urlscan.io logo urlscan.io
SecurityTrails logo

m.cheapoair.com Open in urlscan Pro
104.108.59.112  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.travelweeklyupdate.com/ClicksHandler.ashx?audid=56837217&lguid=e7761a3a56994ed2adbd3b63865459c1&cmpid=954596&c=7&pcg=pc...
Effective URL: https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flight...
Submission: On August 07 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 8 domains to perform 15 HTTP transactions. The main IP is 104.108.59.112, located in Netherlands and belongs to AKAMAI-AS - Akamai Technologies, Inc., US. The main domain is m.cheapoair.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 29th 2019. Valid for: 2 years.
This is the only time m.cheapoair.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 64.61.14.236 14989 (BROADVIEWNET)
1 5 104.108.59.112 16625 (AKAMAI-AS)
7 104.109.73.209 20940 (AKAMAI-ASN1)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 152.199.19.160 15133 (EDGECAST)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
15 6
1    64.61.14.236 (New York, United States)

ASN14989 (BROADVIEWNET - Windstream Communications LLC, US)
PTR: static-64-61-14-236.isp.broadviewnet.net
www.travelweeklyupdate.com
5    104.108.59.112 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-59-112.deploy.static.akamaitechnologies.com
m.cheapoair.com
7    104.109.73.209 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-73-209.deploy.static.akamaitechnologies.com
c.fareportal.com
2    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    152.199.19.160 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
az416426.vo.msecnd.net
1    2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
Domain Requested by
7 c.fareportal.com m.cheapoair.com
c.fareportal.com
5 m.cheapoair.com 1 redirects m.cheapoair.com
c.fareportal.com
2 stats.g.doubleclick.net 1 redirects c.fareportal.com
1 www.google.de m.cheapoair.com
1 www.google.com 1 redirects
1 az416426.vo.msecnd.net m.cheapoair.com
1 www.travelweeklyupdate.com 1 redirects
0 dnn506yrbagrg.cloudfront.net Failed m.cheapoair.com
15 8

This site contains no links.

Subject Issuer Validity Valid
www.cheapoair.com
DigiCert SHA2 Extended Validation Server CA		 2019-04-29 -
2021-05-18		 2 years crt.sh
www.fareportal.com
GeoTrust RSA CA 2018		 2019-04-25 -
2019-09-25		 5 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-07-29 -
2019-10-27		 3 months crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2018-03-30 -
2020-03-30		 2 years crt.sh
www.google.de
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
Frame ID: D9DD80EDC55C81709AD72FD24E2F3335
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.travelweeklyupdate.com/ClicksHandler.ashx?audid=56837217&lguid=e7761a3a56994ed2adbd3b63865459c1&cmp... HTTP 302
    http://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-43... HTTP 301
    https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-43... Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 50%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • script /tracker\.js/i

Page Statistics

15
Requests

93 %
HTTPS

43 %
IPv6

8
Domains

8
Subdomains

6
IPs

4
Countries

238 kB
Transfer

543 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.travelweeklyupdate.com/ClicksHandler.ashx?audid=56837217&lguid=e7761a3a56994ed2adbd3b63865459c1&cmpid=954596&c=7&pcg=pcg&pct=mweb-flighttravellerstep&uname=&imap=&ipha= HTTP 302
    http://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217 HTTP 301
    https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1054918340&utmhn=m.cheapoair.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Call%20CheapOair%20for%20Special%20Flight%20Discounts!&utmhid=1366055079&utmr=-&utmp=%2Fflights%2Fbooknow%2Fclicktocall%3Ffpaffiliate%3Dret-coa-eenl-flight%26tfn%3D1-888-828-4372%26fpsub%3Dmweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dwednesdaynl%26tag%3Dh2logo%26cmpid%3D954596%26audid%3D56837217&utmht=1565210903095&utmac=UA-423411-14&utmcc=__utma%3D57848438.1576321799.1565210903.1565210903.1565210903.1%3B%2B__utmz%3D57848438.1565210903.1.1.utmcsr%3Dnewsletter%7Cutmccn%3Dwednesdaynl%7Cutmcmd%3Demail%3B&utmjid=234392594&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-423411-14&cid=1576321799.1565210903&jid=234392594&_v=5.7.2dc&z=1054918340 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-423411-14&cid=1576321799.1565210903&jid=234392594&_v=5.7.2dc&z=1054918340&slf_rd=1&random=3900391141

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request clicktocall
m.cheapoair.com/flights/booknow/
Redirect Chain
  • http://www.travelweeklyupdate.com/ClicksHandler.ashx?audid=56837217&lguid=e7761a3a56994ed2adbd3b63865459c1&cmpid=954596&c=7&pcg=pcg&pct=mweb-flighttravellerstep&uname=&imap=&ipha=
  • http://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newslette...
  • https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newslett...
16 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.59.112 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-112.deploy.static.akamaitechnologies.com
Software
nginx/1.15.2 / ASP.NET
Resource Hash
74bc48841aaf9d1f79452e785f59f204fc842dc7eb86053927c3c1ec6c143e92

Request headers

:method
GET
:authority
m.cheapoair.com
:scheme
https
:path
/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
cookie
uid=MDVmNTdkMWNmNWY5OTNkYQ==; fplocation=regioncode=EU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
nginx/1.15.2
content-type
text/html; charset=utf-8
ntcoent-length
16743
gcms-cache-ttl-min
360
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-geoipcountrycode3
US
x-geoiplatitude1
38.90850
x-geoiplongitude1
-77.01770
x-ipadress
72.246.52.113
x-realipaddress
208.87.234.140
x-forwarded-for
208.87.234.140, 184.28.17.62
x-proxy-cache
HIT
x-proxy-server
lpnginxlive65
x-misc
0
x-geocontinentcode
NA
x-geocontinentname
North America
fp-x-edge-cachecontrol
!no-store, cache-maxage=360m
fp-x-edge-cache-enabled
1
content-encoding
gzip
content-length
5758
cache-control
private, max-age=16101
expires
Thu, 08 Aug 2019 01:16:42 GMT
date
Wed, 07 Aug 2019 20:48:21 GMT
vary
Accept-Encoding
set-cookie
AKA_A2=A; expires=Wed, 07-Aug-2019 21:48:21 GMT; path=/; domain=cheapoair.com; secure; HttpOnly ak_bmsc=6919CB34752A13979DE2951CF080AD4348F7B2EDC430000015394B5D6E995357~plVBgORSd21VvcpQ3oK0b+g2eT7FZOziHsZSEdsVR/ssjDTlmgjXZI3VeyYTL/52TMi4V60Ecu7snMuZ+oZrrBjHc73WwQ1s68jAIZtjyVzraB0gOm9hj2p6vyLWEJNJFBizDN9V60KM9YQ0VOFVE74qYX8dJqWcaPMdbDVLWmGmcmNYOfFqWBDyEQ616qvbwZv+MzRYLgyv3Lk017dIFe43wusmJCTxb7bcwg7UDbGiE=; expires=Wed, 07 Aug 2019 22:48:21 GMT; max-age=7200; path=/; domain=.cheapoair.com; HttpOnly
akamai-x-true-edgecontrol-ttl
21600

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
Date
Wed, 07 Aug 2019 20:48:20 GMT
Connection
keep-alive
Set-Cookie
uid=MDVmNTdkMWNmNWY5OTNkYQ==; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.cheapoair.com fplocation=regioncode=EU; expires=Fri, 06-Sep-2019 20:48:20 GMT; path=/
Akamai-X-True-EdgeControl-TTL
-1
style2.min.css
c.fareportal.com/gcms/Portals/14/css/v2/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/Portals/14/css/v2/style2.min.css
Requested by
Host: m.cheapoair.com
URL: https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
2a030ff02349fa0a3a26e8f5315e5b0bdcbf3a066f66cbcf1863cb6cc728f6c5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 07 Aug 2019 20:48:22 GMT
content-encoding
gzip
last-modified
Wed, 26 Sep 2018 09:21:02 GMT
server
Akamai Resource Optimizer
status
200
etag
"9d81fbf26b1b87fcb32f7f5ec133e67a:1537953273"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
6255
scripts2.min.js
c.fareportal.com/gcms/Portals/14/js/v2/ 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/Portals/14/js/v2/scripts2.min.js
Requested by
Host: m.cheapoair.com
URL: https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
d6a5bc6ed5251699ccff8352a360bbbb26a191dce2ef549e1175c97b75df9c6f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 07 Aug 2019 20:48:22 GMT
content-encoding
gzip
last-modified
Wed, 07 Nov 2018 01:21:20 GMT
server
Akamai Resource Optimizer
status
200
etag
"443fc653d4f3e84134929f668e73ee90:1523971191"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
44011
DateTimeFormatHandler-full.min.js
c.fareportal.com/gcms/Portals/14/JS/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/Portals/14/JS/DateTimeFormatHandler-full.min.js
Requested by
Host: m.cheapoair.com
URL: https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
5c021e69e978863d34ecb45970fe1de126a24cd868c7ba6bd86f17b631a7bf1c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 07 Aug 2019 20:48:22 GMT
content-encoding
gzip
last-modified
Wed, 19 Sep 2018 10:15:13 GMT
server
Akamai Resource Optimizer
status
200
etag
"f0ba5cc85824ebb10ffae6c43a468f43:1523971187"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1751
AffiliateTracker.js
m.cheapoair.com/Js/ 		189 B
519 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.cheapoair.com/Js/AffiliateTracker.js
Requested by
Host: m.cheapoair.com
URL: https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.59.112 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-112.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3632401f2111d5c5017bfb607f304ad6083bedf28f157fd165ee4927eb3785da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 07 Aug 2019 20:48:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 07 Aug 2019 13:13:05 GMT
ntcoent-length
189
vary
Accept-Encoding
akamai-x-true-edgecontrol-ttl
-1
content-type
text/javascript
status
200
cache-control
private
request-context
appId=cid-v1:fdff3b71-713e-4271-90aa-84044588a38b
content-length
172
expires
Thu, 06 Aug 2020 13:13:05 GMT
commontracking.js
c.fareportal.com/gcms/portals/14/mweb/widget-opt/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/14/mweb/widget-opt/js/commontracking.js
Requested by
Host: m.cheapoair.com
URL: https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
1e11632175f1e978f92eef172d698e79f6b9d2992c470d2e32ebf13e2c8e424d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 07 Aug 2019 20:48:22 GMT
content-encoding
gzip
last-modified
Tue, 08 Jan 2019 08:42:34 GMT
server
Akamai Resource Optimizer
status
200
etag
"f7e396c85035188438390e4e3e42a068:1546936656"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1973
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: c.fareportal.com
URL: https://c.fareportal.com/gcms/Portals/14/js/v2/scripts2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 Jul 2019 21:35:27 GMT
server
Golfe2
age
5519
date
Wed, 07 Aug 2019 19:16:24 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="48,46,43,39"
content-length
17093
expires
Wed, 07 Aug 2019 21:16:24 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		95 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: m.cheapoair.com
URL: https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2019 20:48:23 GMT
content-encoding
gzip
content-md5
7JhCKwvLjoUoS5N/nN9LRA==
x-cache
HIT
status
200
content-length
21636
x-ms-lease-status
unlocked
last-modified
Tue, 11 Jun 2019 21:34:18 GMT
server
ECAcc (frc/8FA5)
etag
0x8D6EEB48F61B4AC
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
66845ed2-201e-00c6-0109-4d99d8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400, immutable
x-ms-version
2009-09-19
logo-coa.png
c.fareportal.com/gcms/portals/14/Images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/gcms/portals/14/Images/logo-coa.png
Requested by
Host: c.fareportal.com
URL: https://c.fareportal.com/gcms/Portals/14/js/v2/scripts2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c28b2a8a064937804bc8a4fc1702a5e28e9aaf8edfc039efcb9b53c8d83a30b0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://c.fareportal.com/gcms/Portals/14/css/v2/style2.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 07 Aug 2019 20:48:23 GMT
last-modified
Tue, 17 Apr 2018 13:06:32 GMT
server
Apache
etag
"d04c319dd9fe51ad3dc19ea05a4e0e8e:1523970876"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
3554
callCenter-banner.jpg
c.fareportal.com/gcms/portals/14/sem-includes/images/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/gcms/portals/14/sem-includes/images/callCenter-banner.jpg
Requested by
Host: c.fareportal.com
URL: https://c.fareportal.com/gcms/Portals/14/js/v2/scripts2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
17e3d1ebb9cee20a1f38f24b5e88b8c7e8fd8ea7e7789bdaf69fa184e21b4789

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 07 Aug 2019 20:48:23 GMT
last-modified
Tue, 17 Apr 2018 13:06:34 GMT
server
Apache
etag
"7098795e921acffc29287a9018cb26bd:1523971224"
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
45103
COA-font-icon.woff
c.fareportal.com/vd/coa/travel/r6/font/fonts/ 		164 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/vd/coa/travel/r6/font/fonts/COA-font-icon.woff?-mzq80y
Requested by
Host: c.fareportal.com
URL: https://c.fareportal.com/gcms/Portals/14/js/v2/scripts2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3fad79d315805f43f9bde04da5fc8b63670ac1bbc1a65247d701cd757f1025d1

Request headers

Sec-Fetch-Mode
cors
Referer
https://c.fareportal.com/gcms/Portals/14/css/v2/style2.min.css
Origin
https://m.cheapoair.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 07 Aug 2019 20:48:26 GMT
content-encoding
gzip
last-modified
Thu, 14 Dec 2017 23:40:06 GMT
server
Apache
status
200
etag
"7c70c9f97b90119725a8f6390c4bc9d3:1513856367"
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
90769
affiliatetracker
m.cheapoair.com/common/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.cheapoair.com/common/affiliatetracker?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217&callback=jQuery17105143163751636493_1565210903058&_=1565210903076
Requested by
Host: c.fareportal.com
URL: https://c.fareportal.com/gcms/Portals/14/js/v2/scripts2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.59.112 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-112.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
date
Wed, 07 Aug 2019 20:48:23 GMT
cache-control
private
x-content-type-options
nosniff
content-length
0
akamai-x-true-edgecontrol-ttl
-1
request-context
appId=cid-v1:fdff3b71-713e-4271-90aa-84044588a38b
affiliatetracker
m.cheapoair.com/common/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.cheapoair.com/common/affiliatetracker?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
Requested by
Host: c.fareportal.com
URL: https://c.fareportal.com/gcms/Portals/14/js/v2/scripts2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.59.112 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-59-112.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
date
Wed, 07 Aug 2019 20:48:23 GMT
cache-control
private
x-content-type-options
nosniff
content-length
0
akamai-x-true-edgecontrol-ttl
-1
request-context
appId=cid-v1:fdff3b71-713e-4271-90aa-84044588a38b
4182.js
dnn506yrbagrg.cloudfront.net/pages/scripts/0013/ 		0
0
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1054918340&utmhn=m.cheapoair.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Cal...
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-423411-14&cid=1576321799.1565210903&jid=234392594&_v=5.7.2dc&z=1054918340
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-423411-14&cid=1576321799.1565210903&jid=234392594&_v=5.7.2dc&z=1054918340&slf_rd=1&random=3900391141
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-423411-14&cid=1576321799.1565210903&jid=234392594&_v=5.7.2dc&z=1054918340&slf_rd=1&random=3900391141
Requested by
Host: m.cheapoair.com
URL: https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.cheapoair.com/flights/booknow/clicktocall?fpaffiliate=ret-coa-eenl-flight&tfn=1-888-828-4372&fpsub=mweb-flighttravellerstep_954596_t2_flight-apr2919-ctgn-954596-h2logo&utm_source=newsletter&utm_medium=email&utm_campaign=wednesdaynl&tag=h2logo&cmpid=954596&audid=56837217
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Aug 2019 20:48:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Aug 2019 20:48:23 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-423411-14&cid=1576321799.1565210903&jid=234392594&_v=5.7.2dc&z=1054918340&slf_rd=1&random=3900391141
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dnn506yrbagrg.cloudfront.net
URL
https://dnn506yrbagrg.cloudfront.net/pages/scripts/0013/4182.js?434780

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask string| _cdn function| getCookie function| setCookie object| _gaq function| ClickOutsideCheck object| LocalStorage object| FPSessionStorage function| AddMonth function| SubMonth object| FlightSearch undefined| closeDateDialog function| formatDate function| getURLParameters undefined| ValidateXSS function| CallAutoSuggest function| CallAutoSuggestForGeo function| selectOriginSuggestion function| selectDestinationSuggestion function| OpenSearchpage function| $ function| jQuery function| SubmitFlightRequest function| GetQuery function| ValidateMultiSearchDate function| DateTimeFormat function| dateFormat function| GetLastDayOfMonth function| addDays function| LastDayOfMonth function| LastDayOfCurrentMonth function| LastDayFromCurrentMonth function| getGDPRCookie undefined| script undefined| s object| appInsights function| QueryString function| goToDesktopSite function| SetLinkPopup undefined| _LP_CFG_ string| gdprdata object| dataLayer function| setGDPRCookie function| gdprBtnClick function| optimizelyLoad undefined| jQuery17105143163751636493_1565210903058 object| jQuery17105143163751636493 object| objDate string| q object| keyValuePairs object| _gat object| gaGlobal function| __extends object| Microsoft object| AI

0 Cookies