link.travel.easyjet.com Open in urlscan Pro
217.175.192.46 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://link.travel.easyjet.com/u/gm.php?prm=AAE0Xut45e_798153599_31907_1758511&_esuh=_11_67400b654c1802b3468676389114a3994bd3d1...
Submission: On April 29 via api (April 29th 2023, 6:11:10 pm UTC) from CH — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 17 HTTP transactions. The main IP is 217.175.192.46, located in Austria and belongs to NEXTLAYER-AS, AT. The main domain is link.travel.easyjet.com.

This is the only time link.travel.easyjet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	217.175.192.46 217.175.192.46	1764 (NEXTLAYER-AS) (NEXTLAYER-AS)
1 2	3.12.52.224 3.12.52.224	16509 (AMAZON-02) (AMAZON-02)
5	151.101.2.202 151.101.2.202	54113 (FASTLY) (FASTLY)
1	108.138.7.58 108.138.7.58	16509 (AMAZON-02) (AMAZON-02)
2	23.36.239.22 23.36.239.22	16625 (AKAMAI-AS) (AKAMAI-AS)
17	5

8 217.175.192.46 (Austria)

ASN1764 (NEXTLAYER-AS, AT)

link.travel.easyjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
link.info.easyjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.12.52.224 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-52-224.us-east-2.compute.amazonaws.com

em.realtime.email	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.2.202 (United States)

ASN54113 (FASTLY, US)

cdn.brandfolder.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-58.fra56.r.cloudfront.net

di6c32rekpj5q.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.239.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-239-22.deploy.static.akamaitechnologies.com

www.easyjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	easyjet.com link.travel.easyjet.com link.info.easyjet.com — Cisco Umbrella Rank: 204983 www.easyjet.com — Cisco Umbrella Rank: 41041	575 KB
5	brandfolder.io cdn.brandfolder.io — Cisco Umbrella Rank: 64834	27 KB
2	realtime.email 1 redirects em.realtime.email — Cisco Umbrella Rank: 32414	554 B
1	cloudfront.net di6c32rekpj5q.cloudfront.net	169 KB
17	4

	Domain	Requested by
6	link.travel.easyjet.com	link.travel.easyjet.com
5	cdn.brandfolder.io	link.travel.easyjet.com
2	www.easyjet.com	link.travel.easyjet.com
2	link.info.easyjet.com	link.travel.easyjet.com
2	em.realtime.email	1 redirects link.travel.easyjet.com
1	di6c32rekpj5q.cloudfront.net	link.travel.easyjet.com
17	6

This site contains no links.

Subject Issuer	Validity	Valid
*.realtime.email Thawte RSA CA 2018	`2022-05-03` - `2023-06-03`	a year	crt.sh
cdn.brandfolder.io GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-27` - `2023-10-29`	a year	crt.sh
www.easyjet.com Sectigo ECC Organization Validation Secure Server CA	`2023-04-06` - `2024-04-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://link.travel.easyjet.com/u/gm.php?prm=AAE0Xut45e_798153599_31907_1758511&_esuh=_11_67400b654c1802b3468676389114a3994bd3d145300d38d9c70fb247cdee0543
Frame ID: 1F7E60700216529B35B04DA59053535F
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

EasyJet

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

17
Requests

47 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

772 kB
Transfer

804 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://em.realtime.email/service/rte?kind=rteslideshow&id=1670788595&esp_uid=80151178&dim1=$lookup(FooterEJLinkLocale)$&dim2=$lookup(FlightDetails)$&dim3=$lookup(COUNTRY_ISO2)$&dim4=$lookup(LANGUAGE_ISO2)$&dim5=$lookup(Language_Code)$&dim6=$lookup(Country_Code)$&dim7=179043305&dim8=31907 HTTP 302
https://di6c32rekpj5q.cloudfront.net/6873/rteslideshow-6f795a574101.gif

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request gm.php Show response
link.travel.easyjet.com/u/ 47 KB
9 KB 2272ms
2216ms Document
text/html 217.175.192.46
NEXTLAYER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://link.travel.easyjet.com/u/gm.php?prm=AAE0Xut45e_798153599_31907_1758511&_esuh=_11_67400b654c1802b3468676389114a3994bd3d145300d38d9c70fb247cdee0543

Protocol

HTTP/1.1

Server

217.175.192.46 , Austria, ASN1764 (NEXTLAYER-AS, AT),

Reverse DNS

Software

nginx /

Resource Hash

aad1374a66ad7285c849903a32556d0528801983102412aa7d157d2095c8527e

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-popups allow-popups-to-escape-sandbox;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 8388
content-security-policy: sandbox allow-popups allow-popups-to-escape-sandbox;
content-type: text/html; charset=utf-8
date: Sat, 29 Apr 2023 18:11:05 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-af: suite37-web01a
x-fe: suite37-web01a
x-hf: suite-haproxy01e

GET
H2 200 rte
em.realtime.email/service/ 42 B
240 B 406ms
127ms Image
image/gif 3.12.52.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://em.realtime.email/service/rte?kind=duration&account_id=6873&campaign_id=1231522271&esp_uid=$lookup(CUSTOMER_ID_)$

Requested by

Host: link.travel.easyjet.com
URL: http://link.travel.easyjet.com/u/gm.php?prm=AAE0Xut45e_798153599_31907_1758511&_esuh=_11_67400b654c1802b3468676389114a3994bd3d145300d38d9c70fb247cdee0543

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.12.52.224 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-12-52-224.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Apr 2023 18:11:05 GMT
cache-control: no-cache max-age=0
x-content-type-options: nosniff
marigold-trace-id: Root=1-644d5db9-7d5d6b3101dca59a4267b394
marigold-span-id: 8f2b24a515e3aa6a6c7e
content-type: image/gif

GET
H2 200 logo_v3_002.png
cdn.brandfolder.io/1RA100JR/at/bmcrxmms9vqkmbpckjjb4k57/ 17 KB
17 KB 153ms
41ms Image
image/png 151.101.2.202
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.brandfolder.io/1RA100JR/at/bmcrxmms9vqkmbpckjjb4k57/logo_v3_002.png

Requested by

Host: link.travel.easyjet.com
URL: http://link.travel.easyjet.com/u/gm.php?prm=AAE0Xut45e_798153599_31907_1758511&_esuh=_11_67400b654c1802b3468676389114a3994bd3d145300d38d9c70fb247cdee0543

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1ab2eb0f95f545dfb6ca67b38677e0d888fac5178d1dbb1a332f92e3b3749cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 18:11:05 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 1491617
x-serve-mechanism: original
x-guploader-uploadid: ADPycdsPZ1PZPGXFq8WlmzyTU1JNZtAnwm3MqEv-dLXb_ASWenr3piK_r-qdnRhdS4M9gpyCs7EJV4rn2E7km-oRz2ybZw
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline
content-length: 17495
x-served-by: cache-iad-kcgs7200096-IAD, cache-fra-etou8220073-FRA
last-modified: Mon, 13 Dec 2021 09:17:35 GMT
server: UploadServer
x-timer: S1682791866.693919,VS0,VE1
etag: "2ba012975689d451bfc46a12d8539962"
vary: Origin
x-goog-hash: crc32c=15KzxA==, md5=K6ASl1aJ1FG/xGoS2FOZYg==
x-goog-generation: 1639387055744955
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300, public
x-goog-stored-content-length: 17495
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 40

GET
H/1.1 200
OK trans.gif
link.info.easyjet.com/img/ 43 B
321 B 430ms
47ms Image
image/gif 217.175.192.46
NEXTLAYER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://link.info.easyjet.com/img/trans.gif
Requested by: Host: link.travel.easyjet.com
URL: http://link.travel.easyjet.com/u/gm.php?prm=AAE0Xut45e_798153599_31907_1758511&_esuh=_11_67400b654c1802b3468676389114a3994bd3d145300d38d9c70fb247cdee0543
Protocol: HTTP/1.1
Server: 217.175.192.46 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 18:11:05 GMT
last-modified: Fri, 28 Apr 2023 13:02:48 GMT
server: nginx
x-af: suite37-web01c
etag: "2b-5fa6516feee00"
content-type: image/gif
x-hf: suite-haproxy01d
x-fe: suite37-web01c
accept-ranges: bytes
content-length: 43

GET
H2

200

rteslideshow-6f795a574101.gif
di6c32rekpj5q.cloudfront.net/6873/
Redirect Chain

https://em.realtime.email/service/rte?kind=rteslideshow&id=1670788595&esp_uid=80151178&dim1=$lookup(FooterEJLinkLocale)$&dim2=$lookup(FlightDetails)$&dim3=$lookup(COUNTRY_ISO2)$&dim4=$lookup(LANGUA...
https://di6c32rekpj5q.cloudfront.net/6873/rteslideshow-6f795a574101.gif

168 KB
169 KB

209ms
48ms

Image
image/gif

108.138.7.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://di6c32rekpj5q.cloudfront.net/6873/rteslideshow-6f795a574101.gif
Requested by: Host: link.travel.easyjet.com
URL: http://link.travel.easyjet.com/u/gm.php?prm=AAE0Xut45e_798153599_31907_1758511&_esuh=_11_67400b654c1802b3468676389114a3994bd3d145300d38d9c70fb247cdee0543
Protocol: H2
Server: 108.138.7.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1bc016efbef5efa799b4a1cafd7c6f63a6558b7fbe34d211f5728921454dd8b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:00:07 GMT
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Wed, 28 Jun 2023 00:00:00 GMT", rule-id="Autodelete > 60"
last-modified: Fri, 28 Apr 2023 13:30:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 4271
x-amz-server-side-encryption: AES256
etag: "2b351827f169fa5999d7eae6781f5e10"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 172334
x-amz-cf-id: wVQERUuCTTJ9wYCSKH90j8VaG1MhcjILozhgsftDmUbbxJ0fYcezFA==

Redirect headers

location: https://di6c32rekpj5q.cloudfront.net/6873/rteslideshow-6f795a574101.gif
pragma: no-cache
date: Sat, 29 Apr 2023 18:11:05 GMT
cache-control: no-cache
x-content-type-options: nosniff
marigold-trace-id: Root=1-644d5db9-6391142f4a37330b4e09d80f
marigold-span-id: a414fad3c67029b0578f

GET
H/1.1 200
OK md_4778.jpg
link.travel.easyjet.com/custloads/798153599/ 135 KB
135 KB 49ms
48ms Image
image/jpeg 217.175.192.46
NEXTLAYER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://link.travel.easyjet.com/custloads/798153599/md_4778.jpg
Requested by: Host: link.travel.easyjet.com
URL: http://link.travel.easyjet.com/u/gm.php?prm=AAE0Xut45e_798153599_31907_1758511&_esuh=_11_67400b654c1802b3468676389114a3994bd3d145300d38d9c70fb247cdee0543
Protocol: HTTP/1.1
Server: 217.175.192.46 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software: nginx /
Resource Hash: 1faaee2295edc7c4521e94e3c2a897b00dafd8948a63f6f6d8db61429c4de891

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 18:11:05 GMT
last-modified: Wed, 26 Apr 2023 11:56:14 GMT
server: nginx
etag: "6449115e-21c94"
content-type: image/jpeg
x-hf: suite-haproxy01e
x-fe: suite37-web01c
accept-ranges: bytes
content-length: 138388

GET
H/1.1 200
OK md_4777.jpg
link.travel.easyjet.com/custloads/798153599/ 133 KB
134 KB 96ms
47ms Image
image/jpeg 217.175.192.46
NEXTLAYER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://link.travel.easyjet.com/custloads/798153599/md_4777.jpg
Requested by: Host: link.travel.easyjet.com
URL: http://link.travel.easyjet.com/u/gm.php?prm=AAE0Xut45e_798153599_31907_1758511&_esuh=_11_67400b654c1802b3468676389114a3994bd3d145300d38d9c70fb247cdee0543
Protocol: HTTP/1.1
Server: 217.175.192.46 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software: nginx /
Resource Hash: cf47f50f1fe8dc0728e8e7c7f1eb72cf3b69e1f529e50484b2731625b9e8125a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 18:11:05 GMT
last-modified: Wed, 26 Apr 2023 11:56:13 GMT
server: nginx
etag: "6449115d-2157b"
content-type: image/jpeg
x-hf: suite-haproxy01e
x-fe: suite37-web01a
accept-ranges: bytes
content-length: 136571

GET
H/1.1 200
OK md_4776.jpg
link.travel.easyjet.com/custloads/798153599/ 51 KB
52 KB 104ms
53ms Image
image/jpeg 217.175.192.46
NEXTLAYER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://link.travel.easyjet.com/custloads/798153599/md_4776.jpg
Requested by: Host: link.travel.easyjet.com
URL: http://link.travel.easyjet.com/u/gm.php?prm=AAE0Xut45e_798153599_31907_1758511&_esuh=_11_67400b654c1802b3468676389114a3994bd3d145300d38d9c70fb247cdee0543
Protocol: HTTP/1.1
Server: 217.175.192.46 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software: nginx /
Resource Hash: 9c4057508b1c949566accb222fa6dfc26658047209d6ebc74c8f4631dba366ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 18:11:05 GMT
last-modified: Wed, 26 Apr 2023 11:56:13 GMT
server: nginx
etag: "6449115d-cd4e"
content-type: image/jpeg
x-hf: suite-haproxy01a
x-fe: suite37-web01b
accept-ranges: bytes
content-length: 52558

GET
H/1.1 200
OK md_4780.jpg
link.travel.easyjet.com/custloads/798153599/ 130 KB
130 KB 104ms
52ms Image
image/jpeg 217.175.192.46
NEXTLAYER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://link.travel.easyjet.com/custloads/798153599/md_4780.jpg
Requested by: Host: link.travel.easyjet.com
URL: http://link.travel.easyjet.com/u/gm.php?prm=AAE0Xut45e_798153599_31907_1758511&_esuh=_11_67400b654c1802b3468676389114a3994bd3d145300d38d9c70fb247cdee0543
Protocol: HTTP/1.1
Server: 217.175.192.46 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software: nginx /
Resource Hash: 9c4d3e50aa088bfb0add7424feceed46988a0bdc8e941e3e8fadd9207313b5bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 18:11:05 GMT
last-modified: Wed, 26 Apr 2023 11:56:15 GMT
server: nginx
etag: "6449115f-20838"
content-type: image/jpeg
x-hf: suite-haproxy01f
x-fe: suite37-web01c
accept-ranges: bytes
content-length: 133176

GET
H2 200 md_2856.png
cdn.brandfolder.io/1RA100JR/at/qg29fmsm7wv4rcxn5scgwg64/ 2 KB
3 KB 136ms
40ms Image
image/png 151.101.2.202
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.brandfolder.io/1RA100JR/at/qg29fmsm7wv4rcxn5scgwg64/md_2856.png

Requested by

Host: link.travel.easyjet.com
URL: http://link.travel.easyjet.com/u/gm.php?prm=AAE0Xut45e_798153599_31907_1758511&_esuh=_11_67400b654c1802b3468676389114a3994bd3d145300d38d9c70fb247cdee0543

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6ac2a4e1446789064b0ac89e5652ca88bbd410c28fa0098633a53040f9581503

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 18:11:05 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 271709
x-serve-mechanism: original
x-guploader-uploadid: ADPycduZF2wq3qrNcABXkEscb6Vqj9pHf3XfkFqIlvBCpusc3zn4hCOBCnJ7SjxQLyXVLx4g7vvffjK_r5GmuUQ58n06eQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline
content-length: 2043
x-served-by: cache-iad-kiad7000056-IAD, cache-fra-etou8220073-FRA
last-modified: Mon, 13 Dec 2021 13:16:33 GMT
server: UploadServer
x-timer: S1682791866.693893,VS0,VE1
etag: "cc3acbbaf4c2432d00f7b5abf967a274"
vary: Origin
x-goog-hash: crc32c=ziTqJA==, md5=zDrLuvTCQy0A97Wr+WeidA==
x-goog-generation: 1639401393039054
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300, public
x-goog-stored-content-length: 2043
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 37

GET
H2 200 DL6023-Email_social_media_icon-Facebook_Grey.png
cdn.brandfolder.io/1RA100JR/at/2b3bnk57jh8hbwjgzspgb5f/ 2 KB
2 KB 146ms
50ms Image
image/png 151.101.2.202
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.brandfolder.io/1RA100JR/at/2b3bnk57jh8hbwjgzspgb5f/DL6023-Email_social_media_icon-Facebook_Grey.png

Requested by

Host: link.travel.easyjet.com
URL: http://link.travel.easyjet.com/u/gm.php?prm=AAE0Xut45e_798153599_31907_1758511&_esuh=_11_67400b654c1802b3468676389114a3994bd3d145300d38d9c70fb247cdee0543

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1651a7eabd95093a92345194c5179315987f1869fa1db010057e4cc5747c5dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 18:11:05 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 1580378
x-serve-mechanism: original
x-guploader-uploadid: ADPycdthh2T_hqb9oNpGOBODaxvwNbByR3sJDbseUGwIxJYF5UXy4ifR6mi7s15c0c9zZCSwhPSsBMgHj2JP7HIDnK1PgG_hO4m3
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline
content-length: 1688
x-served-by: cache-iad-kcgs7200074-IAD, cache-fra-etou8220073-FRA
last-modified: Wed, 17 Nov 2021 11:25:52 GMT
server: UploadServer
x-timer: S1682791866.694661,VS0,VE1
etag: "4f6b0f5e299e55824458281935ee81f7"
vary: Origin
x-goog-hash: crc32c=ZrrBaw==, md5=T2sPXimeVYJEWCgZNe6B9w==
x-goog-generation: 1637148352613422
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300, public
x-goog-stored-content-length: 1688
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 97

GET
H2 200 DL6023-Email_social_media_icon-instragram_Grey.png
cdn.brandfolder.io/1RA100JR/at/cprrkt3p3zfm6nspfb9shmq/ 2 KB
3 KB 40ms
40ms Image
image/png 151.101.2.202
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.brandfolder.io/1RA100JR/at/cprrkt3p3zfm6nspfb9shmq/DL6023-Email_social_media_icon-instragram_Grey.png

Requested by

Host: link.travel.easyjet.com
URL: http://link.travel.easyjet.com/u/gm.php?prm=AAE0Xut45e_798153599_31907_1758511&_esuh=_11_67400b654c1802b3468676389114a3994bd3d145300d38d9c70fb247cdee0543

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1c5a2622cba8a0d9c3d743981d7b2cb6747b7c59123df502a5120c224389dcd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 18:11:05 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 368874
x-serve-mechanism: original
x-guploader-uploadid: ADPycduTs4ZU3Tb8w6DjoPKKwEtH3Ihj5M-kopX8vOZfBaXGdJNpnZhmWzruzdeQFxoCrgkIEd5LSaYyOWtqrfXHpz7_AQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline
content-length: 2431
x-served-by: cache-iad-kiad7000174-IAD, cache-fra-etou8220073-FRA
last-modified: Wed, 17 Nov 2021 11:25:54 GMT
server: UploadServer
x-timer: S1682791866.735158,VS0,VE0
etag: "117b803167aedb4751f0c78d0cb6afc5"
vary: Origin
x-goog-hash: crc32c=xTgQ5w==, md5=EXuAMWeu20dR8MeNDLavxQ==
x-goog-generation: 1637148354262549
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300, public
x-goog-stored-content-length: 2431
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 100

GET
H2 200 DL6023-Email_social_media_icon-Twitter_Grey.png
cdn.brandfolder.io/1RA100JR/at/b3ccwcr4cg9h7fn7w3sjnt7/ 2 KB
2 KB 40ms
40ms Image
image/png 151.101.2.202
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.brandfolder.io/1RA100JR/at/b3ccwcr4cg9h7fn7w3sjnt7/DL6023-Email_social_media_icon-Twitter_Grey.png

Requested by

Host: link.travel.easyjet.com
URL: http://link.travel.easyjet.com/u/gm.php?prm=AAE0Xut45e_798153599_31907_1758511&_esuh=_11_67400b654c1802b3468676389114a3994bd3d145300d38d9c70fb247cdee0543

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ddc8cf9cc2cef23927f759426a73b734ee347514de701b2eb51bfedf4a14acbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 18:11:05 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 967404
x-serve-mechanism: original
x-guploader-uploadid: ADPycduriWyUNwLJi8Agm7qrSc5MqpiEwkkwXcEv0BxVbZXgYCTA571NzTHy09dge1BXFgHwBX8HPqNENW1ygc1AEbTgOg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline
content-length: 1984
x-served-by: cache-iad-kcgs7200116-IAD, cache-fra-etou8220073-FRA
last-modified: Wed, 17 Nov 2021 11:26:00 GMT
server: UploadServer
x-timer: S1682791866.735348,VS0,VE0
etag: "cfe77493c5023d2c33b085b05273c4ec"
vary: Origin
x-goog-hash: crc32c=y7Dsbw==, md5=z+d0k8UCPSwzsIWwUnPE7A==
x-goog-generation: 1637148360828550
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300, public
x-goog-stored-content-length: 1984
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 2, 37

GET
H/1.1 200
OK md_350.png
link.info.easyjet.com/custloads/798227641/ 37 KB
37 KB 292ms
48ms Image
image/png 217.175.192.46
NEXTLAYER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://link.info.easyjet.com/custloads/798227641/md_350.png
Requested by: Host: link.travel.easyjet.com
URL: http://link.travel.easyjet.com/u/gm.php?prm=AAE0Xut45e_798153599_31907_1758511&_esuh=_11_67400b654c1802b3468676389114a3994bd3d145300d38d9c70fb247cdee0543
Protocol: HTTP/1.1
Server: 217.175.192.46 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software: nginx /
Resource Hash: 0edf05d830c139494ba8d96e236fa4d1272482fd5380e359da3793e01d93ec95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 18:11:05 GMT
last-modified: Tue, 04 Feb 2020 16:12:04 GMT
server: nginx
etag: "5e3997d4-9203"
content-type: image/png
x-hf: suite-haproxy01c
x-fe: suite37-web01b
accept-ranges: bytes
content-length: 37379

GET
H/1.1 200
OK AAE0Xut45e_798153599_31907_1758511_30183.gif
link.travel.easyjet.com/mo/ 43 B
245 B 106ms
55ms Image
image/gif 217.175.192.46
NEXTLAYER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://link.travel.easyjet.com/mo/AAE0Xut45e_798153599_31907_1758511_30183.gif
Requested by: Host: link.travel.easyjet.com
URL: http://link.travel.easyjet.com/u/gm.php?prm=AAE0Xut45e_798153599_31907_1758511&_esuh=_11_67400b654c1802b3468676389114a3994bd3d145300d38d9c70fb247cdee0543
Protocol: HTTP/1.1
Server: 217.175.192.46 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 18:11:05 GMT
x-hf: suite-haproxy01b
last-modified: Fri, 25 Nov 2022 21:18:25 GMT
server: nginx
x-fe: openfe04
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK easyjet_rounded_book-webfont.woff
www.easyjet.com/ejcms/cache/fonts/ 37 KB
38 KB 207ms
56ms Font
application/font-woff 23.36.239.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.easyjet.com/ejcms/cache/fonts/easyjet_rounded_book-webfont.woff

Requested by

Host: link.travel.easyjet.com
URL: http://link.travel.easyjet.com/u/gm.php?prm=AAE0Xut45e_798153599_31907_1758511&_esuh=_11_67400b654c1802b3468676389114a3994bd3d145300d38d9c70fb247cdee0543

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.239.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-239-22.deploy.static.akamaitechnologies.com

Software

Resource Hash

23fefced81f8ba25c8bf60d2cbfd47d9907850fb656b3ac683a8fcfbf9e78abb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-eJV: 0ad5fea73e9
Strict-Transport-Security: max-age=15552000
Date: Sat, 29 Apr 2023 18:11:05 GMT
Last-Modified: Mon, 17 Apr 2023 09:42:02 GMT
ETag: "0d1aedc1071d91:0"
pod: dub-sc2-blue
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38256

GET
H/1.1 200
OK easyjet_rounded_demi-webfont.woff
www.easyjet.com/ejcms/cache/fonts/ 40 KB
40 KB 212ms
62ms Font
application/font-woff 23.36.239.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.easyjet.com/ejcms/cache/fonts/easyjet_rounded_demi-webfont.woff

Requested by

Host: link.travel.easyjet.com
URL: http://link.travel.easyjet.com/u/gm.php?prm=AAE0Xut45e_798153599_31907_1758511&_esuh=_11_67400b654c1802b3468676389114a3994bd3d145300d38d9c70fb247cdee0543

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.239.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-239-22.deploy.static.akamaitechnologies.com

Software

Resource Hash

c0a4378e914469645e4d4b135a9da85dd5fa11c20e89ac72494ef7b0c1857d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-eJV: 2ad5fea73e9
Strict-Transport-Security: max-age=15552000
Date: Sat, 29 Apr 2023 18:11:05 GMT
Last-Modified: Mon, 17 Apr 2023 09:42:02 GMT
ETag: "0d1aedc1071d91:0"
pod: dub-sc1-blue
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40900

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			em.realtime.email/	1970-01-20 11:26:32	Name: LCVI Value: YWYiiQTGPC5XfpNUkEucR3cQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	sandbox allow-popups allow-popups-to-escape-sandbox;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.brandfolder.io
di6c32rekpj5q.cloudfront.net
em.realtime.email
link.info.easyjet.com
link.travel.easyjet.com
www.easyjet.com
108.138.7.58
151.101.2.202
217.175.192.46
23.36.239.22
3.12.52.224
0edf05d830c139494ba8d96e236fa4d1272482fd5380e359da3793e01d93ec95
1651a7eabd95093a92345194c5179315987f1869fa1db010057e4cc5747c5dff
1ab2eb0f95f545dfb6ca67b38677e0d888fac5178d1dbb1a332f92e3b3749cd3
1bc016efbef5efa799b4a1cafd7c6f63a6558b7fbe34d211f5728921454dd8b9
1c5a2622cba8a0d9c3d743981d7b2cb6747b7c59123df502a5120c224389dcd6
1faaee2295edc7c4521e94e3c2a897b00dafd8948a63f6f6d8db61429c4de891
23fefced81f8ba25c8bf60d2cbfd47d9907850fb656b3ac683a8fcfbf9e78abb
6ac2a4e1446789064b0ac89e5652ca88bbd410c28fa0098633a53040f9581503
9c4057508b1c949566accb222fa6dfc26658047209d6ebc74c8f4631dba366ac
9c4d3e50aa088bfb0add7424feceed46988a0bdc8e941e3e8fadd9207313b5bd
aad1374a66ad7285c849903a32556d0528801983102412aa7d157d2095c8527e
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
c0a4378e914469645e4d4b135a9da85dd5fa11c20e89ac72494ef7b0c1857d00
cf47f50f1fe8dc0728e8e7c7f1eb72cf3b69e1f529e50484b2731625b9e8125a
ddc8cf9cc2cef23927f759426a73b734ee347514de701b2eb51bfedf4a14acbe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

link.travel.easyjet.com Open in urlscan Pro 217.175.192.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

47 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

5 IPs

3 Countries

772 kBTransfer

804 kBSize

1 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

link.travel.easyjet.com Open in urlscan Pro
217.175.192.46 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

47 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

772 kB
Transfer

804 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions