flybillet.staging1-hotels.com Open in urlscan Pro
2a02:26f0:3400::1703:5821  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response flybillet.staging1-hotels.com/	70 KB 25 KB	1048ms 933ms	Document text/html	2a02:26f0:3400::1703:5821 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://flybillet.staging1-hotels.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3400::1703:5821 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software istio-envoy / Resource Hash d8d12f70055b3af9061819705a2521c9e82b85d0d12cbc97c3bf867771310bb9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control max-age=0, no-cache, no-store charset utf-8 content-encoding gzip content-language da-DK content-length 22368 content-type text/html; charset=UTF-8 date Wed, 20 Jul 2022 20:25:14 GMT expires Wed, 20 Jul 2022 20:25:14 GMT hcom_deployment_chart generic-hcom-app:8.4.4 hcom_deployment_key primary hcom_deployment_name hpa hcom_deployment_version b5111312d91b454a26c30a1fd3c50df45d6b5641 pragma no-cache server istio-envoy trace-id a356b3cf-6fbf-4f44-9b14-5b93056bfa91 vary Accept-Encoding x-b3-traceid a356b3cf6fbf4f449b145b93056bfa91 x-cgp-info noJvmRouteSet;0fe4eccd-086a-11ed-8008-0242194f7be3 x-context-guid 0fc3d359-2e6a-46af-8509-639a44482554 x-context-guid-now-generated true x-envoy-upstream-service-time 145 x-hcom-ctx da_DK|FLYBILLET_DK x-hcom-dio-styx-provided 1 x-hcom-experimentation-active 1 x-hcom-info lab-decaf-us-west-2-HomepageApp-HPA.2.0.922;0fe8e470-086a-11ed-9ed9-663d1c0c2e43;39 x-hcom-origin-id hpa.hpa x-hcom-rendered-with release x-hcom-styx-info lab-decaf.us-west-2.dmz;styxpres;styxapache-styx-pres-5775874f7b-l7q5v
GET H2	403	3vr-ekk-ekl-3vp-3vm-3wf-3vo-3wg-3w6-3w7-3w3-3wn-kan-k95-kj5-3vs-3x8-lis-8q-baf-el1-el0-3wc-bak-3vq-hax-enm-kyz-b9c-eni-bez-bh4-bh3-bh9-bhd-bf9-bf3-bhf-bhe a.staging1-cdn-hotels.com/uswest2/da/assets/cat/css/63.0.11012/	0 0	299ms 44ms	Stylesheet text/html	2a02:26f0:3400::1703:5841 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://a.staging1-cdn-hotels.com/uswest2/da/assets/cat/css/63.0.11012/3vr-ekk-ekl-3vp-3vm-3wf-3vo-3wg-3w6-3w7-3w3-3wn-kan-k95-kj5-3vs-3x8-lis-8q-baf-el1-el0-3wc-bak-3vq-hax-enm-kyz-b9c-eni-bez-bh4-bh3-bh9-bhd-bf9-bf3-bhf-bhe Requested by Host: flybillet.staging1-hotels.com URL: https://flybillet.staging1-hotels.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3400::1703:5841 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://flybillet.staging1-hotels.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers
GET H2	200	osano.js Show response cmp.osano.com/AzqLGwSC5AMNnWKx/90261498-7bd0-4817-802f-73017ebcf951/	307 KB 81 KB	875ms 760ms	Script application/javascript	2600:9000:224a:a800:3:b7e:8940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.osano.com/AzqLGwSC5AMNnWKx/90261498-7bd0-4817-802f-73017ebcf951/osano.js Requested by Host: flybillet.staging1-hotels.com URL: https://flybillet.staging1-hotels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:a800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 1533dbc7f38363eadb1641e45d1a6fc0c1f268aa5e2611fed83532cd7fa271da Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://flybillet.staging1-hotels.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 20 Jul 2022 20:25:15 GMT content-encoding br x-content-type-options nosniff x-amz-cf-pop DUS51-P1 x-cache Miss from cloudfront content-length 82018 x-xss-protection mode=block last-modified Thu, 16 Jun 2022 15:04:28 GMT server CloudFront x-frame-options SAMEORIGIN etag "bef82f0fcfee69a3f031710e43691da6" strict-transport-security max-age=2592000 content-type application/javascript; charset=utf-8 via 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront) cache-control public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform x-amz-cf-id JMXFkZfuTJ5lIWmpj61FpvqdVyZXYJALjr4Hecrtz0XI8Icx11HeDg==
GET H2	403	logo.png a.staging1-cdn-hotels.com/uswest2/da/assets/s/63.0.11012/images/brands/flybillet/logos/	0 0	36ms 35ms	Image text/html	2a02:26f0:3400::1703:5841 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://a.staging1-cdn-hotels.com/uswest2/da/assets/s/63.0.11012/images/brands/flybillet/logos/logo.png Requested by Host: flybillet.staging1-hotels.com URL: https://flybillet.staging1-hotels.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3400::1703:5841 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://flybillet.staging1-hotels.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers
GET H2	403	hotels-com-logo.png a.staging1-cdn-hotels.com/uswest2/da/assets/s/63.0.11012/images/common/icons/	0 0	36ms 35ms	Image text/html	2a02:26f0:3400::1703:5841 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://a.staging1-cdn-hotels.com/uswest2/da/assets/s/63.0.11012/images/common/icons/hotels-com-logo.png Requested by Host: flybillet.staging1-hotels.com URL: https://flybillet.staging1-hotels.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3400::1703:5841 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://flybillet.staging1-hotels.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers
GET H2	403	r-7-6-c-a-g-8x-8s-8t-94-f-d-2-9v-a0-5-9-v-8-e-p-9p-8w-0-kug-u-h03-b-3-4-8y-j6-j5-98-99-9c-9a-9o-9u-9t-95-a6-h5c-h5k-t-h6g-9x-gp1-a5-17-aw-8u-9r-409-av-407-9s-9b-b2-b0-9e-9l-az-45q-h6f-46q-1d-ha-ji-... a.staging1-cdn-hotels.com/uswest2/da/assets/cat/js/63.0.11012/	0 0	56ms 56ms	Script text/html	2a02:26f0:3400::1703:5841 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://a.staging1-cdn-hotels.com/uswest2/da/assets/cat/js/63.0.11012/r-7-6-c-a-g-8x-8s-8t-94-f-d-2-9v-a0-5-9-v-8-e-p-9p-8w-0-kug-u-h03-b-3-4-8y-j6-j5-98-99-9c-9a-9o-9u-9t-95-a6-h5c-h5k-t-h6g-9x-gp1-a5-17-aw-8u-9r-409-av-407-9s-9b-b2-b0-9e-9l-az-45q-h6f-46q-1d-ha-ji-jn-jj-j8-46r-hl-hr-45p-45v-37-h9-h6q-jg-jk-jm-jd-jb-36-in-j7-ja Requested by Host: flybillet.staging1-hotels.com URL: https://flybillet.staging1-hotels.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3400::1703:5841 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://flybillet.staging1-hotels.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers
GET BLOB	200 OK	aee49671-d451-4cce-8755-28beeb7fc507 https://flybillet.staging1-hotels.com/	390 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://flybillet.staging1-hotels.com/aee49671-d451-4cce-8755-28beeb7fc507 Requested by Host: flybillet.staging1-hotels.com URL: https://flybillet.staging1-hotels.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Length 390 Content-Type text/javascript

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| Modernizr undefined| __CSP_NONCE object| Osano object| dio object| hcom object| hcomi18nData object| hcomClientData object| injectedData object| commonDataBlock object| marketingDataLayer object| litHtmlVersions

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.flybillet.staging1-hotels.com/	1969-12-31 23:59:59	Name: asc Value: 1
			.flybillet.staging1-hotels.com/	1970-01-20 04:39:10	Name: visitId Value: 7e85f2f7-bbc3-49bb-aee5-fe94ac0bf293
			.staging1-hotels.com/	1969-12-31 23:59:59	Name: SESSID Value: avHve3d4GJ-EicH1LGSC9-SJEP.hpa-85d949cb7f-9m529
			.flybillet.staging1-hotels.com/	1970-01-20 13:24:44	Name: mvthistory Value: eJwtzDsOgCAQRdEdTebDMAylURMjpY2VNXtw8YLQndyXPEqsgICZkhFwh4f4F8bkA5KkT1Aps%2FpcowSgBmGzvwQinYgyYTggSB1QLQcVHtHbbcvvXu7lKGW7nvX8ADRlHks%3D
			.flybillet.staging1-hotels.com/	1970-01-20 13:24:44	Name: user Value: QSpkYV9ES3xGTFlCSUxMRVRfREs.
			flybillet.staging1-hotels.com/	1969-12-31 23:59:59	Name: dr Value: AAA~1658348714~277A61D96C628DD3BA8BF47A3AFE49365D1168B32207172B8A47F3F80C080993
			.flybillet.staging1-hotels.com/	1970-01-20 13:24:44	Name: guid Value: 0fc3d359-2e6a-46af-8509-639a44482554
			.flybillet.staging1-hotels.com/	1970-01-22 00:27:08	Name: cesc Value: %7B%22marketingClick%22%3A%5B%22false%22%2C1658348714709%5D%2C%22hitNumber%22%3A%5B%221%22%2C1658348714709%5D%2C%22visitNumber%22%3A%5B%221%22%2C1658348714709%5D%2C%22entryPage%22%3A%5B%22hpa%22%2C1658348714709%5D%7D
			.flybillet.staging1-hotels.com/	1970-01-20 04:39:10	Name: HMS Value: c985850f-a00f-4456-865c-10cf1685d921
			.flybillet.staging1-hotels.com/	1970-01-22 00:27:08	Name: MC1 Value: GUID=0fc3d3592e6a46af8509639a44482554
			.flybillet.staging1-hotels.com/	1970-01-22 00:27:08	Name: DUAID Value: 0fc3d359-2e6a-46af-8509-639a44482554
			flybillet.staging1-hotels.com/	1970-01-20 06:05:32	Name: akacd_pr_11 Value: 1663532714~rv=28~id=3d5354863d1954d911c144e563564b53

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://a.staging1-cdn-hotels.com/uswest2/da/assets/cat/css/63.0.11012/3vr-ekk-ekl-3vp-3vm-3wf-3vo-3wg-3w6-3w7-3w3-3wn-kan-k95-kj5-3vs-3x8-lis-8q-baf-el1-el0-3wc-bak-3vq-hax-enm-kyz-b9c-eni-bez-bh4-bh3-bh9-bhd-bf9-bf3-bhf-bhe Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://a.staging1-cdn-hotels.com/uswest2/da/assets/cat/js/63.0.11012/r-7-6-c-a-g-8x-8s-8t-94-f-d-2-9v-a0-5-9-v-8-e-p-9p-8w-0-kug-u-h03-b-3-4-8y-j6-j5-98-99-9c-9a-9o-9u-9t-95-a6-h5c-h5k-t-h6g-9x-gp1-a5-17-aw-8u-9r-409-av-407-9s-9b-b2-b0-9e-9l-az-45q-h6f-46q-1d-ha-ji-jn-jj-j8-46r-hl-hr-45p-45v-37-h9-h6q-jg-jk-jm-jd-jb-36-in-j7-ja Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://a.staging1-cdn-hotels.com/uswest2/da/assets/s/63.0.11012/images/brands/flybillet/logos/logo.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://a.staging1-cdn-hotels.com/uswest2/da/assets/s/63.0.11012/images/common/icons/hotels-com-logo.png Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.staging1-cdn-hotels.com
cmp.osano.com
flybillet.staging1-hotels.com
2600:9000:224a:a800:3:b7e:8940:93a1
2a02:26f0:3400::1703:5821
2a02:26f0:3400::1703:5841
1533dbc7f38363eadb1641e45d1a6fc0c1f268aa5e2611fed83532cd7fa271da
3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a
d8d12f70055b3af9061819705a2521c9e82b85d0d12cbc97c3bf867771310bb9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855