheapoair.com%2F&cb=98161616324396350term=value
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.149.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-149-65.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: a21e487d382c75ecb8274d67e161014180b64a7967838ff364213c843bb9108c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:54 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
x-envoy-upstream-service-time: 2
be: spx-prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 noteservice-recentsearch-persona-v1.2.16.min.js Show response
c.fareportal.com/vd/coa/travel/UserProfile/JavaScript/ 30 KB
5 KB 43ms
42ms Script
application/x-javascript 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fareportal.com/vd/coa/travel/UserProfile/JavaScript/noteservice-recentsearch-persona-v1.2.16.min.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: baef7fd290d96b09415e1088cc636b3c7ef8d9bea94ccde5142c9d9bf42aba9f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:54 GMT
content-encoding: br
last-modified: Mon, 18 Sep 2023 14:00:28 GMT
server: Akamai Resource Optimizer
etag: "1e51f9763b8195a88eaa51e003aa864c:1683015776.973506"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652034397_3501798919_10128947_21_1153_20_0_146";dur=1
accept-ranges: bytes
content-length: 5251

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
71 KB 62ms
57ms Script
application/javascript 142.250.80.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-956986618

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c3917f9a57bf482f212d8227de338751b5160d106d8092134c4d68b2955414f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72623
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Jan 2024 08:13:54 GMT

GET
H2 200 imp_fareportal.min.js Show response
cdn.nowinteract.com/us1/fareportal/ 80 KB
22 KB 122ms
28ms Script
application/javascript 68.70.205.3
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nowinteract.com/us1/fareportal/imp_fareportal.min.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.70.205.3 , United States, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn / ASP.NET
Resource Hash: 501a81d93e254c36c669265612c63b74c236d1b11f5d882c68182be4dc3e9e53

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:54 GMT
content-encoding: gzip
last-modified: Fri, 05 May 2023 10:05:48 GMT
server: keycdn
x-edge-location: usch
etag: W/"55bd9f2a397fd91:0"
x-powered-by: ASP.NET
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 19 Jan 2024 09:13:54 GMT

GET
BLOB 200
OK c028a6ec-50bc-4b33-9d49-5374b6485c48
https://www.cheapoair.com/ 9 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cheapoair.com/c028a6ec-50bc-4b33-9d49-5374b6485c48
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 156d61ee7ab74f75b215a7a9d9d9bba28254b0f1870a09269d0bbb3110aeec81

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 9049
Content-Type: application/javascript

GET
BLOB 200
OK a453efe1-1405-4075-b0a8-27504ab4333f
https://www.cheapoair.com/ 9 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cheapoair.com/a453efe1-1405-4075-b0a8-27504ab4333f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18e3ddca2d7c0e871f0ae48def45b376bbd3a010dbb6ab9eb910c0f9753cacdd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 9049
Content-Type: application/javascript

GET
BLOB 200
OK 85dba1cc-da1b-438c-974d-11ef80ee61ec
https://www.cheapoair.com/ 9 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cheapoair.com/85dba1cc-da1b-438c-974d-11ef80ee61ec
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 084ac540eb3d83e39a5e0c524d8f5b1e31b8cca6f55bf65ec44ec8afd81b07c9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 9049
Content-Type: application/javascript

GET
H2 200 srt-1.jpg
c.fareportal.com/gcms/portals/2/images/ 11 KB
11 KB 54ms
48ms Image
image/jpeg 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.fareportal.com/gcms/portals/2/images/srt-1.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1dd458af3475efb8fef50d75760af7371727c4b24dc588e17c4f0e3a8d75525d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:54 GMT
last-modified: Fri, 22 Sep 2023 11:03:16 GMT
server: AkamaiNetStorage
etag: "783d1a15263451694f6f386ee82f3754:1695380600.483625"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652034522_3501798919_10128963_31_625_20_0_219";dur=1
accept-ranges: bytes
content-length: 11367

GET
H2 200 srt-2.png
c.fareportal.com/gcms/portals/2/images/ 2 KB
2 KB 51ms
46ms Image
image/png 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.fareportal.com/gcms/portals/2/images/srt-2.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 40b2010dbd390d81730fd6eace4e2b4148da5b59ed64a173eeca105060b397db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:54 GMT
last-modified: Fri, 22 Sep 2023 11:03:16 GMT
server: AkamaiNetStorage
etag: "72667a6cfff9071c47f6a5c21fecc1e3:1695380600.714594"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652034522_3501798919_10128961_29_669_20_0_219";dur=1
accept-ranges: bytes
content-length: 2019

GET
H2 200 srt-3.png
c.fareportal.com/gcms/portals/2/images/ 8 KB
8 KB 46ms
41ms Image
image/png 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.fareportal.com/gcms/portals/2/images/srt-3.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8d044af6333b4109565865f6da07696499bd3184e8ff6964cd3063a3779ba5f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:54 GMT
last-modified: Fri, 22 Sep 2023 11:03:16 GMT
server: AkamaiNetStorage
etag: "40a2199455f7849b3dab6d12f239c3f4:1695380600.993278"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652034520_3501798919_10128958_16_933_20_0_219";dur=1
accept-ranges: bytes
content-length: 7890

GET
H2 200 srt-4.png
c.fareportal.com/gcms/portals/2/images/ 3 KB
3 KB 47ms
43ms Image
image/png 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.fareportal.com/gcms/portals/2/images/srt-4.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bf97f98167e273bced5cb98910d9c3172427bad6dcd74b00345e83757dccb8f9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:54 GMT
last-modified: Fri, 22 Sep 2023 11:03:16 GMT
server: AkamaiNetStorage
etag: "4a0ecf5ec79f9fdf14efa501d5e37ade:1695380601.226628"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652034522_3501798919_10128959_107_498_20_0_219";dur=1
accept-ranges: bytes
content-length: 2972

GET
H2 200 srt-5.png
c.fareportal.com/gcms/portals/2/images/ 2 KB
3 KB 48ms
45ms Image
image/png 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.fareportal.com/gcms/portals/2/images/srt-5.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 08f26322a00097699f9729b85cef7b987e782e13da0f47b1d50c6fbdb35519ed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:54 GMT
last-modified: Fri, 22 Sep 2023 11:03:16 GMT
server: AkamaiNetStorage
etag: "e7eb8c7328899bb07b813c36306b40fd:1695380601.779496"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652034522_3501798919_10128960_28_672_20_0_219";dur=1
accept-ranges: bytes
content-length: 2307

GET
H2 200 srt-6.png
c.fareportal.com/gcms/portals/2/images/ 3 KB
4 KB 49ms
47ms Image
image/png 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.fareportal.com/gcms/portals/2/images/srt-6.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 26f36c77a96ebed3dc4f672cabde26575b2a880168147a15dbe73d3286bea4a7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:54 GMT
last-modified: Fri, 22 Sep 2023 11:03:16 GMT
server: AkamaiNetStorage
etag: "262e6a3a3028902d6d4d2b6090336145:1695380601.997076"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652034522_3501798919_10128962_31_635_20_0_219";dur=1
accept-ranges: bytes
content-length: 3526

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
83 KB 67ms
65ms Script
application/javascript 142.250.80.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K2HFW8GXQN&l=dataLayer&cx=c

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5a3f91ecf95e3e237b158515d30d81894e5e2f070b70b193c721ba7299be89f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85233
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 Jan 2024 08:13:54 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 90ms
26ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 19 Jan 2024 08:13:53 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 250F0749078445D184501E0CB3A21F69 Ref B: CHGEDGE1722 Ref C: 2024-01-19T08:13:54Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 241 KB
82 KB 59ms
57ms Script
application/javascript 142.250.80.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MSCNDLG&l=dataLayer

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a8b612cffa6cca7f61f3d575799e26378331d5d38888e0518e46f064105201bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83897
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Jan 2024 08:13:54 GMT

GET
H2 200 lantern_global_11564.min.js Show response
lantern.roeyecdn.com/ 2 KB
2 KB 139ms
39ms Script
application/octet-stream 108.138.128.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lantern.roeyecdn.com/lantern_global_11564.min.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-100.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 48baca5d33344e733e6f4be5461081b77f3294229ddbc2a64862e279a9c8aa79

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5RCZW2kaues4JbNYj6QITuuNWsXHN2e7
date: Thu, 18 Jan 2024 10:04:06 GMT
via: 1.1 bd83fc15ab125846f839dd3c1ad21462.cloudfront.net (CloudFront)
last-modified: Tue, 10 Oct 2023 12:16:01 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 79842
etag: "f3a2b07c229d75d4a8694a571d8b2758"
x-cache: Hit from cloudfront
content-type: application/octet-stream
content-length: 1811
x-amz-cf-id: wnXwRmLg-l48SKkpQRf7BzxYzLTwkma-NsdJXw9VWuvb4UiWi9D8pA==

GET
H/1.1 200
OK ResponseService.ashx Show response
us1.nowinteract.com/logserver/ 778 B
1 KB 318ms
161ms XHR
application/json 212.54.153.104
STRATOGEN

General

Check archive.org

Show headers Download Go to

Full URL: https://us1.nowinteract.com/logserver/ResponseService.ashx?siteid=usfar170615epo&url=https%3A%2F%2Fwww.cheapoair.com%2F&urlref=&userkey=YzI1ZjEyOWJhODgyNWRlMw%3D%3D&impsess=012A69AAAA1D499F826006E377FF3AE0&rand=0.9878369703130714&KeyValue=impload:complete&KeyValue=impviewstyle:desktopstyle&KeyValue=implanguage:en-US&KeyValue=impscreenwidth:1600&KeyValue=impscreenheight:1200&KeyValue=imp_tn:0&KeyValue=impwidth:1600&KeyValue=impheight:1200&KeyValue=impnavigator:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&KeyValue=impversion:B.11.02.D&KeyValue=fpuid:YzI1ZjEyOWJhODgyNWRlMw%3D%3D&KeyValue=travel_fpt:FPUserId%3D-3&KeyValue=implogdataprevonp:0&KeyValue=implogtype:0&KeyValue=imploctime:2024-01-18T22%3A13%3A54.587&KeyValue=implocoffset:600&KeyValue=imploczone:Pacific%2FHonolulu
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 212.54.153.104 Edison, United States, ASN50292 (STRATOGEN , GB),
Reverse DNS: s104-153-54-212.cust.stratogen.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4ccb26a7168a1c74f847bc4518ede9657b9f7db89a646bffcd7f4d4ffb4660cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 08:13:50 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 778

GET
BLOB 200
OK a1fc0483-eb63-4c19-838c-699503696ce0
https://www.cheapoair.com/ 9 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cheapoair.com/a1fc0483-eb63-4c19-838c-699503696ce0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea1cc6d89101aa8c9012963fc32058968e384a6904cb82415a2205f8aa4fdb11

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 9049
Content-Type: application/javascript

GET
H/1.1 200
OK is Show response
52.22.50.55/ 32 B
437 B 204ms
53ms Fetch
text/plain 52.22.50.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://52.22.50.55/is
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.22.50.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-50-55.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: d3f7d8d4fd0bf029bf0de9178ba58199fc01c3c43bc92716630a9ee02f556874

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:54 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 4
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 32
x-application-context: application:prod:8080

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/956986618/ 2 KB
2 KB 162ms
59ms Script
text/javascript 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956986618/?random=1705652034544&cv=11&fst=1705652034544&bg=ffffff&guid=ON&async=1&gtm=45be41h0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cheapoair.com%2F&hn=www.googleadservices.com&frm=0&tiba=Cheap%20Airline%20Tickets%2C%20Hotels%20%26%20Car%20Rentals%20%7C%20CheapOair&us_privacy=1-N-&auid=994383736.1705652034&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

6853db007173ca976c8f542cd15716a6fb8ee38d1aba4f7356e27d116cb2f9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1271
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5037688.js Show response
bat.bing.com/p/action/ 0
116 B 27ms
26ms Script
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5037688.js

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 19 Jan 2024 08:13:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3C14093B1FF0410AA5FCB6A5DDE1BCD3 Ref B: CHGEDGE1722 Ref C: 2024-01-19T08:13:54Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
361 B 28ms
25ms Image
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5037688&tm=gtm002&Ver=2&mid=5ce7a5ba-2529-447e-b6d6-fb09e6c23b35&sid=afd82cb0b6a211eeaea963204070d597&vid=afd89570b6a211ee85afab86a4289075&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Cheap%20Airline%20Tickets,%20Hotels%20%26%20Car%20Rentals%20%7C%20CheapOair&p=https%3A%2F%2Fwww.cheapoair.com%2F&r=&lt=1800&evt=pageLoad&sv=1&rn=370865

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 19 Jan 2024 08:13:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4F95E35C436F40748B3CC2A95C2ADE2F Ref B: CHGEDGE1722 Ref C: 2024-01-19T08:13:54Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
255 B 151ms
57ms Ping
text/plain 142.250.65.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-K2HFW8GXQN&gtm=45je41h0v880245775z89117412064&_p=1705652034035&_gaz=1&gcd=11l1l1l1l3&npa=1&dma=0&cid=1535678427.1705652035&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=YzI1ZjEyOWJhODgyNWRlMw%3D%3D&sid=1705652034&sct=1&seg=0&dl=https%3A%2F%2Fwww.cheapoair.com%2F&dt=Cheap%20Airline%20Tickets%2C%20Hotels%20%26%20Car%20Rentals%20%7C%20CheapOair&en=page_view&_fv=1&_nsi=1&_ss=1&ep.platform=DesktopSite&ep.pathname=%2F&epn.page_load_time=1&ep.fp_affiliate=&tfd=2626
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.65.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s71-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cheapoair.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 148ms
64ms Ping
text/plain 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K2HFW8GXQN&cid=1535678427.1705652035&gtm=45je41h0v880245775z89117412064&aip=1&uid=YzI1ZjEyOWJhODgyNWRlMw%3D%3D&dma=0&gcd=11l1l1l1l3&npa=1
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cheapoair.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track.php
lantern.roeye.com/ 0
153 B 641ms
123ms Image
image/gif 54.247.156.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lantern.roeye.com/track.php?fingerprint=12448b0b-ad9a-423f-974c-a9a9aecc12b7&referrer=&landingpage=https%3A%2F%2Fwww.cheapoair.com%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&site=11564
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.156.204 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-247-156-204.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:55 GMT
server: nginx
content-length: 0
content-type: image/gif

GET
H2 200 noteservice-recentsearch-persona-v1.2.16.min.js Show response
c.fareportal.com/vd/coa/travel/UserProfile/JavaScript/ 30 KB
5 KB 61ms
58ms Script
application/x-javascript 23.192.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fareportal.com/vd/coa/travel/UserProfile/JavaScript/noteservice-recentsearch-persona-v1.2.16.min.js
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.10.35 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-10-35.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: baef7fd290d96b09415e1088cc636b3c7ef8d9bea94ccde5142c9d9bf42aba9f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:54 GMT
content-encoding: br
last-modified: Mon, 18 Sep 2023 14:00:28 GMT
server: Akamai Resource Optimizer
etag: "1e51f9763b8195a88eaa51e003aa864c:1683015776.973506"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705652034827_3501798919_10128978_16_1088_20_0_146";dur=1
accept-ranges: bytes
content-length: 5251

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 46 KB
15 KB 479ms
63ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 10 Oct 2023 15:11:46 GMT
server: nginx
etag: W/"652569b2-b614"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 Jan 2024 08:13:55 GMT

GET
BLOB 200
OK 46ca66fa-1583-4087-900d-86d168921d50
https://www.cheapoair.com/ 9 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cheapoair.com/46ca66fa-1583-4087-900d-86d168921d50
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b0e615a6bcf74ed768e537316adb096fae9f81658f310e07da6c350f81a5892

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 9049
Content-Type: application/javascript

GET
H2 200 /
www.google.com/pagead/1p-user-list/956986618/ 42 B
455 B 182ms
69ms Image
image/gif 142.251.40.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/956986618/?random=1705652034544&cv=11&fst=1705651200000&bg=ffffff&guid=ON&async=1&gtm=45be41h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cheapoair.com%2F&frm=0&tiba=Cheap%20Airline%20Tickets%2C%20Hotels%20%26%20Car%20Rentals%20%7C%20CheapOair&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_kDQt308lClyFLCeQoqjFKsJxywO3WQ&random=3511271008&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c04162b6-da3a-4007-a572-46b9323ec8f3 Show response
launchpadapiassignment.azure.fareportal.com/api/assignment/ 130 B
325 B 49ms
47ms Fetch
application/json 66.198.179.166
AS6453

General

Check archive.org

Show headers Download Go to

Full URL

https://launchpadapiassignment.azure.fareportal.com/api/assignment/c04162b6-da3a-4007-a572-46b9323ec8f3?subjectid=YzI1ZjEyOWJhODgyNWRlMw%3D%3D&testcode=flightvacationsearch&defaultVariation=false&defaultModification=0&url=https://www.cheapoair.com/&referrer=&title=Cheap%20Airline%20Tickets,%20Hotels%20&%20Car%20Rentals%20|%20CheapOair&browser=[object%20Object]&screen=[object%20Object]&undefined=undefined&page_url=https://www.cheapoair.com/&page_url1=https://www.cheapoair.com/&page_url2=https://www.cheapoair.com/&page_url3=https://www.cheapoair.com/&page_url4=https://www.cheapoair.com/&homepageurl=https://www.cheapoair.com/&page_load_time=1

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.198.179.166 , United States, ASN6453 (AS6453, US),

Reverse DNS

Software

Resource Hash

f46157d0db4b6648bd1dbb75c424f7f9cb407788f6d2ada85762ca42b901380b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.cheapoair.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 19 Jan 2024 08:13:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
request-context: appId=cid-v1:89e4f248-03ec-458b-9984-3d0f6ff95e51
content-type: application/json; charset=utf-8

OPTIONS
H2 204 c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/assignment/ Frame 0
0 43ms
42ms Preflight 66.198.179.166
AS6453

General

Check archive.org

Show headers Download Go to

Full URL

https://launchpadapiassignment.azure.fareportal.com/api/assignment/c04162b6-da3a-4007-a572-46b9323ec8f3?subjectid=YzI1ZjEyOWJhODgyNWRlMw%3D%3D&testcode=flightvacationsearch&defaultVariation=false&defaultModification=0&url=https://www.cheapoair.com/&referrer=&title=Cheap%20Airline%20Tickets,%20Hotels%20&%20Car%20Rentals%20|%20CheapOair&browser=[object%20Object]&screen=[object%20Object]&undefined=undefined&page_url=https://www.cheapoair.com/&page_url1=https://www.cheapoair.com/&page_url2=https://www.cheapoair.com/&page_url3=https://www.cheapoair.com/&page_url4=https://www.cheapoair.com/&homepageurl=https://www.cheapoair.com/&page_load_time=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.198.179.166 , United States, ASN6453 (AS6453, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.cheapoair.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
date: Fri, 19 Jan 2024 08:13:55 GMT
request-context: appId=cid-v1:89e4f248-03ec-458b-9984-3d0f6ff95e51
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 c04162b6-da3a-4007-a572-46b9323ec8f3 Show response
launchpadapiassignment.azure.fareportal.com/api/assignment/ 128 B
323 B 49ms
48ms Fetch
application/json 66.198.179.166
AS6453

General

Check archive.org

Show headers Download Go to

Full URL

https://launchpadapiassignment.azure.fareportal.com/api/assignment/c04162b6-da3a-4007-a572-46b9323ec8f3?subjectid=YzI1ZjEyOWJhODgyNWRlMw%3D%3D&testcode=issearchaffiliate&defaultVariation=false&defaultModification=0&url=https://www.cheapoair.com/&referrer=&title=Cheap%20Airline%20Tickets,%20Hotels%20&%20Car%20Rentals%20|%20CheapOair&browser=[object%20Object]&screen=[object%20Object]&undefined=undefined&page_url=https://www.cheapoair.com/&page_url1=https://www.cheapoair.com/&page_url2=https://www.cheapoair.com/&page_url3=https://www.cheapoair.com/&page_url4=https://www.cheapoair.com/&homepageurl=https://www.cheapoair.com/&page_load_time=1

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.198.179.166 , United States, ASN6453 (AS6453, US),

Reverse DNS

Software

Resource Hash

4ba79c1a96fa336eb94f57e03cf9954300ec61c0e437bc18d69edb365428b170

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.cheapoair.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 19 Jan 2024 08:13:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
request-context: appId=cid-v1:89e4f248-03ec-458b-9984-3d0f6ff95e51
content-type: application/json; charset=utf-8

OPTIONS
H2 204 c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/assignment/ Frame 0
0 43ms
42ms Preflight 66.198.179.166
AS6453

General

Check archive.org

Show headers Download Go to

Full URL

https://launchpadapiassignment.azure.fareportal.com/api/assignment/c04162b6-da3a-4007-a572-46b9323ec8f3?subjectid=YzI1ZjEyOWJhODgyNWRlMw%3D%3D&testcode=issearchaffiliate&defaultVariation=false&defaultModification=0&url=https://www.cheapoair.com/&referrer=&title=Cheap%20Airline%20Tickets,%20Hotels%20&%20Car%20Rentals%20|%20CheapOair&browser=[object%20Object]&screen=[object%20Object]&undefined=undefined&page_url=https://www.cheapoair.com/&page_url1=https://www.cheapoair.com/&page_url2=https://www.cheapoair.com/&page_url3=https://www.cheapoair.com/&page_url4=https://www.cheapoair.com/&homepageurl=https://www.cheapoair.com/&page_load_time=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.198.179.166 , United States, ASN6453 (AS6453, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.cheapoair.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
date: Fri, 19 Jan 2024 08:13:55 GMT
request-context: appId=cid-v1:89e4f248-03ec-458b-9984-3d0f6ff95e51
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1039901682/ 2 KB
2 KB 78ms
77ms Script
text/javascript 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1039901682/?random=1705652034812&cv=11&fst=1705652034812&bg=ffffff&guid=ON&async=1&gtm=45He41h0v9117419411&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cheapoair.com%2F&label=1d2GCIyR8AEQ8sfu7wM&hn=www.googleadservices.com&frm=0&tiba=Cheap%20Airline%20Tickets%2C%20Hotels%20%26%20Car%20Rentals%20%7C%20CheapOair&us_privacy=1-N-&auid=994383736.1705652034&uamb=0&uaw=0&data=flight_originid%3D%3Bflight_destid%3D%3Bflight_enddate%3D%3Bpackagetype%3Dflights%3Bflight_pagetype%3Dhome%3Bmobile%3DNO%3Bgoogle_business_vertical%3Dtravel&rfmt=3&fmt=4

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

0773b7fdb1ebae190322f105ce08731d1efcd269e277b10a1716b8461a553a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1405
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 39a47733-b795-4a06-a57a-e6474e698893
https://www.cheapoair.com/ 9 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cheapoair.com/39a47733-b795-4a06-a57a-e6474e698893
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ca2a57676562f20de469d1cf3ecb5fc6782f7abe37f33bdb7cb827204bad8a1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 9049
Content-Type: application/javascript

GET syncframe
gum.criteo.com/ Frame 534E 0
0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 534E 14 KB
6 KB 144ms
46ms Document
text/html 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.cheapoair.com&origin=onetag&us_privacy=1-N-

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cheapoair.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 08:13:54 GMT
server: Kestrel
server-processing-duration-in-ticks: 343586
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 /
www.google.com/pagead/1p-user-list/1039901682/ 42 B
108 B 86ms
70ms Image
image/gif 142.251.40.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1039901682/?random=1705652034812&cv=11&fst=1705651200000&bg=ffffff&guid=ON&async=1&gtm=45He41h0v9117419411&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cheapoair.com%2F&label=1d2GCIyR8AEQ8sfu7wM&frm=0&tiba=Cheap%20Airline%20Tickets%2C%20Hotels%20%26%20Car%20Rentals%20%7C%20CheapOair&data=flight_originid%3D%3Bflight_destid%3D%3Bflight_enddate%3D%3Bpackagetype%3Dflights%3Bflight_pagetype%3Dhome%3Bmobile%3DNO%3Bgoogle_business_vertical%3Dtravel&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_e2TJPkGW5F5yd5uESYYnNlPvSH1P9hpwbF3-QWUFG-TS22KC&random=3438668125&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
2 KB 338ms
84ms Script
application/javascript 35.81.173.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=G-K2HFW8GXQN&ga_client_id=1535678427.1705652035&shpt=Cheap%20Airline%20Tickets%20Hotels%20%26%20Car%20Rentals%20%7C%20CheapOair&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-K2HFW8GXQN%22%2C%22ga_client_id%22%3A%221535678427.1705652035%22%2C%22shpt%22%3A%22Cheap%20Airline%20Tickets%20Hotels%20%26%20Car%20Rentals%20%7C%20CheapOair%22%2C%22dcm_cid%22%3A%221535678427.1705652035%22%2C%22mntnis%22%3A%22yS04gIQ%2BizLCPql0u0A3m7yzNIj59RgT%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A4%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1535678427.1705652035&available_ga=%5B%7B%22id%22%3A%22G-K2HFW8GXQN%22%2C%22sess_id%22%3A%221705652034%22%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=30358&plh=https%3A%2F%2Fwww.cheapoair.com%2F&cb=98161616324396350term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.81.173.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-173-170.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 6551f86f5da7dae0b900f10a676aebaf211fea34539ccbb59f51183fdf5ccf5b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:55 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 2
connection: close

GET
H2 200 c04162b6-da3a-4007-a572-46b9323ec8f3 Show response
launchpadapiassignment.azure.fareportal.com/api/assignment/ 129 B
324 B 46ms
45ms Fetch
application/json 66.198.179.166
AS6453

General

Check archive.org

Show headers Download Go to

Full URL

https://launchpadapiassignment.azure.fareportal.com/api/assignment/c04162b6-da3a-4007-a572-46b9323ec8f3?subjectid=YzI1ZjEyOWJhODgyNWRlMw%3D%3D&testcode=hideFirstSuperDeal&defaultVariation=false&defaultModification=0&url=https://www.cheapoair.com/&referrer=&title=Cheap%20Airline%20Tickets,%20Hotels%20&%20Car%20Rentals%20|%20CheapOair&browser=[object%20Object]&screen=[object%20Object]&undefined=undefined&page_url=https://www.cheapoair.com/&page_url1=https://www.cheapoair.com/&page_url2=https://www.cheapoair.com/&page_url3=https://www.cheapoair.com/&page_url4=https://www.cheapoair.com/&homepageurl=https://www.cheapoair.com/&page_load_time=1

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.198.179.166 , United States, ASN6453 (AS6453, US),

Reverse DNS

Software

Resource Hash

ecf3a73e27f1e72ac07ff061a83061c3ba5c91d71054e414482fda075a29f787

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.cheapoair.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 19 Jan 2024 08:13:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
request-context: appId=cid-v1:89e4f248-03ec-458b-9984-3d0f6ff95e51
content-type: application/json; charset=utf-8

OPTIONS
H2 204 c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/assignment/ Frame 0
0 45ms
44ms Preflight 66.198.179.166
AS6453

General

Check archive.org

Show headers Download Go to

Full URL

https://launchpadapiassignment.azure.fareportal.com/api/assignment/c04162b6-da3a-4007-a572-46b9323ec8f3?subjectid=YzI1ZjEyOWJhODgyNWRlMw%3D%3D&testcode=hideFirstSuperDeal&defaultVariation=false&defaultModification=0&url=https://www.cheapoair.com/&referrer=&title=Cheap%20Airline%20Tickets,%20Hotels%20&%20Car%20Rentals%20|%20CheapOair&browser=[object%20Object]&screen=[object%20Object]&undefined=undefined&page_url=https://www.cheapoair.com/&page_url1=https://www.cheapoair.com/&page_url2=https://www.cheapoair.com/&page_url3=https://www.cheapoair.com/&page_url4=https://www.cheapoair.com/&homepageurl=https://www.cheapoair.com/&page_load_time=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.198.179.166 , United States, ASN6453 (AS6453, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.cheapoair.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
date: Fri, 19 Jan 2024 08:13:55 GMT
request-context: appId=cid-v1:89e4f248-03ec-458b-9984-3d0f6ff95e51
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 c04162b6-da3a-4007-a572-46b9323ec8f3 Show response
launchpadapiassignment.azure.fareportal.com/api/assignment/ 130 B
325 B 45ms
44ms Fetch
application/json 66.198.179.166
AS6453

General

Check archive.org

Show headers Download Go to

Full URL

https://launchpadapiassignment.azure.fareportal.com/api/assignment/c04162b6-da3a-4007-a572-46b9323ec8f3?subjectid=YzI1ZjEyOWJhODgyNWRlMw%3D%3D&testcode=explorebtnsuperdeal&defaultVariation=false&defaultModification=0&url=https://www.cheapoair.com/&referrer=&title=Cheap%20Airline%20Tickets,%20Hotels%20&%20Car%20Rentals%20|%20CheapOair&browser=[object%20Object]&screen=[object%20Object]&undefined=undefined&page_url=https://www.cheapoair.com/&page_url1=https://www.cheapoair.com/&page_url2=https://www.cheapoair.com/&page_url3=https://www.cheapoair.com/&page_url4=https://www.cheapoair.com/&homepageurl=https://www.cheapoair.com/&page_load_time=1

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.198.179.166 , United States, ASN6453 (AS6453, US),

Reverse DNS

Software

Resource Hash

747e5a54e1e9e276ba7f925e6c4ec61a480ae32f4da95e5e24877cde9059143b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.cheapoair.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 19 Jan 2024 08:13:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
request-context: appId=cid-v1:89e4f248-03ec-458b-9984-3d0f6ff95e51
content-type: application/json; charset=utf-8

OPTIONS
H2 204 c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/assignment/ Frame 0
0 45ms
44ms Preflight 66.198.179.166
AS6453

General

Check archive.org

Show headers Download Go to

Full URL

https://launchpadapiassignment.azure.fareportal.com/api/assignment/c04162b6-da3a-4007-a572-46b9323ec8f3?subjectid=YzI1ZjEyOWJhODgyNWRlMw%3D%3D&testcode=explorebtnsuperdeal&defaultVariation=false&defaultModification=0&url=https://www.cheapoair.com/&referrer=&title=Cheap%20Airline%20Tickets,%20Hotels%20&%20Car%20Rentals%20|%20CheapOair&browser=[object%20Object]&screen=[object%20Object]&undefined=undefined&page_url=https://www.cheapoair.com/&page_url1=https://www.cheapoair.com/&page_url2=https://www.cheapoair.com/&page_url3=https://www.cheapoair.com/&page_url4=https://www.cheapoair.com/&homepageurl=https://www.cheapoair.com/&page_load_time=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.198.179.166 , United States, ASN6453 (AS6453, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.cheapoair.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
date: Fri, 19 Jan 2024 08:13:55 GMT
request-context: appId=cid-v1:89e4f248-03ec-458b-9984-3d0f6ff95e51
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 534E 439 B
970 B 45ms
45ms Fetch
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=onetag&domain=cheapoair.com&sn=ChromeSyncframe&so=0&topUrl=www.cheapoair.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=www.cheapoair.com&origin=onetag&us_privacy=1-N-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

bef7ec66b63c1d4095d49c3ae182ecbd2adff34fc54899356c75abaf89487ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/syncframe?topUrl=www.cheapoair.com&origin=onetag&us_privacy=1-N-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:54 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1667776
expires: 0

GET
H2 200 event Show response
sslwidget.criteo.com/ 9 KB
4 KB 159ms
70ms Script
application/x-javascript 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=5827&v=5.20.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26ci%3DYzI1ZjEyOWJhODgyNWRlMw%253D%253D%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=LSBRlF9SRFY1WUxqRUZhSzdzQmthTUMlMkZ2ayUyRnB3dnZpOUZYbkNsMnEzcVBUb2l3cDBPWFdES1lKeEY4WjBBeEd1SGFhdWlIJTJGR1g4TmY1UGdRc0x1dlJHc1VXciUyRnclMkYlMkZhN0NiN0VpUllCanlwWk5hZiUyRktKdXRvN0x6MkdOV1ZNQXB6Wjg5YVdoV1pybVdVWWNKc1dnbGU3WGZGQSUzRCUzRA&tld=cheapoair.com&fu=https%253A%252F%252Fwww.cheapoair.com%252F&ceid=bac6bd3a-ee40-4724-997c-2b52b406f5d1&dtycbr=3597&cs=1-N-&cv=1

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f1024373bd1af9cb87e2aaeb8187040944ce8dcaf810ece4acc70f3ff60c594e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 26793378
timing-allow-origin: *
expires: 0

GET
BLOB 200
OK 76d9be35-826a-4597-b02a-9a3cf2dbb154
https://www.cheapoair.com/ 9 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cheapoair.com/76d9be35-826a-4597-b02a-9a3cf2dbb154
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4f7f76801ab84eece7208ffd8ef1693f886d7bcfe4326fd873f783228de64ff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 9049
Content-Type: application/javascript

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 59B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&google_cm&google_hm=ay1sS3hHakJCUVdWSjNjT0dTWFJmWTVIZFdTam1TV21TZ...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&google_gid=CAESEJiYk3eIAoRcloQolnIO-z0&google_cver=1&google_ula=913071,0

43 B
369 B

47ms
45ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&google_gid=CAESEJiYk3eIAoRcloQolnIO-z0&google_cver=1&google_ula=913071,0

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 586392
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&google_gid=CAESEJiYk3eIAoRcloQolnIO-z0&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 59B5
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-0pz6YxBQWVJ3cOGSXRfY5HdWSjl4EsDI1W9OeQ&expires=30&us_privacy=1-N-
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-0pz6YxBQWVJ3cOGSXRfY5HdWSjl4EsDI1W9OeQ&expires=30&us_privacy=1-N-

43 B
510 B

56ms
56ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-0pz6YxBQWVJ3cOGSXRfY5HdWSjl4EsDI1W9OeQ&expires=30&us_privacy=1-N-
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 08:13:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-0pz6YxBQWVJ3cOGSXRfY5HdWSjl4EsDI1W9OeQ&expires=30&us_privacy=1-N-
Date: Fri, 19 Jan 2024 08:13:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 59B5
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID&us_privacy=1-N-
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID%26us_privacy%3D1-N-
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3868332357203809149&us_privacy=1-N-

43 B
370 B

44ms
44ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3868332357203809149&us_privacy=1-N-

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1439351
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:55 GMT
an-x-request-uuid: c5d443be-10b1-4882-8908-d5eaa62e59ff
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3868332357203809149&us_privacy=1-N-
x-proxy-origin: 181.215.172.151; 181.215.172.151; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

/
partner.mediawallahscript.com/ Frame 59B5
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&custom=&tag_format=img&tag_action=sync&custom=&cb=56a70774-ffa9-4076-8955-8e47231...
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=56a70774-ffa9-407...
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=3868332357203809149&tag_format=img&tag_action=sync
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=b0a821f1-b6a2-11ee-bf46-fbe0b4b0f28d?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=b0a821f1-b6a2-11ee-bf46-fbe0b4b0f28d?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bpr...
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=e7fb01c263ec12f562962e88e594bc3d&tag_format=img&tag_action=sync&cb=63198165
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=a7604688-10be-41f7-a962-999de7f171d3&tag_format=img&tag_action=sync&cb=
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=b0a821f1-b6a2-11ee-bf46-fbe0b4b0f28d&cb=1705652036972&rmn=y&redirect=https%3A%2F%2Fpartner.me...
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=cd70d323-630f-46b1-9511-0ad826c068fe&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1705652036972
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=b16f1b70-b6a2-11ee-9fb6-d71d5cede3d8

0
407 B

47ms
47ms

Image
text/plain

3.213.247.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=b16f1b70-b6a2-11ee-9fb6-d71d5cede3d8
Protocol: H2
Server: 3.213.247.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-247-157.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Fri, 19 Jan 2024 08:13:57 GMT
cache-control: private, no-cache, must-revalidate, no-store, max-age=0
server: nginx
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=b16f1b70-b6a2-11ee-9fb6-d71d5cede3d8
date: Fri, 19 Jan 2024 08:13:57 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 cksync.php
contextual.media.net/ Frame 59B5 57 B
814 B 274ms
173ms Image
image/gif 23.46.224.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k--0lUGhBQWVJ3cOGSXRfY5HdWSjmn_mYYefp41g&us_privacy=1-N-

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.46.224.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-46-224-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 19 Jan 2024 08:13:56 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Fri, 19 Jan 2024 08:13:56 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 59B5 42 B
971 B 158ms
44ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-p_JjbRBQWVJ3cOGSXRfY5HdWSjmOgIWYxT5txQ&expires=30&us_privacy=1-N-
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 207bf73b93f199ba0825203b77fa46ae
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 59B5 43 B
688 B 155ms
44ms Image
image/gif 23.105.12.120
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-k6W-dBBQWVJ3cOGSXRfY5HdWSjnyUI_kkeQFjQ&us_privacy=1-N-
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.12.120 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 19 Jan 2024 08:13:55 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 59B5 0
373 B 142ms
41ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-88lj6hBQWVJ3cOGSXRfY5HdWSjkK-RnfUvHj-w&us_privacy=1-N-
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 20681

GET
H2 200 um
criteo-sync.teads.tv/ Frame 59B5 23 B
278 B 159ms
48ms Image
image/gif 23.51.57.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-nAhtoRBQWVJ3cOGSXRfY5HdWSjnYK7ESbqCJ9A&us_privacy=1-N-
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.155 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-155.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 19 Jan 2024 08:13:55 GMT
pragma: no-cache
date: Fri, 19 Jan 2024 08:13:55 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame 59B5
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-vEbbcRBQWVJ3cOGSXRfY5HdWSjkOGfOesVNctw&dongle=013b&us_privacy=1-N-
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-vEbbcRBQWVJ3cOGSXRfY5HdWSjkOGfOesVNctw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=1-N-

37 B
355 B

47ms
46ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-vEbbcRBQWVJ3cOGSXRfY5HdWSjkOGfOesVNctw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=1-N-
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 19 Jan 2024 08:13:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-vEbbcRBQWVJ3cOGSXRfY5HdWSjkOGfOesVNctw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=1-N-
date: Fri, 19 Jan 2024 08:13:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 59B5 0
125 B 420ms
46ms Image
text/plain 34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-E0PyURBQWVJ3cOGSXRfY5HdWSjmMFQgoF-562g&us_privacy=1-N-

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:56 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cksync.php
hb.yahoo.net/ Frame 59B5 57 B
669 B 152ms
55ms Image
image/gif 23.40.179.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-E0PyURBQWVJ3cOGSXRfY5HdWSjmMFQgoF-562g&us_privacy=1-N-

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.31 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-31.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Fri, 19 Jan 2024 08:13:56 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Fri, 19 Jan 2024 08:13:56 GMT

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 59B5 49 B
341 B 389ms
41ms Image
image/gif 195.244.31.10
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-sNyGiRBQWVJ3cOGSXRfY5HdWSjmiiGxMNIt8tg&us_privacy=1-N-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

Software

ayl-lb-usa02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:56 GMT
x-content-type-options: nosniff
server: ayl-lb-usa02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame 59B5
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40&us_privacy=1-N-
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=ODpQcKMnnq6dDhy_mqkKIzPcj8gvcr2O

62 B
547 B

289ms
169ms

Image
image/gif

23.46.225.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=ODpQcKMnnq6dDhy_mqkKIzPcj8gvcr2O
Protocol: H2
Server: 23.46.225.71 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-46-225-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 19 Jan 2024 08:13:56 GMT
content-length: 62
bk-server: d4cc
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=ODpQcKMnnq6dDhy_mqkKIzPcj8gvcr2O
date: Fri, 19 Jan 2024 08:13:55 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 641488
content-length: 0

GET
H2

200

rum
r.casalemedia.com/ Frame 59B5
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-e_NT0xBQWVJ3cOGSXRfY5HdWSjlBs7Lzi4ZCNg&us_privacy=1-N-
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-e_NT0xBQWVJ3cOGSXRfY5HdWSjlBs7Lzi4ZCNg&us_privacy=1-N-&C=1

43 B
324 B

71ms
70ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-e_NT0xBQWVJ3cOGSXRfY5HdWSjlBs7Lzi4ZCNg&us_privacy=1-N-&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOgKnR1%2Fj1uyiBIGuxDDtr3atAj2AHmDWwh2vbFEiMc%2F6NWQ8nLxEqHjGGx5FzEbioGsR4T33pGGGt8D7rbjxyYQhBqL5NsyP5xTnYovpdFWiHPalNPvcMzdNiNy0Zl1ySz%2F"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847d9f098fef61f0-ORD
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOeCh0lG%2BgV4DELSiQviRPnwXnT%2FDdtfkepbNHE21K1zPWIfb0uIZgM2Iue%2FePt1aTNWU1NfQdYu8S4VsgKFbDUcnQd1yoCuk0JWvgErFQQL%2Faur8%2BKxHlyfLfElkmgTRp1x"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-e_NT0xBQWVJ3cOGSXRfY5HdWSjlBs7Lzi4ZCNg&us_privacy=1-N-&C=1
cache-control: no-cache
cf-ray: 847d9f093faa61f0-ORD
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 59B5 43 B
662 B 1160ms
42ms Image
image/gif 63.251.28.234
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-rHZcdxBQWVJ3cOGSXRfY5HdWSjnD_OoPkYfFmA&us_privacy=1-N-
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.234 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2024 08:13:57 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1705652037116068-135

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 59B5
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-1wHlQBBQWVJ3cOGSXRfY5HdWSjn7ErWaP-gtAg&us_privacy=1-N-
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1wHlQBBQWVJ3cOGSXRfY5HdWSjn7ErWaP-gtAg&us_privacy=1-N-

43 B
448 B

48ms
47ms

Image
image/gif

34.233.7.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1wHlQBBQWVJ3cOGSXRfY5HdWSjn7ErWaP-gtAg&us_privacy=1-N-
Protocol: H2
Server: 34.233.7.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-7-187.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 19 Jan 2024 08:13:56 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1wHlQBBQWVJ3cOGSXRfY5HdWSjn7ErWaP-gtAg&us_privacy=1-N-
access-control-allow-origin: *
date: Fri, 19 Jan 2024 08:13:56 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

sync
pippio.com/api/ Frame 59B5
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_SQtshBQWVJ3cOGSXRfY5HdWSjnSj7t7cdTOAg&us_privacy=1-N-
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_SQtshBQWVJ3cOGSXRfY5HdWSjnSj7t7cdTOAg&us_privacy=1-N-&_li_chk=true&previous_uuid=2a941ad54a16418bac68f1578462170b
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=2a941ad5-4a16-418b-ac68-f1578462170b&us_privacy=1-N-
https://p.rfihub.com/cm?pub=39342&in=1&userid=77c3b9aa-e9b0-4f44-acd0-2a0d3a46f3b6%3A1705652036.7281566&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D77c3b9aa-e9b0-4f44...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=978477423367306059&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D77c3b9a...
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=77c3b9aa-e9b0-4f44-acd0-2a0d3a46f3b6%3A1705652036.7281566&pid=500040&it=1&iv=77c3b9aa-e9b0-4f44-acd0-2a0d3a46f3b6%3A1705652036.7281566&_=170...
https://pippio.com/api/sync?it=1&pid=500040&_=1705652036.7303934&iv=77c3b9aa-e9b0-4f44-acd0-2a0d3a46f3b6:1705652036.7281566

42 B
571 B

86ms
37ms

Image
image/gif

107.178.254.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?it=1&pid=500040&_=1705652036.7303934&iv=77c3b9aa-e9b0-4f44-acd0-2a0d3a46f3b6:1705652036.7281566
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:57 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://pippio.com/api/sync?it=1&pid=500040&_=1705652036.7303934&iv=77c3b9aa-e9b0-4f44-acd0-2a0d3a46f3b6:1705652036.7281566
Date: Fri, 19 Jan 2024 08:13:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 59B5 0
965 B 397ms
45ms Image
text/html 54.165.1.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-PZF0aRBQWVJ3cOGSXRfY5HdWSjl1H859ue9Y3w&us_privacy=1-N-
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.1.37 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-1-37.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:56 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 c.gif
c.bing.com/ Frame 59B5 42 B
503 B 39ms
29ms Image
image/gif 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-ptKU2hBQWVJ3cOGSXRfY5HdWSjkUvUmVshG8hQ&us_privacy=1-N-
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:55 GMT
last-modified: Wed, 10 Jan 2024 21:11:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EB16CFC859D44FFF9393EC9A8AA3BE18 Ref B: CHGEDGE1722 Ref C: 2024-01-19T08:13:56Z
etag: "7eefd993944da1:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 59B5 43 B
535 B 391ms
45ms Image
image/gif 44.217.105.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-zk4F8BBQWVJ3cOGSXRfY5HdWSjn4Kida4YI9gg&us_privacy=1-N-
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.217.105.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-217-105-65.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:56 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 59B5 0
287 B 885ms
43ms Image
text/plain 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-i0gOCxBQWVJ3cOGSXRfY5HdWSjkzQy5KncSfUg&initiator=partner&us_privacy=1-N-
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 08:13:57 GMT
Cache-Control: no-cache
X-TraceId: f7e5ae72a58007923b4afeb25330e09f
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 59B5 42 B
436 B 2020ms
45ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-M2-xzhBQWVJ3cOGSXRfY5HdWSjkqYDPHbDf1Bg&us_privacy=1-N-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 18 Jan 2024 20:27:22 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame 59B5 0
0 1841ms
47ms Image
application/json 44.218.163.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-FZehkRBQWVJ3cOGSXRfY5HdWSjnSZs2MptFuig&us_privacy=1-N-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.218.163.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-218-163-194.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 59B5 68 B
280 B 1250ms
45ms Image
image/png 52.71.125.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-jaw7FRBQWVJ3cOGSXRfY5HdWSjk1T_1ozykIww&us_privacy=1-N-
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.125.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-125-247.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:57 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H2 204 /
s.ad.smaato.net/c/ Frame 59B5 0
308 B 149ms
56ms Image
text/plain 52.85.61.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-tdpsyxBQWVJ3cOGSXRfY5HdWSjmM_0WKlw-20g&us_privacy=1-N-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-41.ewr53.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:56 GMT
cache-control: no-cache, must-revalidate
via: 1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: ZjaMadXOiJ1u1UwleSZQMaQSkfU8NHnKnigQwFVF9uVPs0SvqY9-tg==
x-cache: Miss from cloudfront

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 3AE1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&google_cm&google_hm=ay1sS3hHakJCUVdWSjNjT0dTWFJmWTVIZFdTam1TV21TZ...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&google_gid=CAESEJiYk3eIAoRcloQolnIO-z0&google_cver=1&google_ula=913071,0

43 B
369 B

44ms
43ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&google_gid=CAESEJiYk3eIAoRcloQolnIO-z0&google_cver=1&google_ula=913071,0

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 586718
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&google_gid=CAESEJiYk3eIAoRcloQolnIO-z0&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 3AE1 43 B
235 B 64ms
62ms Image
image/gif 35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-0pz6YxBQWVJ3cOGSXRfY5HdWSjl4EsDI1W9OeQ&expires=30&us_privacy=1-N-
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 08:13:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 3AE1
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID&us_privacy=1-N-
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3868332357203809149&us_privacy=1-N-

43 B
370 B

45ms
45ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3868332357203809149&us_privacy=1-N-

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1863592
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:56 GMT
an-x-request-uuid: 9036a73b-14d2-4ddf-871d-7ff6911c432b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3868332357203809149&us_privacy=1-N-
x-proxy-origin: 181.215.172.151; 181.215.172.151; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

/
partner.mediawallahscript.com/ Frame 3AE1
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-lKxGjBBQWVJ3cOGSXRfY5HdWSjmSWmSgNo7s4w&custom=&tag_format=img&tag_action=sync&custom=&cb=56a70774-ffa9-4076-8955-8e47231...
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=3868332357203809149&tag_format=img&tag_action=sync
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=b0a821f1-b6a2-11ee-bf46-fbe0b4b0f28d?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=e7fb01c263ec12f562962e88e594bc3d&tag_format=img&tag_action=sync&cb=232393440
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=a7604688-10be-41f7-a962-999de7f171d3&tag_format=img&tag_action=sync&cb=
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=b0a821f1-b6a2-11ee-bf46-fbe0b4b0f28d&cb=1705652036972&rmn=y&redirect=https%3A%2F%2Fpartner.me...
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=bb80ea33-6439-4ceb-bc6e-2cc3bcd74274&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1705652036972
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=b16f1b70-b6a2-11ee-b489-7530d5baf48f

0
407 B

50ms
49ms

Image
text/plain

3.213.247.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=b16f1b70-b6a2-11ee-b489-7530d5baf48f
Protocol: H2
Server: 3.213.247.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-247-157.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Fri, 19 Jan 2024 08:13:57 GMT
cache-control: private, no-cache, must-revalidate, no-store, max-age=0
server: nginx
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=b16f1b70-b6a2-11ee-b489-7530d5baf48f
date: Fri, 19 Jan 2024 08:13:57 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 cksync.php
contextual.media.net/ Frame 3AE1 57 B
650 B 85ms
83ms Image
image/gif 23.46.224.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k--0lUGhBQWVJ3cOGSXRfY5HdWSjmn_mYYefp41g&us_privacy=1-N-

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.46.224.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-46-224-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 19 Jan 2024 08:13:56 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Fri, 19 Jan 2024 08:13:56 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 3AE1 42 B
971 B 43ms
43ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-p_JjbRBQWVJ3cOGSXRfY5HdWSjmOgIWYxT5txQ&expires=30&us_privacy=1-N-
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 207bf73b93f199ba0825203b77fa46ae
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 3AE1 43 B
429 B 45ms
44ms Image
image/gif 23.105.12.120
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-k6W-dBBQWVJ3cOGSXRfY5HdWSjnyUI_kkeQFjQ&us_privacy=1-N-
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.12.120 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 19 Jan 2024 08:13:55 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 3AE1 0
372 B 43ms
42ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-88lj6hBQWVJ3cOGSXRfY5HdWSjkK-RnfUvHj-w&us_privacy=1-N-
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:56 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 20835

GET
H2 200 um
criteo-sync.teads.tv/ Frame 3AE1 23 B
163 B 49ms
48ms Image
image/gif 23.51.57.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-nAhtoRBQWVJ3cOGSXRfY5HdWSjnYK7ESbqCJ9A&us_privacy=1-N-
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.155 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-155.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 19 Jan 2024 08:13:56 GMT
pragma: no-cache
date: Fri, 19 Jan 2024 08:13:56 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 3AE1 37 B
355 B 48ms
47ms Image
image/gif 35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-vEbbcRBQWVJ3cOGSXRfY5HdWSjkOGfOesVNctw&dongle=013b&us_privacy=1-N-
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 19 Jan 2024 08:13:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 3AE1 0
15 B 50ms
49ms Image
text/plain 34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-E0PyURBQWVJ3cOGSXRfY5HdWSjmMFQgoF-562g&us_privacy=1-N-

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:56 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cksync.php
hb.yahoo.net/ Frame 3AE1 57 B
503 B 61ms
59ms Image
image/gif 23.40.179.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-E0PyURBQWVJ3cOGSXRfY5HdWSjmMFQgoF-562g&us_privacy=1-N-

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.31 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-31.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Fri, 19 Jan 2024 08:13:56 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Fri, 19 Jan 2024 08:13:56 GMT

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 3AE1 49 B
180 B 41ms
39ms Image
image/gif 195.244.31.10
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-sNyGiRBQWVJ3cOGSXRfY5HdWSjmiiGxMNIt8tg&us_privacy=1-N-

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

Software

ayl-lb-usa02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:56 GMT
x-content-type-options: nosniff
server: ayl-lb-usa02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame 3AE1
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40&us_privacy=1-N-
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=v7kmZVkW1zesqWl06puqmzwIoE23lSIm

62 B
550 B

286ms
171ms

Image
image/gif

23.46.225.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=v7kmZVkW1zesqWl06puqmzwIoE23lSIm
Protocol: H2
Server: 23.46.225.71 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-46-225-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 19 Jan 2024 08:13:56 GMT
content-length: 62
bk-server: f4b2
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=v7kmZVkW1zesqWl06puqmzwIoE23lSIm
date: Fri, 19 Jan 2024 08:13:55 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1043095
content-length: 0

GET
H3 200 rum
r.casalemedia.com/ Frame 3AE1 43 B
752 B 72ms
71ms Image
image/gif 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-e_NT0xBQWVJ3cOGSXRfY5HdWSjlBs7Lzi4ZCNg&us_privacy=1-N-
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBjXvE871YN6hfCUJoEkf7S45FQ90KPp2MVU0Neu1MyMOwzIyIhw4W6JLxHCbTP8S75rNysUk9ghVwFy1CLkV2ftpvd1jM0sGM44etZIE658PFWonZUSfI4mMYkLiMwBs4xe"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847d9f0cca1e6157-ORD
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 3AE1 43 B
660 B 590ms
41ms Image
image/gif 63.251.28.234
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-rHZcdxBQWVJ3cOGSXRfY5HdWSjnD_OoPkYfFmA&us_privacy=1-N-
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.234 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2024 08:13:57 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1705652037161043-269

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 3AE1
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-1wHlQBBQWVJ3cOGSXRfY5HdWSjn7ErWaP-gtAg&us_privacy=1-N-
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1wHlQBBQWVJ3cOGSXRfY5HdWSjn7ErWaP-gtAg&us_privacy=1-N-

43 B
448 B

46ms
46ms

Image
image/gif

34.233.7.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1wHlQBBQWVJ3cOGSXRfY5HdWSjn7ErWaP-gtAg&us_privacy=1-N-
Protocol: H2
Server: 34.233.7.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-7-187.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 19 Jan 2024 08:13:56 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1wHlQBBQWVJ3cOGSXRfY5HdWSjn7ErWaP-gtAg&us_privacy=1-N-
access-control-allow-origin: *
date: Fri, 19 Jan 2024 08:13:56 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

35759
i6.liadm.com/s/ Frame 3AE1
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_SQtshBQWVJ3cOGSXRfY5HdWSjnSj7t7cdTOAg&us_privacy=1-N-
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D&us_privacy=1-N-
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4456526877555796754&us_privacy=1-N-
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1-N-
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=a7604688-10be-41f7-a962-999de7f171d3
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=a7604688-10be-41f7-a962-999de7f171d3

43 B
274 B

438ms
45ms

Image
image/gif

3.233.89.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=a7604688-10be-41f7-a962-999de7f171d3

Protocol

HTTP/1.1

Server

3.233.89.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-89-241.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 08:13:57 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=a7604688-10be-41f7-a962-999de7f171d3
Date: Fri, 19 Jan 2024 08:13:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 3AE1 0
964 B 47ms
46ms Image
text/html 54.165.1.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-PZF0aRBQWVJ3cOGSXRfY5HdWSjl1H859ue9Y3w&us_privacy=1-N-
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.1.37 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-1-37.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:56 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 c.gif
c.bing.com/ Frame 3AE1 42 B
175 B 26ms
26ms Image
image/gif 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-ptKU2hBQWVJ3cOGSXRfY5HdWSjkUvUmVshG8hQ&us_privacy=1-N-
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:56 GMT
last-modified: Wed, 10 Jan 2024 21:11:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B92A374637924DC58087FA7A8A4658CE Ref B: CHGEDGE1722 Ref C: 2024-01-19T08:13:56Z
etag: "7eefd993944da1:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 3AE1 43 B
619 B 45ms
44ms Image
image/gif 44.217.105.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-zk4F8BBQWVJ3cOGSXRfY5HdWSjn4Kida4YI9gg&us_privacy=1-N-
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.217.105.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-217-105-65.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:56 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 3AE1 0
287 B 208ms
43ms Image
text/plain 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-i0gOCxBQWVJ3cOGSXRfY5HdWSjkzQy5KncSfUg&initiator=partner&us_privacy=1-N-
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 08:13:57 GMT
Cache-Control: no-cache
X-TraceId: cd26b3f84ba75337576fdc91fc9c4105
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 3AE1 42 B
585 B 1151ms
44ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-M2-xzhBQWVJ3cOGSXRfY5HdWSjkqYDPHbDf1Bg&us_privacy=1-N-
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 19 Jan 2024 08:11:23 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame 3AE1 0
0 1136ms
46ms Image
application/json 44.218.163.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-FZehkRBQWVJ3cOGSXRfY5HdWSjnSZs2MptFuig&us_privacy=1-N-
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.218.163.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-218-163-194.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 3AE1 68 B
280 B 461ms
44ms Image
image/png 52.71.125.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-jaw7FRBQWVJ3cOGSXRfY5HdWSjk1T_1ozykIww&us_privacy=1-N-
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.125.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-125-247.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:57 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H2 204 /
s.ad.smaato.net/c/ Frame 3AE1 0
381 B 58ms
58ms Image
text/plain 52.85.61.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-tdpsyxBQWVJ3cOGSXRfY5HdWSjmM_0WKlw-20g&us_privacy=1-N-
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-41.ewr53.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:57 GMT
cache-control: no-cache, must-revalidate
via: 1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: fryjd9un-FWSedK8VkbFDnqeum1geyh1vVj4JYq48tD0CAme9uxSnw==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK gs Show response
gs.mountain.com/ 144 B
733 B 581ms
81ms Script
application/javascript 34.212.4.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.mountain.com/gs
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.212.4.35 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-212-4-35.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: b5cfe81739625070b38bfff501e954220ecacebbe032f6635a4c952190b7db39

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:57 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

GET
H2 200 setuid
ib.adnxs.com/ Frame 59B5 43 B
1016 B 44ms
43ms Image
image/gif 68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-ZHyyMxBQWVJ3cOGSXRfY5HdWSjl28HfmVOtt-g&us_privacy=1-N-

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:56 GMT
an-x-request-uuid: 5777af48-a5c7-4b3a-9342-96c42a3faec5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 181.215.172.151; 181.215.172.151; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 59B5
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40&us_privacy=1-N-
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=quzjZDPF2n4dOehHDunA3XMzlOfHhwK1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=quzjZDPF2n4dOehHDunA3XMzlOfHhwK1

42 B
716 B

48ms
47ms

Image
image/gif

34.233.8.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=quzjZDPF2n4dOehHDunA3XMzlOfHhwK1

Protocol

Server

34.233.8.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-8-30.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-09841d1d2.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Fri, 19 Jan 2024 08:13:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: qT9MKAkWToo=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-2-v053-0ccb464a8.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Fri, 19 Jan 2024 08:13:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: vA3xNUcPSr4=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=quzjZDPF2n4dOehHDunA3XMzlOfHhwK1
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 3AE1
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40&us_privacy=1-N-
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=CtNGCd4nwALQ0e0QAnJbLUBHA3Or4xZt
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=CtNGCd4nwALQ0e0QAnJbLUBHA3Or4xZt

42 B
716 B

45ms
45ms

Image
image/gif

34.233.8.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=CtNGCd4nwALQ0e0QAnJbLUBHA3Or4xZt

Protocol

Server

34.233.8.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-8-30.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-0b8084923.edge-va6.demdex.com 1 ms
pragma: no-cache
date: Fri, 19 Jan 2024 08:13:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: BsSiJfO6Q3U=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-1-v053-0d2029dd6.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Fri, 19 Jan 2024 08:13:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: 6blP8//VRg4=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=CtNGCd4nwALQ0e0QAnJbLUBHA3Or4xZt
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 59B5 0
15 B 46ms
46ms Image
text/plain 34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-E0PyURBQWVJ3cOGSXRfY5HdWSjmMFQgoF-562g&us_privacy=1-N-

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:56 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 setuid
ib.adnxs.com/ Frame 3AE1 43 B
1015 B 43ms
42ms Image
image/gif 68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-ZHyyMxBQWVJ3cOGSXRfY5HdWSjl28HfmVOtt-g&us_privacy=1-N-

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:56 GMT
an-x-request-uuid: bbca8340-fa2f-4bab-a5a4-333d705b2e76
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 181.215.172.151; 181.215.172.151; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 3AE1 0
15 B 48ms
46ms Image
text/plain 34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-E0PyURBQWVJ3cOGSXRfY5HdWSjmMFQgoF-562g&us_privacy=1-N-

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:56 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

g.pixel
aa.agkn.com/adscores/ Frame 3AE1
Redirect Chain

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40&us_privacy=1-N-
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=IEwNyJy4_8Doj3Ysu73C6sn4GBHMTQyH

43 B
659 B

1170ms
46ms

Image
image/gif

13.225.214.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=IEwNyJy4_8Doj3Ysu73C6sn4GBHMTQyH
Protocol: H2
Server: 13.225.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-50.ewr50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:57 GMT
via: 1.1 e6fc68fd040718147cda2e3ef6f63636.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: DiKJYw6j4VFcifNSAu-T4aCxgmOTx9moctj-_PG7KdCLdtIJgVJovQ==
expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=IEwNyJy4_8Doj3Ysu73C6sn4GBHMTQyH
date: Fri, 19 Jan 2024 08:13:56 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1047971
content-length: 0

GET
H2

200

g.pixel
aa.agkn.com/adscores/ Frame 59B5
Redirect Chain

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40&us_privacy=1-N-
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=Jy7V2jKJB-BcnBSnsJ-k_B9H4dsQjViA

43 B
658 B

1172ms
49ms

Image
image/gif

13.225.214.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=Jy7V2jKJB-BcnBSnsJ-k_B9H4dsQjViA
Protocol: H2
Server: 13.225.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-50.ewr50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:57 GMT
via: 1.1 e6fc68fd040718147cda2e3ef6f63636.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: -q9FzX-G2oHZBu_odr2sTVcxHrlRzhHFZgFcB85Q-u9XNABxDnht9Q==
expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=Jy7V2jKJB-BcnBSnsJ-k_B9H4dsQjViA
date: Fri, 19 Jan 2024 08:13:56 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1146744
content-length: 0

POST
H/1.1 201
Created messages
launchpad-eventhubs.servicebus.windows.net/metrics-hub/ 0
0 62ms
62ms Fetch
application/xml 52.226.36.235
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://launchpad-eventhubs.servicebus.windows.net/metrics-hub/messages

Requested by

Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.226.36.235 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.cheapoair.com/
accept-language: en-US,en;q=0.9
Authorization: SharedAccessSignature sr=https%3a%2f%2flaunchpad-eventhubs.servicebus.windows.net%2fmetrics-hub&sig=FfehReXDDNDLfivQtpEvQTfi69SltZ3Ae4NWiss8m80%3d&se=1705659234&skn=RootManageSharedAccessKey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/atom+xml;type=entry;charset=utf-8

Response headers

Access-Control-Allow-Origin: https://www.cheapoair.com
Strict-Transport-Security: max-age=31536000
Date: Fri, 19 Jan 2024 08:13:57 GMT
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

OPTIONS
H/1.1 200
OK messages
launchpad-eventhubs.servicebus.windows.net/metrics-hub/ Frame 0
0 206ms
43ms Preflight 52.226.36.235
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://launchpad-eventhubs.servicebus.windows.net/metrics-hub/messages

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.226.36.235 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.cheapoair.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.cheapoair.com
Access-Control-Max-Age: 3600
Content-Length: 0
Date: Fri, 19 Jan 2024 08:13:57 GMT
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000

GET
H/1.1 200
OK st Show response
px.mountain.com/ 5 KB
2 KB 265ms
105ms Script
application/javascript 35.81.173.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=G-K2HFW8GXQN&ga_client_id=1535678427.1705652035&shpt=Cheap%20Airline%20Tickets%20Hotels%20%26%20Car%20Rentals%20%7C%20CheapOair&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-K2HFW8GXQN%22%2C%22ga_client_id%22%3A%221535678427.1705652035%22%2C%22shpt%22%3A%22Cheap%20Airline%20Tickets%20Hotels%20%26%20Car%20Rentals%20%7C%20CheapOair%22%2C%22dcm_cid%22%3A%221535678427.1705652035%22%2C%22mntnis%22%3A%22yS04gIQ%2BizLCPql0u0A3m7yzNIj59RgT%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A4%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1535678427.1705652035&available_ga=%5B%7B%22id%22%3A%22G-K2HFW8GXQN%22%2C%22sess_id%22%3A%221705652034%22%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=30358&plh=https%3A%2F%2Fwww.cheapoair.com%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue&cb=1705652035776144&shguid=5e49a123-a470-39d7-9a38-2d6f83ae20d6&shgts=1705652037749
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.81.173.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-173-170.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: b44b1a768b17a2a5107d468aded1aac5f56c136a6121a1d7e6411db331733f00

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:57 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 21
connection: close

GET
H/1.1

200
OK

tdsync
px.steelhousemedia.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=b0888c7c-b6a2-11ee-9877-fd432b54a1e6&gdpr=&gdpr_consent=
https://px.steelhousemedia.com/tdsync?tdid=a7604688-10be-41f7-a962-999de7f171d3&shguid=b0888c7c-b6a2-11ee-9877-fd432b54a1e6

0
319 B

600ms
91ms

Image
text/plain

54.244.159.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.steelhousemedia.com/tdsync?tdid=a7604688-10be-41f7-a962-999de7f171d3&shguid=b0888c7c-b6a2-11ee-9877-fd432b54a1e6
Protocol: HTTP/1.1
Server: 54.244.159.189 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-244-159-189.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 08:13:58 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 11
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 0

Redirect headers

location: https://px.steelhousemedia.com/tdsync?tdid=a7604688-10be-41f7-a962-999de7f171d3&shguid=b0888c7c-b6a2-11ee-9877-fd432b54a1e6
date: Fri, 19 Jan 2024 08:13:58 GMT
server: Kestrel
content-length: 277

GET
H2

204

usermatch.gif
beacon.krxd.net/
Redirect Chain

https://insight.adsrvr.org/track/evnt/?adv=yj80w04&ct=0:x3p2nz3&fmt=3
https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=a7604688-10be-41f7-a962-999de7f171d3
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=a7604688-10be-41f7-a962-999de7f171d3

0
338 B

146ms
44ms

Image
text/plain

34.202.176.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=a7604688-10be-41f7-a962-999de7f171d3
Protocol: H2
Server: 34.202.176.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-176-34.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.cheapoair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: beacon-n024-ash-prod.krxd.net
date: Fri, 19 Jan 2024 08:13:58 GMT
cache-control: private, no-cache, no-store
x-request-time: D=39 t=1705652038
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=a7604688-10be-41f7-a962-999de7f171d3
date: Fri, 19 Jan 2024 08:13:58 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a002-ash-prod.krxd.net

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 55ms
54ms Ping
text/plain 142.250.65.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-K2HFW8GXQN&gtm=45je41h0v880245775&_p=1705652034035&gcd=11l1l1l1l3&npa=1&dma=0&cid=1535678427.1705652035&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&uid=YzI1ZjEyOWJhODgyNWRlMw%3D%3D&sid=1705652034&sct=1&seg=0&dl=https%3A%2F%2Fwww.cheapoair.com%2F&dt=Cheap%20Airline%20Tickets%2C%20Hotels%20%26%20Car%20Rentals%20%7C%20CheapOair&_s=2&tfd=7648
Requested by: Host: www.cheapoair.com
URL: https://www.cheapoair.com/assets/e0c03701e6674333ac6612d1f1af9c9db0012acbc25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.65.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s71-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cheapoair.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 08:13:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cheapoair.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=www.cheapoair.com&origin=onetag&us_privacy=1-N-

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

119 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 18:30:44	Name: _li_ss Value: CiIKBgiiARCBFwoGCNIBEIEXCgUIChCBFwoJCP____8HEIsX
www.cheapoair.com/	1970-01-20 18:30:44	Name: fplocation Value: regioncode=NA
www.cheapoair.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: q5ibhfa2wgqtsjyir1uozxas
.cheapoair.com/	1970-01-20 18:30:44	Name: FPTraveller Value: FPUserId=-3
www.cheapoair.com/	1969-12-31 23:59:59	Name: NSC_difbqpbjs.dpn Value: ffffffff090f079b45525d5f4f58455e445a4a423660
.cheapoair.com/	1970-01-21 03:23:32	Name: uid Value: YzI1ZjEyOWJhODgyNWRlMw==
.cheapoair.com/	1970-01-20 17:47:35	Name: AKA_A2 Value: A
.cheapoair.com/	1970-01-21 02:33:08	Name: osano_consentmanager_uuid Value: 373a18cc-81f4-47a0-bfcc-9b6ea8df11fb
.cheapoair.com/	1970-01-21 02:33:08	Name: osano_consentmanager Value: 4gWGpXjqKxOU01rEsX4BPZ2yxn-0HRKXOlEFSTBK_fXfT04xhZXqSkuVagRZYJO_XsbF9VJ8Lyl-PvECEYxZwrilE5YfVZg-Ot-4xE5Vm9JUvBC4IWccfpm98XNlrBVlyllmDn4rX4ePZYgSuNA4gbqs9o6Xl3PUWg7P0s3UCMg_rWFOuM7WYw3xbVh_mi10Nc19spFuacvw6TNG6irL0Bovf-FbUYlldL2YiuKC42Oh1GjrbUXfctPqYr_6LJptrGqVUnck2zUpp5mtns8lemLNyB2fS5M1V33jCg==
.cheapoair.com/	1969-12-31 23:59:59	Name: culture Value: en-US
.cheapoair.com/	1969-12-31 23:59:59	Name: currency Value: USD
www.cheapoair.com/	1970-01-21 02:33:08	Name: ai_user Value: aO1Bn\|2024-01-19T08:13:53.340Z
www.cheapoair.com/	1969-12-31 23:59:59	Name: NSC_Ohjoy-qspgjmf-cbm-301 Value: ffffffff090f016545525d5f4f58455e445a4a423660
.www.cheapoair.com/	1970-01-20 17:57:36	Name: RT Value: "z=1&dm=www.cheapoair.com&si=b398fbb8-f487-44aa-b752-92263f388628&ss=lrkd6ixh&sl=1&tt=1e0&rl=1&ld=1e2"
.google.com/	1970-01-20 22:11:03	Name: NID Value: 511=uqiG5R058NMgFQ-tTsEhgJxLoOLotwz8N0h6ieXYPWkVRM0x_QLe4tLqZ_ylIIMgKQZk-VZbJFo8h-gV8AuOwJKMZl6TTnp3jszxVUn2GFRJ4wfFnRmnRKeAAed3_eXhIg49T-wIXL7XtJdH4IMYjODCI0UWIQgfPQ64iOl52Ns
www.cheapoair.com/	1969-12-31 23:59:59	Name: FPTravellerSession Value: true
www.cheapoair.com/	1970-01-20 17:47:33	Name: ai_session Value: FGiGT\|1705652033532\|1705652034192.1
.cheapoair.com/	1970-01-20 19:57:08	Name: _gcl_au Value: 1.1.994383736.1705652034
.cheapoair.com/	1970-01-21 02:33:08	Name: cmplcats Value: ,3,1,2,4,5,
.cheapoair.com/	1970-01-20 17:48:58	Name: _uetsid Value: afd82cb0b6a211eeaea963204070d597
.cheapoair.com/	1970-01-21 03:09:08	Name: _uetvid Value: afd89570b6a211ee85afab86a4289075
.bing.com/	1970-01-21 03:09:08	Name: MUID Value: 12C0B4F0F8CF6FE30767A0FBF9B16E09
.bat.bing.com/	1970-01-20 17:57:36	Name: MR Value: 0
.cheapoair.com/	1970-01-21 03:23:32	Name: _ga Value: GA1.1.1535678427.1705652035
.cheapoair.com/	1970-01-21 03:23:32	Name: _ga_K2HFW8GXQN Value: GS1.1.1705652034.1.0.1705652034.60.0.0
.cheapoair.com/	1970-01-20 18:30:44	Name: lantern Value: 12448b0b-ad9a-423f-974c-a9a9aecc12b7
.cheapoair.com/	1970-01-20 17:48:58	Name: imp_ld Value: {"imp_onp":53}
.cheapoair.com/	1970-01-20 17:48:58	Name: imp_ld_imp_exi Value: 76
.cheapoair.com/	1970-01-20 17:48:58	Name: imp_ld_imp_onp Value: 53
.cheapoair.com/	1970-01-20 17:48:58	Name: imp_ld_imp_odv Value: 40
.cheapoair.com/	1970-01-20 17:48:58	Name: imp_ld_imp_dae100 Value: 83
.cheapoair.com/	1970-01-20 17:48:58	Name: imp_ld_imp_dai100 Value: 49
.cheapoair.com/	1970-01-20 17:48:58	Name: imp_ld_imp_dao100 Value: 46
.cheapoair.com/	1970-01-20 17:48:58	Name: imp_ld_imp_das100 Value: 44
.cheapoair.com/	1970-01-20 17:48:58	Name: imp_ld_imp_onp7d Value: 38
.cheapoair.com/	1970-01-20 17:48:58	Name: imp_ld_imp_htl100 Value: 82
.cheapoair.com/	1970-01-20 17:48:58	Name: imp_ld_imp_car100 Value: 36
.cheapoair.com/	1970-01-20 17:48:58	Name: imp_ld_imp_eor100 Value: 50
.cheapoair.com/	1970-01-20 17:48:58	Name: imp_ld_imp_ela100 Value: 80
.cheapoair.com/	1970-01-20 17:48:58	Name: imp_ld_imp_elo100 Value: 23
.doubleclick.net/	1970-01-21 03:23:32	Name: IDE Value: AHWqTUkx0A8shdCOk68KKcUHwq1JlPpaiQiSg4O7iuoJXILCU-fICZnT1S18dO-t
.criteo.com/	1970-01-21 03:09:08	Name: uid Value: 7fbb710f-df68-4450-964c-7c54e85b68dd
.criteo.com/	1970-01-21 03:09:08	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 03:09:08	Name: partitioned_bundle Value: 49S3FF9SRFY1WUxqRUZhSzdzQmthTUMlMkZ2ayUyRnB3dnZpOUZYbkNsMnEzcVBUb2l3cDBPWFdES1lKeEY4WjBBeEd1SGFhdWlIJTJGR1g4TmY1UGdRc0x1dlJHc1VXciUyRnclMkYlMkZhN0NiN0VpUllCanlwWk5hZiUyRktKdXRvN0x6MkdOV1ZNQXB6Wjg5VmQzMGtPMklqdHQxalhPc2ptalEwVCUyRjhVNWp4SENHZm80VDZvQ3FGOHJkaEE2QThDZTE3anBrd2s0OE45VWhJ
.cheapoair.com/	1970-01-21 03:16:56	Name: cto_bundle Value: LSBRlF9SRFY1WUxqRUZhSzdzQmthTUMlMkZ2ayUyRnB3dnZpOUZYbkNsMnEzcVBUb2l3cDBPWFdES1lKeEY4WjBBeEd1SGFhdWlIJTJGR1g4TmY1UGdRc0x1dlJHc1VXciUyRnclMkYlMkZhN0NiN0VpUllCanlwWk5hZiUyRktKdXRvN0x6MkdOV1ZNQXB6Wjg5YVdoV1pybVdVWWNKc1dnbGU3WGZGQSUzRCUzRA
.mountain.com/	1970-01-21 03:23:32	Name: guid Value: b0888c7c-b6a2-11ee-9877-fd432b54a1e6
.adnxs.com/	1970-01-20 19:57:08	Name: uuid2 Value: 3868332357203809149
.taboola.com/	1970-01-21 02:33:08	Name: t_gid Value: e41aceeb-84b1-4d9e-8500-19032d9a1880-tuctca3b4c3
.taboola.com/	1970-01-21 02:33:08	Name: t_pt_gid Value: e41aceeb-84b1-4d9e-8500-19032d9a1880-tuctca3b4c3
.3lift.com/	1970-01-20 19:57:08	Name: tluid Value: 2168227849727793607975
.smartadserver.com/	1970-01-21 03:17:46	Name: pid Value: 2134018835878071727
.smartadserver.com/	1970-01-21 03:17:46	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 02:34:34	Name: csync Value: 79:k-k6W-dBBQWVJ3cOGSXRfY5HdWSjnyUI_kkeQFjQ
.rubiconproject.com/	1970-01-21 02:33:08	Name: khaos Value: LRKD6LWL-J-IQ77
pixel.rubiconproject.com/	1970-01-20 19:57:08	Name: receive-cookie-deprecation Value: 1
.teads.tv/	1970-01-21 02:31:41	Name: tt_viewer Value: a6bd250f-7e65-4cd5-af46-3620810caf68
.bidswitch.net/	1970-01-21 02:33:08	Name: tuuid Value: 725edd25-5f4d-4260-86d0-10e9968b1353
.bidswitch.net/	1970-01-21 02:33:08	Name: c Value: 1705652035
.mediawallahscript.com/	1970-01-21 03:23:32	Name: mCookie Value: b0a821f1-b6a2-11ee-bf46-fbe0b4b0f28d
.mediawallahscript.com/	1970-01-21 03:23:32	Name: mUserCookie Value: %7B%7D
.bidswitch.net/	1970-01-21 02:33:08	Name: tuuid_lu Value: 1705652036
.casalemedia.com/	1970-01-21 02:33:08	Name: CMID Value: ZaovROinzWCDTkXI4cmY.gAA
.casalemedia.com/	1970-01-20 19:57:08	Name: CMPS Value: 1382
.casalemedia.com/	1970-01-20 19:57:08	Name: CMPRO Value: 1382
.media.net/	1970-01-21 02:33:08	Name: visitor-id Value: 3486536351051977000V10
.media.net/	1970-01-20 18:30:44	Name: data-c Value: k--0lUGhBQWVJ3cOGSXRfY5HdWSjmn_mYYefp41g~~3
.adnxs.com/	1970-01-20 19:57:08	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2Hb7u^rgK!@wnfH1YdP.dEXlSkbWf?0I0knAr.Qp'4*PrnIKaTWVzzSZ2d-U#.DeSi9xOC[-Zk2tbs1QVD:8%nugO%v4VB%npzH+Y29c
.hb.yahoo.net/	1970-01-20 22:06:44	Name: visitor-id Value: 3486536361051933000V10
.hb.yahoo.net/	1970-01-20 22:06:44	Name: data-crt Value: k-E0PyURBQWVJ3cOGSXRfY5HdWSjmMFQgoF-562g~~1
.c.bing.com/	1970-01-20 17:57:36	Name: MR Value: 0
.bluekai.com/	1970-01-20 22:06:44	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 22:06:44	Name: bkpa Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1Lu6ppXbBYLLmBbhvnuT1ppWyv0Q+pv632XhlBEnmY4q1OxeUbHqz
.bluekai.com/	1970-01-20 22:06:44	Name: bku Value: uUW99WxF3ZPJUHDG
.liadm.com/	1970-01-21 03:23:32	Name: lidid Value: 2a941ad5-4a16-418b-ac68-f1578462170b
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.omnitagjs.com/	1970-01-20 18:30:44	Name: ayl_visitor Value: 205c01cfa8b9c75cf3e61d7fdf3a1417
exchange.mediavine.com/	1970-01-20 18:07:41	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22b0eaf750-b6a2-11ee-ab7a-256b42aee12d%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 18:07:41	Name: mv_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%22b0eaf750-b6a2-11ee-ab7a-256b42aee12d%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 18:07:41	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22b0eaf750-b6a2-11ee-ab7a-256b42aee12d%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 18:07:41	Name: am_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%22b0eaf750-b6a2-11ee-ab7a-256b42aee12d%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 18:07:41	Name: criteo Value: %7B%22id%22%3A%22k-PZF0aRBQWVJ3cOGSXRfY5HdWSjl1H859ue9Y3w%22%2C%22version%22%3A%22criteo%22%7D
.postrelease.com/	1970-01-21 02:33:08	Name: visitor Value: 77b93a37-e618-4b5b-8495-57d5c3f6ca9c
.postrelease.com/	1970-01-21 02:33:08	Name: status Value: 0
.smaato.net/	1970-01-20 18:17:46	Name: SCM Value: e4c5c7b8be
.media.net/	1970-01-20 18:30:44	Name: data-c-ts Value: 1705652036
.rubiconproject.com/	1970-01-21 02:33:08	Name: audit Value: 1\|vJj7Qz16T2uNuDfaoYr0e7Zx6E3DtrUWu9N+jP14Z4ksd1pCtZLGzL2pLgkClW9euW8QiGBvvS2M1KxoLazIt+aleybw1oy9Ba0etFFpiE1iEg2hfWod8Y8TCveBEAv1ZfEdootIPbM+Dia8ntkcGNzKvLQEngqUjoGQqB0ZSxLmQdVc7iIhNLmuVI3BKwvQ2fPAcYg4cg62DwHVhkWelQpZIr1EtStGt87ZpM6MNOg=
.adnxs.com/	1970-01-21 03:23:32	Name: XANDR_PANID Value: BmXEp3lfhncHkmeNMAGplBv99IezYwskJpYv6AGRiq3E8Oos0KxsU-ms-NPoucyKBwOkaT6GuLkMOWkY1H3s6nmyjVWq7cKb4xQa8a99I5U.
.demdex.net/	1970-01-20 22:06:44	Name: demdex Value: 21037170390511963492785945579318601891
.dpm.demdex.net/	1970-01-20 22:06:44	Name: dpm Value: 21037170390511963492785945579318601891
.360yield.com/	1970-01-20 19:57:08	Name: tuuid_lu Value: 1705652036
.360yield.com/	1970-01-20 19:57:08	Name: tuuid Value: 605b252f-717c-4c02-9083-fa6861b7b3ef
.rezync.com/	1970-01-21 03:09:08	Name: zync-uuid Value: 77c3b9aa-e9b0-4f44-acd0-2a0d3a46f3b6:1705652036.7281566
.360yield.com/	1970-01-20 19:57:08	Name: umeh Value: !38,0,1767860036,-1
.360yield.com/	1970-01-20 19:57:08	Name: um Value: !38,jRFsEsYuXpEplNS5HODog9z0xBrES-5v0ZFZIhdn93Fw0HhF4Vgz9m8TPu8u0DKJAXld5hiW,1713428036
.postrelease.com/	1970-01-21 02:33:08	Name: ver Value: 1
.adsrvr.org/	1970-01-21 02:34:34	Name: TDID Value: a7604688-10be-41f7-a962-999de7f171d3
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXByRXAIAgFwEvaIQ9ZPjHdgEshVu7MeSJiaPVMWr2YbJtRjskkyVPTsLXwt2CHCyvekK85cAFU4k1POgAAAA
.rfihub.com/	1970-01-21 03:09:08	Name: rud Value: H4sIAAAAAAAA_-MSsjS3MDE3NzEyNjYzNzYwMzC1FOIz1LXMDwDyK9PykrIMAe0JtQ4kAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsjS3MDE3NzEyNjYzNzYwMzC1FOIz1LXMDwDyK9PykrIMAe0JtQ4kAAAA
.rfihub.com/	1970-01-21 03:09:08	Name: eud Value: H4sIAAAAAAAA_1XIuxWAIAwAwAmsmCO-kC-4TQIykKWlk1r6LO-u4u6Ds0fA2RNBlgjEmAgUODnEFqcd1VFNCdl2p1bV7C7bl63R8ze_R20tYFoAAAA
live.rezync.com/	1970-01-21 03:09:08	Name: sd-session-id Value: .eJwNylEOgyAMANC79FuWSksrXMYgYEI22SLuZ8a7z8-XvBPmT9m32Eo7IBz7twyQXvVWh3BCr7-tPCGA14lV2RKJEgo6D9cAvfRe322u-S6qiRYfoyl-QcMrs4kpo7ERM0WWlRYJo6ITZ5HkoXYanQhcf6odJfQ.ZaovRQ.1VFmIiayFkry9Ky68HVQrmkigRQ
.turn.com/	1970-01-20 22:06:44	Name: uid Value: 4456526877555796754
.rqtrk.eu/	1970-01-20 17:57:36	Name: browser_id Value: 1:cd70d323-630f-46b1-9511-0ad826c068fe
.ads.stickyadstv.com/	1970-01-20 19:13:56	Name: uid-bp-11554 Value: k-rHZcdxBQWVJ3cOGSXRfY5HdWSjnD_OoPkYfFmA
.mediawallahscript.com/	1970-01-20 17:48:58	Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_01_2024 Value: %7B%221pVtae%22%3A1%7D
.pippio.com/	1970-01-21 02:33:08	Name: did Value: hHfLB7nkQ_CYin7E
.pippio.com/	1970-01-21 02:33:08	Name: didts Value: 1705652037
.pippio.com/	1970-01-20 19:13:56	Name: nnls Value:
.pippio.com/	1970-01-20 19:13:56	Name: pxrc Value: CAA=
.ads.stickyadstv.com/	1970-01-20 18:30:44	Name: UID Value: 55f26752246f2fca94e8e5fd6882e
.smaato.net/	1970-01-20 18:17:46	Name: SCM1001851 Value: e4c5c7b8be
.sharethrough.com/	1970-01-20 18:30:44	Name: stx_user_id Value: 5534c5c9-943b-4661-8dc4-44f6eade0354
.agkn.com/	1970-01-21 02:33:08	Name: ab Value: 0001%3AxqoouFwTEFbx2Y%2FOL%2FwfEVzHC9l9AuOY
.px.mountain.com/	1970-01-21 03:23:32	Name: tt Value: "H4sIAAAAAAAAAKtW8guKNzYwNrWIN7IwtlCyMtBRKlOyMtJRQhY0NDcwNTM1MjA2t7Q01UHSYm5pDNRSCwD8YIyYRgAAAA=="
.mountain.com/	1970-01-21 03:23:32	Name: rt Value: "MzAzNTg6MTcwNTY1MjAzNw=="
.adsrvr.org/	1970-01-21 02:34:34	Name: TDCPM Value: CAESGQoKbGl2ZWludGVudBILCJia9t2TtMw8EAUSEwoEa3J1eBILCMjI7YbagcE8EAUYBSgBMgsIypvGk6q0zDwQBUIVIhMIARIPCgtOTyBUcnVPcHRpaxABWgd5ajgwdzA0YAFyBGtydXg.
.pubmatic.com/	1970-01-20 18:30:44	Name: KRTBCOOKIE_97 Value: 3385-uid:k-M2-xzhBQWVJ3cOGSXRfY5HdWSjkqYDPHbDf1Bg&KRTB&23144-uid:k-M2-xzhBQWVJ3cOGSXRfY5HdWSjkqYDPHbDf1Bg&KRTB&23286-uid:k-M2-xzhBQWVJ3cOGSXRfY5HdWSjkqYDPHbDf1Bg&KRTB&23287-uid:k-M2-xzhBQWVJ3cOGSXRfY5HdWSjkqYDPHbDf1Bg
.pubmatic.com/	1970-01-20 18:30:44	Name: PugT Value: 1705609642
.krxd.net/	1970-01-20 22:06:44	Name: _kuid_ Value: QC296ISb

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
accounts.google.com
ad.360yield.com
ads.stickyadstv.com
analytics.google.com
apis.google.com
az416426.vo.msecnd.net
bat.bing.com
beacon.krxd.net
c.bing.com
c.fareportal.com
c.go-mpulse.net
cdn.nowinteract.com
cm.g.doubleclick.net
cmp.osano.com
consent.api.osano.com
contextual.media.net
criteo-sync.teads.tv
d.turn.com
dc.services.visualstudio.com
dis.criteo.com
dpm.demdex.net
dx.mountain.com
eb2.3lift.com
exchange.mediavine.com
geolocation.onetrust.com
googleads.g.doubleclick.net
gs.mountain.com
gum.criteo.com
hb.yahoo.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
insight.adsrvr.org
jadserve.postrelease.com
lantern.roeye.com
lantern.roeyecdn.com
launchpad-eventhubs.servicebus.windows.net
launchpadapiassignment.azure.fareportal.com
live.rezync.com
match.adsrvr.org
match.sharethrough.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
p.rfihub.com
p11.techlab-cdn.com
partner.mediawallahscript.com
pippio.com
pixel.rubiconproject.com
px.mountain.com
px.steelhousemedia.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.go-mpulse.net
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.crwdcntrl.net
sync.outbrain.com
tags.bluekai.com
trends.revcontent.com
ups.analytics.yahoo.com
us1.nowinteract.com
usermatch.krxd.net
visitor.omnitagjs.com
ws.rqtrk.eu
www.cheapoair.com
www.dwin1.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
gum.criteo.com
107.178.254.65
108.138.128.100
13.225.214.50
13.225.63.112
141.226.224.48
142.250.65.162
142.250.65.174
142.250.80.104
142.250.80.66
142.251.167.84
142.251.35.162
142.251.35.174
142.251.40.228
172.253.63.155
172.64.151.101
172.64.155.119
174.129.117.7
18.164.116.119
18.164.96.69
195.244.31.10
199.38.167.131
20.42.73.140
204.79.197.200
212.54.153.104
23.105.12.120
23.192.10.35
23.40.179.31
23.46.224.158
23.46.224.23
23.46.225.71
23.48.224.107
23.48.224.108
23.48.224.109
23.51.57.155
23.56.212.182
3.213.247.157
3.233.89.241
34.199.184.22
34.200.65.202
34.202.176.34
34.212.4.35
34.233.7.187
34.233.8.30
34.238.149.65
35.175.21.104
35.211.178.172
35.71.131.137
35.71.139.29
35.81.173.170
44.217.105.65
44.218.163.194
50.116.194.23
51.222.241.145
52.201.6.220
52.22.50.55
52.226.36.235
52.71.125.247
52.85.61.115
52.85.61.41
54.165.1.37
54.244.159.189
54.247.156.204
63.251.28.234
66.198.179.166
68.67.160.114
68.70.205.3
70.42.32.63
72.21.81.200
74.119.119.131
74.119.119.139
74.119.119.150
8.28.7.83
8.43.72.98
00c238f932db9daa45f81c7ef29a92e7601604aa9eeb272e4a8ea9dc02c09e32
02433a62f3bc96003e78509ec45872fe3330c330204fa77415039f40a043224b
02901fba8dee60381dc695f28684d3eb3ee9adf3c93fbd0d9081e630c75ca175
030ab64baab1981c98d00ce2ceae7a8f7080f92d6b00cdde11be80416c3e5d78
042ef531d9e24586b73be7f18b932f93d32d828bf9b2ffedd4905d892985b81a
0773b7fdb1ebae190322f105ce08731d1efcd269e277b10a1716b8461a553a57
07e2ba526d86034f8ed82bb28f8eb0d817b3d96e7cfbe8be0359d37257086afb
07fe8457e2392a45a0f6c024e429a7f8dbadc8bd72e86724005fd0d353250384
084ac540eb3d83e39a5e0c524d8f5b1e31b8cca6f55bf65ec44ec8afd81b07c9
08f26322a00097699f9729b85cef7b987e782e13da0f47b1d50c6fbdb35519ed
094fec4c77fbffa956200605d9460defb0b2d1e5edd254510d51a7a4a5e8e970
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b0e615a6bcf74ed768e537316adb096fae9f81658f310e07da6c350f81a5892
0bcb6531cb0967359e17b655d4142b55d1eac2aed3fe5340f8ce930a7000e5d3
11c6a3fca1bcfa5f89c0995739967c2d8cd6c4d0d05963b2c5083cfa8adf66b9
156d61ee7ab74f75b215a7a9d9d9bba28254b0f1870a09269d0bbb3110aeec81
17416adab491bfd2707cd483ab95644315c11cfdb4482ae2dcedfc25a9b9abbd
18c18b43c7452bbccf345a263357bbfd6071aaf4589d33cfbdd9c6260614d0b5
18e3ddca2d7c0e871f0ae48def45b376bbd3a010dbb6ab9eb910c0f9753cacdd
1bec00b8d0146e832f7a444a942a7946af7c79f0ebc5ea86a36177d1552f817e
1c4df04c019b99a546156bae3270ab17014ee8cbb343e1bb0a89af5dbaaecb47
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1dd458af3475efb8fef50d75760af7371727c4b24dc588e17c4f0e3a8d75525d
1e107d14350e1f94905d9e929f96be07dd55b7f885d5b9e4838650dc1217feac
2352c8be250b4ccaeef97c27c70113ca220df01db3e510f307ecc434e630227c
25e05812be38cf4998b096be208941498aacbbdbc4cd5f9df3fd89ffd4d9f4ab
26f36c77a96ebed3dc4f672cabde26575b2a880168147a15dbe73d3286bea4a7
31754f79a9615190ad1ce94474fad549b80c6b8e6bf552ccec8cab829dff2700
320e2922606df398a0dbe334d25d763eedbadd8a76b486c8e18aecc8ab81f96c
3239179c231e92d869dc4aaf0f98ec1788ab57525000014e6ae0bbf4a39a0afa
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
358ea4a54e01dc235b5009211451ec705df0e9038143e9aa368a434d11131b2b
3691a089aa0a0b3aaf66e3adc10b7a6eca3f0242f768fde61b7e9ee00195d9e9
393af04639528492c4cf870b6bd654dfc697a13d8cccfe31eec00292052732e7
3c4d38dd604a1b2ea84c978ebc9f54a3941da724c096616ea08020c45a06cc91
3ca2a57676562f20de469d1cf3ecb5fc6782f7abe37f33bdb7cb827204bad8a1
3d4c57e7447b9d9618f5ea3b5c389d9760a4df7b353e92cc91755f33d908ca26
3df7fa7bdc166e4d7ce3816c02945c209d8112ca6600d646733e40d2ec82a9c1
40b2010dbd390d81730fd6eace4e2b4148da5b59ed64a173eeca105060b397db
4158dfd25c98ede17fe71d0fd8082a889930366479f35136e4b9b421c72d572b
422aa4e7ba5ff626a830dbbee358cb5055122a03b5c36b5f7608e1b34999e529
4831d8a2c36bd1a29021499cda181b9418e33fc2bd80dbb57c74391414b91a24
48baca5d33344e733e6f4be5461081b77f3294229ddbc2a64862e279a9c8aa79
4ad14dd8fd118a33727be20ddf106459417dc92f8d3644bd9197e3e907d3fe62
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba79c1a96fa336eb94f57e03cf9954300ec61c0e437bc18d69edb365428b170
4ccb26a7168a1c74f847bc4518ede9657b9f7db89a646bffcd7f4d4ffb4660cd
4d4a077a48e23d5ceaf9c62399f725e5cb518411d6fc7dae5a8ece336768543e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
500fbec0043e2339458506b04a71d85d06b24a561b7c7e7854d7c0da5849d552
501a81d93e254c36c669265612c63b74c236d1b11f5d882c68182be4dc3e9e53
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
554677bb470eb3f3c437fd35db8661958363aad5ae63913df3dbb05d30fe1b50
55cf89b2e82febda511ace2a66851ef006e75e6924c5b136921d71080810b804
567a45907bd0951f8291802412271c7ff76051191d177eba5bd3901c6e03419b
5a3f91ecf95e3e237b158515d30d81894e5e2f070b70b193c721ba7299be89f1
5b983ba9474f96005f55d69769689f7718e70e3ad4a57a3207d76e6575bc797c
5c359660ced1ffde76cbfdbb03a34f78bb72393a27c738b00883821daa0a92ba
5cb2b184d0ee7dd3b41dfdd630dd1e0157dd103e689d9b835ba74a391f73bb8a
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6112d5568c224f17dd2506871d996fbd247cab744d4f1a916b91577f915dc76e
637e1ecadcb728a3ed9958cab50697305f76a4d92ce2cc59f82c39df2a4de1da
63de91fbbeb6aae2a605f08af9b12680c4207731031d09e4165bfde84a2a78de
6551f86f5da7dae0b900f10a676aebaf211fea34539ccbb59f51183fdf5ccf5b
67f3f393a90d9c645367330b2830cef85609885c5c0a587a4874f18d3b4bf839
6853db007173ca976c8f542cd15716a6fb8ee38d1aba4f7356e27d116cb2f9a5
6a64103cbcf116b3219a2d93b9bb4f0a267fa8214cf72460531004703fc3ea49
6dc6657ca61dbd3f9bd246ce09e31f6ef6f6b4ddff66f322ac7621d1852f76b4
747e5a54e1e9e276ba7f925e6c4ec61a480ae32f4da95e5e24877cde9059143b
74a7a53097f5335e794968f4f7c27d089701fd635c8698c5f5fda7f30356cacb
7cce00e71ef84b22807ee074fc5c7e00c7a6eeb9f74c2849c71ffba5ee0b1326
8513d46c8e882c4e4f7c31d69e9365c3b196addb293c55c385095e87a136762e
8730aafbdb6d03c6d4a37f76ebf8d504d5706fbae56686399a4b198981a0b6be
87e046445da0f8f77f07f53bfbaed78dd4d532a112fb2f3a4e2c29fb7c3e8966
88d2a7c187ba4dc4b67c8349b7bbf654d09cd1ae2782797e6b9a83c09ebfd5c7
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d044af6333b4109565865f6da07696499bd3184e8ff6964cd3063a3779ba5f2
8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
9064782323510e94279e3809576141afe6bb6b126699588317b28dd8949afc05
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9eb47b058f3fbf47aebfea791061d6d54e96ef43fee16035323d1e77f7c9ac1c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a21e487d382c75ecb8274d67e161014180b64a7967838ff364213c843bb9108c
a37fb304306a7906d299dc807b0741486eda2ef90df6f506a6b299773c68cadd
a5e54e6a33c72ba5fdee1b1d9953dca1305ae170596f12f02b548ae2ca797383
a6ca79956f4f1f0679f52b8cc7d4a46cafd981f474e2e1cc99fe14e847500f69
a8b612cffa6cca7f61f3d575799e26378331d5d38888e0518e46f064105201bd
a9504e02e9cbe3e8eb5f35f4a31b1abc5c87669d2e16a8abd9e90838e512eb36
aae02b968ec8b56633ee16a87597ab1fefc125f16c7cb9b49f47031989e0f824
ad80a3f6b1b1b869088b872381b3179a21dccc4e465ec0a00c92824f6462c258
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17f2e34090a2d4469c46a0a5724a9f404acc22a6618ecf41dc916876cccba17
b44b1a768b17a2a5107d468aded1aac5f56c136a6121a1d7e6411db331733f00
b5cfe81739625070b38bfff501e954220ecacebbe032f6635a4c952190b7db39
b950930f33aa68dc4a4eccf3ee71dbaaee20e1dabf9d39d4489fd686956fe543
baef7fd290d96b09415e1088cc636b3c7ef8d9bea94ccde5142c9d9bf42aba9f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcb82d5e6bea6260514b9c95cbba81e97415f7df9d3753790c510f3e774c2ddf
bef7ec66b63c1d4095d49c3ae182ecbd2adff34fc54899356c75abaf89487ef5
bf97f98167e273bced5cb98910d9c3172427bad6dcd74b00345e83757dccb8f9
c0a22dbe2c05f8d54872dfde1426f17e4f8e83999a2d4349202821b0c762f988
c331f9262f76902481619012ddef1e3a72bae0b3e3170d5edec7747b21d3e504
c3917f9a57bf482f212d8227de338751b5160d106d8092134c4d68b2955414f7
c61be1f787f42711ef1b74da0d3988057d488b163dd11dbfd174711892e67cc3
c7d1c8487db5109c6793ad452b5a688d6e28e7bfb22f2ca34f1ac04a25c3d03c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbf73f2bd7be70d4b638b386c217063b44bdb7d11e86e5efbea0d7f72dbc5899
cd447c4fd13fcbf4ec8b6b930fa5e25b3c16a1de27419b3edcb3be60688e551e
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d3f7d8d4fd0bf029bf0de9178ba58199fc01c3c43bc92716630a9ee02f556874
d4f7f76801ab84eece7208ffd8ef1693f886d7bcfe4326fd873f783228de64ff
d97c5803cdcbb5d2e9f441754f4f29aea6be4106090d816ef7705f8128ac0740
dd24633484c99d990cc787393a0ddc7bcb15530217830a8ef083b6bfc31c61e1
de471845407a4527ca5c4af420bd2396fb4b00e6e984cabf5c5e3bf9958fe4c5
dfd56cf5d5032bbbcb37ec12983f804f8692a97d5846c76c8cfbd208d7e734c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77b0f154ac2aff8d44ea6201fc78e6b71d565ca7a61f9335f289fbe4690d294
ea1cc6d89101aa8c9012963fc32058968e384a6904cb82415a2205f8aa4fdb11
eb3bf9c8f018a4ad38ab1b15de683e575128531c58281c9a5efeb814603f7ba3
ecf3a73e27f1e72ac07ff061a83061c3ba5c91d71054e414482fda075a29f787
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
eedef3371ed50b028179948b1be42fcaa878fe51f67c3e18be4049511302c7d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8e9f399b2c1b5456df765cce9f3d09e4064cb31b75a659d964f29a9cee3dc0
f1024373bd1af9cb87e2aaeb8187040944ce8dcaf810ece4acc70f3ff60c594e
f46157d0db4b6648bd1dbb75c424f7f9cb407788f6d2ada85762ca42b901380b

www.cheapoair.com Open in urlscan Pro 23.48.224.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

195 Requests

79 %HTTPS

0 %IPv6

56 Domains

75 Subdomains

63 IPs

3 Countries

2005 kBTransfer

6650 kBSize

119 Cookies

9 Outgoing links

Page URL History

Redirected requests

195 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.cheapoair.com Open in urlscan Pro
23.48.224.109 Public Scan

Screenshot
Live screenshot

Full Image

195
Requests

79 %
HTTPS

0 %
IPv6

56
Domains

75
Subdomains

63
IPs

3
Countries

2005 kB
Transfer

6650 kB
Size

119
Cookies

195 HTTP transactions
5 data transactions