www.lowfares.com Open in urlscan Pro
34.237.62.229 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fareupdate.com/
Effective URL:
https://www.lowfares.com/
Submission: On October 09 via automatic, source certstream-suspicious (October 9th 2023, 8:47:53 pm UTC) — Scanned from DE

Summary HTTP 28 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 28 HTTP transactions. The main IP is 34.237.62.229, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.lowfares.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 23rd 2023. Valid for: a year.

This is the only time www.lowfares.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.0.223.63 52.0.223.63	14618 (AMAZON-AES) (AMAZON-AES)
3	34.237.62.229 34.237.62.229	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700:e0:... 2606:4700:e0::ac40:660b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
5	18.66.122.22 18.66.122.22	16509 (AMAZON-02) (AMAZON-02)
3	18.184.172.55 18.184.172.55	16509 (AMAZON-02) (AMAZON-02)
2	18.244.140.116 18.244.140.116	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	34.193.178.107 34.193.178.107	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:244... 2600:9000:2447:5000:f:7ab9:d180:93a1	16509 (AMAZON-02) (AMAZON-02)
2	54.83.136.119 54.83.136.119	14618 (AMAZON-AES) (AMAZON-AES)
28	10

1 52.0.223.63 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-223-63.compute-1.amazonaws.com

fareupdate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.237.62.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-62-229.compute-1.amazonaws.com

www.lowfares.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e0::ac40:660b (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.122.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-22.fra60.r.cloudfront.net

cdn.lowfares.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.184.172.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-172-55.eu-central-1.compute.amazonaws.com

dwncpv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.244.140.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-140-116.lhr50.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.193.178.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-178-107.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2447:5000:f:7ab9:d180:93a1 (United States)

ASN16509 (AMAZON-02, US)

d29u10q7qlh006.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.83.136.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-136-119.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	lowfares.com www.lowfares.com cdn.lowfares.com	294 KB
6	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 5664 trc.pushnami.com — Cisco Umbrella Rank: 5804 psp.pushnami.com — Cisco Umbrella Rank: 23777	20 KB
3	cloudfront.net d29u10q7qlh006.cloudfront.net	116 KB
3	dwncpv.com dwncpv.com	13 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1214	90 KB
2	gstatic.com fonts.gstatic.com	95 KB
1	fareupdate.com 1 redirects fareupdate.com	134 B
28	8

	Domain	Requested by
5	cdn.lowfares.com	www.lowfares.com cdn.lowfares.com
3	d29u10q7qlh006.cloudfront.net	www.lowfares.com
3	dwncpv.com	www.lowfares.com dwncpv.com
3	fonts.googleapis.com	www.lowfares.com client
3	use.fontawesome.com	www.lowfares.com use.fontawesome.com
3	www.lowfares.com	cdn.lowfares.com
2	psp.pushnami.com	api.pushnami.com
2	trc.pushnami.com	api.pushnami.com
2	fonts.gstatic.com	fonts.googleapis.com
2	api.pushnami.com	www.lowfares.com api.pushnami.com
1	fareupdate.com	1 redirects
28	11

This site contains links to these domains. Also see Links.

Domain
book.lowfares.com
travel.mediaalpha.com

Subject Issuer	Validity	Valid
lowfares.com Amazon RSA 2048 M01	`2023-06-23` - `2024-07-21`	a year	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-09-01` - `2023-11-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
dwncpv.com Amazon RSA 2048 M01	`2023-05-23` - `2024-06-20`	a year	crt.sh
*.pushnami.com Amazon RSA 2048 M01	`2023-03-04` - `2024-04-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.lowfares.com/
Frame ID: A79CF9557B64A1B05A9B59695EC65B39
Requests: 16 HTTP requests in this frame

Frame: https://www.lowfares.com/deals.html?lead=%7B%22flights%22%3A%5B%7B%22origin%22%3A%22PAD%22%2C%22destination%22%3A%22%22%2C%22date%22%3A%222023-10-10%22%7D%2C%7B%22origin%22%3A%22%22%2C%22destination%22%3A%22PAD%22%2C%22date%22%3A%222023-10-17%22%7D%5D%2C%22max_stops%22%3A%220%22%2C%22num_adults%22%3A%221%22%7D;LbO2tGwivpAhcPmKewSKLGLCWL9s7BviHAN9qpZuiS4dPIN7LhTJIXq2AXaJvkmTwr2is_as
Frame ID: C8DA757B5A7D22274030EECF221BCD6B
Requests: 9 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 0ADA5A1A60316C7677CDDA8E8BDDD517
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Flight Deals on Airline Tickets - Compare Prices from Top Travel Sites | LowFares.com

Page URL History Show full URLs

https://fareupdate.com/ HTTP 302
https://www.lowfares.com/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

36 %
IPv6

8
Domains

11
Subdomains

10
IPs

2
Countries

632 kB
Transfer

1120 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://book.lowfares.com/hotels/help/review/?refid=8870
Title: My Reservations

Search URL Search Domain Scan URL

URL: https://book.lowfares.com/?refid=8870&refclickid=sitebutton
Title: Book Now!

Search URL Search Domain Scan URL

URL: https://travel.mediaalpha.com/content/privacy-policy.html?;I3dcmZDihbHjzFJHOQjPUk9kL5fCQM1sVE2CSLf7pLwMFEwhCOBxNyeaU3q5NGbVuSO0vgSN?;bQTiFMxZqR3ccOhaCHsmby4uWjluo5uDOCiAUCiqV_54Any3r0PEvzfQsg6FAie5GqYbLqvWBXXyc3PFhWyUfSqYGBkk_CcQzC04L2Gf61iM_OVrLmlATIzujSFgYKuJxSc4m7j3drrerMzI0tTMBCfKkvGMU9vQQ5OmSVIlRQKY5nIqbKLazqSvntflbzOgFCWI5yel
Title: Updated Privacy Policy

Search URL Search Domain Scan URL

URL: https://travel.mediaalpha.com/content/privacy-center.html?;I3dcmZDihbHjzFJHOQjPUk9kL5fCQM1sVE2CSLf7pLwMFEwhCOBxNyeaU3q5NGbVuSO0vgSN?;bQTiFMxZqR3ccOhaCHsmby4uWjluo5uDOCiAUCiqV_54Any3r0PEvzfQsg6FAie5GqYbLqvWBXXyc3PFhWyUfSqYGBkk_CcQzC04L2Gf61iM_OVrLmlATIzujSFgYKuJxSc4m7j3drrerMzI0tTMBCfKkvGMU9vQQ5OmSVIlRQKY5nIqbKLazqSvntflbzOgFCWI5yel
Title: Privacy Center

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fareupdate.com/ HTTP 302
https://www.lowfares.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.lowfares.com/
Redirect Chain

https://fareupdate.com/
https://www.lowfares.com/

33 KB
6 KB

436ms
160ms

Document
text/html

34.237.62.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lowfares.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.62.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-62-229.compute-1.amazonaws.com
Software: Apache /
Resource Hash: ba15a9889cffd7aa931d4388b9789de808e5b22a4d85aaadd37b463dacf49e4f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 6045
content-type: text/html; charset=UTF-8
date: Mon, 09 Oct 2023 20:47:46 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

content-encoding: gzip
content-length: 20
content-type: text/html; charset=UTF-8
date: Mon, 09 Oct 2023 20:47:46 GMT
location: //www.lowfares.com
server: Apache
vary: Accept-Encoding

GET
H2 200 solid.css
use.fontawesome.com/releases/v5.6.1/css/ 649 B
1005 B 314ms
250ms Stylesheet
text/css 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/css/solid.css
Requested by: Host: www.lowfares.com
URL: https://www.lowfares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27670b44c6db5af9a5ede5471ea888ba208b2824941534020ea8ecf964b747f3

Request headers

Referer: https://www.lowfares.com/
Origin: https://www.lowfares.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 20:47:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 079BE3ZK4AW8A96C
alt-svc: h3=":443"; ma=86400
x-amz-id-2: +mudRkCDRC+ZJ5jo2PDaCI5mbDsTbHO1C1OInFdUYyPVmJvW7jc5bRsC8KMDWOkPKtVLnROaLfk=
last-modified: Wed, 30 Jun 2021 15:44:12 GMT
server: cloudflare
etag: W/"31288642182e598828999e84823b3f56"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4Vgt088BhAchZz8H5bFy7Vg6mxZqlCbE%2B%2BGg7FQirRlDpdca3yZ2b0MrcxcyAQ6iYneKvKSjtlw%2B6go%2BywOZWluNTffl23ay0qcukazaN%2Fs57i%2BO9shCEpHT1mNr2M2baA6WDZqB%2F1Fngl4y4mYOn0k"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 81397b0cce2391de-FRA

GET
H2 200 fontawesome.css
use.fontawesome.com/releases/v5.6.1/css/ 51 KB
12 KB 501ms
437ms Stylesheet
text/css 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/css/fontawesome.css
Requested by: Host: www.lowfares.com
URL: https://www.lowfares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e9f906119dd457bc74c2ed0879785190fa9d42192405039544a4d47a31aef1f

Request headers

Referer: https://www.lowfares.com/
Origin: https://www.lowfares.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 20:47:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0793GCZC69MVP8RW
alt-svc: h3=":443"; ma=86400
x-amz-id-2: EhiicDp0kg1ySZ9cfMYUUxnsKP4aw9qojF1/lYYNFopyXxMKOirdo1GqWWK87U32zqUlYEOOjz4=
last-modified: Wed, 30 Jun 2021 15:44:12 GMT
server: cloudflare
etag: W/"61923ff4f5011c594268ce668c200230"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkkw%2BYO8FZ8b7CpjwA0jMIql3dJWqx7%2BslN0Nv0rDmoIErsDH2tk7efFR3zXbHGKvc3TR4E61FX3rWH9zmYP3n1PKhs5wY88Esji4zP4by1nEgvEDmqEuCL4I7yXhP1%2BeSKw%2FOq%2BEwRluJZXWuiea6E4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 81397b0cce2491de-FRA

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 120ms
54ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Requested by

Host: www.lowfares.com
URL: https://www.lowfares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

058d2488f4d26d53cf94a6739b9800ac2d9897baa61a920a66e758129fc7b0bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lowfares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 20:47:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 19:36:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 20:47:46 GMT

GET
H2 200 ihavecookies,main
cdn.lowfares.com/css/08a-QSQ/ 21 KB
5 KB 160ms
45ms Stylesheet
text/css 18.66.122.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lowfares.com/css/08a-QSQ/ihavecookies,main
Requested by: Host: www.lowfares.com
URL: https://www.lowfares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-22.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 7dbd8e4a22df4af939c5aa5fdfca817552f79c2622f15ad7d9bb90f107b20ba5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lowfares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 17:47:48 GMT
content-encoding: gzip
via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA60-P2
age: 10798
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
content-length: 4692
x-amz-cf-id: N1kNi_-WLA9Js12YYTEoVlangh8wHaDc6qo25DbqfV8m3PXJ5wh6Dg==

GET
H2 200 form-base-mixin,autocomplete-mixin,deals-mixin,gdpr-mixin,vue,vue-autosuggest,v-calendar,axios,jquery,dayjs,oo-utils,pixels,ihavecookies,flight Show response
cdn.lowfares.com/js/08a-QSQ/ 435 KB
141 KB 445ms
445ms Script
application/javascript 18.66.122.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lowfares.com/js/08a-QSQ/form-base-mixin,autocomplete-mixin,deals-mixin,gdpr-mixin,vue,vue-autosuggest,v-calendar,axios,jquery,dayjs,oo-utils,pixels,ihavecookies,flight
Requested by: Host: www.lowfares.com
URL: https://www.lowfares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-22.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 2bd935dd7d6e5f2f3250c65cbf57ded0dfc976b95fd429ba31eb7fe29e455df2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lowfares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 20:47:47 GMT
content-encoding: gzip
via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
x-amz-cf-id: W2ht9327hVqXjOziuYK51pSlARK7YPxkNzJz7IAjhzwjymvvln8ytQ==

GET
H2 200 serve.js Show response
dwncpv.com/js/ 14 KB
5 KB 160ms
47ms Script
application/javascript 18.184.172.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dwncpv.com/js/serve.js
Requested by: Host: www.lowfares.com
URL: https://www.lowfares.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.172.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-172-55.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 499b3afe636ddb37aaa135596a6bac8847c47058f42e88f374ebc97d6e2b1796

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lowfares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 20:47:46 GMT
content-encoding: gzip
server: Apache
content-length: 4765
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8

GET
H2 200 lowfares.svg
cdn.lowfares.com/img/ 6 KB
3 KB 37ms
37ms Image
image/svg+xml 18.66.122.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.lowfares.com/img/lowfares.svg
Requested by: Host: www.lowfares.com
URL: https://www.lowfares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-22.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 9fe7b27922e627df7a3fbec7282e3f9f9ce2c9a42c1f0ce8467eb70f8b966333

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lowfares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:57:04 GMT
content-encoding: gzip
via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Jul 2021 17:10:50 GMT
server: Apache
x-amz-cf-pop: FRA60-P2
age: 60643
etag: "6478d-18b7-5c79122b59282"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2650
x-amz-cf-id: ESWKxJPyRvcN4oR4UEnjr0AT7YI55TU-ZTsXvBj2oaXXH806IlhwIA==

GET
H2 200 placeholder.png
cdn.lowfares.com/img/ 30 KB
30 KB 42ms
42ms Image
image/png 18.66.122.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.lowfares.com/img/placeholder.png
Requested by: Host: www.lowfares.com
URL: https://www.lowfares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-22.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 76020a5ad6e6b3ce9f4fc55c3907f5e62a0d14deca66dab13bb603b6de102540

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lowfares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:22:41 GMT
via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
last-modified: Thu, 12 Aug 2021 20:32:14 GMT
server: Apache
x-amz-cf-pop: FRA60-P2
age: 51906
etag: "6475f-779f-5c962a152f0c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 30623
x-amz-cf-id: Mm_aw6xJZPeEgTMcSXnyhv-zq9roTwpa9wY2eoiQD9Wu1xPWVBdDDw==

GET
H2 200 63e2c111aa4802001379557b Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 88 KB
18 KB 450ms
334ms Script
application/javascript 18.244.140.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63e2c111aa4802001379557b
Requested by: Host: www.lowfares.com
URL: https://www.lowfares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.140.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-140-116.lhr50.r.cloudfront.net
Software: /
Resource Hash: 03411ac92e3548e79f5c67d01dde40bb13b2c1cf62a7dd3d9b6054c3b230035e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lowfares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 20:47:47 GMT
content-encoding: gzip
via: 1.1 c2db74fdac7456292f16507d44d2b538.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P7
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-id: BAYoxdd2jUAO5Oe7xr0mQzvM5QN2mNngh-EJ2_aR-e83EdX2R-3J5Q==

GET
H2 200 hero-flight.jpg
cdn.lowfares.com/img/ 108 KB
108 KB 332ms
332ms Image
image/jpeg 18.66.122.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.lowfares.com/img/hero-flight.jpg
Requested by: Host: cdn.lowfares.com
URL: https://cdn.lowfares.com/css/08a-QSQ/ihavecookies,main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-22.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 5530d13f8fc7cc05cb2cbfeb5d9aa2a2c1fd094fc3e10e801567134b1e4da5e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.lowfares.com/css/08a-QSQ/ihavecookies,main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 20:47:48 GMT
via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Jul 2021 17:10:50 GMT
server: Apache
x-amz-cf-pop: FRA60-P2
etag: "64784-1aeb3-5c79122b582e2"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 110259
x-amz-cf-id: q2i43Sh3ZJDKKA6aSTPgxq83i2B9Z1bttlnlEy3OSttnkxVASjcN9w==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 91ms
27ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.lowfares.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:17:53 GMT
x-content-type-options: nosniff
age: 354594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:17:53 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.1/webfonts/ 77 KB
78 KB 397ms
396ms Font
font/woff2 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.1/css/solid.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08aa3a5ee68a21d5771a70b20495b6da1c0f996c46982cd1b0447ad2db730d11

Request headers

Referer: https://use.fontawesome.com/releases/v5.6.1/css/solid.css
Origin: https://www.lowfares.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 20:47:48 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: SRYVFC92EENDZKW4
alt-svc: h3=":443"; ma=86400
content-length: 79072
x-amz-id-2: rGWyclpzLYe6OMPHfGAnjkGvWINRr2/xMK4PCZDe3pCSfTJLAQjnmkfchO3hZyRw0q2TsQsAx7I=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: "59ea9019c9b9bc4d83ab9783e830735c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzjnvCSV0GT%2BAljM2f8RC6zc2Ab7HWUx4l23rjlXtWgMT75QimsNg2bNH5O9redJZ5%2BbJd4iRR8cOKwDa4khzS0ZHOu%2F9nY06lkpDMOAHbe3ucFw%2BoBNLtjeG1Q3nzVTfe%2BNowtzL1yAwQrV%2FAOOS60K"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 81397b139ccb91de-FRA

GET
H2 200 deals.html Show response
www.lowfares.com/ Frame C8DA 2 KB
863 B 144ms
144ms Document
text/html 34.237.62.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lowfares.com/deals.html?lead=%7B%22flights%22%3A%5B%7B%22origin%22%3A%22PAD%22%2C%22destination%22%3A%22%22%2C%22date%22%3A%222023-10-10%22%7D%2C%7B%22origin%22%3A%22%22%2C%22destination%22%3A%22PAD%22%2C%22date%22%3A%222023-10-17%22%7D%5D%2C%22max_stops%22%3A%220%22%2C%22num_adults%22%3A%221%22%7D;LbO2tGwivpAhcPmKewSKLGLCWL9s7BviHAN9qpZuiS4dPIN7LhTJIXq2AXaJvkmTwr2is_as
Requested by: Host: cdn.lowfares.com
URL: https://cdn.lowfares.com/js/08a-QSQ/form-base-mixin,autocomplete-mixin,deals-mixin,gdpr-mixin,vue,vue-autosuggest,v-calendar,axios,jquery,dayjs,oo-utils,pixels,ihavecookies,flight
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.62.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-62-229.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 7fb5f71b7f7d09389435c1f958a91ede5d880bbb85b46bf242f0d33bdc0f440f

Request headers

Referer: https://www.lowfares.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 738
content-type: text/html; charset=UTF-8
date: Mon, 09 Oct 2023 20:47:47 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 cookie-consent.json Show response
www.lowfares.com/js/event/ 3 B
89 B 137ms
137ms XHR
text/plain 34.237.62.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lowfares.com/js/event/cookie-consent.json?path=display;bQTiFMxZqR3ccOhaCHsmby4uWjluo5uDOCiAUCiqV_54Any3r0PEvzfQsg6FAie5GqYbLqvWBXXyc3PFhWyUfSqYGBkk_CcQzC04L2Gf61iM_OVrLmlATIzujSFgYKuJxSc4m7j3drrerMzI0tTMBCfKkvGMU9vQQ5OmSVIlRQKY5nIqbKLazqSvntflbzOgFCWI5yel
Requested by: Host: cdn.lowfares.com
URL: https://cdn.lowfares.com/js/08a-QSQ/form-base-mixin,autocomplete-mixin,deals-mixin,gdpr-mixin,vue,vue-autosuggest,v-calendar,axios,jquery,dayjs,oo-utils,pixels,ihavecookies,flight
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.62.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-62-229.compute-1.amazonaws.com
Software: Apache /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept: */*
Referer: https://www.lowfares.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: text/plain; charset=UTF-8
date: Mon, 09 Oct 2023 20:47:47 GMT
server: Apache

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 410ms
131ms Preflight 34.193.178.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.178.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-178-107.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://www.lowfares.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Mon, 09 Oct 2023 20:47:48 GMT

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 186ms
186ms Fetch
text/html 34.193.178.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63e2c111aa4802001379557b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.178.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-178-107.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.lowfares.com/
accept-language: de-DE,de;q=0.9
key: 63e2c111aa4802001379557b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 09 Oct 2023 20:47:48 GMT
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 2
content-type: text/html; charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ Frame C8DA 717 B
466 B 37ms
37ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: www.lowfares.com
URL: https://www.lowfares.com/deals.html?lead=%7B%22flights%22%3A%5B%7B%22origin%22%3A%22PAD%22%2C%22destination%22%3A%22%22%2C%22date%22%3A%222023-10-10%22%7D%2C%7B%22origin%22%3A%22%22%2C%22destination%22%3A%22PAD%22%2C%22date%22%3A%222023-10-17%22%7D%5D%2C%22max_stops%22%3A%220%22%2C%22num_adults%22%3A%221%22%7D;LbO2tGwivpAhcPmKewSKLGLCWL9s7BviHAN9qpZuiS4dPIN7LhTJIXq2AXaJvkmTwr2is_as

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lowfares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 20:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 19:54:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 20:47:47 GMT

GET
H2 200 serve.js Show response
dwncpv.com/js/ Frame C8DA 14 KB
5 KB 39ms
39ms Script
application/javascript 18.184.172.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dwncpv.com/js/serve.js
Requested by: Host: www.lowfares.com
URL: https://www.lowfares.com/deals.html?lead=%7B%22flights%22%3A%5B%7B%22origin%22%3A%22PAD%22%2C%22destination%22%3A%22%22%2C%22date%22%3A%222023-10-10%22%7D%2C%7B%22origin%22%3A%22%22%2C%22destination%22%3A%22PAD%22%2C%22date%22%3A%222023-10-17%22%7D%5D%2C%22max_stops%22%3A%220%22%2C%22num_adults%22%3A%221%22%7D;LbO2tGwivpAhcPmKewSKLGLCWL9s7BviHAN9qpZuiS4dPIN7LhTJIXq2AXaJvkmTwr2is_as
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.172.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-172-55.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 499b3afe636ddb37aaa135596a6bac8847c47058f42e88f374ebc97d6e2b1796

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lowfares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 20:47:47 GMT
content-encoding: gzip
server: Apache
content-length: 4765
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8

GET
H2 200 serve_.js Show response
dwncpv.com/js/ Frame C8DA 9 KB
4 KB 125ms
125ms Script
text/javascript 18.184.172.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dwncpv.com/js/serve_.js?z=~version~17~placement_id~[~KhlUq1bZSp1Sz65v3KkL2eYHH7uMGw~]~data~{~num_adults~1~max_stops~0~flights~[{~date~~2023-10-10~~destination~A~origin~~PAD~}{~date~~2023-10-17~~destination~~PAD~~origin~A}]}~type~~deal_unit~~local_hour~22&d=__max__755851631&_=609478427
Requested by: Host: dwncpv.com
URL: https://dwncpv.com/js/serve.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.172.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-172-55.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ce1a970c99b7ac0d83c787dfe38478e9ae065f14549712df95502cea04530f94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lowfares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 20:47:48 GMT
content-encoding: gzip
server: Apache
content-length: 3885
vary: Accept-Encoding
content-type: text/javascript

GET
H3 200 css
fonts.googleapis.com/ Frame C8DA 11 KB
807 B 39ms
37ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a14d71c9fa9719eae556f9589eaa64b6e9e2b9c89a7f0784f1c9f06ff4fbf2d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lowfares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 20:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 20:40:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 20:47:48 GMT

GET
H2 200 RTnAE6SqykVCMrlKAhmGNISH_Co.jpg
d29u10q7qlh006.cloudfront.net/t/deal/image/i/ Frame C8DA 62 KB
62 KB 166ms
66ms Image
image/jpeg 2600:9000:2447:5000:f:7ab9:d180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29u10q7qlh006.cloudfront.net/t/deal/image/i/RTnAE6SqykVCMrlKAhmGNISH_Co.jpg
Requested by: Host: www.lowfares.com
URL: https://www.lowfares.com/deals.html?lead=%7B%22flights%22%3A%5B%7B%22origin%22%3A%22PAD%22%2C%22destination%22%3A%22%22%2C%22date%22%3A%222023-10-10%22%7D%2C%7B%22origin%22%3A%22%22%2C%22destination%22%3A%22PAD%22%2C%22date%22%3A%222023-10-17%22%7D%5D%2C%22max_stops%22%3A%220%22%2C%22num_adults%22%3A%221%22%7D;LbO2tGwivpAhcPmKewSKLGLCWL9s7BviHAN9qpZuiS4dPIN7LhTJIXq2AXaJvkmTwr2is_as
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2447:5000:f:7ab9:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8c307f37a7c22e5b0467371fd050c40b406adfbc889bbdfaa1243fc4ba6fdef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lowfares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 09 Oct 2023 20:47:48 GMT
via: 1.1 134cb849e01fafad6f264ff9633b073e.cloudfront.net (CloudFront)
last-modified: Sat, 23 Nov 2019 00:00:09 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 66004
etag: "eedcccc39c01fc457e3e3c7cd2ddebb0"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 63021
x-amz-cf-id: piAVpXNuLBQnjxku7FjzIFhJf-IPKhn0peL3zNnZeTehBkq8AjcU5A==

GET
H2 200 g7i4fZDyaUdCsAOk6BWmg9rSl3c.jpg
d29u10q7qlh006.cloudfront.net/t/deal/image/i/ Frame C8DA 33 KB
34 KB 135ms
36ms Image
image/jpeg 2600:9000:2447:5000:f:7ab9:d180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29u10q7qlh006.cloudfront.net/t/deal/image/i/g7i4fZDyaUdCsAOk6BWmg9rSl3c.jpg
Requested by: Host: www.lowfares.com
URL: https://www.lowfares.com/deals.html?lead=%7B%22flights%22%3A%5B%7B%22origin%22%3A%22PAD%22%2C%22destination%22%3A%22%22%2C%22date%22%3A%222023-10-10%22%7D%2C%7B%22origin%22%3A%22%22%2C%22destination%22%3A%22PAD%22%2C%22date%22%3A%222023-10-17%22%7D%5D%2C%22max_stops%22%3A%220%22%2C%22num_adults%22%3A%221%22%7D;LbO2tGwivpAhcPmKewSKLGLCWL9s7BviHAN9qpZuiS4dPIN7LhTJIXq2AXaJvkmTwr2is_as
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2447:5000:f:7ab9:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a98f9f3a1da68d6ed354e534456843cfb7b0134af49e423da671b72c924b8a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lowfares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: BeFvLpCLKWrVb7gMKYE6aNpKOFYnHR_M
date: Mon, 09 Oct 2023 06:52:04 GMT
via: 1.1 134cb849e01fafad6f264ff9633b073e.cloudfront.net (CloudFront)
last-modified: Wed, 04 Oct 2023 07:00:06 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 50145
x-amz-server-side-encryption: AES256
etag: "7198c34d2edb69f52913d5aa56233509"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 34058
x-amz-cf-id: 09rzAVmEblGMawuH84u9dRRJwyFBWQjQHLfVaVW2u4CSwPAposg3sQ==

GET
H2 200 0lO-Mh8vt_n66MIl3qy3WKY5wBA.jpg
d29u10q7qlh006.cloudfront.net/t/deal/image/i/ Frame C8DA 20 KB
21 KB 192ms
93ms Image
image/jpeg 2600:9000:2447:5000:f:7ab9:d180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29u10q7qlh006.cloudfront.net/t/deal/image/i/0lO-Mh8vt_n66MIl3qy3WKY5wBA.jpg
Requested by: Host: www.lowfares.com
URL: https://www.lowfares.com/deals.html?lead=%7B%22flights%22%3A%5B%7B%22origin%22%3A%22PAD%22%2C%22destination%22%3A%22%22%2C%22date%22%3A%222023-10-10%22%7D%2C%7B%22origin%22%3A%22%22%2C%22destination%22%3A%22PAD%22%2C%22date%22%3A%222023-10-17%22%7D%5D%2C%22max_stops%22%3A%220%22%2C%22num_adults%22%3A%221%22%7D;LbO2tGwivpAhcPmKewSKLGLCWL9s7BviHAN9qpZuiS4dPIN7LhTJIXq2AXaJvkmTwr2is_as
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2447:5000:f:7ab9:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3dfb99204b4f2b4fab34490d8d4941e8ebbc85ccc81a35f8e88589ad457f9d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lowfares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 10:45:12 GMT
x-amz-version-id: 2lSr58nGHoCV5ICh3ymNxtVns1XKqxT7
via: 1.1 134cb849e01fafad6f264ff9633b073e.cloudfront.net (CloudFront)
last-modified: Sat, 07 Oct 2023 07:00:06 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 36157
etag: "917369a351d46d01b67a68f4d0ed79f6"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 20757
x-amz-cf-id: f7QA87Vzz0uE8O7MwIvCRFbKxD1paBeUNW7xAeoH8JGTAAZo4pxjdg==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame C8DA 47 KB
47 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.lowfares.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:17:53 GMT
x-content-type-options: nosniff
age: 354595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:17:53 GMT

GET
H2 200 hub Show response
api.pushnami.com/scripts/v1/ Frame 0ADA 2 KB
1 KB 45ms
44ms Document
text/html 18.244.140.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63e2c111aa4802001379557b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.140.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-140-116.lhr50.r.cloudfront.net

Software

Resource Hash

2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Referer: https://www.lowfares.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 3030
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Mon, 09 Oct 2023 19:57:18 GMT
vary: accept-encoding
via: 1.1 c2db74fdac7456292f16507d44d2b538.cloudfront.net (CloudFront)
x-amz-cf-id: bCmJPQesQjCkZVRFh02nEfDyWztvAooIP-b3t1T8JS53lVb0KCPdgQ==
x-amz-cf-pop: LHR50-P7
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
152 B 121ms
120ms Fetch
text/html 54.83.136.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63e2c111aa4802001379557b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.83.136.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-136-119.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.lowfares.com/
accept-language: de-DE,de;q=0.9
key: 63e2c111aa4802001379557b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 09 Oct 2023 20:47:48 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/html; charset=utf-8

OPTIONS
H2 204 psp
psp.pushnami.com/api/ Frame 0
0 435ms
148ms Preflight 54.83.136.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.83.136.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-136-119.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://www.lowfares.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: key
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Mon, 09 Oct 2023 20:47:48 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://www.lowfares.com/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pushnami.com
cdn.lowfares.com
d29u10q7qlh006.cloudfront.net
dwncpv.com
fareupdate.com
fonts.googleapis.com
fonts.gstatic.com
psp.pushnami.com
trc.pushnami.com
use.fontawesome.com
www.lowfares.com
18.184.172.55
18.244.140.116
18.66.122.22
2600:9000:2447:5000:f:7ab9:d180:93a1
2606:4700:e0::ac40:660b
2a00:1450:4001:80b::200a
2a00:1450:4001:811::2003
34.193.178.107
34.237.62.229
52.0.223.63
54.83.136.119
03411ac92e3548e79f5c67d01dde40bb13b2c1cf62a7dd3d9b6054c3b230035e
058d2488f4d26d53cf94a6739b9800ac2d9897baa61a920a66e758129fc7b0bb
08aa3a5ee68a21d5771a70b20495b6da1c0f996c46982cd1b0447ad2db730d11
27670b44c6db5af9a5ede5471ea888ba208b2824941534020ea8ecf964b747f3
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2bd935dd7d6e5f2f3250c65cbf57ded0dfc976b95fd429ba31eb7fe29e455df2
3dfb99204b4f2b4fab34490d8d4941e8ebbc85ccc81a35f8e88589ad457f9d80
499b3afe636ddb37aaa135596a6bac8847c47058f42e88f374ebc97d6e2b1796
5530d13f8fc7cc05cb2cbfeb5d9aa2a2c1fd094fc3e10e801567134b1e4da5e5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a98f9f3a1da68d6ed354e534456843cfb7b0134af49e423da671b72c924b8a5
6e9f906119dd457bc74c2ed0879785190fa9d42192405039544a4d47a31aef1f
76020a5ad6e6b3ce9f4fc55c3907f5e62a0d14deca66dab13bb603b6de102540
7dbd8e4a22df4af939c5aa5fdfca817552f79c2622f15ad7d9bb90f107b20ba5
7fb5f71b7f7d09389435c1f958a91ede5d880bbb85b46bf242f0d33bdc0f440f
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9fe7b27922e627df7a3fbec7282e3f9f9ce2c9a42c1f0ce8467eb70f8b966333
a14d71c9fa9719eae556f9589eaa64b6e9e2b9c89a7f0784f1c9f06ff4fbf2d5
ba15a9889cffd7aa931d4388b9789de808e5b22a4d85aaadd37b463dacf49e4f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce1a970c99b7ac0d83c787dfe38478e9ae065f14549712df95502cea04530f94
e8c307f37a7c22e5b0467371fd050c40b406adfbc889bbdfaa1243fc4ba6fdef
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9

www.lowfares.com Open in urlscan Pro 34.237.62.229 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

36 %IPv6

8 Domains

11 Subdomains

10 IPs

2 Countries

632 kBTransfer

1120 kBSize

0 Cookies

6 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.lowfares.com Open in urlscan Pro
34.237.62.229 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

36 %
IPv6

8
Domains

11
Subdomains

10
IPs

2
Countries

632 kB
Transfer

1120 kB
Size

0
Cookies

28 HTTP transactions
0 data transactions