urlscan.io logo urlscan.io
SecurityTrails logo

www.cheapoair.com Open in urlscan Pro
172.227.101.159  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.travelweeklyupdate.com/ClicksHandler.ashx?audid=43830573&lguid=337b3ef3d4674c81a02a2c89565c3d0b&cmpid=1033296&c=7&pcg=m...
Effective URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerst...
Submission: On December 02 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 7 countries across 25 domains to perform 112 HTTP transactions. The main IP is 172.227.101.159, located in United States and belongs to AKAMAI-AS - Akamai Technologies, Inc., US. The main domain is www.cheapoair.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 29th 2019. Valid for: 2 years.
This is the only time www.cheapoair.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 64.61.14.236 7029 (WINDSTREAM)
11 172.227.101.159 16625 (AKAMAI-AS)
27 172.227.92.98 16625 (AKAMAI-AS)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2a01:4a0:1338... 201011 (NETZBETRI...)
1 152.199.19.160 15133 (EDGECAST)
1 8 2a03:2880:f11... 32934 (FACEBOOK)
1 13.225.78.84 16509 (AMAZON-02)
6 2a03:2880:f01... 32934 (FACEBOOK)
2 8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
14 40.114.55.121 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:20e... 16509 (AMAZON-02)
1 7 2a00:1450:400... 15169 (GOOGLE)
1 147.75.33.111 54825 (PACKET)
2 2a00:1288:f03... 10310 (YAHOO-1)
1 151.139.236.192 33438 (HIGHWINDS2)
1 2600:9000:21f... 16509 (AMAZON-02)
2 147.75.101.51 54825 (PACKET)
2 212.54.153.104 50292 (STRATOGEN...)
1 172.217.22.34 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 198.145.13.14 2044 (IINET-2044)
2 51.140.6.23 8075 (MICROSOFT...)
112 31
1    64.61.14.236 (Wayne, United States)

ASN7029 (WINDSTREAM - Windstream Communications LLC, US)
PTR: static-64-61-14-236.isp.broadviewnet.net
www.travelweeklyupdate.com
11    172.227.101.159 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a172-227-101-159.deploy.static.akamaitechnologies.com
www.cheapoair.com
27    172.227.92.98 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a172-227-92-98.deploy.static.akamaitechnologies.com
c.fareportal.com
2    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
maxcdn.bootstrapcdn.com
2    2a01:4a0:1338:28::c38a:ff09 (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)
ds-aksb-a.akamaihd.net
1    152.199.19.160 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
az416426.vo.msecnd.net
8    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    13.225.78.84 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-84.fra2.r.cloudfront.net
cdn.branch.io
6    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
8    2a00:1450:4001:818::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
apis.google.com
1    2600:9000:2156:9400:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
app.link
1    2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ssl.google-analytics.com
2    2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
14    40.114.55.121 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
launchpadapiassignment.azure.fareportal.com
1    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
2    2600:9000:20eb:d800:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
api2.branch.io
7    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    147.75.33.111 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-12
static.hotjar.com
2    2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)
s.yimg.com
1    151.139.236.192 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
cdn.nowinteract.com
1    2600:9000:21f3:a200:d:69b0:4e00:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d11tldh9zr4z08.cloudfront.net
2    147.75.101.51 (Central, Hong Kong)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-7
script.hotjar.com
vars.hotjar.com
2    212.54.153.104 (Edison, United States)

ASN50292 (STRATOGEN ==================================, GB)
PTR: s104-153-54-212.cust.stratogen.net
us1.nowinteract.com
1    172.217.22.34 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
1    2a03:2880:f01c:8004:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
cx.atdmt.com
1    198.145.13.14 (United States)

ASN2044 (IINET-2044 - Infinity Internet, Inc., US)
PTR: getclicky.com
win.staticstuff.net
2    51.140.6.23 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
dc.services.visualstudio.com
Domain Requested by
27 c.fareportal.com www.cheapoair.com
c.fareportal.com
14 launchpadapiassignment.azure.fareportal.com az416426.vo.msecnd.net
11 www.cheapoair.com www.cheapoair.com
az416426.vo.msecnd.net
8 www.google.com 2 redirects c.fareportal.com
www.gstatic.com
www.cheapoair.com
8 www.facebook.com 1 redirects www.cheapoair.com
connect.facebook.net
7 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
www.cheapoair.com
5 connect.facebook.net www.cheapoair.com
connect.facebook.net
3 www.google.de www.cheapoair.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 stats.g.doubleclick.net 2 redirects
2 us1.nowinteract.com az416426.vo.msecnd.net
2 s.yimg.com www.cheapoair.com
az416426.vo.msecnd.net
2 api2.branch.io az416426.vo.msecnd.net
2 www.googletagmanager.com c.fareportal.com
www.googletagmanager.com
2 apis.google.com c.fareportal.com
apis.google.com
2 ds-aksb-a.akamaihd.net www.cheapoair.com
2 code.jquery.com www.cheapoair.com
1 win.staticstuff.net d11tldh9zr4z08.cloudfront.net
1 cx.atdmt.com www.cheapoair.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 vars.hotjar.com static.hotjar.com
1 www.googleadservices.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 staticxx.facebook.com connect.facebook.net
1 d11tldh9zr4z08.cloudfront.net www.googletagmanager.com
1 cdn.nowinteract.com www.googletagmanager.com
1 static.hotjar.com www.cheapoair.com
1 www.gstatic.com www.google.com
1 ssl.google-analytics.com www.cheapoair.com
1 app.link cdn.branch.io
1 cdn.branch.io www.cheapoair.com
1 az416426.vo.msecnd.net www.cheapoair.com
1 maxcdn.bootstrapcdn.com www.cheapoair.com
1 www.travelweeklyupdate.com 1 redirects
112 34
Subject Issuer Validity Valid
www.cheapoair.com
DigiCert SHA2 Extended Validation Server CA		 2019-04-29 -
2021-05-18		 2 years crt.sh
www.fareportal.com
GeoTrust RSA CA 2018		 2019-09-11 -
2020-12-10		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2019-08-13 -
2020-08-12		 a year crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2018-03-30 -
2020-03-30		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-11-06 -
2020-02-04		 3 months crt.sh
*.branch.io
DigiCert SHA2 Secure Server CA		 2018-12-05 -
2020-12-08		 2 years crt.sh
www.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.apis.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
appipv4.link
Amazon		 2019-08-19 -
2020-09-19		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
azure.fareportal.com
Let's Encrypt Authority X3		 2019-11-20 -
2020-02-18		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2019-10-06 -
2020-01-04		 3 months crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2019-11-23 -
2020-01-07		 a month crt.sh
*.nowinteract.com
GlobalSign Organization Validation CA - SHA256 - G2		 2019-04-24 -
2021-04-24		 2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2019-10-06 -
2020-01-04		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2019-10-06 -
2020-01-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA		 2019-10-28 -
2020-01-26		 3 months crt.sh
win.staticstuff.net
Sectigo RSA Domain Validation Secure Server CA		 2019-06-04 -
2020-10-06		 a year crt.sh
dc.services.visualstudio.com
Microsoft IT TLS CA 5		 2019-11-18 -
2021-11-18		 2 years crt.sh

This page contains 8 frames:

Primary Page: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Frame ID: 27E83C53D20110A3A47202E6E613F21F
Requests: 105 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/cheapoair/&send=false&layout=button_count&width=110&show_faces=false&action=like&colorscheme=light&height=21
Frame ID: E71879E84F92475AA5D583D0E4134F92
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: AA1C9DEE9B2CB24FE1002E4B09BD437E
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Frame ID: DBD3B4EBD3614D3F05BBB2D19A419E7C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&co=aHR0cHM6Ly93d3cuY2hlYXBvYWlyLmNvbTo0NDM.&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=invisible&cb=b6l54q84ae4f
Frame ID: E854F17A84FC54E2C83D06E38F1A59C2
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&co=aHR0cHM6Ly93d3cuY2hlYXBvYWlyLmNvbTo0NDM.&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=invisible&cb=onou9wqqenc
Frame ID: 265C3BD286DDBAF4C99816015397EF6F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&cb=9cdiup6grhg4
Frame ID: 08859BBCF824E3F1C93C789988B9A5E9
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&cb=j6qtmkbj9iyq
Frame ID: 65E7EB08285F2A60C3D7A35B735C00FE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.travelweeklyupdate.com/ClicksHandler.ashx?audid=43830573&lguid=337b3ef3d4674c81a02a2c89565c3d0b&cmp... HTTP 302
    https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mw... Page URL

Page Statistics

112
Requests

99 %
HTTPS

59 %
IPv6

25
Domains

34
Subdomains

31
IPs

7
Countries

1866 kB
Transfer

5531 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.travelweeklyupdate.com/ClicksHandler.ashx?audid=43830573&lguid=337b3ef3d4674c81a02a2c89565c3d0b&cmpid=1033296&c=7&pcg=mweb-flighttravellerstep&pct=mweb-flighttravellerstep&uname=&imap=&ipha= HTTP 302
    https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1006443535&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573&ul=en-us&de=UTF-8&dt=CheapOair.com%20%7C%20Don%27t%20Miss%20Cyber%20Monday%20Deals!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=UserProfile&ea=Subscription.Shown&el=ModelPopup%20%3A%20GCMS&ev=1&_u=aGBAAEAj~&jid=816312642&gjid=808016832&cid=1324980181.1575313332&tid=UA-423411-1&_gid=1925415336.1575313332&_r=1&gtm=2wgav9TJXBT&cd18=nl-internatioanl-live-static-deals&z=403199967 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-423411-1&cid=1324980181.1575313332&jid=816312642&_gid=1925415336.1575313332&gjid=808016832&_v=j79&z=403199967 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-423411-1&cid=1324980181.1575313332&jid=816312642&_v=j79&z=403199967 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-423411-1&cid=1324980181.1575313332&jid=816312642&_v=j79&z=403199967&slf_rd=1&random=3660002489
Request Chain 74
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-423411-1&cid=1324980181.1575313332&jid=2098709242&gjid=1225774344&_gid=1925415336.1575313332&_u=aGDAgEAj~&z=861716100 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-423411-1&cid=1324980181.1575313332&jid=2098709242&_v=j79&z=861716100 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-423411-1&cid=1324980181.1575313332&jid=2098709242&_v=j79&z=861716100&slf_rd=1&random=4277145799
Request Chain 84
  • https://www.facebook.com/tr/?id=1386471704908747&ev=Search&dl=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573&rl=&if=false&ts=1575313332776&cd[content_type]=flight&sw=1600&sh=1200&v=2.9.14&r=stable&ec=1&o=30&fbp=fb.1.1575313332702.213580801&it=1575313332508&coo=false&rqm=GET HTTP 302
  • https://cx.atdmt.com/?c=6984260561493021509&f=AYx6KLXm8yGZ5904DLkf6qTX5j-ML1QD7AVT46WtVR-C2_FFDpoNzKGHLiE8rjwV07L4AO-eFEilHhoijQa8fITJ&id=1386471704908747&l=3&v=0

112 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request dec0219
www.cheapoair.com/flights/newsletters/
Redirect Chain
  • http://www.travelweeklyupdate.com/ClicksHandler.ashx?audid=43830573&lguid=337b3ef3d4674c81a02a2c89565c3d0b&cmpid=1033296&c=7&pcg=mweb-flighttravellerstep&pct=mweb-flighttravellerstep&uname=&imap=&i...
  • https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=n...
88 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.159 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-159.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5a00f587429d2adc4460c2b4f1c219cad8f5f1beada95073294db1c8ba3e2c9b

Request headers

:method
GET
:authority
www.cheapoair.com
:scheme
https
:path
/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
text/html; charset=utf-8
gcms-cache-ttl-min
12
x-geoipcountrycode3
US
x-geoiplatitude1
40.74820
x-geoiplongitude1
-73.90680
x-ipadress
104.96.220.14
x-realipaddress
72.226.47.253
x-forwarded-for
72.226.47.253, 23.215.131.45
x-proxy-cache
HIT
x-proxy-server
lpnginxlive65
x-misc
0
x-geocontinentcode
NA
x-geocontinentname
North America
fp-x-edge-cachecontrol
!no-store, cache-maxage=12m
fp-x-edge-cache-enabled
1
content-encoding
gzip
x-akamai-transformed
9 21847 0 pmb=mRUM,1
cache-control
private, max-age=491
expires
Mon, 02 Dec 2019 19:10:21 GMT
date
Mon, 02 Dec 2019 19:02:10 GMT
content-length
22315
vary
Accept-Encoding
set-cookie
uid=NjcxYjQyYTNhZjBmOTA4OA==; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.cheapoair.com fplocation=regioncode=EU; expires=Wed, 01-Jan-2020 19:02:10 GMT; path=/ AKA_A2=A; expires=Mon, 02-Dec-2019 20:02:10 GMT; path=/; domain=cheapoair.com; secure; HttpOnly
akamai-x-true-edgecontrol-ttl
-1

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Mon, 02 Dec 2019 19:02:10 GMT
Content-Length
435
Set-Cookie
SRVNAME=tw1; path=/
cmsresourcecombiner.ashx
www.cheapoair.com/cmshandlers/ 		286 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/cmshandlers/cmsresourcecombiner.ashx?bn=coa-reg-lp-css_css&gcms-srv
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.159 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-159.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2a2b2dae9bf8821e847c52547115591f2ca21404cf5079686d1850d760cefff7

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
gzip
fp-x-edge-cache-enabled
1
vary
Accept-Encoding
akamai-x-true-edgecontrol-ttl
21600
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=4499
gcms-cache-ttl-min
360
fp-x-edge-cachecontrol
!no-store, cache-maxage=360m
content-length
52100
expires
Mon, 02 Dec 2019 20:17:10 GMT
banner-deal-5584.css
c.fareportal.com/gcms/Portals/2/SEM-Includes/css/responsive-b3/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/Portals/2/SEM-Includes/css/responsive-b3/banner-deal-5584.css?gcms-srv
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
842561cf68109eecbf1c126a7300d56b17f0a0a6a87baa00746c2fd43eda6211

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
br
last-modified
Mon, 16 Sep 2019 11:01:08 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"b344b9ba1d48c5bd78c61601673b6e40:1537966977"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
1722
top-airline-promotion.css
c.fareportal.com/gcms/portals/3/sem-includes/CSS/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/3/sem-includes/CSS/top-airline-promotion.css
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
844f2004eabec3611a8e08ac05dc3d35bd7cd1c58e7231f1d6e5ec6711383bda

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
br
last-modified
Mon, 07 Oct 2019 13:54:18 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"866527864fb36517bf79495ae91e9286:1561729426"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
1998
z_style-font.css
c.fareportal.com/gcms/portals/2/responsive-ember/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/2/responsive-ember/css/z_style-font.css
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
e34437888c9cd92fd3a2de03c81a82bf251191dcca69d1f6070b460be31c8784

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
br
last-modified
Sat, 23 Nov 2019 18:56:39 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"bb3a28cf290b85ebd7576329e69f6f2d:1572536649"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
2898
jquery-1.9.1.min.js
code.jquery.com/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 02 Dec 2019 19:02:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:07 GMT
Server
nginx
ETag
W/"54499a47-169d5"
Vary
Accept-Encoding
X-HW
1575313331.dop020.fr8.shc,1575313331.dop020.fr8.t,1575313331.cds018.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
32772
jquery-migrate-1.2.1.min.js
code.jquery.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 02 Dec 2019 19:02:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
W/"54499a48-1c1f"
Vary
Accept-Encoding
X-HW
1575313331.dop020.fr8.shc,1575313331.dop020.fr8.t,1575313331.cds018.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3063
lp-0.0.9-beta.0.js
c.fareportal.com/vd/lp/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/vd/lp/lp-0.0.9-beta.0.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
80e2c35dbd6464f8399ea8a8c8e519d4c8315a3e0cb684446106781e0432f6f2

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
br
last-modified
Tue, 12 Nov 2019 16:29:27 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"8aa617c1e17127fb629452a673cebd00:1556822832"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
9723
wscript-t.js
c.fareportal.com/gcms/portals/2/responsive-ember/app/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/2/responsive-ember/app/wscript-t.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
264489e0eaa59a134c9573412af0612ebe7a935f5b3ffb979a9de35fc817d80c

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
br
last-modified
Wed, 16 Oct 2019 08:16:53 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"b7fa8485882b86ee2492842514d97769:1560938805"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
1341
vendors.min.js
c.fareportal.com/gcms/portals/2/responsive-ember/app/production/ 		496 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/2/responsive-ember/app/production/vendors.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f62757a35e649059e1d4c1bf48ab7d4a67aa73e3917d8433a85e30fbeff95986

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
br
last-modified
Wed, 30 Oct 2019 20:03:20 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"9e6224a6adb9bfd9682cc9a3e8fb3393:1571965169"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
107710
appall.min.js
c.fareportal.com/gcms/portals/2/responsive-ember/app/production/ 		704 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/2/responsive-ember/app/production/appall.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
e8e1df6ecb6d3dc920b7b712c1479ff0365ccdd59245327800c6a7ed7bc8566a

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
br
last-modified
Thu, 10 Oct 2019 12:12:13 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"e83e6a6c5f39c533bc55f776d0a59bda:1563435905"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
87244
wscript.js
c.fareportal.com/gcms/portals/2/responsive-ember/app/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/2/responsive-ember/app/wscript.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
b784272fae485f57c4a63a265f03930f9512271fda7e0928536e55f9ac37b6b5

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
br
last-modified
Wed, 09 Oct 2019 18:16:48 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"9fbd34e539cc8de7c9e15f47a676429e:1556695366"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
1012
jquery.lazyload.min.js
c.fareportal.com/gcms/portals/3/sem-includes/script/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/3/sem-includes/script/jquery.lazyload.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
9f4debafd703e1267a3b13f73711eb0ac3570524f2c0b3183de0d64e77f6bca8

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
br
last-modified
Fri, 08 Nov 2019 22:13:10 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"ae0be8af320ac98b3dfed29928646654:1529928229"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
1122
slick.min.js
c.fareportal.com/gcms/portals/3/sem-includes/script/ 		36 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/3/sem-includes/script/slick.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
22529609ad54b33ee1695008d3daa6e35f133849c49ee00d7e9bc02eb0dd9a56

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
br
last-modified
Tue, 05 Nov 2019 08:32:39 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"21778f373fce5457a66da1622474a3dd:1544697290"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
7942
global_signup_component.js
c.fareportal.com/gcms/Portals/2/responsive-b3/script/ 		2 KB
620 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/Portals/2/responsive-b3/script/global_signup_component.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
ab886e15639aaf4aa29aa96b83d778895fceeed46510c31f5742532b5aafa865

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
br
last-modified
Thu, 21 Nov 2019 11:51:56 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"cc43c09ea7c9136d6ae06ebce0e3d624:1572536168"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
413
badge-script-lp.min.js
www.cheapoair.com/profiles/common-scripts/js/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/profiles/common-scripts/js/badge-script-lp.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.159 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-159.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
82013da0ba1c5b15a0e8c2471eb417f18df553551bb1abc1f29da5b2401f1ba8

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 08:02:32 GMT
etag
W/"5dc52118-aec8"
vary
Accept-Encoding
akamai-x-true-edgecontrol-ttl
-1
content-type
application/x-javascript
status
200
cache-control
no-cache, public
x-proxy-server
nginx-7
content-length
11597
expires
Sun, 01 Dec 2019 19:02:11 GMT
callcentric-noninteract-nl.js
c.fareportal.com/gcms/portals/2/responsive/js/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/2/responsive/js/callcentric-noninteract-nl.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
2b4ae3ad4713de869c1f6f8b8640cecfe52f7c97cae7eb0d895c222dd6db66e1

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
br
last-modified
Sat, 19 Oct 2019 01:47:39 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"8614be47ca7a1537efa3fb5d2a55a6e1:1523976139"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
2257
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.1.1/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
access-control-allow-origin
*
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
7679
cmsresourcecombiner.ashx
www.cheapoair.com/cmshandlers/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/cmshandlers/cmsresourcecombiner.ashx?bn=coa-reg-lp-js_js&gcms-srv
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.159 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-159.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
59d271fc80bc1be0ad8717bdc5c1d52a01e405255085a4bc19dd8addf0f88379

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
gzip
fp-x-edge-cache-enabled
1
vary
Accept-Encoding
akamai-x-true-edgecontrol-ttl
21600
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=9565
gcms-cache-ttl-min
360
fp-x-edge-cachecontrol
!no-store, cache-maxage=360m
content-length
3224
expires
Mon, 02 Dec 2019 21:41:36 GMT
coagdprtracking.js
c.fareportal.com/gcms/portals/2/responsive-ember/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/2/responsive-ember/js/coagdprtracking.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
324931052b6852618ab79be6df3a8bf409fcb8789ac02c2d1df0660ea4a087dc

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
br
last-modified
Thu, 10 Oct 2019 19:36:11 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"19cd0fd0294cc18d677e53ab392b5f52:1547119777"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
2491
AnonymousUserTracking-gcms.min.js
c.fareportal.com/gcms/portals/2/Js/opt-js/ 		2 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/gcms/portals/2/Js/opt-js/AnonymousUserTracking-gcms.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
27b0c98df45f3a0988f55a1168f3912a2a2e881dabd6b4a7ccbf9cf1f6c93e2c

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 22:22:21 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"0797ddf31702a4d46643fad7a314fd04:1571962586"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
716
aksb.min.js
ds-aksb-a.akamaihd.net/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ds-aksb-a.akamaihd.net/aksb.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff09 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Apache /
Resource Hash
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 02 Dec 2019 19:02:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 18:25:26 GMT
Server
Apache
ETag
"15de19f42b35806faf815298644157e0:1535653526"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
4826
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		95 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
gzip
content-md5
7JhCKwvLjoUoS5N/nN9LRA==
x-cache
HIT
status
200
content-length
21636
x-ms-lease-status
unlocked
last-modified
Tue, 11 Jun 2019 21:34:18 GMT
server
ECAcc (frc/8FA5)
etag
0x8D6EEB48F61B4AC
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
81977128-001e-00da-0bfa-a841cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400, immutable
x-ms-version
2009-09-19
home-sprite-opt.png
c.fareportal.com/gcms/portals/2/responsive-b3/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/gcms/portals/2/responsive-b3/images/home-sprite-opt.png
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
20fae6fb3805cad81ebb725d2dd8d43dfdf553b10275bce910804880cce7853e

Request headers

Referer
https://www.cheapoair.com/cmshandlers/cmsresourcecombiner.ashx?bn=coa-reg-lp-css_css&gcms-srv
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
last-modified
Thu, 31 Oct 2019 10:58:35 GMT
server
Apache
access-control-allow-origin
*
etag
"d22383b13312314d8320434a9ae80ef9:1572535975"
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
30792
csas_lpgp-0.0.5-beta.1.js
c.fareportal.com/vd/csas/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/vd/csas/csas_lpgp-0.0.5-beta.1.js
Requested by
Host: c.fareportal.com
URL: https://c.fareportal.com/gcms/portals/2/responsive-ember/app/wscript-t.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
233558c15cdc293d4389091ad87b9730d0f59a153552141684978a2ac5b58ba8

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
br
last-modified
Tue, 22 Oct 2019 09:09:12 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"935ff85a3aa47e6700a5b1b5b7277457:1557347496"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
5388
calus247n.png
c.fareportal.com/vd/coa/travel/r6/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/vd/coa/travel/r6/images/calus247n.png
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
14fc4046b61fcc54838eefd1368870d738b56b810a0da4375062786bebf9a86f

Request headers

Referer
https://www.cheapoair.com/cmshandlers/cmsresourcecombiner.ashx?bn=coa-reg-lp-css_css&gcms-srv
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
last-modified
Thu, 14 Dec 2017 23:40:06 GMT
server
Apache
access-control-allow-origin
*
etag
"1c999a2b54562ad48382288352aa7c22:1513856370"
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
14429
COA-font-icon.woff2
c.fareportal.com/vd/coa/travel/font-icon/coa/fonts/ 		85 KB
85 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/vd/coa/travel/font-icon/coa/fonts/COA-font-icon.woff2?ann52u
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
438b171de173437f6494fbce6db973b322cc6e6a876454f167b8b10713768dbd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://c.fareportal.com/gcms/portals/2/responsive-ember/css/z_style-font.css
Origin
https://www.cheapoair.com

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
last-modified
Wed, 13 Sep 2017 15:43:35 GMT
server
Apache
access-control-allow-origin
*
etag
"60d2a09a6c39a30f5f8c8dc1c8ed47a8:1505317593"
content-type
font/woff2
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
87076
banner-bg-dec0219.jpg
c.fareportal.com/gcms/Portals/2/responsive/images/sem/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/gcms/Portals/2/responsive/images/sem/banner-bg-dec0219.jpg
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7bdc03246cb2c00c1ec6bb01102eea9c2db586ab6b0bda2442c6eeaf4d58e0d2

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
last-modified
Wed, 27 Nov 2019 11:30:14 GMT
server
Apache
access-control-allow-origin
*
etag
"83c86b329d62eb7ce615fee489d8f8e3:1574854216"
content-type
image/jpeg
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
20161
like.php
www.facebook.com/plugins/ Frame E718 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/cheapoair/&send=false&layout=button_count&width=110&show_faces=false&action=like&colorscheme=light&height=21
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?href=https://www.facebook.com/cheapoair/&send=false&layout=button_count&width=110&show_faces=false&action=like&colorscheme=light&height=21
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-type
text/html; charset="utf-8"
x-fb-debug
YeXdv9Z1wM9R+EMxUKBEFoq4o4F+hOIZ5uJYcLhwmECt9A7R7MJeCKmuAwykbOAZAfI0WnhOo3NrrOrEW3eMpA==
date
Mon, 02 Dec 2019 19:02:11 GMT
alt-svc
h3-23=":443"; ma=3600
branch-latest.min.js
cdn.branch.io/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.84 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-84.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e013976876f923b5d747b79501cd38255f1876399c5e9b5a8f995dec0291ab7

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
z8HvpISR3mptTBbKeuNdWa0yABs8A72w
Content-Encoding
gzip
Last-Modified
Tue, 29 Oct 2019 00:06:03 GMT
Server
AmazonS3
Age
248
ETag
"18c281260fef78c97f0b9613cfd9df40"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
Cache-Control
max-age=300
Date
Mon, 02 Dec 2019 18:58:03 GMT
X-Amz-Cf-Pop
FRA2-C2
Connection
keep-alive
Content-Length
21884
X-Amz-Cf-Id
ISzJKxm4DrpgXXox1SDU6wGAAfxllxxMQQDvh3kJoXUwCjch0433vA==
Landing-Pages-QR.png
c.fareportal.com/gcms/portals/2/responsive/images/sem/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/gcms/portals/2/responsive/images/sem/Landing-Pages-QR.png
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0bdf220420e757b578a0da6fa91496882f6dddbbe9592b17b09f83ead27c5faf

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
last-modified
Thu, 31 Oct 2019 10:58:51 GMT
server
Apache
access-control-allow-origin
*
etag
"33ee27838d075544c79948f2195e4cc1:1572537241"
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
4203
home-sprite.png
c.fareportal.com/vd/coa/travel/r6/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/vd/coa/travel/r6/images/home-sprite.png
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e6c753b1150ac4a20658949932fdf26041a78f8d836e2fb68983793a798011cd

Request headers

Referer
https://www.cheapoair.com/cmshandlers/cmsresourcecombiner.ashx?bn=coa-reg-lp-css_css&gcms-srv
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
last-modified
Thu, 14 Dec 2017 23:40:07 GMT
server
Apache
access-control-allow-origin
*
etag
"a4f8ffcd59f944054834671424e49f96:1513856373"
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
18769
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/cmshandlers/cmsresourcecombiner.ashx?bn=coa-reg-lp-js_js&gcms-srv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
3ba4fbf2b56985a5a8b6a726797c2616f524c0b31009f433e66da09ae87eb616
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
fVSBkQhCu7/NDvj9uY0FGQ==
status
200
date
Mon, 02 Dec 2019 19:02:11 GMT
expires
Mon, 02 Dec 2019 19:20:37 GMT
alt-svc
h3-23=":443"; ma=3600
content-length
1776
x-fb-debug
CX3FwcTOL7WudUhNCfyM95/l4R5p+ZD/zOhaJZo1ysl7v0jmbI7LKHjFHh6vSq7DpFRCrUpDFj0iQGb8df8BbQ==
x-fb-trip-id
420120009
x-fb-content-md5
bc98689fe23323d07f259df0a9609417
etag
"2520d4c62fc0d65442752cda7c74ed0b"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
api.js
www.google.com/recaptcha/ 		729 B
561 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: c.fareportal.com
URL: https://c.fareportal.com/gcms/portals/2/responsive-ember/app/wscript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
3211cd82ce26fec042b2543617d3138a366d470fa74ed56788c3b0956c9f9ffb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
463
x-xss-protection
1; mode=block
expires
Mon, 02 Dec 2019 19:02:11 GMT
client.js
apis.google.com/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client.js?onload=googleApiLoaded
Requested by
Host: c.fareportal.com
URL: https://c.fareportal.com/gcms/portals/2/responsive-ember/app/wscript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
de1bd7045de175bfd858485f1cb48a0f3bac7a8cfb1422b350c3f36792aae8d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-npnhd/sURahMUMQqGqsPTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
strict-transport-security
max-age=31536000
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"500d7adbb54a1d1fd24f75d1e29968b3"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Mon, 02 Dec 2019 19:02:11 GMT
_r
app.link/ 		90 B
723 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.link/_r?sdk=web2.52.2&branch_key=key_live_ngxRNbzgpC0SVPJ5m6ACWonlsqeJ7Fsw&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:9400:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty/1.13.6.2 / Express
Resource Hash
669d63eba6e02d76217963764c4567445175cb303d432c9e60b5d3f995d02109
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 02 Dec 2019 19:02:11 GMT
Via
1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Server
openresty/1.13.6.2
X-Amz-Cf-Pop
FRA50-C1
X-Powered-By
Express
X-Cache
Miss from cloudfront
Content-Type
text/javascript; charset=utf-8
Connection
keep-alive
Content-Length
90
ETag
W/"5a-7eryREl9ZbBLpGcJmXd1ORWeecU"
X-Amz-Cf-Id
V-DhpXzJJGv-sKLUPXd6bf23THmQu6vgkKX2_tYw1rj0UHkDZujdhg==
GeoAirportDetail
www.cheapoair.com/fapi/dmsqservice/GeoDeals.svc/ 		441 B
918 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/fapi/dmsqservice/GeoDeals.svc/GeoAirportDetail?callback=jQuery19108754976429345815_1575313331075&_=1575313331076
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.159 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-159.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5709e39dd2c45e5a185af72ed876ac8dbcf3a0de12a611ae1401e31d6c04e766

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
X-Requested-With
XMLHttpRequest
Request-Id
|6zGLi.uMe13
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
x-geoiplongitude1
9.49100
x-ipadress
104.96.220.14
x-forwarded-for
144.76.109.30, 92.122.215.12
status
200
x-geoiplatitude1
51.29930
x-geocontinentname
Europe
content-length
441
x-misc
0
x-geocontinentcode
EU
x-realipaddress
144.76.109.30
x-geoipcountrycode3
DE
akamai-x-true-edgecontrol-ttl
-1
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
private
x-proxy-server
lpnginxlive65
x-proxy-cache
MISS
GeoAirportDetail
www.cheapoair.com/fapi/dmsqservice/GeoDeals.svc/ 		441 B
918 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/fapi/dmsqservice/GeoDeals.svc/GeoAirportDetail?callback=jQuery19108754976429345815_1575313331077&_=1575313331078
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.159 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-159.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a834bdf41b2da4b9d4ec67e14d89cdc681eec396c3ceb85697c6a8838684a51c

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
X-Requested-With
XMLHttpRequest
Request-Id
|6zGLi.7xjtZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
x-geoiplongitude1
9.49100
x-ipadress
104.96.220.29
x-forwarded-for
144.76.109.30, 92.122.215.12
status
200
x-geoiplatitude1
51.29930
x-geocontinentname
Europe
content-length
441
x-misc
0
x-geocontinentcode
EU
x-realipaddress
144.76.109.30
x-geoipcountrycode3
DE
akamai-x-true-edgecontrol-ttl
-1
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
private
x-proxy-server
lpnginxlive65
x-proxy-cache
MISS
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/profiles/common-scripts/js/badge-script-lp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
6800
date
Mon, 02 Dec 2019 17:08:52 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17168
expires
Mon, 02 Dec 2019 19:08:52 GMT
signup-message-en-US.json
www.cheapoair.com/profiles/common-scripts/resources/ 		283 B
970 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/profiles/common-scripts/resources/signup-message-en-US.json
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.159 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-159.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3bd2e960080775428f61a0b49a8f40ae565aa41128e1150dcfec88ca802bce70

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
X-Requested-With
XMLHttpRequest
Request-Id
|6zGLi.WKwfl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cteonnt-length
283
date
Mon, 02 Dec 2019 19:02:12 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 08:02:32 GMT
etag
"5dc52118-11b"
vary
Accept-Encoding
akamai-x-true-edgecontrol-ttl
-1
content-type
application/json
status
200
cache-control
no-cache, public
x-proxy-server
nginx-7
accept-ranges
bytes
content-length
178
expires
Sun, 01 Dec 2019 19:02:12 GMT
affiliatetracking
www.cheapoair.com/home/ 		4 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/home/affiliatetracking?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573&fpappid=0&fpurl=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.159 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-159.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
X-Requested-With
XMLHttpRequest
Request-Id
|6zGLi.cdZ5S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 02 Dec 2019 19:02:12 GMT
cache-control
private
content-length
4
akamai-x-true-edgecontrol-ttl
-1
content-type
application/json; charset=utf-8
gtm.js
www.googletagmanager.com/ 		373 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TJXBT
Requested by
Host: c.fareportal.com
URL: https://c.fareportal.com/gcms/portals/2/responsive-ember/js/coagdprtracking.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5c91a3497d5bc977d91d1b2819260653e0fdb9a971a63ff36c6499ff06e1207d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:12 GMT
content-encoding
br
last-modified
Mon, 02 Dec 2019 18:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
64186
x-xss-protection
0
expires
Mon, 02 Dec 2019 19:02:12 GMT
AnonymousUser
www.cheapoair.com/profiles/publicapi/v1/ 		17 B
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/profiles/publicapi/v1/AnonymousUser
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.159 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-159.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
19ac4994e6efe6f592560e8bef74af475923c32931d45e3a099d0734def99c70
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com
Request-Id
|6zGLi.nEmck
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 02 Dec 2019 19:02:12 GMT
x-content-type-options
nosniff
x-machinestamp
CRM-10-NJ-109-80
status
200
akamai-x-true-edgecontrol-ttl
-1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cheapoair.com
expires
Sun, 01 Dec 2019 19:02:12 GMT
cache-control
no-cache, public
x-proxy-server
apinginx118
content-length
17
request-context
appId=cid-v1:02a21fc1-779e-4c77-b239-6fe6d6034e38
LAS-r2x.jpg
c.fareportal.com/gcms/portals/2/images/destinations/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/gcms/portals/2/images/destinations/LAS-r2x.jpg
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
295746ae5ae143de8e2c84be7100ab6c055dd7d4582257139aaed26f753c7b15

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:12 GMT
last-modified
Thu, 31 Oct 2019 10:58:07 GMT
server
Apache
access-control-allow-origin
*
etag
"6eae7b28a3c813c60d77c9b8ad46976c:1572532983"
content-type
image/jpeg
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
83210
ORL-r2x.jpg
c.fareportal.com/gcms/portals/2/images/destinations/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/gcms/portals/2/images/destinations/ORL-r2x.jpg
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
587183bf507bc54431f5b9f31ac07d37604c4837a86fc6dcd0d20d44a1588ec5

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:12 GMT
last-modified
Thu, 31 Oct 2019 10:58:08 GMT
server
Apache
access-control-allow-origin
*
etag
"0eea0a55e8178d447080d37603c04237:1572533162"
content-type
image/jpeg
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
45270
PHX-r2x.jpg
c.fareportal.com/gcms/portals/2/images/destinations/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/gcms/portals/2/images/destinations/PHX-r2x.jpg
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0a704eafb86dcf7023d4eac852953b7d1578f9f36ca82588244401b5f5216381

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:12 GMT
last-modified
Thu, 31 Oct 2019 10:58:09 GMT
server
Apache
access-control-allow-origin
*
etag
"c6feb9c19c56ecea99d480dde2994370:1572533196"
content-type
image/jpeg
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
77127
EWR-r2x.jpg
c.fareportal.com/gcms/portals/2/images/destinations/ 		250 KB
250 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/gcms/portals/2/images/destinations/EWR-r2x.jpg
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
38c50a6fe1ce7dd87ddd0be8eacfaccea8fa3190823230f1ac5cb6bb9972b522

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:12 GMT
last-modified
Thu, 31 Oct 2019 10:58:04 GMT
server
Apache
access-control-allow-origin
*
etag
"8c5e10f025137d6d2e19f520a147afb1:1572532619"
content-type
image/jpeg
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
255716
CHI-r2x.jpg
c.fareportal.com/gcms/portals/2/images/destinations/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/gcms/portals/2/images/destinations/CHI-r2x.jpg
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a72b568e0cb079b89f1933fe036d08a8b51393b53721b11b49ef0e70bdc52a5a

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:12 GMT
last-modified
Thu, 31 Oct 2019 10:58:03 GMT
server
Apache
access-control-allow-origin
*
etag
"79777c3168de75d764dd49809babb9c8:1572532435"
content-type
image/jpeg
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
103056
c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/settings/ 		388 B
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://launchpadapiassignment.azure.fareportal.com/api/settings/c04162b6-da3a-4007-a572-46b9323ec8f3
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.55.121 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4926abd2db77fc419cfb828510998769b288c5fb39694e57daf555b9a3326e56

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com

Response headers

Date
Mon, 02 Dec 2019 19:02:11 GMT
Content-Encoding
gzip
Server
Kestrel
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Request-Context
appId=cid-v1:a9614c33-7e50-403a-b414-6d6400b9148b
all.js
connect.facebook.net/en_US/ 		186 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=eb0c4e67c05bed2e01c80d08f02eb8eb&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
a4b02c501be8e14ff5f8728264eccf4c237bd0f9fd8a36720eb305a52ac57b2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
FUP5M+vTGKAPlHn/eblimQ==
status
200
date
Mon, 02 Dec 2019 19:02:12 GMT
expires
Tue, 01 Dec 2020 17:57:15 GMT
alt-svc
h3-23=":443"; ma=3600
content-length
56789
x-fb-debug
M8c7JfES93Jlb0EPI9jeFA8gJOffsF5KwU7bDodww8xC9Vi4vafycu9jt1jhffK5SnIa1YIaKaYwlKs0C7HIHg==
x-fb-trip-id
420120009
x-fb-content-md5
e989d71e7f85cd1b26ddcb20fc0a2800
etag
"6da13af0ce0e612d6fed7fb0b9cd67a3"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
recaptcha__en.js
www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/ 		254 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3b6f51d30b4b20b9e7b3da75b5c14a51ce39ec203b9fa37e043f097272d5540e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 23:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Nov 2019 05:06:47 GMT
server
sffe
age
933364
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
92852
x-xss-protection
0
expires
Fri, 20 Nov 2020 23:46:08 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/ 		287 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=googleApiLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
66a0b2283ca6af83098411b1427182d52615727bc51d7feba1bceab69aa2b72d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 Nov 2019 01:22:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Nov 2019 22:37:32 GMT
server
sffe
age
1186812
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
101118
x-xss-protection
0
expires
Wed, 18 Nov 2020 01:22:00 GMT
open
api2.branch.io/v1/ 		266 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/open
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:d800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
99f142b44360a1c7d2a3ca58b90d19b11152a1631a5012e32782b9b7ee648649

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 02 Dec 2019 19:02:12 GMT
via
1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
server
openresty/1.13.6.2
x-amz-cf-pop
FRA2-C1
status
200
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
content-length
266
x-amz-cf-id
MijuBMrUhQ4O-wRWn_p_1H1gxP4Sqer-Gd2R26D5ofCA-gadNtIUmg==
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJXBT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1715
date
Mon, 02 Dec 2019 18:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Mon, 02 Dec 2019 20:33:37 GMT
fbevents.js
connect.facebook.net/en_US/ 		121 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
26702
x-xss-protection
0
pragma
public
x-fb-debug
frgAFU2d2dB7mAQsRSlxxbatUu7cHQfeE1nVDz1hINNEij0CCywAST4uClajl2ZaasbQr5bPT2AaTIr+RjvmNg==
x-fb-trip-id
420120009
date
Mon, 02 Dec 2019 19:02:12 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
hotjar-3203.js
static.hotjar.com/c/ 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3203.js?sv=5
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.111 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-12
Software
openresty /
Resource Hash
1cc9490372253a2cc1152862d2eabe371d66f4bafa2e536f1f899fb36c684d18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
32
status
200
section-io-cache
Hit
vary
Accept-Encoding
content-length
5511
x-cache-hit
1
server
openresty
x-frame-options
SAMEORIGIN
etag
W/36561a0c869a6d0192d9391aa7c38b6a
access-control-max-age
600
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.075
accept-ranges
bytes
section-io-id
fa51f1422a4df58420ea3d85f7403727
ytc.js
s.yimg.com/wi/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ats-carp-promotion
1
date
Mon, 02 Dec 2019 18:40:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1323
x-amz-server-side-encryption
AES256
status
200
strict-transport-security
max-age=15552000
content-length
5150
x-amz-id-2
ktUevW7takieGS6cQTM0TpB7BlmPb+INAJ58Zy28s3EoaH07MIsqvb9VqKHHMgzNAyek8TIszxg=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 12 Nov 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 08 Oct 2019 10:16:59 GMT
server
ATS
etag
"254a43f994019deb4ca1830f04bd5d32-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
x-amz-request-id
CC0104B659441EB0
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
x4Y4HVRbF4l0Lw4GKvYmVr0DuE8bwWr0
accept-ranges
bytes
content-type
application/javascript
ToASettings
www.cheapoair.com/profiles/publicapi/v1/TripsDetailsTOA/ 		58 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/profiles/publicapi/v1/TripsDetailsTOA/ToASettings
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.159 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-159.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0e4e3f3425ded03c852cf6f5144793756bdc69de9c94a8995c8c304a23640e84
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
TOAPSettingsK
SADF324@#@$Fareportal
X-DomainId
www.cheapoair.com
Request-Id
|6zGLi.3BgmB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 02 Dec 2019 19:02:12 GMT
x-content-type-options
nosniff
x-machinestamp
CRM-2-NJ-104-80
akamai-x-true-edgecontrol-ttl
-1
content-type
application/json; charset=utf-8
status
200
expires
Sun, 01 Dec 2019 19:02:12 GMT
cache-control
no-cache, public
x-proxy-server
apinginx118
content-length
58
x-proxy-cache
BYPASS
request-context
appId=cid-v1:02a21fc1-779e-4c77-b239-6fe6d6034e38
imp_fareportal.min.js
cdn.nowinteract.com/us1/fareportal/ 		74 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.nowinteract.com/us1/fareportal/imp_fareportal.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJXBT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.236.192 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 / ASP.NET
Resource Hash
c49d04b8a61310faec4f6780bc44ff3c7b4fe61eeda091d2b5bd30d4559ca766

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:12 GMT
content-encoding
gzip
etag
W/"2fa2b427aa5d51:0"
last-modified
Wed, 27 Nov 2019 10:05:11 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*, *
x-powered-by
ASP.NET
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=86400
expires
Tue, 03 Dec 2019 19:02:12 GMT
Accutrak.js
d11tldh9zr4z08.cloudfront.net/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11tldh9zr4z08.cloudfront.net/Accutrak.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJXBT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:a200:d:69b0:4e00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache/2.4 /
Resource Hash
469502db3772ba151fc832576249775489902d136d2d8b61c6c30faadf957292

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 17:21:39 GMT
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 00:08:43 GMT
server
Apache/2.4
age
6033
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-cache-info
caching
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
H0g-_z3hWQ50f0c-xgGPK_f2Dz2O3ttxRCaCMPJhkaWv-kzIZGFz2A==
via
1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
js
www.googletagmanager.com/gtag/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-956986618
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJXBT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd61bd38ea392e33cdc8c1d10fd3d754dcc57e35d90515cd42c7d015c0a4474e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:12 GMT
content-encoding
br
last-modified
Mon, 02 Dec 2019 18:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27665
x-xss-protection
0
expires
Mon, 02 Dec 2019 19:02:12 GMT
csas_lpgpbpp-0.0.5-beta.17.js
c.fareportal.com/vd/csas/ 		49 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/vd/csas/csas_lpgpbpp-0.0.5-beta.17.js
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.92.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-92-98.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
1c32ad48767a9ba9570296446caabc6ff081bcafada1e8cd5708da840cad9915

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:12 GMT
content-encoding
br
last-modified
Sun, 06 Oct 2019 01:39:49 GMT
server
Akamai Resource Optimizer
access-control-allow-origin
*
etag
"dd310025646a75b65587b82c7d2b529f:1564087216"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
12349
xd_arbiter.php
staticxx.facebook.com/connect/ Frame AA1C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=eb0c4e67c05bed2e01c80d08f02eb8eb&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Sat, 21 Nov 2020 20:27:41 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
gzip
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
/POC47GoEc2MW0QoEEsv74gNnSgwCc5z3AZnNhd0KxWspcyi1N3hUEPlW1s3ol/bhCNVBlr0TS3vexpYaBhDvQ==
content-length
12397
x-fb-trip-id
420120009
date
Mon, 02 Dec 2019 19:02:12 GMT
alt-svc
h3-23=":443"; ma=3600
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=254155001398899&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=eb0c4e67c05bed2e01c80d08f02eb8eb&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/
Origin
https://www.cheapoair.com

Response headers

pragma
no-cache
x-fb-debug
iDI8Z6HkQhwfihN+Qj6KZRctHhSb1yvvcnxY3egkYOcgUuj7kXsu+N69tkpMCYeUr2uBWEzS1HpsGWi+yhL74A==
fb-s
unknown
status
200
date
Mon, 02 Dec 2019 19:02:12 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cheapoair.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-23=":443"; ma=3600
content-length
0
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
pageview
api2.branch.io/v1/ 		28 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:d800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty/1.13.6.2 / Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 02 Dec 2019 19:02:12 GMT
via
1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
server
openresty/1.13.6.2
x-amz-cf-pop
FRA2-C1
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
status
200
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
28
x-amz-cf-id
YOdXNeSKS8_DnijQBaxDwcKHlzS5Vuygum5rhRkbBO_8j8IZkvvhPA==
get
www.cheapoair.com/profiles/publicapi/v1/TripsDetailsTOA/ 		58 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/profiles/publicapi/v1/TripsDetailsTOA/get
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.101.159 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-101-159.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
84975ea3e3e7cbbd66d7160d4e6f52af1d26248af3a55f49db70992d5015b8b6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
X-DomainId
www.cheapoair.com
Request-Id
|6zGLi.CtCi3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 02 Dec 2019 19:02:12 GMT
x-content-type-options
nosniff
x-machinestamp
CRM-1-NJ-103-80
akamai-x-true-edgecontrol-ttl
-1
content-type
application/json; charset=utf-8
status
200
expires
Sun, 01 Dec 2019 19:02:12 GMT
cache-control
no-cache, public
x-proxy-server
apinginx118
content-length
58
x-proxy-cache
BYPASS
request-context
appId=cid-v1:02a21fc1-779e-4c77-b239-6fe6d6034e38
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
927 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 18:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
606
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Mon, 02 Dec 2019 19:52:06 GMT
1386471704908747
connect.facebook.net/signals/config/ 		349 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1386471704908747?v=2.9.14&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
a09137675999f24d2e0243ed9dd46f252e61676f0bffe4da3b547c30bb775873
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
86984
x-xss-protection
0
pragma
public
x-fb-debug
Rn7YncFI9jLYpMkxPSUERUnk4z2UjSDUzE5qkeug0LjnMA2h3ziIMsG6s4B0amf+yF9wzYN54AvvuW43SBKy+Q==
x-fb-trip-id
420120009
date
Mon, 02 Dec 2019 19:02:12 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
36242.json
s.yimg.com/wi/config/ 		2 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/36242.json
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com

Response headers

date
Mon, 02 Dec 2019 18:50:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
701
status
200
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
1C86005799C2985C
x-amz-id-2
9L6c6Rb9WMuCMWOnCr4Du30zKGrHKyRXWE/tcF4TpJ/Y09NkoId9IVReo0wtQmV2VNlCUx5uDB4=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
22
modules.1563bfc088652f728ad5.js
script.hotjar.com/ 		399 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.1563bfc088652f728ad5.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3203.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.101.51 Central, Hong Kong, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-7
Software
/
Resource Hash
464f98ed0cc4bd0a6f0858a99c60f2e018645009265ed955a0a2eb0f5ca81e00

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:12 GMT
content-encoding
br
last-modified
Thu, 28 Nov 2019 17:38:37 GMT
access-control-allow-origin
*
etag
"6f4d0398872f50ffe1212d1d3fe37a64"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
section-io-origin-time-seconds
0.047
section-io-origin-status
200
accept-ranges
bytes
section-io-id
60aa94c341bae14077e5481ca3db7298
content-length
70909
ResponseService.ashx
us1.nowinteract.com/logserver/ 		676 B
935 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us1.nowinteract.com/logserver/ResponseService.ashx?siteid=usfar170615epo&url=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573&urlref=&userkey=1E8FD876DD1D4BF8A42C121371CF83FB&impsess=303D01D6BE7D4C218C2E8439B99A4450&rand=0.46036079300974997&KeyValue=impviewstyle:desktopstyle&KeyValue=impversion:9.10_28_nojq_noevent_obj_z19d&KeyValue=implanguage:en-US&KeyValue=impwidth:1600&KeyValue=impheight:1200&KeyValue=impnavigator:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&KeyValue=fpuid:MWU5ODg2Mjk5MThlMDIxMQ%3D%3D&KeyValue=curraff:ret-coa-eenl-ku_ot_hybrid-2&KeyValue=implogdataprevonp:0&KeyValue=impview:1&KeyValue=imptab:0&KeyValue=implogtype:0&KeyValue=imploctime:2019-12-02T20%3A02%3A12.575&KeyValue=implocoffset:-60&KeyValue=imploczone:Europe%2FBerlin
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
212.54.153.104 Edison, United States, ASN50292 (STRATOGEN ==================================, GB),
Reverse DNS
s104-153-54-212.cust.stratogen.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
fb1e9b2135658d8866e1b57aa3748db222f16010b96c79d115d191284aedb8ef

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com

Response headers

Date
Mon, 02 Dec 2019 19:02:11 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
676
conversion_async.js
www.googleadservices.com/pagead/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-956986618
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
69e3a796f4b120879065a812b95b56fd4d28f88faf8c1976ad9b0fa2f31dc0eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9614
x-xss-protection
0
server
cafe
etag
5296095546589048175
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 02 Dec 2019 19:02:12 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1006443535&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-423411-1&cid=1324980181.1575313332&jid=816312642&_gid=1925415336.1575313332&gjid=808016832&_v=j79&z=403199967
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-423411-1&cid=1324980181.1575313332&jid=816312642&_v=j79&z=403199967
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-423411-1&cid=1324980181.1575313332&jid=816312642&_v=j79&z=403199967&slf_rd=1&random=3660002489
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-423411-1&cid=1324980181.1575313332&jid=816312642&_v=j79&z=403199967&slf_rd=1&random=3660002489
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Dec 2019 19:02:13 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Dec 2019 19:02:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-423411-1&cid=1324980181.1575313332&jid=816312642&_v=j79&z=403199967&slf_rd=1&random=3660002489
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1006443535&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573&ul=en-us&de=UTF-8&dt=CheapOair.com%20%7C%20Don%27t%20Miss%20Cyber%20Monday%20Deals!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=DealsTracking&ea=Failure&el=%5B%23fpaffiliate%23%5D&ev=1&_u=aGDAAEAj~&jid=&gjid=&cid=1324980181.1575313332&tid=UA-423411-1&_gid=1925415336.1575313332&gtm=2wgav9TJXBT&cd18=nl-internatioanl-live-static-deals&z=1056042814
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Nov 2019 01:12:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1101011
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1006443535&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573&dp=%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573&ul=en-us&de=UTF-8&dt=CheapOair.com%20%7C%20Don%27t%20Miss%20Cyber%20Monday%20Deals!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgEAj~&jid=2098709242&gjid=1225774344&cid=1324980181.1575313332&uid=&tid=UA-423411-1&_gid=1925415336.1575313332&gtm=2wgav9TJXBT&cd18=nl-internatioanl-live-static-deals&cd4=-3&cd5=ret-coa-eenl-ku_ot_hybrid-2&cd12=&cd38=MWU5ODg2Mjk5MThlMDIxMQ%3D%3D&z=319759931
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Nov 2019 01:12:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1101011
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-423411-1&cid=1324980181.1575313332&jid=2098709242&gjid=1225774344&_gid=1925415336.1575313332&_u=aGDAgEAj~&z=861716100
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-423411-1&cid=1324980181.1575313332&jid=2098709242&_v=j79&z=861716100
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-423411-1&cid=1324980181.1575313332&jid=2098709242&_v=j79&z=861716100&slf_rd=1&random=4277145799
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-423411-1&cid=1324980181.1575313332&jid=2098709242&_v=j79&z=861716100&slf_rd=1&random=4277145799
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Dec 2019 19:02:12 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Dec 2019 19:02:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-423411-1&cid=1324980181.1575313332&jid=2098709242&_v=j79&z=861716100&slf_rd=1&random=4277145799
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1006443535&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573&ul=en-us&de=UTF-8&dt=CheapOair.com%20%7C%20Don%27t%20Miss%20Cyber%20Monday%20Deals!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Affiliate%20Hit&ea=ret-coa-eenl-ku_ot_hybrid-2&_u=aGDAAEAj~&jid=&gjid=&cid=1324980181.1575313332&tid=UA-423411-1&_gid=1925415336.1575313332&gtm=2wgav9TJXBT&cd23=ret-coa-eenl-ku_ot_hybrid-2&cm2=1&z=608979009
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Nov 2019 01:12:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1101011
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1006443535&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573&ul=en-us&de=UTF-8&dt=CheapOair.com%20%7C%20Don%27t%20Miss%20Cyber%20Monday%20Deals!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=AffiliateTracking&ea=Success&el=%5B%23fpaffiliate%23%5D&ev=1&_u=aGDAAEAj~&jid=&gjid=&cid=1324980181.1575313332&tid=UA-423411-1&_gid=1925415336.1575313332&gtm=2wgav9TJXBT&cd18=nl-internatioanl-live-static-deals&z=338319940
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Nov 2019 01:12:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1101011
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
box-b736908ce6b0e933fad3a2e45df61b38.html
vars.hotjar.com/ Frame DBD3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3203.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.101.51 Central, Hong Kong, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-7
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-b736908ce6b0e933fad3a2e45df61b38.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573

Response headers

status
200
date
Mon, 02 Dec 2019 19:02:13 GMT
content-type
text/html
content-length
808
cache-control
max-age=31536000
content-encoding
br
last-modified
Mon, 25 Nov 2019 17:40:38 GMT
etag
"ed7551919779fd07dbfe6d776c643379"
section-io-origin-status
200
section-io-origin-time-seconds
0.028
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
5a9f45ffc869940204c60bfa945ad806
anchor
www.google.com/recaptcha/api2/ Frame E854 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&co=aHR0cHM6Ly93d3cuY2hlYXBvYWlyLmNvbTo0NDM.&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=invisible&cb=b6l54q84ae4f
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZTQ99lQAYAVKCmf9+wHAfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&co=aHR0cHM6Ly93d3cuY2hlYXBvYWlyLmNvbTo0NDM.&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=invisible&cb=b6l54q84ae4f
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 02 Dec 2019 19:02:12 GMT
content-security-policy
script-src 'report-sample' 'nonce-ZTQ99lQAYAVKCmf9+wHAfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
8998
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
anchor
www.google.com/recaptcha/api2/ Frame 265C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&co=aHR0cHM6Ly93d3cuY2hlYXBvYWlyLmNvbTo0NDM.&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=invisible&cb=onou9wqqenc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tCO+Ii6YN7DvVKJfUksB8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&co=aHR0cHM6Ly93d3cuY2hlYXBvYWlyLmNvbTo0NDM.&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=invisible&cb=onou9wqqenc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 02 Dec 2019 19:02:12 GMT
content-security-policy
script-src 'report-sample' 'nonce-tCO+Ii6YN7DvVKJfUksB8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9067
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
328289504770882
connect.facebook.net/signals/config/ 		349 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/328289504770882?v=2.9.14&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6177cdbbe6c943e5197dd72eb8dd4c06f33d19ee4101ca338e7820dbb8362d19
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
86934
x-xss-protection
0
pragma
public
x-fb-debug
gk/f8GVBh/cl0xrEprBjKKfOnlapr+Ph5NTT1Isx5rV0kCdOqBUN2/uJXsr7CPI6Krbr+I/yrcTVPo+byQQPpA==
x-fb-trip-id
420120009
date
Mon, 02 Dec 2019 19:02:12 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1386471704908747&ev=PageView&dl=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573&rl=&if=false&ts=1575313332703&sw=1600&sh=1200&v=2.9.14&r=stable&ec=0&o=30&fbp=fb.1.1575313332702.213580801&it=1575313332508&coo=false&rqm=GET
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Mon, 02 Dec 2019 19:02:12 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/956986618/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956986618/?random=1575313332719&cv=9&fst=1575313332719&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaav9&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573&tiba=CheapOair.com%20%7C%20Don%27t%20Miss%20Cyber%20Monday%20Deals!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7ed4fa6c51dd402291e490ac52a8ffa7f6969390955e985e8dbe7286b9583572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Dec 2019 19:02:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1152
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=328289504770882&ev=PageView&dl=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573&rl=&if=false&ts=1575313332774&sw=1600&sh=1200&v=2.9.14&r=stable&ec=0&o=30&fbp=fb.1.1575313332702.213580801&it=1575313332508&coo=false&rqm=GET
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Mon, 02 Dec 2019 19:02:12 GMT
/
cx.atdmt.com/
Redirect Chain
  • https://www.facebook.com/tr/?id=1386471704908747&ev=Search&dl=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttrav...
  • https://cx.atdmt.com/?c=6984260561493021509&f=AYx6KLXm8yGZ5904DLkf6qTX5j-ML1QD7AVT46WtVR-C2_FFDpoNzKGHLiE8rjwV07L4AO-eFEilHhoijQa8fITJ&id=1386471704908747&l=3&v=0
42 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cx.atdmt.com/?c=6984260561493021509&f=AYx6KLXm8yGZ5904DLkf6qTX5j-ML1QD7AVT46WtVR-C2_FFDpoNzKGHLiE8rjwV07L4AO-eFEilHhoijQa8fITJ&id=1386471704908747&l=3&v=0
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 02 Dec 2019 19:02:12 GMT
p3p
CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
content-length
42
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 02 Dec 2019 19:02:12 GMT
server
proxygen-bolt
location
https://cx.atdmt.com/?c=6984260561493021509&f=AYx6KLXm8yGZ5904DLkf6qTX5j-ML1QD7AVT46WtVR-C2_FFDpoNzKGHLiE8rjwV07L4AO-eFEilHhoijQa8fITJ&id=1386471704908747&l=3&v=0
content-type
text/plain
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-23=":443"; ma=3600
content-length
0
expires
0
/
www.facebook.com/tr/ 		44 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=328289504770882&ev=Search&dl=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573&rl=&if=false&ts=1575313332777&cd[content_type]=flight&sw=1600&sh=1200&v=2.9.14&r=stable&ec=1&o=30&fbp=fb.1.1575313332702.213580801&it=1575313332508&coo=false&rqm=GET
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Mon, 02 Dec 2019 19:02:12 GMT
c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/settings/ 		388 B
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://launchpadapiassignment.azure.fareportal.com/api/settings/c04162b6-da3a-4007-a572-46b9323ec8f3
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.55.121 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4926abd2db77fc419cfb828510998769b288c5fb39694e57daf555b9a3326e56

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com

Response headers

Date
Mon, 02 Dec 2019 19:02:12 GMT
Content-Encoding
gzip
Server
Kestrel
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Request-Context
appId=cid-v1:a9614c33-7e50-403a-b414-6d6400b9148b
/
www.google.com/pagead/1p-user-list/956986618/ 		42 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/956986618/?random=1575313332719&cv=9&fst=1575313200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaav9&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573&tiba=CheapOair.com%20%7C%20Don%27t%20Miss%20Cyber%20Monday%20Deals!&async=1&fmt=3&is_vtc=1&random=1958103221&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Dec 2019 19:02:12 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/956986618/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/956986618/?random=1575313332719&cv=9&fst=1575313200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaav9&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573&tiba=CheapOair.com%20%7C%20Don%27t%20Miss%20Cyber%20Monday%20Deals!&async=1&fmt=3&is_vtc=1&random=1958103221&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.cheapoair.com
URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Dec 2019 19:02:12 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
in.php
win.staticstuff.net/ 		292 B
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://win.staticstuff.net/in.php?site_id=101071181&type=pageview&href=%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573&title=CheapOair.com%20%7C%20Don%27t%20Miss%20Cyber%20Monday%20Deals!&res=1600x1200&lang=en&jsuid=2584736913&mime=js&x=0.6841606364851194
Requested by
Host: d11tldh9zr4z08.cloudfront.net
URL: https://d11tldh9zr4z08.cloudfront.net/Accutrak.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.145.13.14 , United States, ASN2044 (IINET-2044 - Infinity Internet, Inc., US),
Reverse DNS
getclicky.com
Software
nginx /
Resource Hash
f1cabafbcfbc5b37ada4423dc298b94af47c6089e9300fd6818f894cdf51ea3e

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:13 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
expires
Mon, 26 Jul 1997 05:00:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame 0885 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&cb=9cdiup6grhg4
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vJrWOwsx4at4gLkq9Fckyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&cb=9cdiup6grhg4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 02 Dec 2019 19:02:13 GMT
content-security-policy
script-src 'report-sample' 'nonce-vJrWOwsx4at4gLkq9Fckyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1114
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
bframe
www.google.com/recaptcha/api2/ Frame 65E7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&cb=j6qtmkbj9iyq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uf1c/9+lX9I34hsyegQeXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&k=6LdJWRgUAAAAABu-Por3nzfyN_5grD3ohm_B6Li0&cb=j6qtmkbj9iyq
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
accept-encoding
gzip, deflate, br
cookie
NID=192=72XpzmIbgpO16aQOvgFQSeXliZnMBv5Y_BFlc4vcozLoIzZfuFvsuSLH1KWEtH7u2B9K_YcWz0KxYFGHyaWm9APOM8FTc3d9eg4BSZ_Mow_Q1OnhvgHB_yPvK_biha7xOJv_pX2E3EBMdhpb-st9lF0nuScx47ECibOm6wKajjc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 02 Dec 2019 19:02:14 GMT
content-security-policy
script-src 'report-sample' 'nonce-uf1c/9+lX9I34hsyegQeXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1113
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/settings/ 		386 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://launchpadapiassignment.azure.fareportal.com/api/settings/c04162b6-da3a-4007-a572-46b9323ec8f3
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.55.121 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7d7692536c34a107f34e2dc4f82bcd65084a1e3e3c75aaba15112d9e1e02ec01

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com

Response headers

Date
Mon, 02 Dec 2019 19:02:15 GMT
Content-Encoding
gzip
Server
Kestrel
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Request-Context
appId=cid-v1:a9614c33-7e50-403a-b414-6d6400b9148b
ResponseService.ashx
us1.nowinteract.com/logserver/ 		676 B
935 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us1.nowinteract.com/logserver/ResponseService.ashx?siteid=usfar170615epo&url=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573&userkey=049B6F96AA144CB485188DE06BC2167D&impsess=A158061DF5FD459FB7BC3A4DB4D3CF48&rand=0.27569586635535304
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
212.54.153.104 Edison, United States, ASN50292 (STRATOGEN ==================================, GB),
Reverse DNS
s104-153-54-212.cust.stratogen.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1b464de768ac30f137b82344c295214d08f836069bb1ad7cc1577ade9da00e4d

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 02 Dec 2019 19:02:14 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
676
track
dc.services.visualstudio.com/v2/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
POST
Origin
https://www.cheapoair.com
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,sdk-context

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 02 Dec 2019 19:02:16 GMT
X-Content-Type-Options
nosniff
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length
0
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
POST
b
ds-aksb-a.akamaihd.net/2/855351/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ds-aksb-a.akamaihd.net/2/855351/b?dE=1&cS=1&cE=22&rqS=22&rsS=152&rsE=158&sS=6&dl=155&di=506&fp=566&dlS=590&dlE=1258&dc=5269&leS=5269&leE=5344&to=&ol=0&cr=5&mt=&mb=&b=657665&u=https%3A//www.cheapoair.com/flights/newsletters/dec0219&ua=Mozilla/5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/74.0.3729.169%20Safari/537.36&pl=Linux%20x86_64&us=&gh=92.122.215.12&t=&rid=a360ce1&r=19681&akM=a&akN=ae&vc=14:17&bpcip=904c6d00&akTX=1&akTI=a360ce1&ai=197772&pmgn=&pmgi=&pmp=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff09 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Dec 2019 19:02:16 GMT
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store, private
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
0
Expires
Mon, 02 Dec 2019 19:02:16 GMT
track
dc.services.visualstudio.com/v2/ 		98 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
0b459a34a19d94673a0777f4c6ee6b22f0bfab3c7e98a489ff629cc6bc7bab41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
952E71FA-DD89-4783-B17F-A66F3B116A38
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Date
Mon, 02 Dec 2019 19:02:16 GMT
Access-Control-Max-Age
3600
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length
98
c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/settings/ 		386 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://launchpadapiassignment.azure.fareportal.com/api/settings/c04162b6-da3a-4007-a572-46b9323ec8f3
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.55.121 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7d7692536c34a107f34e2dc4f82bcd65084a1e3e3c75aaba15112d9e1e02ec01

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com

Response headers

Date
Mon, 02 Dec 2019 19:02:16 GMT
Content-Encoding
gzip
Server
Kestrel
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Request-Context
appId=cid-v1:a9614c33-7e50-403a-b414-6d6400b9148b
c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/settings/ 		386 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://launchpadapiassignment.azure.fareportal.com/api/settings/c04162b6-da3a-4007-a572-46b9323ec8f3
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.55.121 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7d7692536c34a107f34e2dc4f82bcd65084a1e3e3c75aaba15112d9e1e02ec01

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com

Response headers

Date
Mon, 02 Dec 2019 19:02:16 GMT
Content-Encoding
gzip
Server
Kestrel
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Request-Context
appId=cid-v1:a9614c33-7e50-403a-b414-6d6400b9148b
c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/settings/ 		388 B
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://launchpadapiassignment.azure.fareportal.com/api/settings/c04162b6-da3a-4007-a572-46b9323ec8f3
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.55.121 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel /
Resource Hash
dfe215d3070f0c928838a7e072fbe1e4f1bb9b2d781f6a264775c37f54ca7c58

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com

Response headers

Date
Mon, 02 Dec 2019 19:02:17 GMT
Content-Encoding
gzip
Server
Kestrel
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Request-Context
appId=cid-v1:a9614c33-7e50-403a-b414-6d6400b9148b
/
www.facebook.com/tr/ 		44 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1386471704908747&ev=Microdata&dl=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573&rl=&if=false&ts=1575313337084&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5Ct%5CnCheapOair.com%20%7C%20Don%27t%20Miss%20Cyber%20Monday%20Deals!%5Cn%5Cn%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.14&r=stable&ec=2&o=30&fbp=fb.1.1575313337083.409748094&it=1575313332508&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Mon, 02 Dec 2019 19:02:17 GMT
/
www.facebook.com/tr/ 		44 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=328289504770882&ev=Microdata&dl=https%3A%2F%2Fwww.cheapoair.com%2Fflights%2Fnewsletters%2Fdec0219%3Ffpaffiliate%3Dret-coa-eenl-ku_ot_hybrid-2%26fpsub%3Dmweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl%26tag%3Dd3maincta%26cmpid%3D1033296%26audid%3D43830573&rl=&if=false&ts=1575313337086&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5Ct%5CnCheapOair.com%20%7C%20Don%27t%20Miss%20Cyber%20Monday%20Deals!%5Cn%5Cn%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.14&r=stable&ec=2&o=30&fbp=fb.1.1575313337083.409748094&it=1575313332508&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 19:02:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Mon, 02 Dec 2019 19:02:17 GMT
c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/settings/ 		390 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://launchpadapiassignment.azure.fareportal.com/api/settings/c04162b6-da3a-4007-a572-46b9323ec8f3
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.55.121 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel /
Resource Hash
dc3cfcf3731eca674d7c85c99e2d8194b279d1f1971a0bfcab4d973ada8e91dc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com

Response headers

Date
Mon, 02 Dec 2019 19:02:19 GMT
Content-Encoding
gzip
Server
Kestrel
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Request-Context
appId=cid-v1:a9614c33-7e50-403a-b414-6d6400b9148b
c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/settings/ 		390 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://launchpadapiassignment.azure.fareportal.com/api/settings/c04162b6-da3a-4007-a572-46b9323ec8f3
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.55.121 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel /
Resource Hash
dc3cfcf3731eca674d7c85c99e2d8194b279d1f1971a0bfcab4d973ada8e91dc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com

Response headers

Date
Mon, 02 Dec 2019 19:02:20 GMT
Content-Encoding
gzip
Server
Kestrel
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Request-Context
appId=cid-v1:a9614c33-7e50-403a-b414-6d6400b9148b
c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/settings/ 		390 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://launchpadapiassignment.azure.fareportal.com/api/settings/c04162b6-da3a-4007-a572-46b9323ec8f3
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.55.121 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel /
Resource Hash
dc3cfcf3731eca674d7c85c99e2d8194b279d1f1971a0bfcab4d973ada8e91dc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com

Response headers

Date
Mon, 02 Dec 2019 19:02:20 GMT
Content-Encoding
gzip
Server
Kestrel
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Request-Context
appId=cid-v1:a9614c33-7e50-403a-b414-6d6400b9148b
c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/settings/ 		390 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://launchpadapiassignment.azure.fareportal.com/api/settings/c04162b6-da3a-4007-a572-46b9323ec8f3
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.55.121 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel /
Resource Hash
dc3cfcf3731eca674d7c85c99e2d8194b279d1f1971a0bfcab4d973ada8e91dc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com

Response headers

Date
Mon, 02 Dec 2019 19:02:20 GMT
Content-Encoding
gzip
Server
Kestrel
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Request-Context
appId=cid-v1:a9614c33-7e50-403a-b414-6d6400b9148b
c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/settings/ 		388 B
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://launchpadapiassignment.azure.fareportal.com/api/settings/c04162b6-da3a-4007-a572-46b9323ec8f3
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.55.121 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel /
Resource Hash
1eb7f7745c11ec67c47b435e35c93b68ff3428498ad60d4afd6013693eb6431b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com

Response headers

Date
Mon, 02 Dec 2019 19:02:21 GMT
Content-Encoding
gzip
Server
Kestrel
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Request-Context
appId=cid-v1:a9614c33-7e50-403a-b414-6d6400b9148b
c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/settings/ 		388 B
770 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://launchpadapiassignment.azure.fareportal.com/api/settings/c04162b6-da3a-4007-a572-46b9323ec8f3
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.55.121 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2d652c51d3b47eaee4d887e61f2ff6ff947abcc49dd34b1bac946745a822e878

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com

Response headers

Date
Mon, 02 Dec 2019 19:02:23 GMT
Content-Encoding
gzip
Server
Kestrel
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Request-Context
appId=cid-v1:a9614c33-7e50-403a-b414-6d6400b9148b
c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/settings/ 		384 B
767 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://launchpadapiassignment.azure.fareportal.com/api/settings/c04162b6-da3a-4007-a572-46b9323ec8f3
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.55.121 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel /
Resource Hash
db3c3b47b7393c82bb10ddf7d82bcfb5a647cdcd140b00096527acc63e257ddc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com

Response headers

Date
Mon, 02 Dec 2019 19:02:26 GMT
Content-Encoding
gzip
Server
Kestrel
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Request-Context
appId=cid-v1:a9614c33-7e50-403a-b414-6d6400b9148b
c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/settings/ 		386 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://launchpadapiassignment.azure.fareportal.com/api/settings/c04162b6-da3a-4007-a572-46b9323ec8f3
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.55.121 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ec764349746af73773d8f4b0b75580c3d251dbbf787bdcceeda30ad28b7d6312

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573
Origin
https://www.cheapoair.com

Response headers

Date
Mon, 02 Dec 2019 19:02:27 GMT
Content-Encoding
gzip
Server
Kestrel
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Request-Context
appId=cid-v1:a9614c33-7e50-403a-b414-6d6400b9148b
c04162b6-da3a-4007-a572-46b9323ec8f3
launchpadapiassignment.azure.fareportal.com/api/settings/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
launchpadapiassignment.azure.fareportal.com
URL
https://launchpadapiassignment.azure.fareportal.com/api/settings/c04162b6-da3a-4007-a572-46b9323ec8f3

Verdicts & Comments Add Verdict or Comment

223 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| getCookie undefined| script undefined| s boolean| isGDPR object| w object| d object| AKSB function| $ function| jQuery object| appInsights function| setImmediate function| clearImmediate object| Launchpad object| CSAS_CONFIG object| AnalyticsService object| compareFaresConfig boolean| isSTAOff string| urlName object| coupons function| SetCookie boolean| isLogFSD object| FEATURES boolean| EnableSameDaySearch boolean| disableGeoLocation boolean| hasSearch boolean| loadExtremeSearch boolean| EnableMultiCitySDS number| urlIndex string| emberSignupSource string| CouponCode undefined| termsConditionsText string| Discount string| DisclaimerUpdate undefined| TextBeforeCoupon string| CouponExpiryDate boolean| isRecentSearchDisabled function| AnalyticsServiceLogEvent string| dealExpiredStatus object| pageConfig object| lazyLoadRef object| gdprCookieVal string| fpLocation object| googletag function| attachOnLoadEvent function| loadGoogleAds function| __extends object| Microsoft object| AI function| sendSMS function| sendSMSUsPhone function| isValidUSPhoneNumber function| reFormatMobileNo function| inputOnChange function| clearMessage object| branch object| FP object| jQuery19108754976429345815 function| QueryString function| resize function| showGG function| TaxesFeesInfo function| ServiceFeesInfo function| NLTC function| BaggageFeesInfo function| termsAndCond function| showTerms function| BestPriceInfo function| TaxesFeesVPInfo function| GetCookieVal function| GetCookie function| DeleteCookie function| signOutEvent function| SignOut function| FetchUserName function| UserNameAuthenticate function| UserSignInAuth function| UserSignIn function| signOutClick function| bbb function| windowOpener string| path string| args object| Ember object| Em object| SimpleAuth function| handleUserLoggedInProfiles function| HashTable function| isLocalStorageSupported function| merge function| parseUTCDate function| decodeHashDate function| jsPopunder function| FpNotificationService object| App object| App2 object| App1 object| App3 function| cookie number| secs number| mins number| hours function| dateFormat object| globalMessage object| boundAttributeKeys function| computed function| on object| ENV function| report_error object| signupPopUnder function| googleApiLoaded function| loadScriptAsync function| fbAsyncInit string| badgeflowtype string| badgecomponent string| badgecomponentfooter string| popupbadge string| es_culture_resource object| en_culture_resource object| mktUtility object| mktConfigData object| envSetting object| upUtility object| dataLayer object| gaTracking object| signupBadge object| EmailSignupService string| gdprdata string| gdprSignData function| setGDPRCookie function| InvokeGTMContainer function| gdprBtnClick string| GCMStemplateName string| q object| keyValuePairs undefined| sessionId undefined| jQuery19108754976429345815_1575313331075 undefined| jQuery19108754976429345815_1575313331077 object| signupValV2 object| signupValV3 object| FB object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| gapi object| ___jsl object| _gat object| _gaq object| google_tag_manager function| postscribe string| GoogleAnalyticsObject function| ga number| index object| pair function| fbq function| _fbq function| hj object| _hjSettings object| dotq object| geturl string| ToAUrl object| xmlhttp function| callTOA function| callExpire string| DATALAYER_OBJECT_NAME function| referrerOverride function| sendCampaignData function| initNewOptimizelyIntegration function| initOptimizelyIntegration object| optimizely function| getQueryString function| QueryStringToJSON function| sendNewInteractData undefined| __enable_fp_bp_debug__ object| expiry string| FP_CSAS_URL object| CSAS object| gadgets object| osapi object| shindig object| googleapis object| oauth2 object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| YAHOO undefined| I13N_Conf undefined| YWA_Global_Conf object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled string| fpcategory undefined| a object| IMP_HL boolean| imprushdialogueany object| imprushdialogueparams object| IMP string| metadataurl undefined| result number| keyIndex number| propIndex object| Accutrak_obj object| Accutrak object| Accutrak_custom object| Accutrak_site_ids object| _genericStats object| _genericStatsCustom function| gtag object| closure_lm_681208 function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| RT

6 Cookies

Domain/Path Name / Value
.cheapoair.com/ Name: imp_sb
Value: A158061DF5FD459FB7BC3A4DB4D3CF48
.cheapoair.com/ Name: imp_uk
Value: 049B6F96AA144CB485188DE06BC2167D
.cheapoair.com/ Name: _hjid
Value: 47b88960-2d29-4e0d-b6ec-5ead07137e20
.cheapoair.com/ Name: imp_sk
Value: A158061DF5FD459FB7BC3A4DB4D3CF48
.cheapoair.com/ Name: heatmaps_g2g_101071181
Value: no
.cheapoair.com/ Name: _utm_og
Value: %26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dthursdaynl

4 Console Messages

Source Level URL
Text
console-api log URL: https://www.cheapoair.com/flights/newsletters/dec0219?fpaffiliate=ret-coa-eenl-ku_ot_hybrid-2&fpsub=mweb-flighttravellerstep_1033296_t7_flight-nov1119_responsive-ctgn-1033296-d3maincta&utm_source=newsletter&utm_medium=email&utm_campaign=thursdaynl&tag=d3maincta&cmpid=1033296&audid=43830573(Line 772)
Message:
inside
console-api log URL: https://c.fareportal.com/vd/csas/csas_lpgpbpp-0.0.5-beta.17.js(Line 1)
Message:
[object Object]
console-api log URL: https://c.fareportal.com/vd/lp/lp-0.0.9-beta.0.js(Line 1)
Message:
Launchpad Sdk INFO: READY for event logging in 620ms.
console-api error URL: https://c.fareportal.com/gcms/portals/2/responsive/js/callcentric-noninteract-nl.js(Line 106)
Message:
SyntaxError: Unexpected end of JSON input

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
apis.google.com
app.link
az416426.vo.msecnd.net
c.fareportal.com
cdn.branch.io
cdn.nowinteract.com
code.jquery.com
connect.facebook.net
cx.atdmt.com
d11tldh9zr4z08.cloudfront.net
dc.services.visualstudio.com
ds-aksb-a.akamaihd.net
googleads.g.doubleclick.net
launchpadapiassignment.azure.fareportal.com
maxcdn.bootstrapcdn.com
s.yimg.com
script.hotjar.com
ssl.google-analytics.com
static.hotjar.com
staticxx.facebook.com
stats.g.doubleclick.net
us1.nowinteract.com
vars.hotjar.com
win.staticstuff.net
www.cheapoair.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.travelweeklyupdate.com
launchpadapiassignment.azure.fareportal.com
13.225.78.84
147.75.101.51
147.75.33.111
151.139.236.192
152.199.19.160
172.217.22.34
172.227.101.159
172.227.92.98
198.145.13.14
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:2b
212.54.153.104
2600:9000:20eb:d800:11:f728:3040:93a1
2600:9000:2156:9400:19:9934:6a80:93a1
2600:9000:21f3:a200:d:69b0:4e00:21
2a00:1288:f03d:1fa::4000
2a00:1450:4001:800::2003
2a00:1450:4001:800::200e
2a00:1450:4001:814::2002
2a00:1450:4001:816::2008
2a00:1450:4001:818::2004
2a00:1450:4001:81b::2008
2a00:1450:4001:81b::200e
2a00:1450:4001:81f::2003
2a00:1450:400c:c08::9d
2a01:4a0:1338:28::c38a:ff09
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
40.114.55.121
51.140.6.23
64.61.14.236
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e
0a704eafb86dcf7023d4eac852953b7d1578f9f36ca82588244401b5f5216381
0b459a34a19d94673a0777f4c6ee6b22f0bfab3c7e98a489ff629cc6bc7bab41
0bdf220420e757b578a0da6fa91496882f6dddbbe9592b17b09f83ead27c5faf
0e4e3f3425ded03c852cf6f5144793756bdc69de9c94a8995c8c304a23640e84
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14fc4046b61fcc54838eefd1368870d738b56b810a0da4375062786bebf9a86f
19ac4994e6efe6f592560e8bef74af475923c32931d45e3a099d0734def99c70
1b464de768ac30f137b82344c295214d08f836069bb1ad7cc1577ade9da00e4d
1c32ad48767a9ba9570296446caabc6ff081bcafada1e8cd5708da840cad9915
1cc9490372253a2cc1152862d2eabe371d66f4bafa2e536f1f899fb36c684d18
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
1eb7f7745c11ec67c47b435e35c93b68ff3428498ad60d4afd6013693eb6431b
20fae6fb3805cad81ebb725d2dd8d43dfdf553b10275bce910804880cce7853e
22529609ad54b33ee1695008d3daa6e35f133849c49ee00d7e9bc02eb0dd9a56
233558c15cdc293d4389091ad87b9730d0f59a153552141684978a2ac5b58ba8
264489e0eaa59a134c9573412af0612ebe7a935f5b3ffb979a9de35fc817d80c
27b0c98df45f3a0988f55a1168f3912a2a2e881dabd6b4a7ccbf9cf1f6c93e2c
295746ae5ae143de8e2c84be7100ab6c055dd7d4582257139aaed26f753c7b15
2a2b2dae9bf8821e847c52547115591f2ca21404cf5079686d1850d760cefff7
2b4ae3ad4713de869c1f6f8b8640cecfe52f7c97cae7eb0d895c222dd6db66e1
2d652c51d3b47eaee4d887e61f2ff6ff947abcc49dd34b1bac946745a822e878
3211cd82ce26fec042b2543617d3138a366d470fa74ed56788c3b0956c9f9ffb
324931052b6852618ab79be6df3a8bf409fcb8789ac02c2d1df0660ea4a087dc
38c50a6fe1ce7dd87ddd0be8eacfaccea8fa3190823230f1ac5cb6bb9972b522
3b6f51d30b4b20b9e7b3da75b5c14a51ce39ec203b9fa37e043f097272d5540e
3ba4fbf2b56985a5a8b6a726797c2616f524c0b31009f433e66da09ae87eb616
3bd2e960080775428f61a0b49a8f40ae565aa41128e1150dcfec88ca802bce70
438b171de173437f6494fbce6db973b322cc6e6a876454f167b8b10713768dbd
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
464f98ed0cc4bd0a6f0858a99c60f2e018645009265ed955a0a2eb0f5ca81e00
469502db3772ba151fc832576249775489902d136d2d8b61c6c30faadf957292
4926abd2db77fc419cfb828510998769b288c5fb39694e57daf555b9a3326e56
5709e39dd2c45e5a185af72ed876ac8dbcf3a0de12a611ae1401e31d6c04e766
587183bf507bc54431f5b9f31ac07d37604c4837a86fc6dcd0d20d44a1588ec5
59d271fc80bc1be0ad8717bdc5c1d52a01e405255085a4bc19dd8addf0f88379
5a00f587429d2adc4460c2b4f1c219cad8f5f1beada95073294db1c8ba3e2c9b
5c91a3497d5bc977d91d1b2819260653e0fdb9a971a63ff36c6499ff06e1207d
6177cdbbe6c943e5197dd72eb8dd4c06f33d19ee4101ca338e7820dbb8362d19
669d63eba6e02d76217963764c4567445175cb303d432c9e60b5d3f995d02109
66a0b2283ca6af83098411b1427182d52615727bc51d7feba1bceab69aa2b72d
69e3a796f4b120879065a812b95b56fd4d28f88faf8c1976ad9b0fa2f31dc0eb
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394
7bdc03246cb2c00c1ec6bb01102eea9c2db586ab6b0bda2442c6eeaf4d58e0d2
7d7692536c34a107f34e2dc4f82bcd65084a1e3e3c75aaba15112d9e1e02ec01
7ed4fa6c51dd402291e490ac52a8ffa7f6969390955e985e8dbe7286b9583572
7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966
80e2c35dbd6464f8399ea8a8c8e519d4c8315a3e0cb684446106781e0432f6f2
82013da0ba1c5b15a0e8c2471eb417f18df553551bb1abc1f29da5b2401f1ba8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842561cf68109eecbf1c126a7300d56b17f0a0a6a87baa00746c2fd43eda6211
844f2004eabec3611a8e08ac05dc3d35bd7cd1c58e7231f1d6e5ec6711383bda
84975ea3e3e7cbbd66d7160d4e6f52af1d26248af3a55f49db70992d5015b8b6
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
99f142b44360a1c7d2a3ca58b90d19b11152a1631a5012e32782b9b7ee648649
9e013976876f923b5d747b79501cd38255f1876399c5e9b5a8f995dec0291ab7
9f4debafd703e1267a3b13f73711eb0ac3570524f2c0b3183de0d64e77f6bca8
a09137675999f24d2e0243ed9dd46f252e61676f0bffe4da3b547c30bb775873
a4b02c501be8e14ff5f8728264eccf4c237bd0f9fd8a36720eb305a52ac57b2a
a72b568e0cb079b89f1933fe036d08a8b51393b53721b11b49ef0e70bdc52a5a
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a834bdf41b2da4b9d4ec67e14d89cdc681eec396c3ceb85697c6a8838684a51c
ab886e15639aaf4aa29aa96b83d778895fceeed46510c31f5742532b5aafa865
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b784272fae485f57c4a63a265f03930f9512271fda7e0928536e55f9ac37b6b5
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c49d04b8a61310faec4f6780bc44ff3c7b4fe61eeda091d2b5bd30d4559ca766
cd61bd38ea392e33cdc8c1d10fd3d754dcc57e35d90515cd42c7d015c0a4474e
db3c3b47b7393c82bb10ddf7d82bcfb5a647cdcd140b00096527acc63e257ddc
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc3cfcf3731eca674d7c85c99e2d8194b279d1f1971a0bfcab4d973ada8e91dc
de1bd7045de175bfd858485f1cb48a0f3bac7a8cfb1422b350c3f36792aae8d5
dfe215d3070f0c928838a7e072fbe1e4f1bb9b2d781f6a264775c37f54ca7c58
e34437888c9cd92fd3a2de03c81a82bf251191dcca69d1f6070b460be31c8784
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c753b1150ac4a20658949932fdf26041a78f8d836e2fb68983793a798011cd
e8e1df6ecb6d3dc920b7b712c1479ff0365ccdd59245327800c6a7ed7bc8566a
ec764349746af73773d8f4b0b75580c3d251dbbf787bdcceeda30ad28b7d6312
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1cabafbcfbc5b37ada4423dc298b94af47c6089e9300fd6818f894cdf51ea3e
f62757a35e649059e1d4c1bf48ab7d4a67aa73e3917d8433a85e30fbeff95986
fb1e9b2135658d8866e1b57aa3748db222f16010b96c79d115d191284aedb8ef