urlscan.io logo urlscan.io
SecurityTrails logo

flights-es.gotogate.com Open in urlscan Pro
2a02:26f0:3500:89b::43e4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://r.sib.etraveligroup.com/tr/cl/JQr0WgzV5Dr9TzPjcvQhZVbCFKb9MkLKlLpaC5GS3rLOHOF7vtyIM3RbfsII5hoijjrP5CM0fig9YaY_zCUHBh8jHI...
Effective URL: https://flights-es.gotogate.com/customer.options.action?optionUuid=c7efc6a7-fe5b-499e-8625-26b3f65d4b7e
Submission: On March 29 via manual from ES — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 16 HTTP transactions. The main IP is 2a02:26f0:3500:89b::43e4, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is flights-es.gotogate.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 16th 2023. Valid for: a year.
This is the only time flights-es.gotogate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1.179.112.196 396982 (GOOGLE-CL...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2 2.19.126.207 20940 (AKAMAI-ASN1)
1 2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
16 11
1    1.179.112.196 (France)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: m1179112196.mailinblue.me
r.sib.etraveligroup.com
2    2606:4700::6812:1f68 (United States)

ASN13335 (CLOUDFLARENET, US)
sibautomation.com
1    2606:4700::6810:ff60 (United States)

ASN13335 (CLOUDFLARENET, US)
www.sendinblue.com
1    2606:4700::6811:8560 (United States)

ASN13335 (CLOUDFLARENET, US)
in-automate.sendinblue.com
4    2a02:26f0:3500:89b::43e4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
flights-es.gotogate.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a02:26f0:ab00:39b::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
173bf10f.akstat.io
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:26f0:3500:981::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
2    2.19.126.207 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-207.deploy.static.akamaitechnologies.com
trial-eum-clientnsv4-s.akamaihd.net
wiqzbmqccn7m6zbd24sa-p56way-01e9f87af-clientnsv4-s.akamaihd.net
2    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
trial-eum-clienttons-s.akamaihd.net
eaauduaabu3e2kqce3ydkaaaczschvze-p56way-5ee583c16-clienttons-s.akamaihd.net
Apex Domain
Subdomains		 Transfer
4 akamaihd.net
trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 2037
wiqzbmqccn7m6zbd24sa-p56way-01e9f87af-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 2034
eaauduaabu3e2kqce3ydkaaaczschvze-p56way-5ee583c16-clienttons-s.akamaihd.net
1 KB
4 gotogate.com
flights-es.gotogate.com
77 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1221
c.go-mpulse.net — Cisco Umbrella Rank: 631
50 KB
2 sendinblue.com
www.sendinblue.com — Cisco Umbrella Rank: 110190
in-automate.sendinblue.com — Cisco Umbrella Rank: 22348
333 B
2 sibautomation.com
sibautomation.com — Cisco Umbrella Rank: 21127
2 KB
1 akstat.io
173bf10f.akstat.io — Cisco Umbrella Rank: 16714
207 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 etraveligroup.com
r.sib.etraveligroup.com — Cisco Umbrella Rank: 657985
1022 B
16 9
Domain Requested by
4 flights-es.gotogate.com r.sib.etraveligroup.com
flights-es.gotogate.com
2 fonts.gstatic.com fonts.googleapis.com
2 sibautomation.com 1 redirects r.sib.etraveligroup.com
1 173bf10f.akstat.io s.go-mpulse.net
1 eaauduaabu3e2kqce3ydkaaaczschvze-p56way-5ee583c16-clienttons-s.akamaihd.net
1 trial-eum-clienttons-s.akamaihd.net 1 redirects
1 wiqzbmqccn7m6zbd24sa-p56way-01e9f87af-clientnsv4-s.akamaihd.net
1 trial-eum-clientnsv4-s.akamaihd.net 1 redirects
1 c.go-mpulse.net s.go-mpulse.net
1 s.go-mpulse.net flights-es.gotogate.com
1 fonts.googleapis.com flights-es.gotogate.com
1 in-automate.sendinblue.com sibautomation.com
1 www.sendinblue.com sibautomation.com
1 r.sib.etraveligroup.com
16 14

This site contains no links.

Subject Issuer Validity Valid
r.sib.etraveligroup.com
R3		 2023-03-04 -
2023-06-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-09 -
2023-06-09		 a year crt.sh
sendinblue.com
Cloudflare Inc ECC CA-3		 2022-09-26 -
2023-09-25		 a year crt.sh
flights-uk.gotogate.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-16 -
2024-02-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
akstat.io
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-15 -
2023-04-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://flights-es.gotogate.com/customer.options.action?optionUuid=c7efc6a7-fe5b-499e-8625-26b3f65d4b7e
Frame ID: E7FCD8A36D19AB9D3C2005CB3002F97A
Requests: 13 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=2250316
Frame ID: 7463FBEB45C79D6C58322E4217021017
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gotogate

Page URL History Show full URLs

  1. https://r.sib.etraveligroup.com/tr/cl/JQr0WgzV5Dr9TzPjcvQhZVbCFKb9MkLKlLpaC5GS3rLOHOF7vtyIM3RbfsII5hoijjrP5C... Page URL
  2. https://flights-es.gotogate.com/customer.options.action?optionUuid=c7efc6a7-fe5b-499e-8625-26b3f65d4b7e Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

16
Requests

81 %
HTTPS

82 %
IPv6

9
Domains

14
Subdomains

11
IPs

3
Countries

164 kB
Transfer

498 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://r.sib.etraveligroup.com/tr/cl/JQr0WgzV5Dr9TzPjcvQhZVbCFKb9MkLKlLpaC5GS3rLOHOF7vtyIM3RbfsII5hoijjrP5CM0fig9YaY_zCUHBh8jHIwZyMukjT8C0qwIa1Gn9mvioV4AZIx5zHhgLpazdIKusodWOYtnbDtTf7mHOp8sVh9LlzJkeXLcasHEZF4-K9nEgjMHjYi8xuhUrrsxlkz97y4XaHSQ3XHdNw52MC2D0Iig2GFcrGWRXz_4Huydefbkgd6splhzTtaw16DL4ehRBOYexyR-TGE3YOUAYAgeN_VWLHPfT3qM-oQeRBox9lW-BIhFP0ag_6CM5YbUZjCAkjTF86iqow Page URL
  2. https://flights-es.gotogate.com/customer.options.action?optionUuid=c7efc6a7-fe5b-499e-8625-26b3f65d4b7e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://sibautomation.com/ruxitagentjs_ICA2NVfqru_10261230220152234.js HTTP 302
  • https://www.sendinblue.com/404/
Request Chain 12
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p56way4nk HTTP 302
  • https://wiqzbmqccn7m6zbd24sa-p56way-01e9f87af-clientnsv4-s.akamaihd.net/eum/results.txt
Request Chain 13
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p56way4nk HTTP 302
  • https://eaauduaabu3e2kqce3ydkaaaczschvze-p56way-5ee583c16-clienttons-s.akamaihd.net/eum/results.txt

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
JQr0WgzV5Dr9TzPjcvQhZVbCFKb9MkLKlLpaC5GS3rLOHOF7vtyIM3RbfsII5hoijjrP5CM0fig9YaY_zCUHBh8jHIwZyMukjT8C0qwIa1Gn9mvioV4AZIx5zHhgLpazdIKusodWOYtnbDtTf7mHOp8sVh9LlzJkeXLcasHEZF4-K9nEgjMHjYi8xuhUrrsxlkz97...
r.sib.etraveligroup.com/tr/cl/ 		862 B
1022 B 		Document
General
Check archive.org
Download Go to
Full URL
https://r.sib.etraveligroup.com/tr/cl/JQr0WgzV5Dr9TzPjcvQhZVbCFKb9MkLKlLpaC5GS3rLOHOF7vtyIM3RbfsII5hoijjrP5CM0fig9YaY_zCUHBh8jHIwZyMukjT8C0qwIa1Gn9mvioV4AZIx5zHhgLpazdIKusodWOYtnbDtTf7mHOp8sVh9LlzJkeXLcasHEZF4-K9nEgjMHjYi8xuhUrrsxlkz97y4XaHSQ3XHdNw52MC2D0Iig2GFcrGWRXz_4Huydefbkgd6splhzTtaw16DL4ehRBOYexyR-TGE3YOUAYAgeN_VWLHPfT3qM-oQeRBox9lW-BIhFP0ag_6CM5YbUZjCAkjTF86iqow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.179.112.196 , France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
m1179112196.mailinblue.me
Software
/
Resource Hash
4f509aa56d0339bfc02665b4c5b3dde8563f346a63e5a4db21832b049fdd01e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-length
862
content-type
text/html; charset=utf-8
date
Wed, 29 Mar 2023 06:13:54 GMT
x-content-type-options
nosniff
x-sib-server
gke-gke-public-clust-gke-public-clust-4b822751-bvg3
x-xss-protection
1
cm.html
sibautomation.com/ Frame 7463 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cm.html?id=2250316
Requested by
Host: r.sib.etraveligroup.com
URL: https://r.sib.etraveligroup.com/tr/cl/JQr0WgzV5Dr9TzPjcvQhZVbCFKb9MkLKlLpaC5GS3rLOHOF7vtyIM3RbfsII5hoijjrP5CM0fig9YaY_zCUHBh8jHIwZyMukjT8C0qwIa1Gn9mvioV4AZIx5zHhgLpazdIKusodWOYtnbDtTf7mHOp8sVh9LlzJkeXLcasHEZF4-K9nEgjMHjYi8xuhUrrsxlkz97y4XaHSQ3XHdNw52MC2D0Iig2GFcrGWRXz_4Huydefbkgd6splhzTtaw16DL4ehRBOYexyR-TGE3YOUAYAgeN_VWLHPfT3qM-oQeRBox9lW-BIhFP0ag_6CM5YbUZjCAkjTF86iqow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
bdedae9c0dd5a5c702feb78682fa8850396129bb13a9e6db46999b90c7ab6fa2

Request headers

Referer
https://r.sib.etraveligroup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
age
26946
cache-control
public, max-age=7200
cf-cache-status
HIT
cf-ray
7af5f83abf0102b3-CDG
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 29 Mar 2023 06:13:55 GMT
expires
Wed, 29 Mar 2023 08:13:55 GMT
server
cloudflare
server-timing
dtSInfo;desc="0", dtRpid;desc="1480429368"
vary
Accept-Encoding
x-oneagent-js-injection
true
x-powered-by
Sails <sailsjs.com>
x-ruxit-js-agent
true
/
www.sendinblue.com/404/ Frame 7463
Redirect Chain
  • https://sibautomation.com/ruxitagentjs_ICA2NVfqru_10261230220152234.js
  • https://www.sendinblue.com/404/
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sendinblue.com/404/
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/cm.html?id=2250316
Protocol
H2
Server
2606:4700::6810:ff60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sibautomation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Redirect headers

date
Wed, 29 Mar 2023 06:13:55 GMT
cf-cache-status
HIT
server
cloudflare
age
928
vary
Accept-Encoding
content-type
text/html
location
https://www.sendinblue.com/404/
access-control-allow-origin
*
cache-control
public, max-age=7200
cf-ray
7af5f83b0f2c02b3-CDG
expires
Wed, 29 Mar 2023 08:13:55 GMT
cm
in-automate.sendinblue.com/ Frame 7463 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-automate.sendinblue.com/cm?uuid=bce2aedb-2b5b-466a-8e5a-22571360d346&key=dj2lo114kahx7eyotptl3s3o&trans=1&message_id=c73c8139-0591-41aa-bb48-597c7f7843dc
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/cm.html?id=2250316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:8560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sibautomation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 06:13:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
no-cache
cf-apo-via
origin,host
cf-ray
7af5f83c2ac6047b-CDG
Primary Request customer.options.action
flights-es.gotogate.com/ 		11 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flights-es.gotogate.com/customer.options.action?optionUuid=c7efc6a7-fe5b-499e-8625-26b3f65d4b7e
Requested by
Host: r.sib.etraveligroup.com
URL: https://r.sib.etraveligroup.com/tr/cl/JQr0WgzV5Dr9TzPjcvQhZVbCFKb9MkLKlLpaC5GS3rLOHOF7vtyIM3RbfsII5hoijjrP5CM0fig9YaY_zCUHBh8jHIwZyMukjT8C0qwIa1Gn9mvioV4AZIx5zHhgLpazdIKusodWOYtnbDtTf7mHOp8sVh9LlzJkeXLcasHEZF4-K9nEgjMHjYi8xuhUrrsxlkz97y4XaHSQ3XHdNw52MC2D0Iig2GFcrGWRXz_4Huydefbkgd6splhzTtaw16DL4ehRBOYexyR-TGE3YOUAYAgeN_VWLHPfT3qM-oQeRBox9lW-BIhFP0ag_6CM5YbUZjCAkjTF86iqow
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89b::43e4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f1b72337704e49a19683d5c8cff87ccc6a7188e9d18df55a31e77e82aba19ba3
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://r.sib.etraveligroup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Language
fr-FR
Content-Length
4533
Content-Security-Policy-Report-Only
default-src 'self'; connect-src 'self' https://*.intentmedia.net https://*.etraveligroup.net https://*.doubleclick.net https://*.adform.net https://www.google-analytics.com https://widgets.hotels.com https://bat.bing.com https://etgrs2.com https://*.akstat.io https://*.go-mpulse.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.etraveli.com https://*.etraveligroup.com https://*.cdn-net.com https://bat.bing.com https://www.googletagmanager.com https://connect.facebook.net https://pay.google.com https://adtr.io https://*.bidr.io https://tag.yieldoptimizer.com https://*.visualwebsiteoptimizer.com https://*.google-analytics.com https://*.intentmedia.net https://*.adform.net https://*.mouseflow.com https://*.nrich.ai https://*.doubleclick.net https://*.eancdn.com https://*.bidswitch.net https://green.erne.co https://*.rentalcars.com https://widget.trustpilot.com https://www.googleadservices.com https://cdn.klarna.com https://maps.googleapis.com https://widget.getyourguide.com https://widgets.hotels.com https://*.klarnacdn.net https://*.go-mpulse.net; style-src 'self' 'unsafe-inline' data: blob: https://widgets.hotels.com https://fonts.googleapis.com; img-src 'self' data: https://*.etraveli.com https://*.visualwebsiteoptimizer.com https://*.bidswitch.net https://*.doubleclick.net https://*.nrich.ai https://*.hybrid.ai https://*.w55c.net https://*.adsrvr.org https://*.rlcdn.com https://*.bidr.io https://*.seadform.net https://green.erne.co https://tag.yieldoptimizer.com https://dpm.demdex.net https://*.adform.net https://*.zemanta.com https://beacon.krxd.net https://sd.turn.com https://*.google-analytics.com https://maps.googleapis.com https://tag.adaraanalytics.com https://www.facebook.com https://widgets.hotels.com https://bat.bing.com https://www.google.com https://www.google.se https://maps.gstatic.com https://www.googletagmanager.com https://*.akstat.io; font-src 'self' https://fonts.gstatic.com https://widgets.hotels.com; frame-ancestors 'self'; frame-src 'self' https://pay.google.com https://*.cdn-net.com https://*.cdn.intentmedia.net https://www.facebook.com https://widget.getyourguide.com https://system.etrack1.com https://widgets.hotels.com https://secure.rentalcars.com https://widget.trustpilot.com; object-src 'self' https://*.cdn-net.com
Content-Type
text/html;charset=UTF-8
Date
Wed, 29 Mar 2023 06:13:55 GMT
Expect-CT
max-age=86400, https://9dd511763dedf2c3aad76bd2b849c630.report-uri.com/r/d/ct/reportOnly
IBE-Cart-Has-Reservations
false
IBE-OkToTransferToOtherServer
true
IBE-Release-Pending
false
Server-Timing
cdn-cache; desc=MISS edge; dur=14 origin; dur=120 ak_p; desc="466686_388276639_224727681_13434_4886_29_-";dur=1
Strict-Transport-Security
max-age=86400
Vary
Accept-Encoding
X-Akamai-Transformed
9 3094 0 pmb=mRUM,2
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
1er-1by-1eh-1ek-1en-1ej-1ez-1eg-29-1l-1eu-1ec-1tb-1h-1y_4469772_1622_1.js
flights-es.gotogate.com/d/1622/ 		218 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flights-es.gotogate.com/d/1622/1er-1by-1eh-1ek-1en-1ej-1ez-1eg-29-1l-1eu-1ec-1tb-1h-1y_4469772_1622_1.js
Requested by
Host: flights-es.gotogate.com
URL: https://flights-es.gotogate.com/customer.options.action?optionUuid=c7efc6a7-fe5b-499e-8625-26b3f65d4b7e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89b::43e4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
c7902177026e7073d58698fee9dcfb99950ae96761f9ff7033d3216e66162e33
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://flights-es.gotogate.com/customer.options.action?optionUuid=c7efc6a7-fe5b-499e-8625-26b3f65d4b7e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Wed, 29 Mar 2023 06:13:55 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400
Content-Security-Policy-Report-Only
default-src 'self'; connect-src 'self' https://*.intentmedia.net https://*.etraveligroup.net https://*.doubleclick.net https://*.adform.net https://www.google-analytics.com https://widgets.hotels.com https://bat.bing.com https://etgrs2.com https://*.akstat.io https://*.go-mpulse.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.etraveli.com https://*.etraveligroup.com https://*.cdn-net.com https://bat.bing.com https://www.googletagmanager.com https://connect.facebook.net https://pay.google.com https://adtr.io https://*.bidr.io https://tag.yieldoptimizer.com https://*.visualwebsiteoptimizer.com https://*.google-analytics.com https://*.intentmedia.net https://*.adform.net https://*.mouseflow.com https://*.nrich.ai https://*.doubleclick.net https://*.eancdn.com https://*.bidswitch.net https://green.erne.co https://*.rentalcars.com https://widget.trustpilot.com https://www.googleadservices.com https://cdn.klarna.com https://maps.googleapis.com https://widget.getyourguide.com https://widgets.hotels.com https://*.klarnacdn.net https://*.go-mpulse.net; style-src 'self' 'unsafe-inline' data: blob: https://widgets.hotels.com https://fonts.googleapis.com; img-src 'self' data: https://*.etraveli.com https://*.visualwebsiteoptimizer.com https://*.bidswitch.net https://*.doubleclick.net https://*.nrich.ai https://*.hybrid.ai https://*.w55c.net https://*.adsrvr.org https://*.rlcdn.com https://*.bidr.io https://*.seadform.net https://green.erne.co https://tag.yieldoptimizer.com https://dpm.demdex.net https://*.adform.net https://*.zemanta.com https://beacon.krxd.net https://sd.turn.com https://*.google-analytics.com https://maps.googleapis.com https://tag.adaraanalytics.com https://www.facebook.com https://widgets.hotels.com https://bat.bing.com https://www.google.com https://www.google.se https://maps.gstatic.com https://www.googletagmanager.com https://*.akstat.io; font-src 'self' https://fonts.gstatic.com https://widgets.hotels.com; frame-ancestors 'self'; frame-src 'self' https://pay.google.com https://*.cdn-net.com https://*.cdn.intentmedia.net https://www.facebook.com https://widget.getyourguide.com https://system.etrack1.com https://widgets.hotels.com https://secure.rentalcars.com https://widget.trustpilot.com; object-src 'self' https://*.cdn-net.com
X-IBE-FileVersion
current
Connection
keep-alive
Server-Timing
cdn-cache; desc=HIT, edge; dur=138, ak_p; desc="466686_388276639_224727737_13822_7656_29_-";dur=1
Content-Length
41186
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 28 Mar 2023 06:57:09 GMT
Server
Akamai Resource Optimizer
Expect-CT
max-age=86400, https://9dd511763dedf2c3aad76bd2b849c630.report-uri.com/r/d/ct/reportOnly
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
public, must-revalidate, max-age=1800
Expires
Wed, 29 Mar 2023 06:43:55 GMT
customerOptions.css
flights-es.gotogate.com/v/1622/2535113/system/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flights-es.gotogate.com/v/1622/2535113/system/css/customerOptions.css
Requested by
Host: flights-es.gotogate.com
URL: https://flights-es.gotogate.com/customer.options.action?optionUuid=c7efc6a7-fe5b-499e-8625-26b3f65d4b7e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89b::43e4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
494da4b2b2a23122cff3c9392e4c9deba64d0fa42df72013d3e27f7cceac6bc5
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://flights-es.gotogate.com/customer.options.action?optionUuid=c7efc6a7-fe5b-499e-8625-26b3f65d4b7e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Wed, 29 Mar 2023 06:13:55 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400
Content-Security-Policy-Report-Only
default-src 'self'; connect-src 'self' https://*.intentmedia.net https://*.etraveligroup.net https://*.doubleclick.net https://*.adform.net https://www.google-analytics.com https://widgets.hotels.com https://bat.bing.com https://etgrs2.com https://*.akstat.io https://*.go-mpulse.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.etraveli.com https://*.etraveligroup.com https://*.cdn-net.com https://bat.bing.com https://www.googletagmanager.com https://connect.facebook.net https://pay.google.com https://adtr.io https://*.bidr.io https://tag.yieldoptimizer.com https://*.visualwebsiteoptimizer.com https://*.google-analytics.com https://*.intentmedia.net https://*.adform.net https://*.mouseflow.com https://*.nrich.ai https://*.doubleclick.net https://*.eancdn.com https://*.bidswitch.net https://green.erne.co https://*.rentalcars.com https://widget.trustpilot.com https://www.googleadservices.com https://cdn.klarna.com https://maps.googleapis.com https://widget.getyourguide.com https://widgets.hotels.com https://*.klarnacdn.net https://*.go-mpulse.net; style-src 'self' 'unsafe-inline' data: blob: https://widgets.hotels.com https://fonts.googleapis.com; img-src 'self' data: https://*.etraveli.com https://*.visualwebsiteoptimizer.com https://*.bidswitch.net https://*.doubleclick.net https://*.nrich.ai https://*.hybrid.ai https://*.w55c.net https://*.adsrvr.org https://*.rlcdn.com https://*.bidr.io https://*.seadform.net https://green.erne.co https://tag.yieldoptimizer.com https://dpm.demdex.net https://*.adform.net https://*.zemanta.com https://beacon.krxd.net https://sd.turn.com https://*.google-analytics.com https://maps.googleapis.com https://tag.adaraanalytics.com https://www.facebook.com https://widgets.hotels.com https://bat.bing.com https://www.google.com https://www.google.se https://maps.gstatic.com https://www.googletagmanager.com https://*.akstat.io; font-src 'self' https://fonts.gstatic.com https://widgets.hotels.com; frame-ancestors 'self'; frame-src 'self' https://pay.google.com https://*.cdn-net.com https://*.cdn.intentmedia.net https://www.facebook.com https://widget.getyourguide.com https://system.etrack1.com https://widgets.hotels.com https://secure.rentalcars.com https://widget.trustpilot.com; object-src 'self' https://*.cdn-net.com
X-IBE-FileVersion
same
Connection
keep-alive
Server-Timing
cdn-cache; desc=HIT, edge; dur=143, ak_p; desc="466686_388276639_224727770_14351_5298_29_-";dur=1
Content-Length
513
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 28 Mar 2023 06:52:42 GMT
Server
Akamai Resource Optimizer
Expect-CT
max-age=86400, https://9dd511763dedf2c3aad76bd2b849c630.report-uri.com/r/d/ct/reportOnly
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
public, must-revalidate, max-age=520637
Expires
Tue, 04 Apr 2023 06:51:12 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: flights-es.gotogate.com
URL: https://flights-es.gotogate.com/customer.options.action?optionUuid=c7efc6a7-fe5b-499e-8625-26b3f65d4b7e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://flights-es.gotogate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Mar 2023 06:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 06:07:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Mar 2023 06:13:55 GMT
mail_template_site_logo_new.png
flights-es.gotogate.com/gui/bk/image/ 		19 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flights-es.gotogate.com/gui/bk/image/mail_template_site_logo_new.png
Requested by
Host: flights-es.gotogate.com
URL: https://flights-es.gotogate.com/customer.options.action?optionUuid=c7efc6a7-fe5b-499e-8625-26b3f65d4b7e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89b::43e4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
55947a5282181affdee2c4bd2aa7d1fa27758590e02e4b55be2b316a29229f27
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://flights-es.gotogate.com/customer.options.action?optionUuid=c7efc6a7-fe5b-499e-8625-26b3f65d4b7e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Wed, 29 Mar 2023 06:13:55 GMT
Strict-Transport-Security
max-age=86400
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src 'self'; connect-src 'self' https://*.intentmedia.net https://*.etraveligroup.net https://*.doubleclick.net https://*.adform.net https://www.google-analytics.com https://widgets.hotels.com https://bat.bing.com https://etgrs2.com https://*.akstat.io https://*.go-mpulse.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.etraveli.com https://*.etraveligroup.com https://*.cdn-net.com https://bat.bing.com https://www.googletagmanager.com https://connect.facebook.net https://pay.google.com https://adtr.io https://*.bidr.io https://tag.yieldoptimizer.com https://*.visualwebsiteoptimizer.com https://*.google-analytics.com https://*.intentmedia.net https://*.adform.net https://*.mouseflow.com https://*.nrich.ai https://*.doubleclick.net https://*.eancdn.com https://*.bidswitch.net https://green.erne.co https://*.rentalcars.com https://widget.trustpilot.com https://www.googleadservices.com https://cdn.klarna.com https://maps.googleapis.com https://widget.getyourguide.com https://widgets.hotels.com https://*.klarnacdn.net https://*.go-mpulse.net; style-src 'self' 'unsafe-inline' data: blob: https://widgets.hotels.com https://fonts.googleapis.com; img-src 'self' data: https://*.etraveli.com https://*.visualwebsiteoptimizer.com https://*.bidswitch.net https://*.doubleclick.net https://*.nrich.ai https://*.hybrid.ai https://*.w55c.net https://*.adsrvr.org https://*.rlcdn.com https://*.bidr.io https://*.seadform.net https://green.erne.co https://tag.yieldoptimizer.com https://dpm.demdex.net https://*.adform.net https://*.zemanta.com https://beacon.krxd.net https://sd.turn.com https://*.google-analytics.com https://maps.googleapis.com https://tag.adaraanalytics.com https://www.facebook.com https://widgets.hotels.com https://bat.bing.com https://www.google.com https://www.google.se https://maps.gstatic.com https://www.googletagmanager.com https://*.akstat.io; font-src 'self' https://fonts.gstatic.com https://widgets.hotels.com; frame-ancestors 'self'; frame-src 'self' https://pay.google.com https://*.cdn-net.com https://*.cdn.intentmedia.net https://www.facebook.com https://widget.getyourguide.com https://system.etrack1.com https://widgets.hotels.com https://secure.rentalcars.com https://widget.trustpilot.com; object-src 'self' https://*.cdn-net.com
Connection
keep-alive
Server-Timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466686_388276639_224727793_12_5484_29_-";dur=1
Content-Length
19034
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 27 Mar 2023 07:19:24 GMT
ETag
W/"19034-1679901564000"
Expect-CT
max-age=86400, https://9dd511763dedf2c3aad76bd2b849c630.report-uri.com/r/d/ct/reportOnly
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=3547
Accept-Ranges
bytes
Expires
Wed, 29 Mar 2023 07:13:02 GMT
GCXY6-3RJQ7-YTF3A-HE9SJ-22NXG
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/GCXY6-3RJQ7-YTF3A-HE9SJ-22NXG
Requested by
Host: flights-es.gotogate.com
URL: https://flights-es.gotogate.com/customer.options.action?optionUuid=c7efc6a7-fe5b-499e-8625-26b3f65d4b7e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ab00:39b::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://flights-es.gotogate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 06:13:55 GMT
content-encoding
br
last-modified
Sat, 25 Feb 2023 10:11:32 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
x-n
S
timing-allow-origin
*
content-length
50393
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flights-es.gotogate.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 08:37:38 GMT
x-content-type-options
nosniff
age
77777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 08:37:38 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flights-es.gotogate.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 08:37:39 GMT
x-content-type-options
nosniff
age
77776
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 08:37:39 GMT
config.json
c.go-mpulse.net/api/ 		881 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=GCXY6-3RJQ7-YTF3A-HE9SJ-22NXG&d=flights-es.gotogate.com&t=5600235&v=1.720.0&sl=0&si=b3f2374d-320c-49ae-bb21-2e26206da2d1-rs9qn7&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=504773
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/GCXY6-3RJQ7-YTF3A-HE9SJ-22NXG
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:981::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
29c83f7b583b9ea4c6fa80644185fc4fd9365196b9469964495ff05cbb00fe98

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://flights-es.gotogate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Wed, 29 Mar 2023 06:13:56 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
520
results.txt
wiqzbmqccn7m6zbd24sa-p56way-01e9f87af-clientnsv4-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p56way4nk
  • https://wiqzbmqccn7m6zbd24sa-p56way-01e9f87af-clientnsv4-s.akamaihd.net/eum/results.txt
8 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wiqzbmqccn7m6zbd24sa-p56way-01e9f87af-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
2.19.126.207 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-207.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://flights-es.gotogate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Wed, 29 Mar 2023 06:13:56 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://wiqzbmqccn7m6zbd24sa-p56way-01e9f87af-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin
*
Date
Wed, 29 Mar 2023 06:13:56 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
results.txt
eaauduaabu3e2kqce3ydkaaaczschvze-p56way-5ee583c16-clienttons-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p56way4nk
  • https://eaauduaabu3e2kqce3ydkaaaczschvze-p56way-5ee583c16-clienttons-s.akamaihd.net/eum/results.txt
8 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eaauduaabu3e2kqce3ydkaaaczschvze-p56way-5ee583c16-clienttons-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://flights-es.gotogate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Wed, 29 Mar 2023 06:13:56 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://eaauduaabu3e2kqce3ydkaaaczschvze-p56way-5ee583c16-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin
*
Date
Wed, 29 Mar 2023 06:13:56 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
/
173bf10f.akstat.io/ 		0
207 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://173bf10f.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/GCXY6-3RJQ7-YTF3A-HE9SJ-22NXG
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ab00:39b::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flights-es.gotogate.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 29 Mar 2023 06:13:56 GMT
content-type
image/gif
access-control-allow-origin
https://flights-es.gotogate.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Wed, 29 Mar 2023 06:13:56 GMT

Verdicts & Comments Add Verdict or Comment

234 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| findItemWithId function| findItemWithPropertyEquals function| findItemsWithIdStartingWith function| setPropertyOnList function| hasItemWithId function| removeItemWithId function| removeItem function| pushCopy function| retainAll function| isArray function| implode function| removeListHead function| removeListTail function| splitList function| subList function| isEmptyArray function| isNotEmptyArray function| deleteElementInArray function| getFirstIdInMap function| getFirstPropertyInMap function| mapToList function| nlToBr function| spaceToNbsp function| stringContainsAString function| stringIsNumeric function| stringIsInteger function| stringIsPhoneNumber function| stringIsDigitsAndDash function| stringIsPersonsName function| stringIsPersonsNameAirlineFormat function| isAlphanumericCharCode function| charCodeIsChar function| charCodeIsCharacter function| stringIncludesValidCharsOnly function| stringExcludesInvalidChars function| formatCustomEventName function| appendIfNotThere function| prependIfNotThere function| countInitChars function| removeInitCharacters function| removeInitZeroes function| removeFnutts function| startsWith function| endsWith function| trim function| cssClassFriendly function| stripNonNumeric function| stringDiff function| notEmptyString function| emptyString function| trimString function| stringToBool function| isValidPassword function| isValidEmail function| isValidPhoneNumber function| trimPhoneNumber function| validEmail function| sumOfSequence function| isAlphabeticString function| insertArgument function| insertText function| _isDecSepa function| _decCharIdxOf function| formatNumber object| PriceFormat function| fNum function| fEnc function| fDec function| iEnc function| iDec function| EFloat function| EInt function| greatCircleDistance function| greatCircleDistance2 function| distanceBetweenTwoPoints function| isWithinGoogleMapBound function| CookieContext function| Context function| getCookie function| setCookie function| deleteCookie function| Statistics function| Timer function| IBEMenuManager function| IBETab function| IBETabMenu function| h_getValue function| h_getSelectValue function| h_getRadioValue function| h_getCheckedRadioValue function| h_isRadioArray function| h_getCheckboxValues function| h_isCheckboxArray function| h_elemFocus function| h_elemError function| h_elemReset function| h_trim function| h_hasValue function| h_keepDigits function| h_isAlphabeticString function| h_charsAllowedInName function| h_isNumericString function| h_isAlphaNumericString function| h_resolveFieldNameParts function| h_toNum function| h_toDate function| h_daysUntil function| h_ms function| h_m function| h_d function| h_y function| h_date2String function| h_matchesRegExp function| h_checkExpiryDate function| h_minlength function| h_maxlength function| v_maxlength function| v_required function| v_requiredAndEnabled function| v_enabled function| v_orderNumber function| v_isAlphabetic function| v_isAlphaNumeric function| v_isNumeric function| v_taxId function| v_toNum function| v_toDate function| v_isPhoneFax function| v_optionalPhone function| v_isEmail function| v_isEmailList function| v_isAddress function| v_isTitle function| v_isTown function| v_isZipCode function| v_isCountry function| v_isTravelCond function| v_isPulCond function| is_validatePaytype function| v_isCVVCode function| v_isEmailVerify function| v_hasSelectedFrequentFlyerCardType function| v_hasSelectedRebookingProduct function| v_isCityWithCode function| v_validateDifferentOriginAndDestination function| v_isCityWithId function| v_validatePaxAndChildAges function| v_validateComboNumPassengers function| v_validateAirDates function| v_validateHotelDates function| v_validateFirstNameAllRooms function| v_validateAnyNameSameRestriction function| v_validateCarPickupCity function| v_validateCarDates function| v_combinedCarShortCircuit function| isOneWayCarRental function| v_returnCityRequired function| v_validateCombinedCarReturnCity function| v_validateCombinedCarDate function| v_validateDriverSelected function| v_validateCVC function| validatePaymentType function| v_validateCreditCard function| v_paxFirstName function| v_paxLastName function| v_paxGender function| v_paxFirstNames function| v_paxLastNames function| v_birthDay function| v_expiryDate function| v_travellerSelected function| v_validateTravellerNamesConfirmation function| showRebookingPopup boolean| d_debug_local number| d_debug_level_local function| ValidationEntry object| VALIDATION_REGISTRY function| ValidationError function| ValidationErrors function| validateIBEForm object| IBESorter function| IBETag function| ensureIsIbeTag function| ensureIsIbeTagList function| IBEParserContainer function| IBEParser object| IBEUtil object| IBEWebComponentManager function| createDynamicIBEWebComponentView function| IBEWebComponentView function| IBEIteratorContainer function| IBEWebComponent function| IBEWebComponentList function| createWebComponentFromHtml function| IPane function| ListPane function| asyncRequestWrapper object| AjaxPageGetter object| AjaxPagePoster object| AjaxJsonObjectRequest object| AjaxFormSubmitter object| AjaxRegisterUserFromForm object| AjaxLogoutUser object| AjaxForgotPassword object| AjaxChangePassword object| AjaxChangePasswordForm object| AjaxChangeEmailForm object| AjaxCheckEmail object| AjaxVerifyEmail object| AjaxVerifyNewEmail object| AjaxCheckIsPasswordCorrect object| AjaxStoreTraveller object| AjaxDeleteTraveller function| evaluateAllChildrenScripts object| AjaxUrlGetRequest object| AjaxUrlPostRequest function| prepareAsync function| getCityCodeSetter function| getCityCodeRemover function| clearCitySearchField function| checkCitySearchField function| showChildAges function| setReturnDateDisplay function| isOnewaySearch undefined| SelectTrip function| Class object| BOOMR_mq string| BOOMR_API_key object| BOOMR number| BOOMR_onload function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression

10 Cookies

Domain/Path Name / Value
.sendinblue.com/ Name: __cf_bm
Value: 22Yf1MZEZ.PLvSFtX.HtWFxR.y3zlDMLAC.QrcUJUfU-1680070435-0-AZH25jbOAnzXiBXKkXNmgs5kPe0IcQmriRamdBJRnGyNC4OQBEHj3Oi0SF0AYGlb6PGW9ChmX/QB7plbjQDAowI=
sibautomation.com/ Name: uuid
Value: bce2aedb-2b5b-466a-8e5a-22571360d346
flights-es.gotogate.com/ Name: JSESSIONID
Value: !M/11XQ+hSE99NxKBkekGEXM+f9T7Xb+WzYRxqYCWWUKUTBl2H7j00QTSWxLpnu4bvZ+NWoExkGk2+n9O6Hm+aU/xGQBTFt5a5CFREnAS18XB3gtlnw==
flights-es.gotogate.com/ Name: ibe.s
Value: FT5AG82N-o0ndwx
flights-es.gotogate.com/ Name: ibe.sc
Value: ES
flights-es.gotogate.com/ Name: ibe.ccid
Value: 27ff1a16-cc36-4365-b295-f7b1bb8059ca
flights-es.gotogate.com/ Name: f5avraaaaaaaaaaaaaaaa_session_
Value: HACJFIOGDDNEHDMDAOIJMJCNOGEOPLODLNPIPICHFENIFGILAEENFNKACAEKFDAGEFEDGCMJIGOIDBMDJAGAGBDENNAAHMLCHPPGHCNNGKFMANDHGOBMMMMOMBJBFJPL
flights-es.gotogate.com/ Name: TS01f21d64
Value: 013505d875ddfe2d51024db93dd775a0c2ecb1ce76eaf8ad3dbdb0688ae816d6c46d1be5848aeb56a8d231c5c41261bbbc2288f6aaa02602460009ebf21223b6af6666e3c5cde3257199916d33cbbf752a8ddd2848cc8d2d8faa49da026d1d7a1a33bd8dba137536a1d765aef985247d82426a96b8c12742b0b1a90087011f3116430208a4cba3c2e34067ba3e131eb3b7960a0d87
flights-es.gotogate.com/ Name: TSdeed4303027
Value: 0840c87d4fab20000180305859f51f210132311438683872c84610fddef048199971555359631e08084e578a97113000e46ef5ff631c8428b29898b8e6db9da84c36884bd1a73902d778622914783a9b966276a80318dbb6867d4f2eb7c4df58
flights-es.gotogate.com/ Name: f5avr0071070785aaaaaaaaaaaaaaaa_cspm_
Value: DKNKGAOGHHNOPNNCBCPGMGCNKKAKDDNDNFBEBNDHEENIFGILEANNKFKACACLFDAGEFECGCMJCHNMMJPHJAGAGBDEALCGDBJEHMLDOBLNGKFMANDJFCCLOKIOMBJBFJCJ

5 Console Messages

Source Level URL
Text
network error URL: https://www.sendinblue.com/404/
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://s.go-mpulse.net/boomerang/GCXY6-3RJQ7-YTF3A-HE9SJ-22NXG(Line 9)
Message:
[Report Only] Refused to connect to 'https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p56way4nk' because it violates the following Content Security Policy directive: "connect-src 'self' https://*.intentmedia.net https://*.etraveligroup.net https://*.doubleclick.net https://*.adform.net https://www.google-analytics.com https://widgets.hotels.com https://bat.bing.com https://etgrs2.com https://*.akstat.io https://*.go-mpulse.net".
security error URL: https://s.go-mpulse.net/boomerang/GCXY6-3RJQ7-YTF3A-HE9SJ-22NXG(Line 9)
Message:
[Report Only] Refused to connect to 'https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p56way4nk' because it violates the following Content Security Policy directive: "connect-src 'self' https://*.intentmedia.net https://*.etraveligroup.net https://*.doubleclick.net https://*.adform.net https://www.google-analytics.com https://widgets.hotels.com https://bat.bing.com https://etgrs2.com https://*.akstat.io https://*.go-mpulse.net".
security error URL: https://flights-es.gotogate.com/customer.options.action?optionUuid=c7efc6a7-fe5b-499e-8625-26b3f65d4b7e
Message:
[Report Only] Refused to connect to 'https://wiqzbmqccn7m6zbd24sa-p56way-01e9f87af-clientnsv4-s.akamaihd.net/eum/results.txt' because it violates the following Content Security Policy directive: "connect-src 'self' https://*.intentmedia.net https://*.etraveligroup.net https://*.doubleclick.net https://*.adform.net https://www.google-analytics.com https://widgets.hotels.com https://bat.bing.com https://etgrs2.com https://*.akstat.io https://*.go-mpulse.net".
security error URL: https://flights-es.gotogate.com/customer.options.action?optionUuid=c7efc6a7-fe5b-499e-8625-26b3f65d4b7e
Message:
[Report Only] Refused to connect to 'https://eaauduaabu3e2kqce3ydkaaaczschvze-p56way-5ee583c16-clienttons-s.akamaihd.net/eum/results.txt' because it violates the following Content Security Policy directive: "connect-src 'self' https://*.intentmedia.net https://*.etraveligroup.net https://*.doubleclick.net https://*.adform.net https://www.google-analytics.com https://widgets.hotels.com https://bat.bing.com https://etgrs2.com https://*.akstat.io https://*.go-mpulse.net".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

173bf10f.akstat.io
c.go-mpulse.net
eaauduaabu3e2kqce3ydkaaaczschvze-p56way-5ee583c16-clienttons-s.akamaihd.net
flights-es.gotogate.com
fonts.googleapis.com
fonts.gstatic.com
in-automate.sendinblue.com
r.sib.etraveligroup.com
s.go-mpulse.net
sibautomation.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
wiqzbmqccn7m6zbd24sa-p56way-01e9f87af-clientnsv4-s.akamaihd.net
www.sendinblue.com
1.179.112.196
2.19.126.207
2606:4700::6810:ff60
2606:4700::6811:8560
2606:4700::6812:1f68
2a00:1450:4001:811::2003
2a00:1450:4001:827::200a
2a02:26f0:3500:16::215:149b
2a02:26f0:3500:89b::43e4
2a02:26f0:3500:981::11a6
2a02:26f0:ab00:39b::11a6
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
29c83f7b583b9ea4c6fa80644185fc4fd9365196b9469964495ff05cbb00fe98
494da4b2b2a23122cff3c9392e4c9deba64d0fa42df72013d3e27f7cceac6bc5
4f509aa56d0339bfc02665b4c5b3dde8563f346a63e5a4db21832b049fdd01e2
55947a5282181affdee2c4bd2aa7d1fa27758590e02e4b55be2b316a29229f27
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
bdedae9c0dd5a5c702feb78682fa8850396129bb13a9e6db46999b90c7ab6fa2
c7902177026e7073d58698fee9dcfb99950ae96761f9ff7033d3216e66162e33
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1b72337704e49a19683d5c8cff87ccc6a7188e9d18df55a31e77e82aba19ba3
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615