urlscan.io logo urlscan.io
SecurityTrails logo

bookings.saveontravel.co.za Open in urlscan Pro
188.42.196.67  Public Scan

Go To Rescan Add Verdict Report
URL: https://bookings.saveontravel.co.za/
Submission: On June 11 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 7 domains to perform 33 HTTP transactions. The main IP is 188.42.196.67, located in Luxembourg and belongs to SERVERS-COM, US. The main domain is bookings.saveontravel.co.za.
TLS certificate: Issued by R3 on June 11th 2023. Valid for: 3 months.
This is the only time bookings.saveontravel.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 188.42.196.67 7979 (SERVERS-COM)
7 68.66.248.14 55293 (A2HOSTING)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 5 172.255.224.36 7979 (SERVERS-COM)
4 23.108.212.76 7979 (SERVERS-COM)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 185.106.81.236 7979 (SERVERS-COM)
1 2001:4860:480... 15169 (GOOGLE)
33 11
11    188.42.196.67 (Luxembourg)

ASN7979 (SERVERS-COM, US)
bookings.saveontravel.co.za
7    68.66.248.14 (United States)

ASN55293 (A2HOSTING, US)
PTR: nl1-sr2.supercp.com
saveontravel.co.za
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700:20::681a:677 (United States)

ASN13335 (CLOUDFLARENET, US)
st.avsplow.com
5    172.255.224.36 (Netherlands)

ASN7979 (SERVERS-COM, US)
www.travelpayouts.com
travelpayouts.com
4    23.108.212.76 (Netherlands)

ASN7979 (SERVERS-COM, US)
mamka.aviasales.ru
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    185.106.81.236 (Netherlands)

ASN7979 (SERVERS-COM, US)
avsplow.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
18 saveontravel.co.za
bookings.saveontravel.co.za
saveontravel.co.za
1 MB
5 travelpayouts.com
www.travelpayouts.com — Cisco Umbrella Rank: 148975
travelpayouts.com — Cisco Umbrella Rank: 110389
25 KB
4 aviasales.ru
mamka.aviasales.ru — Cisco Umbrella Rank: 825627
1 KB
3 avsplow.com
st.avsplow.com — Cisco Umbrella Rank: 269284
avsplow.com — Cisco Umbrella Rank: 193654
15 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 57
region1.google-analytics.com — Cisco Umbrella Rank: 1892
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
135 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 263
17 KB
33 7
Domain Requested by
11 bookings.saveontravel.co.za bookings.saveontravel.co.za
7 saveontravel.co.za bookings.saveontravel.co.za
4 mamka.aviasales.ru bookings.saveontravel.co.za
4 www.travelpayouts.com bookings.saveontravel.co.za
2 avsplow.com 1 redirects bookings.saveontravel.co.za
2 www.googletagmanager.com bookings.saveontravel.co.za
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 travelpayouts.com 1 redirects
1 www.google-analytics.com www.googletagmanager.com
1 st.avsplow.com bookings.saveontravel.co.za
1 cdnjs.cloudflare.com bookings.saveontravel.co.za
33 11

This site contains links to these domains. Also see Links.

Domain
saveontravel.co.za
www.travelpayouts.com
Subject Issuer Validity Valid
bookings.saveontravel.co.za
R3		 2023-06-11 -
2023-09-09		 3 months crt.sh
saveontravel.co.za
cPanel, Inc. Certification Authority		 2023-05-29 -
2023-08-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
travelpayouts.com
R3		 2023-04-27 -
2023-07-26		 3 months crt.sh
*.aviasales.ru
AlphaSSL CA - SHA256 - G2		 2022-08-22 -
2023-09-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://bookings.saveontravel.co.za/
Frame ID: E8DAF7C07784788160DAD25819A4E029
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Search Flights and Hotels

Detected technologies

Overall confidence: 100%
Detected patterns
  • rollbar\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

33
Requests

94 %
HTTPS

50 %
IPv6

7
Domains

11
Subdomains

11
IPs

4
Countries

1269 kB
Transfer

4356 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%22widget_id%22%3A%22whitelabel_en%22%2C%22trace_id%22%3A%22Zz5e1d6a9c7eb44cf2bbd5685-453348%22%2C%22promo_id%22%3A%224238%22%7D%7D%5D%7D HTTP 302
  • https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_en%22,%22trace_id%22:%22Zz5e1d6a9c7eb44cf2bbd5685-453348%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
Request Chain 28
  • https://travelpayouts.com/powered_by/powered_by.js HTTP 301
  • https://www.travelpayouts.com/powered_by/powered_by.js

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bookings.saveontravel.co.za/ 		22 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
b412f5fe426412ff76ffd698256bfe826a95a523a7f9b88d125d5627cc1b8d5d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 11 Jun 2023 15:23:38 GMT
x-request-id
013d91c3858cba8899bb08d71ec82235
whitelabel_en.js
bookings.saveontravel.co.za/widgets/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.saveontravel.co.za/widgets/whitelabel_en.js?v=002&rtl=false&locale=en
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
770543f5bf1c4d8efdeea3be4b7e46cea38bbb5ab9aaadebbf69de41d1e307b1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 15:23:38 GMT
content-encoding
br
content-type
application/javascript
cache-control
private, max-age=0
x-robots-tag
noindex
timing-allow-origin
*
link
</mewtwo/styles.css?locale=en&rtl=false&v=002>; rel=preload; as=style, </widgets_static/whitelabel_en.js?locale=en&rtl=false&v=002>; rel=preload; as=script
x-promo-id
4238
x-request-id
e49b5882704e73346974ff18cebce198
main.en.js
bookings.saveontravel.co.za/ 		769 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.saveontravel.co.za/main.en.js
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4bcf0379a06c72050ed2c97b4b05548b3d5afc5a134443740c0fd12c45bfef89

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 15:23:38 GMT
content-encoding
gzip
last-modified
Sunday, 11-Jun-2023 15:23:38 UTC
etag
W/"6474829e-c05d2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
x-request-id
a3f8590508f60f29ed263d2116acd651
expires
Sun, 11 Jun 2023 15:53:38 GMT
main.css
bookings.saveontravel.co.za/ 		2 MB
543 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bookings.saveontravel.co.za/main.css
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
74e6bef4338984a52b3d820a81fc350095c5c9f091ceae336dbf88f93daee68c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 15:23:38 GMT
content-encoding
gzip
last-modified
Sunday, 11-Jun-2023 15:23:38 UTC
etag
W/"6474819e-1baa30"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
x-request-id
a5cd60157f0c23f23ebd95246b4114c3
expires
Sun, 11 Jun 2023 15:53:38 GMT
header_01.jpg
saveontravel.co.za/header/ 		24 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saveontravel.co.za/header/header_01.jpg
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.66.248.14 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
nl1-sr2.supercp.com
Software
Apache /
Resource Hash
23d1879388a61d5013da4358efdb9b2d1c14ebe87575311285c2fd1df25020b4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Jun 2023 15:23:38 GMT
last-modified
Sun, 11 Jun 2023 11:44:35 GMT
server
Apache
etag
"3cec65-61ba-5fdd92054ddd7-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
23131
header_02.jpg
saveontravel.co.za/header/ 		8 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saveontravel.co.za/header/header_02.jpg
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.66.248.14 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
nl1-sr2.supercp.com
Software
Apache /
Resource Hash
691645b6c9d6dd7ae7f4acbafd11370c11486fffb4f845e874212f60ab5a5f45
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Jun 2023 15:23:38 GMT
last-modified
Sun, 11 Jun 2023 11:44:35 GMT
server
Apache
etag
"3cec66-1e2c-5fdd920556a76-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
6516
header_03.jpg
saveontravel.co.za/header/ 		7 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saveontravel.co.za/header/header_03.jpg
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.66.248.14 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
nl1-sr2.supercp.com
Software
Apache /
Resource Hash
0ad2d220dcc49f0dad7b709f95a67894c9fc3fb10f185ca0d8f7a067b8298ecc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Jun 2023 15:23:38 GMT
last-modified
Sun, 11 Jun 2023 11:44:35 GMT
server
Apache
etag
"3cec67-1cf1-5fdd920559d3e-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
6225
header_04.jpg
saveontravel.co.za/header/ 		8 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saveontravel.co.za/header/header_04.jpg
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.66.248.14 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
nl1-sr2.supercp.com
Software
Apache /
Resource Hash
46088aeb1ef5c8cc9f0c595aab6b4827a1008562ea67ec444917d4a181a0642d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Jun 2023 15:23:38 GMT
last-modified
Sun, 11 Jun 2023 11:44:35 GMT
server
Apache
etag
"3cec69-1fa6-5fdd92055a126-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
6883
header_05.jpg
saveontravel.co.za/header/ 		9 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saveontravel.co.za/header/header_05.jpg
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.66.248.14 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
nl1-sr2.supercp.com
Software
Apache /
Resource Hash
8b51615ecbb9fff1027e4d0a334a426e92b284fa826140c999e7fd36f35703ee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Jun 2023 15:23:38 GMT
last-modified
Sun, 11 Jun 2023 11:44:35 GMT
server
Apache
etag
"3cec6a-25f0-5fdd92055a50e-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
8413
header_06.jpg
saveontravel.co.za/header/ 		12 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saveontravel.co.za/header/header_06.jpg
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.66.248.14 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
nl1-sr2.supercp.com
Software
Apache /
Resource Hash
69f3f16ac187c7042f7d8d9d2d9b48eb79f704760422eeede0636fa4b2af5fee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Jun 2023 15:23:38 GMT
last-modified
Sun, 11 Jun 2023 11:44:35 GMT
server
Apache
etag
"3cec6c-2fb9-5fdd92055c066-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
10684
header_07.jpg
saveontravel.co.za/header/ 		12 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saveontravel.co.za/header/header_07.jpg
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.66.248.14 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
nl1-sr2.supercp.com
Software
Apache /
Resource Hash
6da532861d17a62500a63e07e043dc832426625b120e192b623ee207b0661ab0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Jun 2023 15:23:38 GMT
last-modified
Sun, 11 Jun 2023 11:44:35 GMT
server
Apache
etag
"3cec6d-2fb8-5fdd92057819d-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
10687
gtm.js
www.googletagmanager.com/ 		138 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M47KB56
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
214525ba032bc43bb937bf4c0fabef7abc143e7a6e1cf70c9a9a0a3e55b1cdc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 15:23:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52548
x-xss-protection
0
last-modified
Sun, 11 Jun 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 11 Jun 2023 15:23:38 GMT
styles.css
bookings.saveontravel.co.za/mewtwo/ 		167 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bookings.saveontravel.co.za/mewtwo/styles.css?locale=en&rtl=false&v=002
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 15:23:38 GMT
content-encoding
gzip
last-modified
Sunday, 11-Jun-2023 15:23:38 UTC
etag
W/"643d49df-29ce6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
x-request-id
714b3df0c650640c37253ac32ad2d2ab
expires
Sun, 11 Jun 2023 15:53:38 GMT
whitelabel_en.js
bookings.saveontravel.co.za/widgets_static/ 		308 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.saveontravel.co.za/widgets_static/whitelabel_en.js?locale=en&rtl=false&v=002
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
7dd6d27ef5e21c80ee0bf2f47f82ea3249f9f2e94ec80196f556a9ef1f3b1772

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 15:23:38 GMT
content-encoding
gzip
last-modified
Sunday, 11-Jun-2023 15:23:38 UTC
etag
W/"643d49e2-4d0e4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
x-request-id
4c6d237664157329da77556382eb561c
expires
Sun, 11 Jun 2023 15:53:38 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.9/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.9/rollbar.min.js
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/main.en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ee21873f0f644e948c8ccc8cbb2647d2691a94b1a36b3ed9980672b103d71d4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bookings.saveontravel.co.za/
Origin
https://bookings.saveontravel.co.za
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 15:23:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2652095
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16327
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-e9f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9v2SySKup69dI781bP4VYYg1w9Y0HTfuMT%2BueYLyaP9u8%2BMmL%2BQznLR5d9pr9Ts%2FflMZnEEx7vjcLI8lyzo9eRzXFHxUmlkxoKKrvUbVBVnrFHHjkK5BGuajTxmD0XkDuDHVf8W6Lu6yHqr4uFK2QyI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d5adb3f28adb770-AMS
expires
Fri, 31 May 2024 15:23:38 GMT
sp.js
st.avsplow.com/19.18.12/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.avsplow.com/19.18.12/sp.js
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/main.en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:677 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c266b32e3008dfd1061e143c92be4bb7e6e293a80005e23c7289f932001b2bff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 15:23:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1028470
cf-polished
origSize=42670
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 20 Mar 2023 11:06:37 GMT
server
cloudflare
etag
W/"19ae50cc8f44735f712dc77bd3c22064"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6MrR6DxPcgdG76WZ5ORL9A9147D7HqBMGOHTV0t%2BHX7vvVHQIApnwxP6grQRUaVl09wmWmfMNAU8aGpYibETpwQi%2FMU%2FPwu0oKJOxpl5z8cqo0IY%2B5XHM4IA8L%2Bpves%2FAz62Zz98B5m%2FAj5h"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
7d5adb3f6c690095-AMS
whitelabel_en.js
bookings.saveontravel.co.za/widgets/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.saveontravel.co.za/widgets/whitelabel_en.js
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/main.en.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
f001908846e68c5758f745359a659ada9e3ca40ad100c4730a3864a98f4896e9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 15:23:38 GMT
content-encoding
br
content-type
application/javascript
cache-control
private, max-age=0
x-robots-tag
noindex
timing-allow-origin
*
link
</mewtwo/styles.css>; rel=preload; as=style, </widgets_static/whitelabel_en.js>; rel=preload; as=script
x-promo-id
4238
x-request-id
436473e16db86a3c5023a91d5824c04d
truncated
/ 		863 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ceddb5c380cb8111a0beb07fcf991cc290b7a8d8afbe21c8a9831d419d6b467

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
currency-regular-webfont.woff2
www.travelpayouts.com/currency_fonts/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.travelpayouts.com/currency_fonts/currency-regular-webfont.woff2
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
4ba3cac275ae4d06824607aa55da87e077a60cc9608aa0d6d8b6004922573d2e

Request headers

Referer
https://bookings.saveontravel.co.za/
Origin
https://bookings.saveontravel.co.za
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 15:23:38 GMT
last-modified
Fri, 12 May 2023 02:42:07 GMT
server
nginx
etag
"645da77f-e08"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3592
expires
Thu, 31 Dec 2037 23:55:55 GMT
set
mamka.aviasales.ru/third_party_cookies/ 		0
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2023-06-11T15%3A23%3A38.670Z
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.108.212.76 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain charset=UTF-8
tp.png
www.travelpayouts.com/powered_by/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelpayouts.com/powered_by/img/tp.png
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
2485b6352182e9b84c6010dedea330b64058983d22008327a64fd7d9b10df905

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 15:23:38 GMT
content-encoding
gzip
last-modified
Thu, 25 May 2023 12:53:26 GMT
server
nginx
x-krakend
Version undefined
content-type
image/png
cache-control
no-store, no-cache
accept-ranges
bytes
x-krakend-completed
false
styles.css
bookings.saveontravel.co.za/mewtwo/ 		167 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bookings.saveontravel.co.za/mewtwo/styles.css
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 15:23:38 GMT
content-encoding
gzip
last-modified
Sunday, 11-Jun-2023 15:23:38 UTC
etag
W/"643d49df-29ce6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
x-request-id
626021b720b4b7a922abd7a5488e5b23
expires
Sun, 11 Jun 2023 15:53:38 GMT
whitelabel_en.js
bookings.saveontravel.co.za/widgets_static/ 		308 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.saveontravel.co.za/widgets_static/whitelabel_en.js
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
7dd6d27ef5e21c80ee0bf2f47f82ea3249f9f2e94ec80196f556a9ef1f3b1772

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 15:23:38 GMT
content-encoding
gzip
last-modified
Sunday, 11-Jun-2023 15:23:38 UTC
etag
W/"643d49e2-4d0e4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
x-request-id
811281095cebe6b8b5a4313e6acb6b9b
expires
Sun, 11 Jun 2023 15:53:38 GMT
truncated
/ 		348 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0cd533223411d5bab615e57af6eab20ecd15e20bc76f12487a38c0daf82e54cc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M47KB56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Jun 2023 15:04:48 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
1131
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sun, 11 Jun 2023 17:04:48 GMT
js
www.googletagmanager.com/gtag/ 		241 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6C1GFWKMT9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M47KB56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9d31f09e6c1a16b3fc27a71d48397f0fd73f689d987eb10f0b7009795f400241
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 15:23:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85600
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 11 Jun 2023 15:23:38 GMT
j.gif
avsplow.com/a/
Redirect Chain
  • https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%2...
  • https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_en%22,%22trace_id%22:%22Zz5e1d6a9c...
43 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_en%22,%22trace_id%22:%22Zz5e1d6a9c7eb44cf2bbd5685-453348%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Server
185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 15:23:39 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43

Redirect headers

date
Sun, 11 Jun 2023 15:23:38 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
location
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_en%22,%22trace_id%22:%22Zz5e1d6a9c7eb44cf2bbd5685-453348%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
0
styles.css
bookings.saveontravel.co.za/mewtwo/ 		167 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bookings.saveontravel.co.za/mewtwo/styles.css?v=002
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/widgets_static/whitelabel_en.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 15:23:38 GMT
content-encoding
gzip
last-modified
Sunday, 11-Jun-2023 15:23:38 UTC
etag
W/"643d49df-29ce6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
x-request-id
570d250ca53ff8dc3bc7efa16a166abb
expires
Sun, 11 Jun 2023 15:53:38 GMT
whereami
bookings.saveontravel.co.za/ 		130 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bookings.saveontravel.co.za/whereami?locale=en&callback=mewtwoForms.geoIPSetter.lang_en
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/widgets_static/whitelabel_en.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e205c371b03a3c42b1a3a16ba23de30bb7ce82f1b1b8fd20c44f4b36bb1b4de3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 11 Jun 2023 15:23:39 GMT
content-encoding
br
content-length
111
x-request-id
0803cad41ad9d10153ab4903a5251f94
content-type
application/x-javascript; charset=utf-8
powered_by.js
www.travelpayouts.com/powered_by/
Redirect Chain
  • https://travelpayouts.com/powered_by/powered_by.js
  • https://www.travelpayouts.com/powered_by/powered_by.js
40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.travelpayouts.com/powered_by/powered_by.js
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Server
172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
7e55baf66fb0efa68f9ba4469238d87ff56ab40f3db3a2ca996758a2ec907e82

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 15:23:39 GMT
content-encoding
gzip
last-modified
Thu, 25 May 2023 12:53:26 GMT
server
nginx
x-krakend
Version undefined
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache
accept-ranges
bytes
x-krakend-completed
false

Redirect headers

location
https://www.travelpayouts.com/powered_by/powered_by.js
date
Sun, 11 Jun 2023 15:23:39 GMT
server
nginx
content-length
178
content-type
text/html
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-6C1GFWKMT9&gtm=45je3671&_p=604485762&cid=1625123704.1686497019&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686497019&sct=1&seg=0&dl=https%3A%2F%2Fbookings.saveontravel.co.za%2F&dt=Search%20Flights%20and%20Hotels&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6C1GFWKMT9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Jun 2023 15:23:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bookings.saveontravel.co.za
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
set
mamka.aviasales.ru/third_party_cookies/ 		0
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2023-06-11T15%3A23%3A39.030Z&mamka_attempts=1
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.108.212.76 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain charset=UTF-8
tp_white.png
www.travelpayouts.com/powered_by/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelpayouts.com/powered_by/img/tp_white.png
Requested by
Host: bookings.saveontravel.co.za
URL: https://bookings.saveontravel.co.za/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
2b987833855741a74ca43f6003d83d784ed04ff8a496ea912ea48a1433f87f84

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 15:23:39 GMT
content-encoding
gzip
last-modified
Thu, 25 May 2023 12:53:26 GMT
server
nginx
x-krakend
Version undefined
content-type
image/png
cache-control
no-store, no-cache
accept-ranges
bytes
x-krakend-completed
false
truncated
/ 		611 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3345bc4bcae851c0a6894fd18a06587cfca36aaf229fe78b405c52cdabd46d9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		381 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4c214a5b843e1f5c463a48c7af0675b4fe1f5f2fa1cd526e689cbbd45832662

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		129 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ca5fac9612fdb47011f42f54f87ae5dfa00662f4e89fd888586a6d565576d29

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		903 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c68573d57af2167a699c645236af00bf91e103bca25e851b7e6245605fdcacda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml
set
mamka.aviasales.ru/third_party_cookies/ 		0
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2023-06-11T15%3A23%3A39.558Z&mamka_attempts=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.108.212.76 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain charset=UTF-8
set
mamka.aviasales.ru/third_party_cookies/ 		0
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2023-06-11T15%3A23%3A42.085Z&mamka_attempts=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.108.212.76 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bookings.saveontravel.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain charset=UTF-8

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| dataLayer object| GEOIP object| TPWLCONFIG function| loadCSS boolean| MewtwoIsLoaded object| mamka_queue object| mamka_tpc object| _rollbarShims object| _rollbarWrappedError object| Rollbar function| rollbar function| setImmediate function| clearImmediate function| cssx string| TP_WL_LOCALE function| ResizeSensor object| TP_DISPATCHER boolean| SHOW_GOOGLE_ADSENSE boolean| HANDLE_ALL_MARKERS function| f object| GSN function| mamka object| TP_POWERED_BY_DATA boolean| TP_MEWTWO_SKIPSTYLES object| TP_FORM_SETTINGS string| _location function| ga object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject object| TP_PERF_METRICS object| mewtwo number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized boolean| mewtwoFormsInitialized boolean| mewtwoFormsStylesLoaded object| mewtwoForms object| TP_POWERED_BY function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins

10 Cookies

Domain/Path Name / Value
.saveontravel.co.za/ Name: mtdc_7lQtR
Value: true
bookings.saveontravel.co.za/ Name: locale
Value: en
.saveontravel.co.za/ Name: marker
Value: 453348.%241489
bookings.saveontravel.co.za/ Name: cookie_policy_accepted
Value: true
bookings.saveontravel.co.za/ Name: currency
Value: ZAR
.saveontravel.co.za/ Name: _sp_ses.2370
Value: *
.saveontravel.co.za/ Name: _sp_id.2370
Value: 43405d69-3f99-49e4-b9c5-bf28a0661fd2.1686497019.1.1686497019.1686497019.444f5b7c-5a05-4116-a03c-0a15060d4128
.avsplow.com/ Name: nuid
Value: fc19a58e-0618-478f-a23f-f41f02927cfa
.saveontravel.co.za/ Name: _ga
Value: GA1.1.1625123704.1686497019
.saveontravel.co.za/ Name: _ga_6C1GFWKMT9
Value: GS1.1.1686497019.1.0.1686497019.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avsplow.com
bookings.saveontravel.co.za
cdnjs.cloudflare.com
mamka.aviasales.ru
region1.google-analytics.com
saveontravel.co.za
st.avsplow.com
travelpayouts.com
www.google-analytics.com
www.googletagmanager.com
www.travelpayouts.com
172.255.224.36
185.106.81.236
188.42.196.67
2001:4860:4802:32::36
23.108.212.76
2606:4700:20::681a:677
2606:4700::6811:180e
2a00:1450:4001:802::200e
2a00:1450:4001:812::2008
68.66.248.14
0ad2d220dcc49f0dad7b709f95a67894c9fc3fb10f185ca0d8f7a067b8298ecc
0cd533223411d5bab615e57af6eab20ecd15e20bc76f12487a38c0daf82e54cc
0ee21873f0f644e948c8ccc8cbb2647d2691a94b1a36b3ed9980672b103d71d4
214525ba032bc43bb937bf4c0fabef7abc143e7a6e1cf70c9a9a0a3e55b1cdc6
23d1879388a61d5013da4358efdb9b2d1c14ebe87575311285c2fd1df25020b4
2485b6352182e9b84c6010dedea330b64058983d22008327a64fd7d9b10df905
2b987833855741a74ca43f6003d83d784ed04ff8a496ea912ea48a1433f87f84
3ca5fac9612fdb47011f42f54f87ae5dfa00662f4e89fd888586a6d565576d29
46088aeb1ef5c8cc9f0c595aab6b4827a1008562ea67ec444917d4a181a0642d
4ba3cac275ae4d06824607aa55da87e077a60cc9608aa0d6d8b6004922573d2e
4bcf0379a06c72050ed2c97b4b05548b3d5afc5a134443740c0fd12c45bfef89
691645b6c9d6dd7ae7f4acbafd11370c11486fffb4f845e874212f60ab5a5f45
69f3f16ac187c7042f7d8d9d2d9b48eb79f704760422eeede0636fa4b2af5fee
6da532861d17a62500a63e07e043dc832426625b120e192b623ee207b0661ab0
74e6bef4338984a52b3d820a81fc350095c5c9f091ceae336dbf88f93daee68c
770543f5bf1c4d8efdeea3be4b7e46cea38bbb5ab9aaadebbf69de41d1e307b1
7dd6d27ef5e21c80ee0bf2f47f82ea3249f9f2e94ec80196f556a9ef1f3b1772
7e55baf66fb0efa68f9ba4469238d87ff56ab40f3db3a2ca996758a2ec907e82
8b51615ecbb9fff1027e4d0a334a426e92b284fa826140c999e7fd36f35703ee
9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d
9ceddb5c380cb8111a0beb07fcf991cc290b7a8d8afbe21c8a9831d419d6b467
9d31f09e6c1a16b3fc27a71d48397f0fd73f689d987eb10f0b7009795f400241
b412f5fe426412ff76ffd698256bfe826a95a523a7f9b88d125d5627cc1b8d5d
c266b32e3008dfd1061e143c92be4bb7e6e293a80005e23c7289f932001b2bff
c4c214a5b843e1f5c463a48c7af0675b4fe1f5f2fa1cd526e689cbbd45832662
c68573d57af2167a699c645236af00bf91e103bca25e851b7e6245605fdcacda
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d3345bc4bcae851c0a6894fd18a06587cfca36aaf229fe78b405c52cdabd46d9
e205c371b03a3c42b1a3a16ba23de30bb7ce82f1b1b8fd20c44f4b36bb1b4de3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
f001908846e68c5758f745359a659ada9e3ca40ad100c4730a3864a98f4896e9