urlscan.io logo urlscan.io
SecurityTrails logo

www.airasiabig.com Open in urlscan Pro
47.246.43.223  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.airasiabig.com/
Effective URL: https://www.airasiabig.com/
Submission: On October 01 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 3 domains to perform 11 HTTP transactions. The main IP is 47.246.43.223, located in Frankfurt am Main, Germany and belongs to TAOBAO Zhejiang Taobao Network Co.,Ltd, CN. The main domain is www.airasiabig.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 23rd 2021. Valid for: a year.
This is the only time www.airasiabig.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 47.246.43.223 24429 (TAOBAO Zh...)
4 47.246.43.177 24429 (TAOBAO Zh...)
1 2a00:1450:400... 15169 (GOOGLE)
3 47.88.146.98 45102 (CNNIC-ALI...)
1 2600:9000:218... 16509 (AMAZON-02)
11 6
2    47.246.43.223 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
www.airasiabig.com
4    47.246.43.177 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
sso-widget.airasia.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    47.88.146.98 (Singapore, Singapore)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
ssor.airasia.com
1    2600:9000:2182:3000:9:5a36:6580:93a1 (United States)

ASN16509 (AMAZON-02, US)
sitestatic.airasiabig.com
Domain Requested by
4 sso-widget.airasia.com www.airasiabig.com
sso-widget.airasia.com
3 ssor.airasia.com sso-widget.airasia.com
2 www.airasiabig.com 1 redirects www.airasiabig.com
1 sitestatic.airasiabig.com www.airasiabig.com
1 fonts.googleapis.com www.airasiabig.com
11 5

This site contains no links.

Subject Issuer Validity Valid
*.airasiabig.com
Go Daddy Secure Certificate Authority - G2		 2021-09-23 -
2022-10-25		 a year crt.sh
sso-widget.airasia.com
GlobalSign RSA OV SSL CA 2018		 2020-10-09 -
2021-11-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
ssor.airasia.com
GlobalSign RSA OV SSL CA 2018		 2021-06-16 -
2022-07-18		 a year crt.sh

This page contains 2 frames:

Frame: https://www.airasiabig.com/ot/en
Frame ID: 7D3D99D1C47BD8C5F8BC5D3C890A959B
Requests: 8 HTTP requests in this frame

Frame: https://sso-widget.airasia.com/hub/index.html?origin=https://www.airasiabig.com
Frame ID: 3C73FC584BF52BECF0E1720620A6556F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AirAsia BIG

Page URL History Show full URLs

  1. http://www.airasiabig.com/ HTTP 301
    https://www.airasiabig.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

91 %
HTTPS

40 %
IPv6

3
Domains

5
Subdomains

6
IPs

3
Countries

104 kB
Transfer

448 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.airasiabig.com/ HTTP 301
    https://www.airasiabig.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.airasiabig.com/
Redirect Chain
  • http://www.airasiabig.com/
  • https://www.airasiabig.com/
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.airasiabig.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.43.223 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
f8c3e49d1cc86f95dde2ecb3ea45ce5a4ea1037c4d2d08a05687ba4e8d68c52a
Security Headers
Name Value
Strict-Transport-Security max-age=5184000 max-age=86400

Request headers

:method
GET
:authority
www.airasiabig.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
Tengine
content-type
text/html; charset=UTF-8
content-length
3717
strict-transport-security
max-age=5184000 max-age=86400
date
Fri, 01 Oct 2021 11:11:36 GMT
set-cookie
acw_tc=2ff62b9e16330866955311112e0621bced9994573e1c202ab83900df4d;path=/;HttpOnly;Max-Age=1800 october_session=eyJpdiI6Ik4zNnVEV3VWc1Y4cG1uWmt0b25pbXc9PSIsInZhbHVlIjoiMlMxYTlpYVdveEwrKzhXUnNrRXhDaVd5QVJibzlQaG80V3JnWXlUNnRrZ1FaeW03MFNPMkpqa1FST0VXV1NZbU1wbFBmcHd3ZFJvV1wvSjFQNlZiNnlRPT0iLCJtYWMiOiJiMGY4YWU0ZjZiOTRhMzYwYWUwMWE0NzM2ODUzYTIwMWMxYWFkMWEwMGJmMWJiNTNjNTllNWViNjdlM2RlMTQ5In0%3D; expires=Fri, 08-Oct-2021 11:11:36 GMT; Max-Age=604800; path=/; secure; HttpOnly
cache-control
no-cache
ali-swift-global-savetime
1633086696
via
cache25.l2ot7-1[585,585,200-0,M], cache34.l2ot7-1[586,0], cache11.de2[1251,1251,200-0,M], cache10.de2[1253,0]
x-cache
MISS TCP_MISS dirn:-2:-2
x-swift-savetime
Fri, 01 Oct 2021 11:11:36 GMT
x-swift-cachetime
0
timing-allow-origin
*
eagleid
2ff62b9e16330866955311112e

Redirect headers

Server
Tengine
Date
Fri, 01 Oct 2021 11:11:35 GMT
Content-Type
text/html
Content-Length
262
Connection
keep-alive
Location
https://www.airasiabig.com/
Via
cache6.de2[,0]
Timing-Allow-Origin
*
EagleId
2ff62b9a16330866955112011e
style.css.gz
sso-widget.airasia.com/ 		225 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso-widget.airasia.com/style.css.gz
Requested by
Host: www.airasiabig.com
URL: https://www.airasiabig.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.43.177 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
aa35cc6a5f5e3f955e8c0ac69c59a5386b00ce68f4d6134906b6c3c2ad1736e3
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.airasiabig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=rzresg==, md5=5W2cI8THjNQxZ1HQN726Aw==
strict-transport-security
max-age=5184000
content-encoding
gzip
etag
"e56d9c23c4c78cd4316751d037bdba03"
content-type
text/css
x-swift-cachetime
0
x-guploader-uploadid
ADPycdsnS7RL5zw61PdRWN-bjMB6wdFFu5w5bxLbc3j5khpXF_BEBbgSyij4B6dzFsr7ft5nzged9a6H1jX48XpdZNUCBCrQpw
x-cache
MISS TCP_MISS dirn:0:391435642
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-swift-savetime
Fri, 01 Oct 2021 11:11:37 GMT
alt-svc
clear
last-modified
Wed, 08 Sep 2021 09:21:52 GMT
server
Tengine
date
Fri, 01 Oct 2021 11:11:37 GMT
vary
Accept-Encoding
ali-swift-global-savetime
1633086697
x-goog-generation
1631092912053735
via
cache7.l2ot7-1[73,72,200-0,M], cache32.l2ot7-1[73,0], cache3.de2[225,225,200-0,M], cache1.de2[228,0]
cache-control
private, must-revalidate
x-goog-stored-content-length
38621
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b9516330866969348373e
expires
Sat, 01 Oct 2022 11:11:37 GMT
bundle.en-GB.js.gz
sso-widget.airasia.com/ 		205 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso-widget.airasia.com/bundle.en-GB.js.gz
Requested by
Host: www.airasiabig.com
URL: https://www.airasiabig.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.43.177 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
ee130b840d4e729c78d73632e36c09936305e5c112dd405dd5bf749e3502802c
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.airasiabig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=I6jiTg==, md5=6jHixDTQg4cFwgbb5upLvw==
strict-transport-security
max-age=5184000
content-encoding
gzip
etag
"ea31e2c434d0838705c206dbe6ea4bbf"
content-type
application/javascript
x-swift-cachetime
0
x-guploader-uploadid
ADPycdsRAfQfXiNSuRk9T4GTiNtLHsXh5E4NKGenOdymtgo0a4zZ8qx2AyaJWoNVXDPmXaB7TWjBNnI-OcEdW76MHLd0ol9nPA
x-cache
MISS TCP_MISS dirn:-2:-2
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-swift-savetime
Fri, 01 Oct 2021 11:11:37 GMT
alt-svc
clear
last-modified
Wed, 08 Sep 2021 09:21:51 GMT
server
Tengine
date
Fri, 01 Oct 2021 11:11:37 GMT
vary
Accept-Encoding
ali-swift-global-savetime
1633086697
x-goog-generation
1631092911902173
via
cache4.l2ot7-1[74,139,200-0,M], cache34.l2ot7-1[141,0], cache3.de2[914,914,200-0,M], cache1.de2[918,0]
cache-control
private, must-revalidate
x-goog-stored-content-length
51569
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b9516330866969348374e
expires
Sat, 01 Oct 2022 11:11:37 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500
Requested by
Host: www.airasiabig.com
URL: https://www.airasiabig.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.airasiabig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 09:56:47 GMT
server
ESF
date
Fri, 01 Oct 2021 11:11:36 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 01 Oct 2021 11:11:36 GMT
by-origin
ssor.airasia.com/config/v2/clients/ 		258 B
864 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssor.airasia.com/config/v2/clients/by-origin
Requested by
Host: sso-widget.airasia.com
URL: https://sso-widget.airasia.com/bundle.en-GB.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.88.146.98 Singapore, Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
d7e70263aabe4d4330fb33677f0aab875b1d0319b69e12edce31f1208289d551
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.airasia.com *.apiairasia.com; frame-ancestors 'none';
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.airasiabig.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 11:11:39 GMT
via
1.1 google
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
alt-svc
clear
content-length
258
x-xss-protection
1; mode=block
x-response-time
0.015s
pragma
no-cache
expires
0
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=86400
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.airasiabig.com
vary
Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
default-src 'self' *.airasia.com *.apiairasia.com; frame-ancestors 'none';
access-control-expose-headers
x-aa-redirecturl
ajax-loader.gif
sitestatic.airasiabig.com/sso/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitestatic.airasiabig.com/sso/ajax-loader.gif
Requested by
Host: www.airasiabig.com
URL: https://www.airasiabig.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:3000:9:5a36:6580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2bd775b123b11b7b7fe22dd1b87ad5a5662826d539923906f66a7c3a31684739

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.airasiabig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Thu, 30 Nov 2017 02:37:48 GMT
date
Thu, 30 Sep 2021 17:15:16 GMT
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2017 02:37:56 GMT
server
AmazonS3
age
64582
etag
"b00b56d5a86f86b74c1ff032cc9c687f"
x-edge-origin-shield-skipped
0
content-type
image/gif
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
3208
x-amz-cf-id
Mr6P55BzEq7X8dzkligFjZg8Zz3QFrCaELOY124-FW5LfzDjb39p5A==
index.html
sso-widget.airasia.com/hub/ Frame 3C73 		212 B
701 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sso-widget.airasia.com/hub/index.html?origin=https://www.airasiabig.com
Requested by
Host: sso-widget.airasia.com
URL: https://sso-widget.airasia.com/bundle.en-GB.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.43.177 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
efb33916e51124502d8ade876b5bc44aed2fa52a7646b5d48c17f7bac4ac9b77
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

:method
GET
:authority
sso-widget.airasia.com
:scheme
https
:path
/hub/index.html?origin=https://www.airasiabig.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.airasiabig.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.airasiabig.com/

Response headers

server
Tengine
content-type
text/html
content-length
212
strict-transport-security
max-age=5184000
x-guploader-uploadid
ADPycdtBDO1sa_vdzrX3Vql6Q_UkrGwIH09MT9AJKC--mEQl5cI8_T73SSo6Hlwp0RBZDA541q-qFDAiUvjl6OgsdPQmej9trQ
expires
Fri, 01 Oct 2021 11:20:36 GMT
date
Fri, 01 Oct 2021 10:20:36 GMT
cache-control
public, max-age=3600
last-modified
Mon, 12 Apr 2021 09:17:06 GMT
etag
"b82e5c9b81e2ba3fa67edf58b0fdf6eb"
alt-svc
clear
x-goog-generation
1618219026424371
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
212
x-goog-hash
crc32c=UTAvyQ== md5=uC5cm4Hiuj+mft9YsP326w==
x-goog-storage-class
STANDARD
accept-ranges
bytes
ali-swift-global-savetime
1633083636
via
cache34.l2ot7-1[0,0,304-0,H], cache2.l2ot7-1[0,0], cache1.de2[0,0,200-0,H], cache1.de2[1,0]
age
3063
x-cache
HIT TCP_MEM_HIT dirn:9:273751666
x-swift-savetime
Fri, 01 Oct 2021 10:39:12 GMT
x-swift-cachetime
2484
timing-allow-origin
*
eagleid
2ff62b9516330866996285889e
bundle.js.gz
sso-widget.airasia.com/hub/ Frame 3C73 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso-widget.airasia.com/hub/bundle.js.gz
Requested by
Host: sso-widget.airasia.com
URL: https://sso-widget.airasia.com/hub/index.html?origin=https://www.airasiabig.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.43.177 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
48916fa6f32360e69198225fc31bcc5cf1e3c39c5e1dec2ad89ee0dbc9602725
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sso-widget.airasia.com/hub/index.html?origin=https://www.airasiabig.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
via
cache1.l2ot7-1[0,0,304-0,H], cache6.l2ot7-1[0,0], cache8.de2[0,0,200-0,H], cache1.de2[1,0]
etag
"a71bcaecdd89b6356cf20dae6c435d07"
age
2511
x-guploader-uploadid
ADPycdvdD7PDsnVV2BYQKfp7D5jyN_tf8zkp7soXiCco3xddD9Cy9fTg70k_UrBmglcRKifTx_U-Q3j_Z6KJxBot6nU
x-cache
HIT TCP_MEM_HIT dirn:0:265298562
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
x-swift-savetime
Fri, 01 Oct 2021 10:30:20 GMT
content-encoding
gzip
alt-svc
clear
content-length
2598
timing-allow-origin
*
x-swift-cachetime
3568
last-modified
Mon, 12 Apr 2021 09:17:06 GMT
server
Tengine
date
Fri, 01 Oct 2021 10:29:48 GMT
vary
accept-encoding
x-goog-hash
crc32c=iFmg9g==, md5=pxvK7N2JtjVs8g2ubENdBw==
x-goog-generation
1618219026424287
expires
Fri, 01 Oct 2021 11:29:48 GMT
cache-control
public, max-age=3600
x-goog-stored-content-length
2598
accept-ranges
bytes
content-type
application/javascript
eagleid
2ff62b9516330866996645962e
ali-swift-global-savetime
1633084188
authorization
ssor.airasia.com/sso/v2/ 		52 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssor.airasia.com/sso/v2/authorization?clientId=PRD-BPWWW-7V1M2CO5
Requested by
Host: sso-widget.airasia.com
URL: https://sso-widget.airasia.com/bundle.en-GB.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.88.146.98 Singapore, Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
ee8b52a7eb0bbca7a1d15f59219bdf969d7552cffb952ab2c478f3d8fc17190b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.airasia.com *.apiairasia.com; frame-ancestors 'none';
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.airasiabig.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
x-api-key
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJRcFJrVzkwWUhBNTUwVjdTUldDQ2huUWhKVEc0SFIwcyIsImV4cCI6MTYzMzA5Mzg5OSwiaWF0IjoxNjMzMDg2Njk5LCJzdWIiOiJQUkQtQlBXV1ctN1YxTTJDTzUifQ.Cr61EIwQxVR_gILt8A6uFrYp5hU3rwn-S1FnaYR5B7M
Content-Type
application/json

Response headers

date
Fri, 01 Oct 2021 11:11:41 GMT
via
1.1 google
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
alt-svc
clear
content-length
52
x-xss-protection
1; mode=block
x-response-time
0.001s
pragma
no-cache
expires
0
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=86400
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.airasiabig.com
vary
Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
content-security-policy
default-src 'self' *.airasia.com *.apiairasia.com; frame-ancestors 'none';
access-control-expose-headers
Set-Cookie,Authorization,Cookie
authorization
ssor.airasia.com/sso/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssor.airasia.com/sso/v2/authorization?clientId=PRD-BPWWW-7V1M2CO5
Protocol
H2
Server
47.88.146.98 Singapore, Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.airasia.com *.apiairasia.com; frame-ancestors 'none';
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,x-api-key
Origin
https://www.airasiabig.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 01 Oct 2021 11:11:40 GMT
content-length
0
access-control-allow-origin
https://www.airasiabig.com
vary
Origin
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-api-key
access-control-allow-methods
GET,POST,PATCH,PUT,DELETE
strict-transport-security
max-age=86400
content-security-policy
default-src 'self' *.airasia.com *.apiairasia.com; frame-ancestors 'none';
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
via
1.1 google
alt-svc
clear
en
www.airasiabig.com/ot/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.airasiabig.com
URL
https://www.airasiabig.com/ot/en

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| dvEdgeRapahel_GetiOSTokenFromWKWebView function| dvEdgeRapahel_GetiOSCacheDataFromWKWebView function| dvEdgeRapahel_GetiOSLocalDataFromWKWebView function| raphael object| aaWidget function| successCallback function| failureCallback

2 Cookies

Domain/Path Name / Value
www.airasiabig.com/ Name: acw_tc
Value: 2ff62b9e16330866955311112e0621bced9994573e1c202ab83900df4d
www.airasiabig.com/ Name: october_session
Value: eyJpdiI6Ik4zNnVEV3VWc1Y4cG1uWmt0b25pbXc9PSIsInZhbHVlIjoiMlMxYTlpYVdveEwrKzhXUnNrRXhDaVd5QVJibzlQaG80V3JnWXlUNnRrZ1FaeW03MFNPMkpqa1FST0VXV1NZbU1wbFBmcHd3ZFJvV1wvSjFQNlZiNnlRPT0iLCJtYWMiOiJiMGY4YWU0ZjZiOTRhMzYwYWUwMWE0NzM2ODUzYTIwMWMxYWFkMWEwMGJmMWJiNTNjNTllNWViNjdlM2RlMTQ5In0%3D

1 Console Messages

Source Level URL
Text
network error URL: https://ssor.airasia.com/sso/v2/authorization?clientId=PRD-BPWWW-7V1M2CO5
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=5184000 max-age=86400