Submitted URL: http://www.cheapoair.ca/
Effective URL: https://www.cheapoair.ca/
Submission: On October 18 via manual from CA

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 38 HTTP transactions. The main IP is 104.109.73.209, located in Netherlands and belongs to AKAMAI-ASN1, US. The main domain is www.cheapoair.ca.
TLS certificate: Issued by GeoTrust RSA CA 2018 on September 11th 2019. Valid for: a year.
This is the only time www.cheapoair.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 26 104.109.73.209 20940 (AKAMAI-ASN1)
1 152.199.19.160 15133 (EDGECAST)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f00... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
38 7
Domain Requested by
18 c.fareportal.com www.cheapoair.ca
8 www.cheapoair.ca 1 redirects www.cheapoair.ca
az416426.vo.msecnd.net
5 www.google.com www.cheapoair.ca
www.gstatic.com
3 apis.google.com www.cheapoair.ca
apis.google.com
2 connect.facebook.net www.cheapoair.ca
connect.facebook.net
1 staticxx.facebook.com connect.facebook.net
1 www.gstatic.com www.google.com
1 az416426.vo.msecnd.net www.cheapoair.ca
38 8
Subject Issuer Validity Valid
www.fareportal.com
GeoTrust RSA CA 2018
2019-09-11 -
2020-12-10
a year crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2
2018-03-30 -
2020-03-30
2 years crt.sh
www.google.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-09-22 -
2019-12-20
3 months crt.sh
*.apis.google.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months crt.sh
*.google.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.cheapoair.ca/
Frame ID: F9833C9422AC8AA4A37F564D9A608736
Requests: 34 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 7018BD5BC4A3B94063F965B14BB5B608
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&co=aHR0cHM6Ly93d3cuY2hlYXBvYWlyLmNhOjQ0Mw..&hl=en&v=EQY1At-f1G9OIivZUYX73fK0&size=invisible&cb=5ricbikr9vbt
Frame ID: 683D259D63EC87BB292B6F2E8EF987E2
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&co=aHR0cHM6Ly93d3cuY2hlYXBvYWlyLmNhOjQ0Mw..&hl=en&v=EQY1At-f1G9OIivZUYX73fK0&size=invisible&cb=3z57pygt846l
Frame ID: 2DAEDB0A669D6206FE0A24956C98D1C3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=EQY1At-f1G9OIivZUYX73fK0&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&cb=5h6sazg7clr9
Frame ID: DFD25D37A1190D63F3720C74C4D3263B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=EQY1At-f1G9OIivZUYX73fK0&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&cb=uv87h62ojqpm
Frame ID: 268D09CEE04E9F693490C541AB265326
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.cheapoair.ca/ HTTP 301
    https://www.cheapoair.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

38
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

8
Subdomains

7
IPs

4
Countries

1142 kB
Transfer

3225 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.cheapoair.ca/ HTTP 301
    https://www.cheapoair.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.cheapoair.ca/
Redirect Chain
  • http://www.cheapoair.ca/
  • https://www.cheapoair.ca/
28 KB
8 KB
Document
General
Full URL
https://www.cheapoair.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f0fa6b027a667e139b3aeac12bd079f056312929ce5abc84860ce7e98416de80

Request headers

:method
GET
:authority
www.cheapoair.ca
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
cookie
uid=MTNmMzMyZjM5ZGJlYjU1Yw==; fplocation=regioncode=EU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
cache-control
private
content-type
text/html; charset=utf-8
server
Microsoft-IIS/8.5
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
cteonnt-length
28341
content-encoding
gzip
content-length
7759
date
Fri, 18 Oct 2019 12:17:20 GMT
vary
Accept-Encoding
set-cookie
ASP.NET_SessionId=jbppdt1hgbfwuu11yg5yl1js; path=/; HttpOnly FPTraveller=FPUserId=-3; domain=.cheapoair.ca; expires=Sun, 17-Nov-2019 13:17:20 GMT; path=/; secure NSC_difbqpbjs.db=40daa3d64e068ee2de0336d5a87599edadd740c3c2717c16b9c62e129aea6fdf48a54291;path=/;httponly ak_bmsc=DF98F3EE7919FB96A1455CA7B96ACEF30210B5957867000050ADA95D6378051E~plBUBhx0knruHkCUukYMDZOtvn0eJEz0tW5Q986M4ot5SzF2/UxfrzGs112THSIfLHBblAfEQaYekWxOkMH+a2MpVhAxXzWSenhjfDVB1FPD59/I41HNIDFy4aibQnfFOxRUufrlsFVGY4JVNCGIj0MaRFwNqcMpGD7xfPTgfG/XCTrzvM8EFY5rhTbUPQXrR1Ux8NmVn9DzcUItZ52dBBzoqgn6v+ucbjX/eENMWB33U=; expires=Fri, 18 Oct 2019 14:17:20 GMT; max-age=7200; path=/; domain=.cheapoair.ca; HttpOnly
akamai-x-true-edgecontrol-ttl
-1

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://www.cheapoair.ca/
Date
Fri, 18 Oct 2019 12:17:20 GMT
Connection
keep-alive
Set-Cookie
uid=MTNmMzMyZjM5ZGJlYjU1Yw==; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.cheapoair.ca fplocation=regioncode=EU; expires=Sun, 17-Nov-2019 12:17:20 GMT; path=/
Akamai-X-True-EdgeControl-TTL
-1
vendors.min.css
www.cheapoair.ca/app/build/css/
119 KB
23 KB
Stylesheet
General
Full URL
https://www.cheapoair.ca/app/build/css/vendors.min.css?ver=1.0
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2ad9ffff987c6137721875db114fc341c823de65faf2d8544e57689f6861f03d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cteonnt-length
121972
date
Fri, 18 Oct 2019 12:17:21 GMT
content-encoding
gzip
last-modified
Wed, 21 Aug 2019 13:50:15 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
etag
"33c84f5c2758d51:0"
vary
Accept-Encoding
akamai-x-true-edgecontrol-ttl
-1
content-type
text/css
status
200
cache-control
private
accept-ranges
bytes
content-length
23200
appall.min.css
www.cheapoair.ca/app/build/css/
178 KB
43 KB
Stylesheet
General
Full URL
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.46
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7182d7f952150c4639f55ca29235df44d002a34c57d65536110590d3fe12216c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cteonnt-length
182352
date
Fri, 18 Oct 2019 12:17:21 GMT
content-encoding
gzip
last-modified
Wed, 21 Aug 2019 13:50:15 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
etag
"d2654d5c2758d51:0"
vary
Accept-Encoding
akamai-x-true-edgecontrol-ttl
-1
content-type
text/css
status
200
cache-control
private
accept-ranges
bytes
content-length
44143
deals.min.css
c.fareportal.com/vd/ca/travel/r6/css/production/
8 KB
2 KB
Stylesheet
General
Full URL
https://c.fareportal.com/vd/ca/travel/r6/css/production/deals.min.css
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
c6cfcf5127d030916b6473b781d24ddc8cfe839cac11e654f8c04f8b44bca2dc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:21 GMT
content-encoding
br
last-modified
Fri, 18 Oct 2019 11:58:19 GMT
server
Akamai Resource Optimizer
status
200
etag
"47b2668d1e6beeb548827c6fcb789d9f:1571293938"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1368
vendors.min.js
www.cheapoair.ca/app/build/js/
623 KB
189 KB
Script
General
Full URL
https://www.cheapoair.ca/app/build/js/vendors.min.js
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e8b24116788504154eb373d3606d7145427bf745ed76187fd4594685d80735d9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cteonnt-length
638039
date
Fri, 18 Oct 2019 12:17:21 GMT
content-encoding
gzip
last-modified
Wed, 21 Aug 2019 13:50:15 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
etag
"9e28525c2758d51:0"
vary
Accept-Encoding
akamai-x-true-edgecontrol-ttl
-1
content-type
application/x-javascript
status
200
cache-control
private
accept-ranges
bytes
appall.min.js
www.cheapoair.ca/app/build/js/
863 KB
159 KB
Script
General
Full URL
https://www.cheapoair.ca/app/build/js/appall.min.js?ver=2.55
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
487f66e9280df9daa1f67da7c333b877df9d35516d28e907b8fd2fa761981920

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cteonnt-length
883345
date
Fri, 18 Oct 2019 12:17:21 GMT
content-encoding
gzip
last-modified
Wed, 21 Aug 2019 13:50:15 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
etag
"33c84f5c2758d51:0"
vary
Accept-Encoding
akamai-x-true-edgecontrol-ttl
-1
content-type
application/x-javascript
status
200
cache-control
private
accept-ranges
bytes
tracker-0.1.min.js
c.fareportal.com/vd/coa/travel/travel_resources/resources/js/
10 KB
2 KB
Script
General
Full URL
https://c.fareportal.com/vd/coa/travel/travel_resources/resources/js/tracker-0.1.min.js
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
5760fbdd8d47b7dda07922adcc6c5d73e5c46068ad29c861bdd958b28f6ce1ca

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:20 GMT
content-encoding
br
last-modified
Tue, 24 Sep 2019 03:56:36 GMT
server
Akamai Resource Optimizer
status
200
etag
"a6e0022407c2e6e091f309e2ec0e56dd:1513858918"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1854
ai.0.js
az416426.vo.msecnd.net/scripts/a/
95 KB
21 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8C8A) /
Resource Hash
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Oct 2019 12:17:21 GMT
content-encoding
gzip
content-md5
7JhCKwvLjoUoS5N/nN9LRA==
x-cache
HIT
status
200
content-length
21636
x-ms-lease-status
unlocked
last-modified
Tue, 11 Jun 2019 21:34:18 GMT
server
ECAcc (lha/8C8A)
etag
0x8D6EEB48F61B4AC
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9508cd00-001e-0070-719d-859720000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400, immutable
x-ms-version
2009-09-19
dealsJson.json
c.fareportal.com/vd/ca/travel/js/
13 KB
14 KB
XHR
General
Full URL
https://c.fareportal.com/vd/ca/travel/js/dealsJson.json
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6f0d4eea1799aae4b6b466a8e0145b633b51d1c3a7957ace4dd8215f5f65faf8

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Oct 2019 12:17:22 GMT
last-modified
Fri, 18 Oct 2019 11:22:12 GMT
server
Apache
etag
"fac3647baecfefae219eef6a69b15a45:1571397757"
status
200
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
13648
ca-logo.gif
c.fareportal.com/vd/ca/travel/r6/images/
3 KB
4 KB
Image
General
Full URL
https://c.fareportal.com/vd/ca/travel/r6/images/ca-logo.gif
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9c9fad7f1b0e691be9fa27a5767b84dac1fceee560686192317b010dc4f53252

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.46
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:22 GMT
last-modified
Thu, 14 Dec 2017 23:27:52 GMT
server
Apache
etag
"7a5394e8cfd544aa4f57dd4a79e3858e:1513859756"
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
3533
canada-flag.jpg
c.fareportal.com/vd/ca/travel/r6/images/
1 KB
1 KB
Image
General
Full URL
https://c.fareportal.com/vd/ca/travel/r6/images/canada-flag.jpg
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f967e7256f7d407e4c2b0de827904f9a48be9aed4692c808ef8a0b2e46d823a9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.46
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:22 GMT
last-modified
Mon, 29 Jul 2019 11:37:46 GMT
server
Apache
etag
"968fc638f6dbba2d898682c9b5822959:1564400377"
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1032
home-sprite.png
c.fareportal.com/vd/ca/travel/r6/images/
12 KB
12 KB
Image
General
Full URL
https://c.fareportal.com/vd/ca/travel/r6/images/home-sprite.png
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c5bebc29cbd6f75e9c4556855ec082ea11197a97f268ad52715d7995615928f8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.46
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:22 GMT
last-modified
Thu, 14 Dec 2017 23:27:52 GMT
server
Apache
etag
"6bbf95c878a5ee71bacfd6a5212ca5a3:1513859758"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
11835
calus247n.png
c.fareportal.com/vd/coa/travel/r6/images/
14 KB
14 KB
Image
General
Full URL
https://c.fareportal.com/vd/coa/travel/r6/images/calus247n.png
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
14fc4046b61fcc54838eefd1368870d738b56b810a0da4375062786bebf9a86f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.46
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:22 GMT
last-modified
Thu, 14 Dec 2017 23:40:06 GMT
server
Apache
etag
"1c999a2b54562ad48382288352aa7c22:1513856370"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
14429
herobanner-slide1.jpg
c.fareportal.com/vd/ca/travel/r6/images/
127 KB
127 KB
Image
General
Full URL
https://c.fareportal.com/vd/ca/travel/r6/images/herobanner-slide1.jpg
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
896fb1331239af998032d12f557be903acfbdfcb469b928a88fdf2c33e2e3c80

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.46
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:22 GMT
last-modified
Thu, 14 Dec 2017 23:27:52 GMT
server
Apache
etag
"b8e379323bd746d8a2a8b0e2630cf820:1513859758"
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
130018
proudlycanadian.jpg
c.fareportal.com/vd/ca/travel/r6/images/
6 KB
6 KB
Image
General
Full URL
https://c.fareportal.com/vd/ca/travel/r6/images/proudlycanadian.jpg
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e51c063f5fa27a17e52d75edbf9d52efb28da0ad1e7db9d086c97b11ced4b69b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.46
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:22 GMT
last-modified
Mon, 29 Jul 2019 11:35:46 GMT
server
Apache
etag
"afecde3c8b05a1c1e9328551cd0673d0:1564400161"
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
6148
home-sprite.png
c.fareportal.com/vd/coa/travel/r6/images/
18 KB
19 KB
Image
General
Full URL
https://c.fareportal.com/vd/coa/travel/r6/images/home-sprite.png
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e6c753b1150ac4a20658949932fdf26041a78f8d836e2fb68983793a798011cd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.46
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:22 GMT
last-modified
Thu, 14 Dec 2017 23:40:07 GMT
server
Apache
etag
"a4f8ffcd59f944054834671424e49f96:1513856373"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
18769
COA-font-icon.woff
c.fareportal.com/vd/coa/travel/r6/font/fonts/
164 KB
89 KB
Font
General
Full URL
https://c.fareportal.com/vd/coa/travel/r6/font/fonts/COA-font-icon.woff?9waahs
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3fad79d315805f43f9bde04da5fc8b63670ac1bbc1a65247d701cd757f1025d1

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.cheapoair.ca/app/build/css/vendors.min.css?ver=1.0
Origin
https://www.cheapoair.ca
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:22 GMT
content-encoding
gzip
last-modified
Thu, 14 Dec 2017 23:40:06 GMT
server
Apache
status
200
etag
"7c70c9f97b90119725a8f6390c4bc9d3:1513856367"
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
90769
mobile.png
c.fareportal.com/vd/ca/travel/home-r1/img/
6 KB
6 KB
Image
General
Full URL
https://c.fareportal.com/vd/ca/travel/home-r1/img/mobile.png
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
51bc001ab83531c5951d35dca1eddec1272e82a352aab2650b77cff44f6f54b3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:22 GMT
last-modified
Thu, 14 Dec 2017 23:27:51 GMT
server
Apache
etag
"56c6bf92a71d8882b9549f6db9465931:1513859345"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
5819
truncated
/
11 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e45d2a55a140ce64414fe4dae02b736f587002cf4be37a9d7843834e0d37a0a4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
cta_load01.gif
c.fareportal.com/vd/coa/travel/r6/images/
2 KB
2 KB
Image
General
Full URL
https://c.fareportal.com/vd/coa/travel/r6/images/cta_load01.gif
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
67c2d66515aab5829677fa0c6a6b249e3c3dff1ede2ab43b68198991e1a26bb1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.46
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:22 GMT
last-modified
Thu, 14 Dec 2017 23:40:06 GMT
server
Apache
etag
"d8f9f017c9733ff6bbca579f5276a043:1513856371"
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1715
rating-sprite.png
c.fareportal.com/gcms/portals/3/responsive-b3/img/
2 KB
2 KB
Image
General
Full URL
https://c.fareportal.com/gcms/portals/3/responsive-b3/img/rating-sprite.png
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8f30adfbbf2de1c952d6f1aceb31ab1be514853ebfa63cc1c4efd7bcc646c847

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.46
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:22 GMT
last-modified
Tue, 22 Jul 2014 14:50:00 GMT
server
Apache
etag
"c4e59d3512b53827400afc580b0fcca2:1406040600"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
2129
sprite-logo-car.png
c.fareportal.com/vd/ca/travel/r6/images/
66 KB
66 KB
Image
General
Full URL
https://c.fareportal.com/vd/ca/travel/r6/images/sprite-logo-car.png?ver=1.0
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2ffa34d13eb69a35bb63cda1915cb698976fa1d1051d664a3a12ad2703c77465

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.46
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:22 GMT
last-modified
Thu, 14 Dec 2017 23:27:52 GMT
server
Apache
etag
"03fc6ef53aa3cfafaf4a36ebc177bc7f:1513859759"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
67376
montreal.jpg
c.fareportal.com/vd/ca/travel/r6/images/flights-deals/
27 KB
27 KB
Image
General
Full URL
https://c.fareportal.com/vd/ca/travel/r6/images/flights-deals/montreal.jpg
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
39e15d8cf38a64ab61a970a4ce235eafdb449512020b9412598ed6a7432ff7b2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:22 GMT
last-modified
Thu, 14 Dec 2017 23:27:52 GMT
server
Apache
etag
"879e3cc99d75ea312939176d35df042c:1513859770"
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
27574
airlines-sprite-new.png
c.fareportal.com/vd/ca/travel/r6/images/
29 KB
29 KB
Image
General
Full URL
https://c.fareportal.com/vd/ca/travel/r6/images/airlines-sprite-new.png
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5517761f15f4a9b1185eb01eb8b5083339ad9f26df471c4053ef992ea4f42f0d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:22 GMT
last-modified
Wed, 16 Oct 2019 15:43:36 GMT
server
Apache
etag
"64e49111878d3ad82cc794a598d713ac:1571240721"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
29488
api.js
www.google.com/recaptcha/
729 B
560 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
75511c5bc749c610b2c9aa02564cf2b0aa109417410622ae8eb8e112f7c689b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
467
x-xss-protection
1; mode=block
expires
Fri, 18 Oct 2019 12:17:22 GMT
all.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
2e96ffd180ba319075d61b9da27dc8a63bf721be192fd9327259177a622d0b38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
rpPESMG+n3Zyk2HcrqVl8A==
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
1779
etag
"8c8b8ffec5464638d9f3080c21035b11"
x-fb-debug
RgUub66GXUdp4tDEEgB22PX0xUFA6pvLteKV3ih+V7YgJR+mGnf98t5SeQ4I2aoQFfxq/U5/HEdXNiysG9m3SQ==
x-fb-trip-id
2112188456
x-fb-content-md5
b7c2bfd7378709a51dddbd9b83baf1fd
x-frame-options
DENY
date
Fri, 18 Oct 2019 12:17:22 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 18 Oct 2019 12:31:59 GMT
client.js
apis.google.com/js/
13 KB
5 KB
Script
General
Full URL
https://apis.google.com/js/client.js?onload=googleApiLoaded
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
de1bd7045de175bfd858485f1cb48a0f3bac7a8cfb1422b350c3f36792aae8d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-Sbgn1FPqHenNhKncjgJX7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"500d7adbb54a1d1fd24f75d1e29968b3"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Fri, 18 Oct 2019 12:17:22 GMT
platform.js
apis.google.com/js/
48 KB
18 KB
Script
General
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3752aa6373c6cffb52d27da513bdd2f0b543bbe61b3ae7d56fd0c27c74367fd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-ZPQBrpzQVbey7bWM3tgiPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"81efe93b9bed00d1a4c29abf7e8b0375"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Fri, 18 Oct 2019 12:17:22 GMT
searchpopunder.min.js
www.cheapoair.ca/travel/r6/widget/js/
6 KB
3 KB
Script
General
Full URL
https://www.cheapoair.ca/travel/r6/widget/js/searchpopunder.min.js?ver=1.12
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
466bd07430de6b0f3e002cc091dbeb17a2f5bdb8bd8641aa18ec21ae8ab7f07e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cteonnt-length
5729
date
Fri, 18 Oct 2019 12:17:22 GMT
content-encoding
gzip
last-modified
Wed, 04 Oct 2017 12:06:13 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
etag
"53d672c93dd31:0"
vary
Accept-Encoding
akamai-x-true-edgecontrol-ttl
-1
content-type
application/x-javascript
status
200
cache-control
private
accept-ranges
bytes
content-length
2241
AnonymousUserTracking-live.js
c.fareportal.com/vd/ca/travel/r6/js/
4 KB
1 KB
Script
General
Full URL
https://c.fareportal.com/vd/ca/travel/r6/js/AnonymousUserTracking-live.js?ver=1.0
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
4112540152b1eb21246841fdd716e6e8b8f01131847b9ea5e32284ae3937816e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:17:22 GMT
content-encoding
br
last-modified
Mon, 16 Sep 2019 10:45:14 GMT
server
Akamai Resource Optimizer
status
200
etag
"7bae1c1331599761eda3e45d4c272421:1529651786"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1054
all.js
connect.facebook.net/en_US/
186 KB
55 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js?hash=17a665f7faf7e5b9cf71d480db998b61&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
81006f6ded58a0933a4c68c5fdc8c2d9aa431cda6fd29e96d902ac3e8bfebb35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.cheapoair.ca/
Origin
https://www.cheapoair.ca
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
/lhktdmS8JIoHdrkJWfOUQ==
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
56402
etag
"940c42541d9d4a76c240d7a20196f7c8"
x-fb-debug
bmzP7Z/jRUCw86TcVLtuVp0Yb44yRiGSkY+8nZeHNMq9UYa550hFbp1bAKaUOvIbSY/M0fNq5qRg5qlsTpHYhQ==
x-fb-trip-id
1970646000
x-fb-content-md5
5c348f14acccbc153876328f2f94a677
x-frame-options
DENY
date
Fri, 18 Oct 2019 12:17:22 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Sat, 17 Oct 2020 11:01:51 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/EQY1At-f1G9OIivZUYX73fK0/
253 KB
90 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/EQY1At-f1G9OIivZUYX73fK0/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4bcb051edd52ea0e431cd13fba90fbe8e1be661ff78171d51025c7e4c1c23723
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:22:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Oct 2019 04:05:17 GMT
server
sffe
age
330917
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
92260
x-xss-protection
0
expires
Tue, 13 Oct 2020 16:22:05 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/
287 KB
99 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=googleApiLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
66a0b2283ca6af83098411b1427182d52615727bc51d7feba1bceab69aa2b72d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 17:22:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2019 21:58:06 GMT
server
sffe
age
586500
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
101118
x-xss-protection
0
expires
Sat, 10 Oct 2020 17:22:22 GMT
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 7018
0
0
Document
General
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=17a665f7faf7e5b9cf71d480db998b61&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.cheapoair.ca/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.cheapoair.ca/

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Fri, 16 Oct 2020 20:01:45 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
yMjx0gPThBrY5rdqnqLFjc1Orv/s32yUS2T6u6ZBdF9vcQK7Uz+VfXGE/1fa0qbCiedAH+iTUyhwJFqkzTovMA==
content-length
11615
x-fb-trip-id
2112188456
date
Fri, 18 Oct 2019 12:17:22 GMT
alt-svc
h3-23=":443"; ma=3600
AnonymousUser
www.cheapoair.ca/profiles/publicapi/v1/
17 B
572 B
XHR
General
Full URL
https://www.cheapoair.ca/profiles/publicapi/v1/AnonymousUser
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.73.209 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-73-209.deploy.static.akamaitechnologies.com
Software
nginx / GlobalCMS
Resource Hash
19ac4994e6efe6f592560e8bef74af475923c32931d45e3a099d0734def99c70
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.cheapoair.ca/
X-DomainId
93
Request-Id
|lU4uW.eWaym
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 18 Oct 2019 12:17:23 GMT
x-content-type-options
nosniff
x-machinestamp
CRM-1-NJ-103-80
server
nginx
x-powered-by
GlobalCMS
status
200
akamai-x-true-edgecontrol-ttl
-1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cheapoair.ca
expires
Thu, 17 Oct 2019 12:17:22 GMT
cache-control
no-cache, public
x-proxy-server
nginx-7
content-length
17
request-context
appId=cid-v1:02a21fc1-779e-4c77-b239-6fe6d6034e38
anchor
www.google.com/recaptcha/api2/ Frame 683D
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&co=aHR0cHM6Ly93d3cuY2hlYXBvYWlyLmNhOjQ0Mw..&hl=en&v=EQY1At-f1G9OIivZUYX73fK0&size=invisible&cb=5ricbikr9vbt
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/EQY1At-f1G9OIivZUYX73fK0/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-+lwQnaPUsbm3A8gXGGAM8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&co=aHR0cHM6Ly93d3cuY2hlYXBvYWlyLmNhOjQ0Mw..&hl=en&v=EQY1At-f1G9OIivZUYX73fK0&size=invisible&cb=5ricbikr9vbt
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.cheapoair.ca/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.cheapoair.ca/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 18 Oct 2019 12:17:23 GMT
content-security-policy
script-src 'report-sample' 'nonce-+lwQnaPUsbm3A8gXGGAM8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
8945
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
anchor
www.google.com/recaptcha/api2/ Frame 2DAE
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&co=aHR0cHM6Ly93d3cuY2hlYXBvYWlyLmNhOjQ0Mw..&hl=en&v=EQY1At-f1G9OIivZUYX73fK0&size=invisible&cb=3z57pygt846l
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/EQY1At-f1G9OIivZUYX73fK0/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ziI0KAm1X8AgNMhKgbp7RA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&co=aHR0cHM6Ly93d3cuY2hlYXBvYWlyLmNhOjQ0Mw..&hl=en&v=EQY1At-f1G9OIivZUYX73fK0&size=invisible&cb=3z57pygt846l
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.cheapoair.ca/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.cheapoair.ca/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 18 Oct 2019 12:17:23 GMT
content-security-policy
script-src 'report-sample' 'nonce-ziI0KAm1X8AgNMhKgbp7RA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
8885
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
bframe
www.google.com/recaptcha/api2/ Frame DFD2
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=EQY1At-f1G9OIivZUYX73fK0&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&cb=5h6sazg7clr9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/EQY1At-f1G9OIivZUYX73fK0/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1j4JOopYkj/GlXUaZTbyxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=EQY1At-f1G9OIivZUYX73fK0&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&cb=5h6sazg7clr9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.cheapoair.ca/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.cheapoair.ca/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 18 Oct 2019 12:17:23 GMT
content-security-policy
script-src 'report-sample' 'nonce-1j4JOopYkj/GlXUaZTbyxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1136
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
bframe
www.google.com/recaptcha/api2/ Frame 268D
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=EQY1At-f1G9OIivZUYX73fK0&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&cb=uv87h62ojqpm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/EQY1At-f1G9OIivZUYX73fK0/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Z+UFAFdJY68OW9zDr9//5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=EQY1At-f1G9OIivZUYX73fK0&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&cb=uv87h62ojqpm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.cheapoair.ca/
accept-encoding
gzip, deflate, br
cookie
1P_JAR=2019-10-18-12; NID=189=WpWfzm2L2xNMJE6M2a670lzNciQOVWrNMCLzKRgKVlNWjYuyalexxhKvU_nRSA0sdUuwQVBAkdPlIjs7u9xauhvjgsLF9dnyMRKK3hiuCrkNI6rsMMJWxdTwWBUoh2m23qoJJpECVe8Y0z6RZ5t9dNcJbj82OX-wgH8tkP6Uqh4; CONSENT=WP.27f679
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.cheapoair.ca/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 18 Oct 2019 12:17:23 GMT
content-security-policy
script-src 'report-sample' 'nonce-Z+UFAFdJY68OW9zDr9//5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1144
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| header boolean| isGDPR string| dynamicPhoneNumber undefined| ieVersion boolean| isPlaceholderSupported function| getCookie function| invokeOptimizely boolean| loadExtremeSearch boolean| disableGeoLocation boolean| isIOSMobileDevice boolean| isMobileDevice function| $ function| jQuery object| jQuery19108487987192235891 object| Ember object| Em object| SimpleAuth boolean| isSTAOff object| hasGdpr function| handleUserLoggedInProfiles function| UserException function| parseUTCDate function| decodeHashDate function| HashTable function| isLocalStorageSupported function| FpNotificationService function| connectToLogServer function| sendMessageToQueue function| EventBus object| App number| secs number| mins number| hours function| dateFormat function| cookie object| globalMessage object| boundAttributeKeys function| computed function| on object| ENV object| coa_errors function| report_error function| getErrObj object| fp_logger object| GTMFlight object| GTMHotel object| GTMCar object| GTMPackage object| GTMXSell object| gaEventTracking object| GTMContainer function| cachedScript function| loadScriptAsync function| onWindowLoadEvent function| invokeGTMContainer function| fbAsyncInit function| toggleThis string| sessionId function| __extends object| Microsoft object| AI object| FB object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| gapi object| ___jsl object| gadgets object| osapi object| shindig object| googleapis object| oauth2 object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ string| anonymousUserServiceUrl string| anonymousUserCookieLife string| userPortalID function| CreateNewUnknowUser function| UpdateLastVisitforUnknowUser function| CallHandlerForUpdatingUserSession function| getCookieAnonymous function| deleteCookieAnonymous function| createCookieAnonymous function| ParseCookieAnonymous function| jsPopunder object| signupPopUnder object| closure_lm_527347

2 Cookies

Domain/Path Name / Value
www.cheapoair.ca/ Name: ai_user
Value: XQ+8v|2019-10-18T12:17:22.637Z
.cheapoair.ca/ Name: cpcl
Value: Fri Oct 18 2019 14:17:22 GMT+0200 (Central European Summer Time)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
az416426.vo.msecnd.net
c.fareportal.com
connect.facebook.net
staticxx.facebook.com
www.cheapoair.ca
www.google.com
www.gstatic.com
104.109.73.209
152.199.19.160
2a00:1450:4001:815::200e
2a00:1450:4001:816::2003
2a00:1450:4001:820::2004
2a03:2880:f007:8:face:b00c:0:1
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e
14fc4046b61fcc54838eefd1368870d738b56b810a0da4375062786bebf9a86f
19ac4994e6efe6f592560e8bef74af475923c32931d45e3a099d0734def99c70
2ad9ffff987c6137721875db114fc341c823de65faf2d8544e57689f6861f03d
2e96ffd180ba319075d61b9da27dc8a63bf721be192fd9327259177a622d0b38
2ffa34d13eb69a35bb63cda1915cb698976fa1d1051d664a3a12ad2703c77465
3752aa6373c6cffb52d27da513bdd2f0b543bbe61b3ae7d56fd0c27c74367fd2
39e15d8cf38a64ab61a970a4ce235eafdb449512020b9412598ed6a7432ff7b2
3fad79d315805f43f9bde04da5fc8b63670ac1bbc1a65247d701cd757f1025d1
4112540152b1eb21246841fdd716e6e8b8f01131847b9ea5e32284ae3937816e
466bd07430de6b0f3e002cc091dbeb17a2f5bdb8bd8641aa18ec21ae8ab7f07e
487f66e9280df9daa1f67da7c333b877df9d35516d28e907b8fd2fa761981920
4bcb051edd52ea0e431cd13fba90fbe8e1be661ff78171d51025c7e4c1c23723
51bc001ab83531c5951d35dca1eddec1272e82a352aab2650b77cff44f6f54b3
5517761f15f4a9b1185eb01eb8b5083339ad9f26df471c4053ef992ea4f42f0d
5760fbdd8d47b7dda07922adcc6c5d73e5c46068ad29c861bdd958b28f6ce1ca
66a0b2283ca6af83098411b1427182d52615727bc51d7feba1bceab69aa2b72d
67c2d66515aab5829677fa0c6a6b249e3c3dff1ede2ab43b68198991e1a26bb1
6f0d4eea1799aae4b6b466a8e0145b633b51d1c3a7957ace4dd8215f5f65faf8
7182d7f952150c4639f55ca29235df44d002a34c57d65536110590d3fe12216c
75511c5bc749c610b2c9aa02564cf2b0aa109417410622ae8eb8e112f7c689b8
81006f6ded58a0933a4c68c5fdc8c2d9aa431cda6fd29e96d902ac3e8bfebb35
896fb1331239af998032d12f557be903acfbdfcb469b928a88fdf2c33e2e3c80
8f30adfbbf2de1c952d6f1aceb31ab1be514853ebfa63cc1c4efd7bcc646c847
9c9fad7f1b0e691be9fa27a5767b84dac1fceee560686192317b010dc4f53252
c5bebc29cbd6f75e9c4556855ec082ea11197a97f268ad52715d7995615928f8
c6cfcf5127d030916b6473b781d24ddc8cfe839cac11e654f8c04f8b44bca2dc
de1bd7045de175bfd858485f1cb48a0f3bac7a8cfb1422b350c3f36792aae8d5
e45d2a55a140ce64414fe4dae02b736f587002cf4be37a9d7843834e0d37a0a4
e51c063f5fa27a17e52d75edbf9d52efb28da0ad1e7db9d086c97b11ced4b69b
e6c753b1150ac4a20658949932fdf26041a78f8d836e2fb68983793a798011cd
e8b24116788504154eb373d3606d7145427bf745ed76187fd4594685d80735d9
f0fa6b027a667e139b3aeac12bd079f056312929ce5abc84860ce7e98416de80
f967e7256f7d407e4c2b0de827904f9a48be9aed4692c808ef8a0b2e46d823a9