urlscan.io logo urlscan.io
SecurityTrails logo

www.cheapoair.com Open in urlscan Pro
23.45.99.236  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.travelweeklyupdate.com/ClicksHandler.ashx?audid=45793386&lguid=4913760a243a4d54924d7135990cd216&cmpid=863298&c=7&pcg=Li...
Effective URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxs...
Submission: On March 13 via manual from EG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 35 HTTP transactions. The main IP is 23.45.99.236, located in Amsterdam, Netherlands and belongs to AKAMAI-ASN1, US. The main domain is www.cheapoair.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on May 4th 2018. Valid for: a year.
This is the only time www.cheapoair.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 64.61.14.236 14989 (BROADVIEWNET)
1 5 23.45.99.236 20940 (AKAMAI-ASN1)
15 23.45.106.221 20940 (AKAMAI-ASN1)
2 205.185.208.52 20446 (HIGHWINDS3)
3 2a00:1450:400... 15169 (GOOGLE)
1 209.197.3.15 20446 (HIGHWINDS3)
1 152.199.19.160 15133 (EDGECAST)
1 2 2a03:2880:f10... 32934 (FACEBOOK)
4 2a03:2880:f00... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 40.114.241.141 8075 (MICROSOFT...)
35 11
1    64.61.14.236 (Ossining, United States)

ASN14989 (BROADVIEWNET - Broadview Networks, Inc., US)
PTR: static-64-61-14-236.isp.broadviewnet.net
www.travelweeklyupdate.com
5    23.45.99.236 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-99-236.deploy.static.akamaitechnologies.com
www.cheapoair.com
15    23.45.106.221 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-106-221.deploy.static.akamaitechnologies.com
c.fareportal.com
2    205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net
code.jquery.com
3    2a00:1450:4001:806::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
apis.google.com
1    209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
maxcdn.bootstrapcdn.com
1    152.199.19.160 (Ashburn, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
az416426.vo.msecnd.net
2    2a03:2880:f107:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
4    2a03:2880:f007:8:face:b00c:0:1 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
1    2a00:1450:4001:824::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81f::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
2    40.114.241.141 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
dc.services.visualstudio.com
Domain Requested by
15 c.fareportal.com www.cheapoair.com
apis.google.com
5 www.cheapoair.com 1 redirects www.cheapoair.com
3 apis.google.com www.cheapoair.com
c.fareportal.com
apis.google.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 staticxx.facebook.com connect.facebook.net
2 connect.facebook.net c.fareportal.com
connect.facebook.net
2 www.facebook.com 1 redirects www.cheapoair.com
2 code.jquery.com www.cheapoair.com
1 www.gstatic.com www.google.com
1 www.google.com c.fareportal.com
1 az416426.vo.msecnd.net www.cheapoair.com
1 maxcdn.bootstrapcdn.com www.cheapoair.com
1 www.travelweeklyupdate.com 1 redirects
35 13
Subject Issuer Validity Valid
www.cheapoair.com
DigiCert SHA2 Extended Validation Server CA		 2018-05-04 -
2019-05-18		 a year crt.sh
www.fareportal.com
GeoTrust RSA CA 2018		 2018-06-26 -
2019-09-25		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.google.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA		 2018-10-03 -
2019-10-12		 a year crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2018-03-30 -
2020-03-30		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-01-21 -
2019-04-21		 3 months crt.sh
www.google.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
dc.services.visualstudio.com
Microsoft IT TLS CA 2		 2018-12-03 -
2020-12-03		 2 years crt.sh

This page contains 4 frames:

Primary Page: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Frame ID: 7E5B9441E56D64821526D78EA8186435
Requests: 32 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/cheapoair/&send=false&layout=button_count&width=110&show_faces=false&action=like&colorscheme=light&height=21
Frame ID: 7EE5BC7B7044F617D43B2DBD84466031
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/vy-MhgbfL4v.js?version=44
Frame ID: 645AC13F96AFE249616CE85DDCDE3D28
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/vy-MhgbfL4v.js?version=44
Frame ID: ADB9ED260CD663F4C13C4C9F93DA0B5A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.travelweeklyupdate.com/ClicksHandler.ashx?audid=45793386&lguid=4913760a243a4d54924d7135990cd216&cmp... HTTP 302
    http://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6... HTTP 301
    https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^Ember$/i
Overall confidence: 100%
Detected patterns
  • env /^Ember$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /apis\.google\.com\/js\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

35
Requests

100 %
HTTPS

42 %
IPv6

11
Domains

13
Subdomains

11
IPs

3
Countries

910 kB
Transfer

2887 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.travelweeklyupdate.com/ClicksHandler.ashx?audid=45793386&lguid=4913760a243a4d54924d7135990cd216&cmpid=863298&c=7&pcg=Listing&pct=SliderBoxSignUpSem&uname=&imap=False&ipha= HTTP 302
    http://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386 HTTP 301
    https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://www.facebook.com/connect/ping?client_id=254155001398899&domain=www.cheapoair.com&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fvy-MhgbfL4v.js%3Fversion%3D44%23cb%3Df271729b4e61d74%26domain%3Dwww.cheapoair.com%26origin%3Dhttps%253A%252F%252Fwww.cheapoair.com%252Ffd5b2a28ca0978%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey HTTP 302
  • https://staticxx.facebook.com/connect/xd_arbiter/r/vy-MhgbfL4v.js?version=44

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request clicktocall
www.cheapoair.com/flights/booknow/
Redirect Chain
  • http://www.travelweeklyupdate.com/ClicksHandler.ashx?audid=45793386&lguid=4913760a243a4d54924d7135990cd216&cmpid=863298&c=7&pcg=Listing&pct=SliderBoxSignUpSem&uname=&imap=False&ipha=
  • http://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_med...
  • https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_me...
65 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.99.236 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-99-236.deploy.static.akamaitechnologies.com
Software
nginx/1.11.5 / ASP.NET
Resource Hash
9232e0bf2dadbea97193ecb312ce895722d31505d198e993add55192809e7359

Request headers

:method
GET
:authority
www.cheapoair.com
:scheme
https
:path
/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
cookie
uid=OWYzODA2OTNjYmIzMWE0Yw==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
nginx/1.11.5
content-type
text/html; charset=utf-8
ntcoent-length
66790
expires
Thu, 14 Mar 2019 08:15:08 GMT
vary
User-Agent Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
cache-control
max-age=86400 private
x-geoipcountrycode3
DE
x-geoiplatitude1
50.11530
x-geoiplongitude1
8.68230
x-ipadress
184.28.17.21
x-realipaddress
185.158.119.235
x-forwarded-for
185.158.119.235, 23.14.94.192
x-proxy-cache
HIT
x-proxy-server
lpnginx63
x-misc
0
x-geocontinentcode
EU
x-geocontinentname
Europe
content-encoding
gzip
content-length
17636
date
Wed, 13 Mar 2019 08:15:08 GMT
set-cookie
fplocation=regioncode=EU;Path=/;Max-Age=2592000 NSC_hdnt-nfndbdif.db.dpn-41-301=14b5a3d9dfca72261fd61070d085f07dcf743d2b101c7a404d45c791d8f528319b25fc53;path=/;secure;httponly ak_bmsc=4F2B3B1298B6DE8D3A883EACF17CDCB4170E5EC0D54400000CBC885CC8554413~pl2v0cWNCk5jNUN0Kji50ZaWxyVFeE7i+yYI+nUOVt+B0Q2wkFKZ7Q1ciP1ipPJgZ+FMjfQeBDsSFwWJ3GWU/2oL1RbCrAImEjBrq3hAP+sHy3zx84LK/yNS9NlaFT55fS5J/cpBRpjWPnBogyAaJTHA3PL4AM2z1mRf4NNUmjIJN3s4wk+/N34D1IghPLTLcyIP/8x7EXXsE4XRX9cOA5qhGFgSt9iEDB74FaPrUy4TM=; expires=Wed, 13 Mar 2019 10:15:08 GMT; max-age=7200; path=/; domain=.cheapoair.com; HttpOnly

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Date
Wed, 13 Mar 2019 08:15:08 GMT
Connection
keep-alive
Set-Cookie
uid=OWYzODA2OTNjYmIzMWE0Yw==; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.cheapoair.com
cmsresourcecombiner.ashx
www.cheapoair.com/cmshandlers/ 		287 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/cmshandlers/cmsresourcecombiner.ashx?bn=GlobalCSSFileSEM_css&gcms-srv
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.99.236 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-99-236.deploy.static.akamaitechnologies.com
Software
nginx/1.11.5 / ASP.NET GlobalCMS
Resource Hash
d3bfe50441e28b9fba74d126d45cef7984e00de6d790b53a56e8f4b8b02e72a8

Request headers

:path
/cmshandlers/cmsresourcecombiner.ashx?bn=GlobalCSSFileSEM_css&gcms-srv
pragma
no-cache
cookie
uid=OWYzODA2OTNjYmIzMWE0Yw==; fplocation=regioncode=EU; NSC_hdnt-nfndbdif.db.dpn-41-301=14b5a3d9dfca72261fd61070d085f07dcf743d2b101c7a404d45c791d8f528319b25fc53; ak_bmsc=4F2B3B1298B6DE8D3A883EACF17CDCB4170E5EC0D54400000CBC885CC8554413~pl2v0cWNCk5jNUN0Kji50ZaWxyVFeE7i+yYI+nUOVt+B0Q2wkFKZ7Q1ciP1ipPJgZ+FMjfQeBDsSFwWJ3GWU/2oL1RbCrAImEjBrq3hAP+sHy3zx84LK/yNS9NlaFT55fS5J/cpBRpjWPnBogyAaJTHA3PL4AM2z1mRf4NNUmjIJN3s4wk+/N34D1IghPLTLcyIP/8x7EXXsE4XRX9cOA5qhGFgSt9iEDB74FaPrUy4TM=
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.cheapoair.com
referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
:scheme
https
:method
GET
Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cteonnt-length
293632
date
Wed, 13 Mar 2019 08:15:08 GMT
content-encoding
gzip
server
nginx/1.11.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET GlobalCMS
vary
User-Agent Accept-Encoding
content-type
text/css; charset=utf-8
status
200
expires
Fri, 12 Apr 2019 08:15:08 GMT
cache-control
max-age=2592000 private
x-proxy-server
lpnginxlive65
set-cookie
NSC_hdnt-nfndbdif.db.dpn-41=5ccba3d8b21bb15da89a389b29a875fce4cb103862fb895fd6324da706422bb28f345059;path=/;secure;httponly
x-proxy-cache
HIT
z_style-font.css
c.fareportal.com/gcms/portals/2/responsive-ember/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/2/responsive-ember/css/z_style-font.css
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.106.221 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-106-221.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
e34437888c9cd92fd3a2de03c81a82bf251191dcca69d1f6070b460be31c8784

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:08 GMT
content-encoding
gzip
last-modified
Tue, 19 Feb 2019 09:35:52 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"bb3a28cf290b85ebd7576329e69f6f2d:1550568709"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
3384
jquery-1.9.1.min.js
code.jquery.com/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 13 Mar 2019 08:15:08 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:07 GMT
Server
nginx
ETag
W/"54499a47-169d5"
Vary
Accept-Encoding
X-HW
1552464908.dop019.fr8.shc,1552464908.dop019.fr8.t,1552464908.cds018.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
32772
jquery-migrate-1.2.1.min.js
code.jquery.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 13 Mar 2019 08:15:08 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
W/"54499a48-1c1f"
Vary
Accept-Encoding
X-HW
1552464908.dop023.fr8.shc,1552464908.dop023.fr8.t,1552464908.cds008.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3063
wscript-t.js
c.fareportal.com/gcms/portals/2/responsive-ember/app/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/2/responsive-ember/app/wscript-t.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.106.221 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-106-221.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ee53956cedada7a755bd6c6d561d4a3762cef40aef1c8e914edbdf8f38b55eb5

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:08 GMT
content-encoding
gzip
last-modified
Fri, 08 Mar 2019 14:33:43 GMT
server
Apache
access-control-allow-origin
*
etag
"6cad649f18839cc402fd44c4f033afb3:1552055673"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
936
vendors.min.js
c.fareportal.com/gcms/portals/2/responsive-ember/app/production/ 		496 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/2/responsive-ember/app/production/vendors.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.106.221 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-106-221.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f62757a35e649059e1d4c1bf48ab7d4a67aa73e3917d8433a85e30fbeff95986

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:08 GMT
content-encoding
gzip
last-modified
Mon, 15 Oct 2018 01:55:23 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"9e6224a6adb9bfd9682cc9a3e8fb3393:1527233215"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
124586
appall.min.js
c.fareportal.com/gcms/portals/2/responsive-ember/app/production/ 		698 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/2/responsive-ember/app/production/appall.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.106.221 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-106-221.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
da81730edad03c0d9f57b25e075cdab56ab58978bad3a3d67ef970a2ac202024

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:08 GMT
content-encoding
gzip
last-modified
Tue, 19 Feb 2019 09:49:45 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"4df9e2f08341edd46258235e142b9775:1550569586"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
115265
wscript.js
c.fareportal.com/gcms/portals/2/responsive-ember/app/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/2/responsive-ember/app/wscript.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.106.221 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-106-221.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
01d0057f892fd93d8789577eb6a9c3c279354abb1308e0c629b8b66656ddd8fd

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:08 GMT
content-encoding
gzip
last-modified
Mon, 21 May 2018 12:04:57 GMT
server
Apache
access-control-allow-origin
*
etag
"bdcab12af9a588cff48c99c7617c1389:1526904326"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
1204
platform.js
apis.google.com/js/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
554941f7e940881e386b0838d5a28eac9d5552d5499340dbbfc16e0873c2af7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-yatt6TAVh5MiYug5cSRV8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
strict-transport-security
max-age=31536000
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"b4c94aef28707fe78d5ae73b9b473afe"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Wed, 13 Mar 2019 08:15:08 GMT
cc-generic-nowinteract.js
c.fareportal.com/gcms/Portals/2/SEM-Includes/script/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/Portals/2/SEM-Includes/script/cc-generic-nowinteract.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.106.221 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-106-221.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e7b1778e862527d43e37caff777f1bdb43ae55928b35dfab7c1404c6dec4e4f6

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:08 GMT
content-encoding
gzip
last-modified
Tue, 12 Mar 2019 12:18:04 GMT
server
Apache
access-control-allow-origin
*
etag
"2937bfcee753809afb89ca150f1b20b7:1552393122"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
7499
global_signup_component.js
c.fareportal.com/gcms/Portals/2/responsive-b3/script/ 		2 KB
670 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/Portals/2/responsive-b3/script/global_signup_component.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.106.221 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-106-221.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ab886e15639aaf4aa29aa96b83d778895fceeed46510c31f5742532b5aafa865

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:08 GMT
content-encoding
gzip
last-modified
Tue, 17 Apr 2018 13:08:30 GMT
server
Apache
access-control-allow-origin
*
etag
"cc43c09ea7c9136d6ae06ebce0e3d624:1523974481"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
content-length
482
badge-script-lp.min.js
www.cheapoair.com/profiles/common-scripts/js/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/profiles/common-scripts/js/badge-script-lp.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.99.236 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-99-236.deploy.static.akamaitechnologies.com
Software
nginx / GlobalCMS
Resource Hash
82013da0ba1c5b15a0e8c2471eb417f18df553551bb1abc1f29da5b2401f1ba8

Request headers

:path
/profiles/common-scripts/js/badge-script-lp.min.js
pragma
no-cache
cookie
uid=OWYzODA2OTNjYmIzMWE0Yw==; fplocation=regioncode=EU; NSC_hdnt-nfndbdif.db.dpn-41-301=14b5a3d9dfca72261fd61070d085f07dcf743d2b101c7a404d45c791d8f528319b25fc53; ak_bmsc=4F2B3B1298B6DE8D3A883EACF17CDCB4170E5EC0D54400000CBC885CC8554413~pl2v0cWNCk5jNUN0Kji50ZaWxyVFeE7i+yYI+nUOVt+B0Q2wkFKZ7Q1ciP1ipPJgZ+FMjfQeBDsSFwWJ3GWU/2oL1RbCrAImEjBrq3hAP+sHy3zx84LK/yNS9NlaFT55fS5J/cpBRpjWPnBogyAaJTHA3PL4AM2z1mRf4NNUmjIJN3s4wk+/N34D1IghPLTLcyIP/8x7EXXsE4XRX9cOA5qhGFgSt9iEDB74FaPrUy4TM=; NSC_hdnt-nfndbdif.db.dpn-41=5ccba3d8b21bb15da89a389b29a875fce4cb103862fb895fd6324da706422bb28f345059
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.cheapoair.com
referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
:scheme
https
:method
GET
Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:08 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2019 15:41:02 GMT
server
nginx
x-powered-by
GlobalCMS
etag
W/"5c7e988e-aec8"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
no-cache public
x-proxy-server
nginx-7
set-cookie
NSC_Ohjoy-qspgjmf-118-301=5ccba3d8fa63882dbf1c4c8557e3a2c554f72789af856f0a5064e4da33148e80e3229980;path=/;secure;httponly
content-length
11597
expires
Tue, 12 Mar 2019 08:15:08 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.1.1/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:14 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
access-control-allow-origin
*
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
7679
cmsresourcecombiner.ashx
www.cheapoair.com/cmshandlers/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/cmshandlers/cmsresourcecombiner.ashx?bn=GlobalJsFileSEM_js&gcms-srv
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.99.236 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-99-236.deploy.static.akamaitechnologies.com
Software
nginx/1.11.5 / ASP.NET GlobalCMS
Resource Hash
94f10e86cdbe658e81c2f6a4c6e7e6a08d32a8802af43de7e508faa374deb9e0

Request headers

:path
/cmshandlers/cmsresourcecombiner.ashx?bn=GlobalJsFileSEM_js&gcms-srv
pragma
no-cache
cookie
uid=OWYzODA2OTNjYmIzMWE0Yw==; fplocation=regioncode=EU; NSC_hdnt-nfndbdif.db.dpn-41-301=14b5a3d9dfca72261fd61070d085f07dcf743d2b101c7a404d45c791d8f528319b25fc53; ak_bmsc=4F2B3B1298B6DE8D3A883EACF17CDCB4170E5EC0D54400000CBC885CC8554413~pl2v0cWNCk5jNUN0Kji50ZaWxyVFeE7i+yYI+nUOVt+B0Q2wkFKZ7Q1ciP1ipPJgZ+FMjfQeBDsSFwWJ3GWU/2oL1RbCrAImEjBrq3hAP+sHy3zx84LK/yNS9NlaFT55fS5J/cpBRpjWPnBogyAaJTHA3PL4AM2z1mRf4NNUmjIJN3s4wk+/N34D1IghPLTLcyIP/8x7EXXsE4XRX9cOA5qhGFgSt9iEDB74FaPrUy4TM=
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.cheapoair.com
referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
:scheme
https
:method
GET
Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:08 GMT
content-encoding
gzip
server
nginx/1.11.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET GlobalCMS
ntcoent-length
10595
vary
User-Agent Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
expires
Fri, 12 Apr 2019 08:15:08 GMT
cache-control
max-age=2592000 private
x-proxy-server
lpnginx63
set-cookie
NSC_hdnt-nfndbdif.db.dpn-41=14b5a3d9dfca72261fd61070d085f07dcf743d2b101c7a404d45c791d8f528319b25fc53;path=/;secure;httponly
content-length
3426
x-proxy-cache
HIT
coagdprtracking.js
c.fareportal.com/gcms/portals/2/responsive-ember/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/2/responsive-ember/js/coagdprtracking.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.106.221 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-106-221.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
324931052b6852618ab79be6df3a8bf409fcb8789ac02c2d1df0660ea4a087dc

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:08 GMT
content-encoding
gzip
last-modified
Thu, 10 Jan 2019 11:34:45 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"19cd0fd0294cc18d677e53ab392b5f52:1547119777"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
3098
AnonymousUserTracking-gcms.min.js
c.fareportal.com/gcms/portals/2/Js/opt-js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/2/Js/opt-js/AnonymousUserTracking-gcms.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.106.221 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-106-221.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
27b0c98df45f3a0988f55a1168f3912a2a2e881dabd6b4a7ccbf9cf1f6c93e2c

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:08 GMT
content-encoding
gzip
last-modified
Tue, 17 Apr 2018 13:08:10 GMT
server
Apache
access-control-allow-origin
*
etag
"0797ddf31702a4d46643fad7a314fd04:1523973684"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
857
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		95 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Mar 2019 08:15:08 GMT
content-encoding
gzip
content-md5
7JhCKwvLjoUoS5N/nN9LRA==
x-cache
HIT
status
200
content-length
21636
x-ms-lease-status
unlocked
last-modified
Mon, 27 Aug 2018 19:51:06 GMT
server
ECAcc (frc/8FA5)
etag
0x8D60C566D4F1460
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
46ef298b-d01e-009c-7073-d99f59000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=600
x-ms-version
2009-09-19
home-sprite-opt.png
c.fareportal.com/gcms/portals/2/responsive-b3/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/gcms/portals/2/responsive-b3/images/home-sprite-opt.png
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.106.221 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-106-221.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
20fae6fb3805cad81ebb725d2dd8d43dfdf553b10275bce910804880cce7853e

Request headers

Referer
https://www.cheapoair.com/cmshandlers/cmsresourcecombiner.ashx?bn=GlobalCSSFileSEM_css&gcms-srv
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:08 GMT
last-modified
Tue, 17 Apr 2018 13:08:30 GMT
server
Apache
access-control-allow-origin
*
etag
"d22383b13312314d8320434a9ae80ef9:1523974400"
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
30792
calus247n.png
c.fareportal.com/vd/coa/travel/r6/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/vd/coa/travel/r6/images/calus247n.png
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.106.221 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-106-221.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
14fc4046b61fcc54838eefd1368870d738b56b810a0da4375062786bebf9a86f

Request headers

Referer
https://www.cheapoair.com/cmshandlers/cmsresourcecombiner.ashx?bn=GlobalCSSFileSEM_css&gcms-srv
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:08 GMT
last-modified
Thu, 14 Dec 2017 23:40:06 GMT
server
Apache
access-control-allow-origin
*
etag
"1c999a2b54562ad48382288352aa7c22:1513856370"
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
14429
COA-font-icon.woff2
c.fareportal.com/vd/coa/travel/font-icon/coa/fonts/ 		85 KB
85 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/vd/coa/travel/font-icon/coa/fonts/COA-font-icon.woff2?ann52u
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.106.221 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-106-221.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
438b171de173437f6494fbce6db973b322cc6e6a876454f167b8b10713768dbd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://c.fareportal.com/gcms/portals/2/responsive-ember/css/z_style-font.css
Origin
https://www.cheapoair.com

Response headers

date
Wed, 13 Mar 2019 08:15:08 GMT
last-modified
Wed, 13 Sep 2017 15:43:35 GMT
server
Apache
access-control-allow-origin
*
etag
"60d2a09a6c39a30f5f8c8dc1c8ed47a8:1505317593"
content-type
font/woff2
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
87076
like.php
www.facebook.com/plugins/ Frame 7EE5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/cheapoair/&send=false&layout=button_count&width=110&show_faces=false&action=like&colorscheme=light&height=21
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?href=https://www.facebook.com/cheapoair/&send=false&layout=button_count&width=110&show_faces=false&action=like&colorscheme=light&height=21
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
V3MSNVPqFCDSQRv3PWIuUlYau94T1XXBAWO0u4OYn5VJmu4A4Nsx9H67MjqowCIxoPS0MzTQragIqJNwNGgIyA==
date
Wed, 13 Mar 2019 08:15:08 GMT
ORM-Banner.jpg
c.fareportal.com/gcms/Portals/2/responsive/images/sem/Generic-banner/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/gcms/Portals/2/responsive/images/sem/Generic-banner/ORM-Banner.jpg
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.106.221 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-106-221.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4193f3b3238abfe10ddd0efde276b6e1c54086371fc7e6f399b3546198234deb

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:08 GMT
last-modified
Tue, 17 Apr 2018 13:09:23 GMT
server
Apache
access-control-allow-origin
*
etag
"2057664c7c16530ac1f4d721a711717c:1523975896"
content-type
image/jpeg
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
52185
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: c.fareportal.com
URL: https://c.fareportal.com/gcms/Portals/2/SEM-Includes/script/cc-generic-nowinteract.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
2f671b468b1e104aaf8e4005cacc8fe59ea792a33d86b5da6c6985c939b82da3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
fVp9aWeovxNC0OVUp5Bd5A==
status
200
date
Wed, 13 Mar 2019 08:15:08 GMT
vary
Accept-Encoding
content-length
1777
x-fb-debug
QfaqhrlkYag7tFKi72tEIM70p2pdsvGu9QraaSg0ruhjew6FA/GD8ESxHCXeX+dM+OmJRzO6fsZHoHgvsDIFOQ==
x-fb-content-md5
97d71b7c0afca5519a2813637910f437
etag
"698df20d3f9beed44a642b2a3c4925c1"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 13 Mar 2019 08:34:34 GMT
coa-credit-card-bg.jpg
c.fareportal.com/vd/coa/travel/r6/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/vd/coa/travel/r6/images/coa-credit-card-bg.jpg
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.106.221 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-106-221.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3cf2d4d5c22554ce9a4a8894a885edd30440bf02c242ad647b9d0adc76b6f069

Request headers

Referer
https://www.cheapoair.com/cmshandlers/cmsresourcecombiner.ashx?bn=GlobalCSSFileSEM_css&gcms-srv
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:08 GMT
last-modified
Thu, 14 Dec 2017 23:40:06 GMT
server
Apache
access-control-allow-origin
*
etag
"014ed0a56e9ce71c37041da332c4a460:1513856370"
content-type
image/jpeg
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
11307
coa-credit-card.png
c.fareportal.com/vd/coa/travel/r6/images/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/vd/coa/travel/r6/images/coa-credit-card.png
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.106.221 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-106-221.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bf1011888e173f710b4d698b2e57e1c80a9f09bf1da15adc3eee56e2ad6ee9c3

Request headers

Referer
https://www.cheapoair.com/cmshandlers/cmsresourcecombiner.ashx?bn=GlobalCSSFileSEM_css&gcms-srv
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:08 GMT
last-modified
Thu, 14 Dec 2017 23:40:06 GMT
server
Apache
access-control-allow-origin
*
etag
"d5d96662ef3a3f320c9923e12b76449b:1513856371"
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
37713
all.js
connect.facebook.net/en_US/ 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=998614ded3dcf3734649ae042e01ad7d&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
83fc5ec5403a4037269fe22230f37354e4b32b8736bcf4890f471b98abce4341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Origin
https://www.cheapoair.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
J8E6aDJm0WQRJh9fM4NwgA==
status
200
date
Wed, 13 Mar 2019 08:15:09 GMT
vary
Accept-Encoding
content-length
54901
x-fb-debug
VAxaEqSirtkyvG5VeXFIquLlCx4KKBWT2sQdSEkTu473samWglvsyu4jmXM02Mn6d0UdZO5SHPY2M660nfrjfw==
x-fb-content-md5
0631005ceed02f464376b52090cffe6c
etag
"41c509ce846c91a4e366a35eefd4b8b1"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Thu, 12 Mar 2020 06:49:21 GMT
vy-MhgbfL4v.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 645A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/vy-MhgbfL4v.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=998614ded3dcf3734649ae042e01ad7d&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/vy-MhgbfL4v.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386

Response headers

status
200
content-encoding
br
content-type
text/html; charset=utf-8
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Wed, 11 Mar 2020 21:54:27 GMT
cache-control
public,max-age=31536000,immutable
x-fb-debug
Ty27WVjJBFerIkty1PDVpAHSxrP7gh2dBKe12Q1wxR9LD9L71JOOeG4ihglCwRC7Mv+/Bpomw0z/FJWCBrCLUA==
content-length
11011
date
Wed, 13 Mar 2019 08:15:09 GMT
api.js
www.google.com/recaptcha/ 		762 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: c.fareportal.com
URL: https://c.fareportal.com/gcms/portals/2/responsive-ember/app/wscript.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
98239ebcc48e7c9dabc57f495946c02b3e3c907d839f6b69971aee32e237ed85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
447
x-xss-protection
1; mode=block
expires
Wed, 13 Mar 2019 08:15:14 GMT
client.js
apis.google.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client.js?onload=googleApiLoaded
Requested by
Host: c.fareportal.com
URL: https://c.fareportal.com/gcms/portals/2/responsive-ember/app/wscript.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3d4664965086e3d8251307bcf061ba69e7db65401a5515fc2156744a46e5c1e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 08:15:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-uqmoqGwRPeNn3RCFx7/+rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
strict-transport-security
max-age=31536000
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"c753c347cbe88eee29b3c0349fc34447"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Wed, 13 Mar 2019 08:15:14 GMT
vy-MhgbfL4v.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame ADB9
Redirect Chain
  • https://www.facebook.com/connect/ping?client_id=254155001398899&domain=www.cheapoair.com&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fvy-MhgbfL4v.js%3Fvers...
  • https://staticxx.facebook.com/connect/xd_arbiter/r/vy-MhgbfL4v.js?version=44
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/vy-MhgbfL4v.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=998614ded3dcf3734649ae042e01ad7d&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/vy-MhgbfL4v.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386

Response headers

status
200
content-encoding
br
content-type
text/html; charset=utf-8
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Wed, 11 Mar 2020 21:54:27 GMT
cache-control
public,max-age=31536000,immutable
x-fb-debug
Ty27WVjJBFerIkty1PDVpAHSxrP7gh2dBKe12Q1wxR9LD9L71JOOeG4ihglCwRC7Mv+/Bpomw0z/FJWCBrCLUA==
content-length
11011
date
Wed, 13 Mar 2019 08:15:14 GMT

Redirect headers

status
302
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
location
https://staticxx.facebook.com/connect/xd_arbiter/r/vy-MhgbfL4v.js?version=44#cb=f271729b4e61d74&domain=www.cheapoair.com&origin=https%3A%2F%2Fwww.cheapoair.com%2Ffd5b2a28ca0978&relation=parent&error=unknown_user
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
b05+S7v/EN3KLOnwqMtXtAFbrtYKtfp/MCd2rjJjU2zZ5IGBa80OEZHPqsaglakLoii/sHYu2ICc/gkuWJLGKA==
content-length
0
date
Wed, 13 Mar 2019 08:15:14 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1551681158638/ 		260 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/api2/v1551681158638/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
224188bb6dab42ea7cdaf59b0476e84c06ba69efbbc8c469c9d1bd5df2d5e730
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 22:58:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Mar 2019 20:15:00 GMT
server
sffe
age
379018
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
92290
x-xss-protection
1; mode=block
expires
Sat, 07 Mar 2020 22:58:16 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.OvjlA57AcNg.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCOmFbJPNdj7d6y0qyUxACf7qwKkfg/ 		280 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.OvjlA57AcNg.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCOmFbJPNdj7d6y0qyUxACf7qwKkfg/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=googleApiLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a7e45a46dac84745b88e42c677d1b8dc0e5cb997d2c1b0f55f3089ac17c94b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 12 Mar 2019 18:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Mar 2019 20:43:12 GMT
server
sffe
age
48890
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
99557
x-xss-protection
1; mode=block
expires
Wed, 11 Mar 2020 18:40:24 GMT
track
dc.services.visualstudio.com/v2/ 		0
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
POST
Origin
https://www.cheapoair.com
Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type,sdk-context

Response headers

Date
Wed, 13 Mar 2019 08:15:14 GMT
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length
0
track
dc.services.visualstudio.com/v2/ 		223 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6a1b8b70996f43d323e0666c32f25a3eead420fe376a3ea1da76f018ded77c53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-cart-r2&tfn=1-845-664-6175&fpsub=sliderboxsignupsem_863298_t3_03-12-2019-ctgn-863298-Logo&utm_source=newsletter&utm_medium=email&utm_campaign=ab-cart-email&tag=logo&cmpid=863298&audid=45793386
Origin
https://www.cheapoair.com
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
73B75036-EFA0-44AF-9339-8DB222295F00
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Access-Control-Max-Age
3600
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Date
Wed, 13 Mar 2019 08:15:23 GMT
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length
223

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| getCookie undefined| script undefined| s boolean| isGDPR function| $ function| jQuery object| appInsights object| compareFaresConfig boolean| isSTAOff string| urlName object| coupons function| SetCookie boolean| disableGeoLocation boolean| hasSearch boolean| loadExtremeSearch boolean| EnableMultiCitySDS number| urlIndex string| emberSignupSource string| CouponCode string| termsConditionsText string| Discount string| DisclaimerUpdate undefined| TextBeforeCoupon string| CouponExpiryDate boolean| isRecentSearchDisabled object| gdprCookieVal string| fpLocation object| googletag function| attachOnLoadEvent function| loadGoogleAds boolean| trackEvent function| showCouponPopup function| hideCouponPopup function| handleCouponCodePopup function| popshowcon function| getParameterByName string| domainIdHeaderWithoutWWW string| OAUTHURL string| VALIDURL string| SCOPE string| CLIENTID string| REDIRECT string| TYPE string| _url boolean| isLive function| btnFacebookLoginClick function| socialSignInServiceCall function| signInSuccess function| btnGoogleLoginClick function| getSetGoogleVars function| getGoogleDetails function| validateToken function| googleSignInServiceCall function| setCookiesContent function| setCookie function| fbAsyncInit object| FP object| gapi object| ___jsl function| __extends object| Microsoft object| AI object| FB object| jQuery191021963528147073852 function| QueryString object| pageConfig undefined| lowestFare function| resize function| showGG function| TaxesFeesInfo function| ServiceFeesInfo function| NLTC function| BaggageFeesInfo function| termsAndCond function| showTerms function| BestPriceInfo function| TaxesFeesVPInfo function| GetCookieVal function| GetCookie function| DeleteCookie function| signOutEvent function| SignOut function| FetchUserName function| UserNameAuthenticate function| UserSignInAuth function| UserSignIn function| signOutClick function| bbb function| windowOpener string| path string| args object| Ember object| Em object| SimpleAuth function| handleUserLoggedInProfiles function| HashTable function| isLocalStorageSupported function| merge function| parseUTCDate function| decodeHashDate function| jsPopunder function| FpNotificationService object| App object| App2 object| App1 object| App3 function| cookie number| secs number| mins number| hours function| dateFormat object| globalMessage object| boundAttributeKeys function| computed function| on object| ENV function| report_error object| signupPopUnder function| googleApiLoaded function| loadScriptAsync string| badgeflowtype string| badgecomponent string| badgecomponentfooter string| popupbadge string| es_culture_resource string| en_culture_resource object| mktUtility object| mktConfigData object| envSetting object| upUtility object| dataLayer object| gaTracking object| signupBadge object| EmailSignupService string| gdprdata string| gdprSignData function| setGDPRCookie function| InvokeGTMContainer function| gdprBtnClick string| GCMStemplateName object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| osapi object| gadgets object| shindig object| pos object| googleapis object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__

1 Cookies

Domain/Path Name / Value
www.cheapoair.com/ Name: ai_session
Value: njJwC|1552464914427.125|1552464914427.125

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
az416426.vo.msecnd.net
c.fareportal.com
code.jquery.com
connect.facebook.net
dc.services.visualstudio.com
maxcdn.bootstrapcdn.com
staticxx.facebook.com
www.cheapoair.com
www.facebook.com
www.google.com
www.gstatic.com
www.travelweeklyupdate.com
152.199.19.160
205.185.208.52
209.197.3.15
23.45.106.221
23.45.99.236
2a00:1450:4001:806::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:824::2004
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
40.114.241.141
64.61.14.236
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e
01d0057f892fd93d8789577eb6a9c3c279354abb1308e0c629b8b66656ddd8fd
14fc4046b61fcc54838eefd1368870d738b56b810a0da4375062786bebf9a86f
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
20fae6fb3805cad81ebb725d2dd8d43dfdf553b10275bce910804880cce7853e
224188bb6dab42ea7cdaf59b0476e84c06ba69efbbc8c469c9d1bd5df2d5e730
27b0c98df45f3a0988f55a1168f3912a2a2e881dabd6b4a7ccbf9cf1f6c93e2c
2f671b468b1e104aaf8e4005cacc8fe59ea792a33d86b5da6c6985c939b82da3
324931052b6852618ab79be6df3a8bf409fcb8789ac02c2d1df0660ea4a087dc
3cf2d4d5c22554ce9a4a8894a885edd30440bf02c242ad647b9d0adc76b6f069
3d4664965086e3d8251307bcf061ba69e7db65401a5515fc2156744a46e5c1e4
4193f3b3238abfe10ddd0efde276b6e1c54086371fc7e6f399b3546198234deb
438b171de173437f6494fbce6db973b322cc6e6a876454f167b8b10713768dbd
554941f7e940881e386b0838d5a28eac9d5552d5499340dbbfc16e0873c2af7a
6a1b8b70996f43d323e0666c32f25a3eead420fe376a3ea1da76f018ded77c53
82013da0ba1c5b15a0e8c2471eb417f18df553551bb1abc1f29da5b2401f1ba8
83fc5ec5403a4037269fe22230f37354e4b32b8736bcf4890f471b98abce4341
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
9232e0bf2dadbea97193ecb312ce895722d31505d198e993add55192809e7359
94f10e86cdbe658e81c2f6a4c6e7e6a08d32a8802af43de7e508faa374deb9e0
98239ebcc48e7c9dabc57f495946c02b3e3c907d839f6b69971aee32e237ed85
a7e45a46dac84745b88e42c677d1b8dc0e5cb997d2c1b0f55f3089ac17c94b0e
ab886e15639aaf4aa29aa96b83d778895fceeed46510c31f5742532b5aafa865
bf1011888e173f710b4d698b2e57e1c80a9f09bf1da15adc3eee56e2ad6ee9c3
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
d3bfe50441e28b9fba74d126d45cef7984e00de6d790b53a56e8f4b8b02e72a8
da81730edad03c0d9f57b25e075cdab56ab58978bad3a3d67ef970a2ac202024
e34437888c9cd92fd3a2de03c81a82bf251191dcca69d1f6070b460be31c8784
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b1778e862527d43e37caff777f1bdb43ae55928b35dfab7c1404c6dec4e4f6
ee53956cedada7a755bd6c6d561d4a3762cef40aef1c8e914edbdf8f38b55eb5
f62757a35e649059e1d4c1bf48ab7d4a67aa73e3917d8433a85e30fbeff95986