urlscan.io logo urlscan.io
SecurityTrails logo

www.cheapflights.com Open in urlscan Pro
151.101.129.29  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cheqpflights.com/
Effective URL: https://www.cheapflights.com/book-flights-hotels/
Submission: On March 24 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 1 countries across 16 domains to perform 45 HTTP transactions. The main IP is 151.101.129.29, located in United States and belongs to FASTLY, US. The main domain is www.cheapflights.com. The Cisco Umbrella rank of the primary domain is 97285.
TLS certificate: Issued by R3 on March 18th 2023. Valid for: 3 months.
This is the only time www.cheapflights.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 192.155.108.148 29066 (VELIANET-...)
1 2 216.139.248.127 32400 (HWSERVICE...)
3 3 159.127.43.10 25751 (VALUECLICK)
1 11 151.101.129.29 54113 (FASTLY)
18 2a04:4e42:400... 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
1 2 142.251.41.6 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 172.217.165.130 15169 (GOOGLE)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 35.190.0.66 15169 (GOOGLE)
1 44.232.249.159 16509 (AMAZON-02)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
45 16
2    192.155.108.148 (Miami, United States)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
cheqpflights.com
2    216.139.248.127 (United States)

ASN32400 (HWSERVICES-32400, US)
PTR: 216-139-248-127.aus.us.siteprotect.com
ww2.affinity.net
3    159.127.43.10 (Santa Barbara, United States)

ASN25751 (VALUECLICK, US)
www.dpbolvw.net
cj.dotomi.com
www.emjcd.com
11    151.101.129.29 (United States)

ASN54113 (FASTLY, US)
www.cheapflights.com
18    2a04:4e42:400::285 (United States)

ASN54113 (FASTLY, US)
content.r9cdn.net
1    2607:f8b0:4006:80d::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42:600::285 (United States)

ASN54113 (FASTLY, US)
www.kayak.com
2    142.251.41.6 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f6.1e100.net
5142311.fls.doubleclick.net
1    2607:f8b0:4006:820::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    172.217.165.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f2.1e100.net
cm.g.doubleclick.net
1    2607:f8b0:4006:821::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
fcmatch.google.com
1    2607:f8b0:4006:806::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
fcmatch.youtube.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    44.232.249.159 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-232-249-159.us-west-2.compute.amazonaws.com
a.clicktripz.com
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2607:f8b0:4006:824::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:823::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
Apex Domain
Subdomains		 Transfer
18 r9cdn.net
content.r9cdn.net — Cisco Umbrella Rank: 21235
1 MB
11 cheapflights.com
www.cheapflights.com — Cisco Umbrella Rank: 97285
49 KB
5 doubleclick.net
5142311.fls.doubleclick.net — Cisco Umbrella Rank: 34157
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
cm.g.doubleclick.net — Cisco Umbrella Rank: 206
4 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 331
c.bing.com — Cisco Umbrella Rank: 230
13 KB
3 google.com
fcmatch.google.com — Cisco Umbrella Rank: 2967
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 68
1 KB
2 affinity.net
ww2.affinity.net — Cisco Umbrella Rank: 182420
2 KB
2 cheqpflights.com
cheqpflights.com
1 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
185 B
1 clicktripz.com
a.clicktripz.com — Cisco Umbrella Rank: 18446
276 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5893
489 B
1 youtube.com
fcmatch.youtube.com — Cisco Umbrella Rank: 2959
432 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
82 KB
1 kayak.com
www.kayak.com — Cisco Umbrella Rank: 14924 Failed
1 emjcd.com
www.emjcd.com — Cisco Umbrella Rank: 14820
1 KB
1 dotomi.com
cj.dotomi.com — Cisco Umbrella Rank: 14907
1 KB
1 dpbolvw.net
www.dpbolvw.net — Cisco Umbrella Rank: 80297
601 B
45 16
Domain Requested by
18 content.r9cdn.net www.cheapflights.com
content.r9cdn.net
11 www.cheapflights.com 1 redirects content.r9cdn.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
2 cm.g.doubleclick.net 2 redirects
2 5142311.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 ww2.affinity.net 1 redirects cheqpflights.com
2 cheqpflights.com 1 redirects
1 adservice.google.com 5142311.fls.doubleclick.net
1 www.google.com
1 www.facebook.com
1 c.bing.com
1 a.clicktripz.com
1 ads.travelaudience.com
1 fcmatch.youtube.com
1 fcmatch.google.com 1 redirects
1 googleads.g.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com www.cheapflights.com
1 www.kayak.com www.cheapflights.com
1 www.emjcd.com 1 redirects
1 cj.dotomi.com 1 redirects
1 www.dpbolvw.net 1 redirects
45 21

This site contains links to these domains. Also see Links.

Domain
affiliates.kayak.com
Subject Issuer Validity Valid
*.affinity.net
Go Daddy Secure Certificate Authority - G2		 2022-06-13 -
2023-07-15		 a year crt.sh
www.cheapflights.com
R3		 2023-03-18 -
2023-06-16		 3 months crt.sh
content.r9cdn.net
R3		 2023-03-18 -
2023-06-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
www.kayak.com
R3		 2023-03-18 -
2023-06-16		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
ads.travelaudience.com
R3		 2023-03-11 -
2023-06-09		 3 months crt.sh
a.clicktripz.com
R3		 2023-03-18 -
2023-06-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-04-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.cheapflights.com/book-flights-hotels/
Frame ID: 85A15F7809451BD80E3A8A67BCBF4A14
Requests: 30 HTTP requests in this frame

Frame: https://www.cheapflights.com/ugtm/book-flights-hotels/
Frame ID: 0C0880D4E2CF116947CFE8A212DB06A2
Requests: 12 HTTP requests in this frame

Frame: https://5142311.fls.doubleclick.net/activityi;dc_pre=CIXnj7KA9f0CFdENaAgdCkYH3A;src=5142311;type=visit0;cat=front0;ord=6487488054266;gtm=45He33m0;auiddc=1874702816.1679675915;u12=V_ArwueFEKrH5quG6Q_OJCnODzk;u13=10eb7X5Jj_DreJ68VVk25ja4N7w;u16=en_US;u27=10eb7X5Jj_DreJ68VVk25ja4N7w;~oref=https%3A%2F%2Fwww.cheapflights.com%2Fbook-flights-hotels%2F
Frame ID: 64215164203E6A77657E7039119213C8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cheap Flights, Airline Tickets & Airfares - Find Deals on Flights at Cheapflights.com

Page URL History Show full URLs

  1. http://cheqpflights.com/ Page URL
  2. http://cheqpflights.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MT... HTTP 302
    https://ww2.affinity.net/fly?no_capp=2&enk=MTc2NjAyfDExM3wxfDcxNjEyfDE2Nzk2NzU5MDl8MXwxfDI4 Page URL
  3. https://ww2.affinity.net/fly1?sid=176602&sa=113&p=1&s=71612&qt=1679675909&q=&rf=http%3A%2F%2Fcheqpfli... HTTP 302
    https://www.dpbolvw.net/click-7753339-15418744?sid=955277b0c0108c84bcf8e2241262d7a6 HTTP 302
    https://cj.dotomi.com/3f66ar-zH/ry2/GKJGNMJJ/MMKIIIO/F/F/F?b=pG61%3DXTTQVVzO0OPOW0WSz03W2QQSPQUQ1V... HTTP 302
    https://www.emjcd.com/tm80kjsrB/jqv/8CB8FEBB/EECAAAG/7/F77E7C88D9BGBDF8FC:KVwp4bUOO9N7/C77j7AhGjhD... HTTP 302
    https://www.cheapflights.com/in?a=cj&url=/book-flights-hotels/&encoder=19_4&enc_pid=6122615&enc_bid=15418... HTTP 301
    https://www.cheapflights.com/book-flights-hotels/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

45
Requests

93 %
HTTPS

56 %
IPv6

16
Domains

21
Subdomains

16
IPs

1
Countries

1199 kB
Transfer

4632 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cheqpflights.com/ Page URL
  2. http://cheqpflights.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTY4MzEwOSwiaWF0IjoxNjc5Njc1OTA5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDdtZ2xwNmhuYjY2ZzJpcmswZTU5ZzQiLCJuYmYiOjE2Nzk2NzU5MDksInRzIjoxNjc5Njc1OTA5NTUwNzA1fQ.iWGlU-bsZOUevooyjT8wIO2zvKAHK9w5rfPTgBbZHYY&sid=4ec48b0e-ca62-11ed-b661-97d693e48c3f HTTP 302
    https://ww2.affinity.net/fly?no_capp=2&enk=MTc2NjAyfDExM3wxfDcxNjEyfDE2Nzk2NzU5MDl8MXwxfDI4 Page URL
  3. https://ww2.affinity.net/fly1?sid=176602&sa=113&p=1&s=71612&qt=1679675909&q=&rf=http%3A%2F%2Fcheqpflights.com%2F&enc=&enk=MTc2NjAyfDExM3wxfDcxNjEyfDE2Nzk2NzU5MDl8MXwxfDI4&xsc=&xsp=&xsm=&xuc=&xcf=&xai=&qxcli=4f6d733d8f6fe4bf&qxsi=5c30a2b77a47e964&mk=1&sx=1600&sy=1200&bx=1600&by=1200&mx=0&my=0&ifm=0&ol=3409d54f1404c1569442ff3fce748f7a&tm=1679675910.6179&etm=1679675910.6239&ls=0&lbc=0&lac=0&cskey=law24&ipspm=&no_capp=2 HTTP 302
    https://www.dpbolvw.net/click-7753339-15418744?sid=955277b0c0108c84bcf8e2241262d7a6 HTTP 302
    https://cj.dotomi.com/3f66ar-zH/ry2/GKJGNMJJ/MMKIIIO/F/F/F?b=pG61%3DXTTQVVzO0OPOW0WSz03W2QQSPQUQ1VyU%3c%3c5HHDG%3A%2F%2FKKK.1DzC9JK.B2H%2F09608-VVTRRRX-PTSPWVSS%3c%3ce%3c5HHDG%3A%2F%2FKKQ.y336B6HM.B2H%2F%3c%3cP%3cP%3cO%3cO%3c HTTP 302
    https://www.emjcd.com/tm80kjsrB/jqv/8CB8FEBB/EECAAAG/7/F77E7C88D9BGBDF8FC:KVwp4bUOO9N7/C77j7AhGjhD988lkF7EA77Fm7hF9iF9j?i=byoj%3DFBB8DDh6i676EiEAhilEk88A78C8jDgC%3cipu!3pBs-tFj25tA%3cnzzvy%3A%2F%2F222.jvhur12.tkz%2Firoiq-DDB999F-7BA7EDAA%3c%3cM%3cnzzvy%3A%2F%2F228.gllotoz4.tkz%2F%3ch79gBEDD-6Ali-AlEk-F7jj-jAlljgjikjA6%3c7%3c7%3c6%3c6%3c HTTP 302
    https://www.cheapflights.com/in?a=cj&url=/book-flights-hotels/&encoder=19_4&enc_pid=6122615&enc_bid=15418744&enc_pubid=7753339&enc_refid=500c03a9ca6211ed8073008f0a82b82c|955277b0c0108c84bcf8e2241262d7a6 HTTP 301
    https://www.cheapflights.com/book-flights-hotels/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://cheqpflights.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTY4MzEwOSwiaWF0IjoxNjc5Njc1OTA5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDdtZ2xwNmhuYjY2ZzJpcmswZTU5ZzQiLCJuYmYiOjE2Nzk2NzU5MDksInRzIjoxNjc5Njc1OTA5NTUwNzA1fQ.iWGlU-bsZOUevooyjT8wIO2zvKAHK9w5rfPTgBbZHYY&sid=4ec48b0e-ca62-11ed-b661-97d693e48c3f HTTP 302
  • https://ww2.affinity.net/fly?no_capp=2&enk=MTc2NjAyfDExM3wxfDcxNjEyfDE2Nzk2NzU5MDl8MXwxfDI4
Request Chain 16
  • https://www.cheapflights.com/s/ads/dfp/banner300x250/ads.js HTTP 302
  • https://www.kayak.com/s/ident/forbidden
Request Chain 31
  • https://5142311.fls.doubleclick.net/activityi;src=5142311;type=visit0;cat=front0;ord=6487488054266;gtm=45He33m0;auiddc=1874702816.1679675915;u12=V_ArwueFEKrH5quG6Q_OJCnODzk;u13=10eb7X5Jj_DreJ68VVk25ja4N7w;u16=en_US;u27=10eb7X5Jj_DreJ68VVk25ja4N7w;~oref=https%3A%2F%2Fwww.cheapflights.com%2Fbook-flights-hotels%2F HTTP 302
  • https://5142311.fls.doubleclick.net/activityi;dc_pre=CIXnj7KA9f0CFdENaAgdCkYH3A;src=5142311;type=visit0;cat=front0;ord=6487488054266;gtm=45He33m0;auiddc=1874702816.1679675915;u12=V_ArwueFEKrH5quG6Q_OJCnODzk;u13=10eb7X5Jj_DreJ68VVk25ja4N7w;u16=en_US;u27=10eb7X5Jj_DreJ68VVk25ja4N7w;~oref=https%3A%2F%2Fwww.cheapflights.com%2Fbook-flights-hotels%2F
Request Chain 34
  • https://cm.g.doubleclick.net/pixel?google_nid=kayak_adh&google_hm=QWZmb0QtaEpWLS1xbU5TRGNUd3FxclU%3D&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kayak_adh&google_hm=QWZmb0QtaEpWLS1xbU5TRGNUd3FxclU%3D&google_cm=&google_tc= HTTP 302
  • https://fcmatch.google.com/pixel?google_gm=AMnCDor8v3SYbHTGkpPWSGMxBFBX6H3gtSm6gRGV3AXMt9idAXdb2B36cHrYgufHYYMaLRWfGzbmzxE7yGb_GbQBSTvfl2H7Odhrye45n3-OU6rCv0j9AJm_49rDN93XDTMiyRcoE6eo HTTP 302
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDor8v3SYbHTGkpPWSGMxBFBX6H3gtSm6gRGV3AXMt9idAXdb2B36cHrYgufHYYMaLRWfGzbmzxE7yGb_GbQBSTvfl2H7Odhrye45n3-OU6rCv0j9AJm_49rDN93XDTMiyRcoE6eo

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
cheqpflights.com/ 		477 B
925 B 		Document
General
Check archive.org
Download Go to
Full URL
http://cheqpflights.com/
Protocol
HTTP/1.1
Server
192.155.108.148 Miami, United States, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control
max-age=0, private, must-revalidate
connection
close
content-length
477
content-type
text/html; charset=utf-8
date
Fri, 24 Mar 2023 16:38:29 GMT
server
nginx
fly
ww2.affinity.net/
Redirect Chain
  • http://cheqpflights.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTY4MzEwOSwiaWF0IjoxNjc5Njc1OTA5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDdtZ2xwNmhuYjY2ZzJpcms...
  • https://ww2.affinity.net/fly?no_capp=2&enk=MTc2NjAyfDExM3wxfDcxNjEyfDE2Nzk2NzU5MDl8MXwxfDI4
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ww2.affinity.net/fly?no_capp=2&enk=MTc2NjAyfDExM3wxfDcxNjEyfDE2Nzk2NzU5MDl8MXwxfDI4
Requested by
Host: cheqpflights.com
URL: http://cheqpflights.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.139.248.127 , United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS
216-139-248-127.aus.us.siteprotect.com
Software
nginx /
Resource Hash

Request headers

Referer
http://cheqpflights.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 24 Mar 2023 16:38:30 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Fri, 24 Mar 2023 16:38:29 GMT
location
https://ww2.affinity.net/fly?no_capp=2&enk=MTc2NjAyfDExM3wxfDcxNjEyfDE2Nzk2NzU5MDl8MXwxfDI4
server
nginx
Primary Request /
www.cheapflights.com/book-flights-hotels/
Redirect Chain
  • https://ww2.affinity.net/fly1?sid=176602&sa=113&p=1&s=71612&qt=1679675909&q=&rf=http%3A%2F%2Fcheqpflights.com%2F&enc=&enk=MTc2NjAyfDExM3wxfDcxNjEyfDE2Nzk2NzU5MDl8MXwxfDI4&xsc=&xsp=&xsm=&xuc=&xcf=&x...
  • https://www.dpbolvw.net/click-7753339-15418744?sid=955277b0c0108c84bcf8e2241262d7a6
  • https://cj.dotomi.com/3f66ar-zH/ry2/GKJGNMJJ/MMKIIIO/F/F/F?b=pG61%3DXTTQVVzO0OPOW0WSz03W2QQSPQUQ1VyU%3c%3c5HHDG%3A%2F%2FKKK.1DzC9JK.B2H%2F09608-VVTRRRX-PTSPWVSS%3c%3ce%3c5HHDG%3A%2F%2FKKQ.y336B6HM....
  • https://www.emjcd.com/tm80kjsrB/jqv/8CB8FEBB/EECAAAG/7/F77E7C88D9BGBDF8FC:KVwp4bUOO9N7/C77j7AhGjhD988lkF7EA77Fm7hF9iF9j?i=byoj%3DFBB8DDh6i676EiEAhilEk88A78C8jDgC%3cipu!3pBs-tFj25tA%3cnzzvy%3A%2F%2F...
  • https://www.cheapflights.com/in?a=cj&url=/book-flights-hotels/&encoder=19_4&enc_pid=6122615&enc_bid=15418744&enc_pubid=7753339&enc_refid=500c03a9ca6211ed8073008f0a82b82c|955277b0c0108c84bcf8e224126...
  • https://www.cheapflights.com/book-flights-hotels/
196 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/book-flights-hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
fb41015cef6c0a7409956f07d291bfb3ae056502376d221a6c1d1f51ea271464
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ww2.affinity.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
private, no-store
content-encoding
br
content-language
en-US
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self'
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
content-type
text/html;charset=UTF-8
date
Fri, 24 Mar 2023 16:38:32 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Accept-Encoding
x-content-type-options
nosniff
x-sn-waf-code
x-xss-protection
1; mode=block

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 24 Mar 2023 16:38:32 GMT
location
/book-flights-hotels/
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=()
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
x-sn-waf-code
combined.css
content.r9cdn.net/res/ 		35 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://content.r9cdn.net/res/combined.css?v=72d515615c0610f94dff016e38a5254197a850ca-14pre-flipped&cluster=4
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/book-flights-hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
b79b7085c2e0719f6b7963c4684c2f0651c6b1e16a56e6b57a885e562005c6b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
br
date
Fri, 24 Mar 2023 16:38:33 GMT
last-modified
Tue, 24 Jan 2023 16:25:46 GMT
server
KAYAK/1.0
age
1418608
etag
72d515615c0610f94dff016e38a5254197a850ca-14pre-flipped-br
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
3836
expires
Thu, 07 Mar 2024 06:35:05 GMT
combined.css
content.r9cdn.net/res/ 		444 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://content.r9cdn.net/res/combined.css?v=c411cb4384c744932723ca45d881b5a135647c36-14pre-flipped&cluster=4&tag=ui/packages/frontdoor/PackageFrontDoor
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/book-flights-hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
b9ec148ca0f5ee59e3612681eb3334a9ed5711f05431427b4b164754d03ca569

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
br
date
Fri, 24 Mar 2023 16:38:33 GMT
last-modified
Wed, 22 Mar 2023 14:13:33 GMT
server
KAYAK/1.0
age
181499
etag
c411cb4384c744932723ca45d881b5a135647c36-14pre-flipped-br
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
54677
expires
Thu, 21 Mar 2024 14:13:34 GMT
combined.js
content.r9cdn.net/res/ 		387 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.r9cdn.net/res/combined.js?v=86859d851df157d14736ce99426d718194211182-14pre-flipped&cluster=4
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/book-flights-hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
6614d5c2df742b4b56c05f902c1b3422c9890b692eaccb4bf288dfc4b7f646b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
br
date
Fri, 24 Mar 2023 16:38:33 GMT
last-modified
Tue, 14 Mar 2023 14:07:47 GMT
server
KAYAK/1.0
age
872811
etag
86859d851df157d14736ce99426d718194211182-14pre-flipped-br
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
101406
expires
Wed, 13 Mar 2024 14:11:42 GMT
combined.js
content.r9cdn.net/res/ 		2 MB
488 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.r9cdn.net/res/combined.js?v=099d07860184e6f9c19b35ed6908b8b133f372de-14pre-flipped&cluster=4&tag=ui/packages/frontdoor/PackageFrontDoor
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/book-flights-hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
c23cd230197bc8f09307ac26c54162579c700f38d1404b71f94c8ce6a2b47ea0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
br
date
Fri, 24 Mar 2023 16:38:33 GMT
last-modified
Wed, 22 Mar 2023 14:13:33 GMT
server
KAYAK/1.0
age
181499
etag
099d07860184e6f9c19b35ed6908b8b133f372de-14pre-flipped
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
498833
expires
Thu, 21 Mar 2024 14:13:34 GMT
frontdoor-cover-photo.jpg
content.r9cdn.net/res/images/horizon/ui/frontdoor/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/frontdoor/frontdoor-cover-photo.jpg?v=7e8c30b4c6386c865a9912246c2bb1a390a1f9c7&cluster=4
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/book-flights-hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
f86ec564008e7f0a4031aef5fbbac7882542fef43e87a996be89e021c6dcfcf8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
x-sn-waf-code
date
Fri, 24 Mar 2023 16:38:33 GMT
last-modified
Tue, 13 Jun 2017 06:11:53 GMT
server
KAYAK/1.0
age
3240376
etag
7e8c30b4c6386c865a9912246c2bb1a390a1f9c7
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
98394
expires
Thu, 15 Feb 2024 04:32:18 GMT
a-small-flag-sprite.png
content.r9cdn.net/res/images/newImagesStructure/sprites/flags/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/newImagesStructure/sprites/flags/a-small-flag-sprite.png?v=a80f673dae8f8482485d1eeed85eebff6ddd78b5&cluster=4
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.css?v=c411cb4384c744932723ca45d881b5a135647c36-14pre-flipped&cluster=4&tag=ui/packages/frontdoor/PackageFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
f78a2816da36a78deacfc2a03d5509ce9ef55dad61de4c82b21ed5afc6ba30d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://content.r9cdn.net/res/combined.css?v=c411cb4384c744932723ca45d881b5a135647c36-14pre-flipped&cluster=4&tag=ui/packages/frontdoor/PackageFrontDoor
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
x-sn-waf-code
date
Fri, 24 Mar 2023 16:38:33 GMT
last-modified
Thu, 08 Oct 2020 12:32:35 GMT
server
KAYAK/1.0
age
1508720
etag
a80f673dae8f8482485d1eeed85eebff6ddd78b5
content-type
image/png
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
44647
expires
Wed, 06 Mar 2024 05:33:13 GMT
gibson-semibold.ttf
content.r9cdn.net/res/css/font/gibson/ 		135 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://content.r9cdn.net/res/css/font/gibson/gibson-semibold.ttf?v=f874e9693706655358e68e44278bd141e8c667ec&cluster=4
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.css?v=72d515615c0610f94dff016e38a5254197a850ca-14pre-flipped&cluster=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
f3d1fe02fba381638a403b95a35403f42d0bf9f29237db588b5945c159d451a0

Request headers

Referer
https://content.r9cdn.net/res/combined.css?v=72d515615c0610f94dff016e38a5254197a850ca-14pre-flipped&cluster=4
Origin
https://www.cheapflights.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
br
date
Fri, 24 Mar 2023 16:38:33 GMT
last-modified
Thu, 08 Mar 2018 11:47:11 GMT
server
KAYAK/1.0
age
3035808
etag
f874e9693706655358e68e44278bd141e8c667ec-br
vary
Accept-Encoding
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
43997
expires
Sat, 17 Feb 2024 13:21:45 GMT
gibson-regular.ttf
content.r9cdn.net/res/css/font/gibson/ 		136 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://content.r9cdn.net/res/css/font/gibson/gibson-regular.ttf?v=c94c7ff68ec152d57bca6dcb703bb16ad32e5736&cluster=4
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.css?v=72d515615c0610f94dff016e38a5254197a850ca-14pre-flipped&cluster=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
849b322ef12d3c0d201fb4cd5b4dbe01ce020a002dc383484ebd0252ab6b8f8c

Request headers

Referer
https://content.r9cdn.net/res/combined.css?v=72d515615c0610f94dff016e38a5254197a850ca-14pre-flipped&cluster=4
Origin
https://www.cheapflights.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
br
date
Fri, 24 Mar 2023 16:38:33 GMT
last-modified
Thu, 08 Mar 2018 11:47:11 GMT
server
KAYAK/1.0
age
3035808
etag
c94c7ff68ec152d57bca6dcb703bb16ad32e5736-br
vary
Accept-Encoding
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
44340
expires
Sat, 17 Feb 2024 13:21:45 GMT
gibson-regular.ttf
content.r9cdn.net/res/resources/horizon/ui/server/components/SsrPageHead/brands/cheapflights/ 		136 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://content.r9cdn.net/res/resources/horizon/ui/server/components/SsrPageHead/brands/cheapflights/gibson-regular.ttf?v=c94c7ff68ec152d57bca6dcb703bb16ad32e5736&cluster=4
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/book-flights-hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
849b322ef12d3c0d201fb4cd5b4dbe01ce020a002dc383484ebd0252ab6b8f8c

Request headers

Referer
https://www.cheapflights.com/
Origin
https://www.cheapflights.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
br
date
Fri, 24 Mar 2023 16:38:33 GMT
last-modified
Thu, 08 Mar 2018 11:47:11 GMT
server
KAYAK/1.0
age
41669
etag
c94c7ff68ec152d57bca6dcb703bb16ad32e5736
vary
Accept-Encoding
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
44340
expires
Sat, 23 Mar 2024 05:04:04 GMT
CompareToConfigStateProviderAction
www.cheapflights.com/s/horizon/react/component/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/s/horizon/react/component/CompareToConfigStateProviderAction
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.js?v=099d07860184e6f9c19b35ed6908b8b133f372de-14pre-flipped&cluster=4&tag=ui/packages/frontdoor/PackageFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
7a8d97f266e0707f3557e806a69481f9ae4d0d0166785e4971ede72ca4ccdcdc

Request headers

Referer
https://www.cheapflights.com/book-flights-hotels/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-sn-waf-code
date
Fri, 24 Mar 2023 16:38:33 GMT
content-encoding
br
server
KAYAK/1.0
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
content-language
en-US
cache-control
no-store
accept-ranges
bytes
FooterSiteMapLinksProviderAction
www.cheapflights.com/s/horizon/react/component/ 		639 B
928 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/s/horizon/react/component/FooterSiteMapLinksProviderAction
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.js?v=099d07860184e6f9c19b35ed6908b8b133f372de-14pre-flipped&cluster=4&tag=ui/packages/frontdoor/PackageFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
cdd8fc28041fdefd3fd22775a0c99c739788eca90d6bf2cccbeb85a1a527fbe1

Request headers

Referer
https://www.cheapflights.com/book-flights-hotels/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-sn-waf-code
date
Fri, 24 Mar 2023 16:38:33 GMT
content-encoding
gzip
server
KAYAK/1.0
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
content-language
en-US
cache-control
no-store
accept-ranges
bytes
content-length
276
CurrencyPickerStateProviderAction
www.cheapflights.com/s/horizon/react/component/ 		14 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/s/horizon/react/component/CurrencyPickerStateProviderAction
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.js?v=099d07860184e6f9c19b35ed6908b8b133f372de-14pre-flipped&cluster=4&tag=ui/packages/frontdoor/PackageFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
abb522ea1869bc585dc8184b96500f21e7683bfecacdd667e58f85af6b746435

Request headers

Referer
https://www.cheapflights.com/book-flights-hotels/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-sn-waf-code
date
Fri, 24 Mar 2023 16:38:33 GMT
content-encoding
br
server
KAYAK/1.0
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
content-language
en-US
cache-control
no-store
accept-ranges
bytes
PrivacyMenuStateProviderAction
www.cheapflights.com/s/horizon/react/component/ 		147 B
1005 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/s/horizon/react/component/PrivacyMenuStateProviderAction
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.js?v=099d07860184e6f9c19b35ed6908b8b133f372de-14pre-flipped&cluster=4&tag=ui/packages/frontdoor/PackageFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
6df354c91f2558cfec3d6618da740a0500d4f1703951427e0f9c59f2063222f0

Request headers

Referer
https://www.cheapflights.com/book-flights-hotels/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-sn-waf-code
date
Fri, 24 Mar 2023 16:38:33 GMT
content-encoding
gzip
server
KAYAK/1.0
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
content-language
en-US
cache-control
no-store
accept-ranges
bytes
content-length
118
CookiesDataProvider
www.cheapflights.com/s/horizon/common/privacy/providers/ 		124 B
785 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/s/horizon/common/privacy/providers/CookiesDataProvider
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.js?v=099d07860184e6f9c19b35ed6908b8b133f372de-14pre-flipped&cluster=4&tag=ui/packages/frontdoor/PackageFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
b7344c9f9c31277a8f0954834b45a9fc4d000414a4f6f55caf65cea4e98da71d

Request headers

Referer
https://www.cheapflights.com/book-flights-hotels/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-sn-waf-code
date
Fri, 24 Mar 2023 16:38:33 GMT
content-encoding
gzip
server
KAYAK/1.0
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
content-language
en-US
cache-control
no-store
accept-ranges
bytes
content-length
115
forbidden
www.kayak.com/s/ident/
Redirect Chain
  • https://www.cheapflights.com/s/ads/dfp/banner300x250/ads.js
  • https://www.kayak.com/s/ident/forbidden
0
0
/
www.cheapflights.com/ugtm/book-flights-hotels/ Frame 0C08 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/ugtm/book-flights-hotels/
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.js?v=099d07860184e6f9c19b35ed6908b8b133f372de-14pre-flipped&cluster=4&tag=ui/packages/frontdoor/PackageFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
49f10b3ec66a53b4b444b652b03c9c4decf0946d6a95682348acdf76d4a3d9d9

Request headers

Referer
https://www.cheapflights.com/book-flights-hotels/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1661
cache-control
max-age=0, no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
1063
content-type
text/html;charset=UTF-8
date
Fri, 24 Mar 2023 16:38:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
KAYAK/1.0
vary
fastly-ssl,x-kayak-presentation,accept-encoding,host
x-sn-waf-code
search
www.cheapflights.com/mvm/smartyv2/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/mvm/smartyv2/search?f=j&s=13&where=Miami%20(MIA)&lc_cc=US&lc=en&sv=5&cv=undefined&c=undefined&searchId=undefined&v=v1
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.js?v=099d07860184e6f9c19b35ed6908b8b133f372de-14pre-flipped&cluster=4&tag=ui/packages/frontdoor/PackageFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
cd363138402dc1e0ff646b9af44cf0d989447e67085d26a66db502ee139d70ce

Request headers

Referer
https://www.cheapflights.com/book-flights-hotels/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-sn-waf-code
date
Fri, 24 Mar 2023 16:38:33 GMT
content-encoding
br
server
KAYAK/1.0
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cheapflights.com
content-language
en-US
accept-ranges
bytes
expedia.png
content.r9cdn.net/res/images/horizon/ui/searchforms/packages/components/providerLogos/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/searchforms/packages/components/providerLogos/expedia.png?v=51a8d536a24bbe894f013731735874049a2c99ba&cluster=4
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/book-flights-hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
ae3cb9654653c0ead733d1262986b11d0c26e1da9cffd049c7cfab6c8f3a2eef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
x-sn-waf-code
date
Fri, 24 Mar 2023 16:38:34 GMT
last-modified
Thu, 25 Nov 2021 06:12:02 GMT
server
KAYAK/1.0
age
2629461
etag
51a8d536a24bbe894f013731735874049a2c99ba
content-type
image/png
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
15583
expires
Thu, 22 Feb 2024 06:14:12 GMT
priceline.png
content.r9cdn.net/res/images/horizon/ui/searchforms/packages/components/providerLogos/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/searchforms/packages/components/providerLogos/priceline.png?v=c8c814f75d63e5482e8fb4e55186a44f031668d3&cluster=4
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/book-flights-hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
58e85f2a845f66d47f1b51edd30ca78486e6bc2f0ffe4ed14e19a7c0bec4bde4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
x-sn-waf-code
date
Fri, 24 Mar 2023 16:38:34 GMT
last-modified
Thu, 25 Nov 2021 06:12:02 GMT
server
KAYAK/1.0
age
2109697
etag
c8c814f75d63e5482e8fb4e55186a44f031668d3
content-type
image/png
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
24517
expires
Wed, 28 Feb 2024 06:36:57 GMT
travelocity.png
content.r9cdn.net/res/images/horizon/ui/searchforms/packages/components/providerLogos/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/searchforms/packages/components/providerLogos/travelocity.png?v=f7f95b752b0e7db1214023b2b7412c9c195083a4&cluster=4
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/book-flights-hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
2632a0a2715bdcc6db20b505595f8ac7ac633090f9743e93232ba8a4017c67f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
x-sn-waf-code
date
Fri, 24 Mar 2023 16:38:34 GMT
last-modified
Thu, 25 Nov 2021 06:12:02 GMT
server
KAYAK/1.0
age
9372417
etag
f7f95b752b0e7db1214023b2b7412c9c195083a4
content-type
image/png
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
5714
expires
Wed, 06 Dec 2023 05:11:36 GMT
virginAmerica.png
content.r9cdn.net/res/images/horizon/ui/searchforms/packages/components/providerLogos/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/searchforms/packages/components/providerLogos/virginAmerica.png?v=0120924e10ce44a20561ecad02be65599e468d79&cluster=4
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/book-flights-hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
b9758fe5dc7b23be621dede4630c18e279d46cc24451d99e5c20368182ce0b5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
x-sn-waf-code
date
Fri, 24 Mar 2023 16:38:34 GMT
last-modified
Thu, 25 Nov 2021 06:12:02 GMT
server
KAYAK/1.0
age
525281
etag
0120924e10ce44a20561ecad02be65599e468d79
content-type
image/png
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
36102
expires
Sun, 17 Mar 2024 14:43:53 GMT
travel-tips.svg
content.r9cdn.net/res/images/horizon/ui/seoCommon/cheapflights/ 		15 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/seoCommon/cheapflights/travel-tips.svg?v=ba38b4dc3cdcb4f2a2a38052b1d7f6d6e6d3a4e7&cluster=4
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/book-flights-hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
5ca2731d34af0c873f54e6cb773592d9e7b949c05513ba70acfc2270656475fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
date
Fri, 24 Mar 2023 16:38:34 GMT
content-encoding
gzip
last-modified
Tue, 13 Jun 2017 06:23:01 GMT
server
KAYAK/1.0
age
14004002
etag
ba38b4dc3cdcb4f2a2a38052b1d7f6d6e6d3a4e7
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
4174
expires
Fri, 13 Oct 2023 14:38:31 GMT
special-offers.svg
content.r9cdn.net/res/images/horizon/ui/seoCommon/cheapflights/ 		14 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/seoCommon/cheapflights/special-offers.svg?v=a617f55b4d10378005a953c6ce06974ec337f4bb&cluster=4
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/book-flights-hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
2f674805a5f6e266dc48be04355bc4d120ca3a54fa5bf5ff7cace64f37c0d681

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
br
date
Fri, 24 Mar 2023 16:38:34 GMT
last-modified
Tue, 13 Jun 2017 06:23:01 GMT
server
KAYAK/1.0
age
3312287
etag
a617f55b4d10378005a953c6ce06974ec337f4bb-br
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
2744
expires
Wed, 14 Feb 2024 08:33:47 GMT
orbitz.png
content.r9cdn.net/res/images/horizon/ui/searchforms/packages/components/providerLogos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/searchforms/packages/components/providerLogos/orbitz.png?v=7f6b1ff65f92e6267e4eb091218d26794791ab10&cluster=4
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/book-flights-hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
9e84207f7003c9340912918389ebae9cef0ffd382ac917cc3a2901528547b2fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
x-sn-waf-code
date
Fri, 24 Mar 2023 16:38:34 GMT
last-modified
Thu, 25 Nov 2021 06:12:02 GMT
server
KAYAK/1.0
age
6868414
etag
7f6b1ff65f92e6267e4eb091218d26794791ab10
content-type
image/png
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
2743
expires
Thu, 04 Jan 2024 04:45:00 GMT
cheaptickets.png
content.r9cdn.net/res/images/horizon/ui/searchforms/packages/components/providerLogos/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/searchforms/packages/components/providerLogos/cheaptickets.png?v=3ca653e7c5350a8a1df7d3fa4340bc8dcd3f7742&cluster=4
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/book-flights-hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
9cb3ef330ff7426ef7d6dd357e352473445a2234b0326fb037ee19e65f722367

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
x-sn-waf-code
date
Fri, 24 Mar 2023 16:38:34 GMT
last-modified
Thu, 25 Nov 2021 06:12:02 GMT
server
KAYAK/1.0
age
5022577
etag
3ca653e7c5350a8a1df7d3fa4340bc8dcd3f7742
content-type
image/png
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
41520
expires
Thu, 25 Jan 2024 13:28:56 GMT
newsletter.svg
content.r9cdn.net/res/images/horizon/ui/seoCommon/cheapflights/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/seoCommon/cheapflights/newsletter.svg?v=ebb57b26ce79d66c294ac4668f41e14a0c037188&cluster=4
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/book-flights-hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
a342c43b5654d1f9ad08af6c80af2eee7e2f4a224874c1fa606850f0418d127c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
gzip
date
Fri, 24 Mar 2023 16:38:34 GMT
last-modified
Tue, 13 Jun 2017 06:23:01 GMT
server
KAYAK/1.0
age
6834451
etag
ebb57b26ce79d66c294ac4668f41e14a0c037188
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
3047
expires
Thu, 04 Jan 2024 14:11:02 GMT
gtm.js
www.googletagmanager.com/ Frame 0C08 		255 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PSCCSHQ&l=unifiedDataLayer
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/book-flights-hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c471e9216eb383cbfe43a5ac1dfce28e2184275f4954e57cf2b7f722c0a18795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 16:38:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83592
x-xss-protection
0
last-modified
Fri, 24 Mar 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 24 Mar 2023 16:38:34 GMT
forbidden
www.kayak.com/s/ident/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.kayak.com/s/ident/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://www.cheapflights.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

accept-ranges
bytes
allow
GET, HEAD, TRACE, OPTIONS
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Fri, 24 Mar 2023 16:38:34 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
x-content-type-options
nosniff
x-sn-waf-code
x-xss-protection
1; mode=block
measure
www.cheapflights.com/s/vestigo/ 		0
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/s/vestigo/measure
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.js?v=099d07860184e6f9c19b35ed6908b8b133f372de-14pre-flipped&cluster=4&tag=ui/packages/frontdoor/PackageFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cheapflights.com/book-flights-hotels/
X-Content-Type-Options
nosniff
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
x-sn-waf-code
date
Fri, 24 Mar 2023 16:38:34 GMT
server
KAYAK/1.0
accept-ranges
bytes
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
activityi;dc_pre=CIXnj7KA9f0CFdENaAgdCkYH3A;src=5142311;type=visit0;cat=front0;ord=6487488054266;gtm=45He33m0;auiddc=1874702816.1679675915;u12=V_ArwueFEKrH5quG6Q_OJCnODzk;u13=10eb7X5Jj_DreJ68VVk25j...
5142311.fls.doubleclick.net/ Frame 6421
Redirect Chain
  • https://5142311.fls.doubleclick.net/activityi;src=5142311;type=visit0;cat=front0;ord=6487488054266;gtm=45He33m0;auiddc=1874702816.1679675915;u12=V_ArwueFEKrH5quG6Q_OJCnODzk;u13=10eb7X5Jj_DreJ68VVk2...
  • https://5142311.fls.doubleclick.net/activityi;dc_pre=CIXnj7KA9f0CFdENaAgdCkYH3A;src=5142311;type=visit0;cat=front0;ord=6487488054266;gtm=45He33m0;auiddc=1874702816.1679675915;u12=V_ArwueFEKrH5quG6Q...
526 B
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5142311.fls.doubleclick.net/activityi;dc_pre=CIXnj7KA9f0CFdENaAgdCkYH3A;src=5142311;type=visit0;cat=front0;ord=6487488054266;gtm=45He33m0;auiddc=1874702816.1679675915;u12=V_ArwueFEKrH5quG6Q_OJCnODzk;u13=10eb7X5Jj_DreJ68VVk25ja4N7w;u16=en_US;u27=10eb7X5Jj_DreJ68VVk25ja4N7w;~oref=https%3A%2F%2Fwww.cheapflights.com%2Fbook-flights-hotels%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSCCSHQ&l=unifiedDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f6.1e100.net
Software
cafe /
Resource Hash
0b007742ea9134b759ef116d4812556d463b15608d2048aeeeb2b352be9ea251
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cheapflights.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
304
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Mar 2023 16:38:35 GMT
expires
Fri, 24 Mar 2023 16:38:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Mar 2023 16:38:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5142311.fls.doubleclick.net/activityi;dc_pre=CIXnj7KA9f0CFdENaAgdCkYH3A;src=5142311;type=visit0;cat=front0;ord=6487488054266;gtm=45He33m0;auiddc=1874702816.1679675915;u12=V_ArwueFEKrH5quG6Q_OJCnODzk;u13=10eb7X5Jj_DreJ68VVk25ja4N7w;u16=en_US;u27=10eb7X5Jj_DreJ68VVk25ja4N7w;~oref=https%3A%2F%2Fwww.cheapflights.com%2Fbook-flights-hotels%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/833727979/ Frame 0C08 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/833727979/?random=1679675914577&cv=11&fst=1679675914577&bg=ffffff&guid=ON&async=1&gtm=45He33m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cheapflights.com%2Fbook-flights-hotels%2F&ref=https%3A%2F%2Fww2.affinity.net%2F&hn=www.googleadservices.com&frm=1&tiba=Cheap%20Flights%2C%20Airline%20Tickets%20%26%20Airfares%20-%20Find%20Deals%20on%20Flights%20at%20Cheapflights.com&auid=1874702816.1679675915&uamb=0&uaw=0&data=event_name%3DscreenView&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSCCSHQ&l=unifiedDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
674008de5bc8025b6db828cde159114d907e6b0c47be8829f3e5180844427e4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Mar 2023 16:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1268
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ Frame 0C08 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSCCSHQ&l=unifiedDataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 24 Mar 2023 16:38:35 GMT
last-modified
Thu, 16 Feb 2023 18:31:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7C073B7A459E43F18EA1A0B4B7156C5C Ref B: MIAEDGE2719 Ref C: 2023-03-24T16:38:35Z
etag
"8072cff03442d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11894
pixel
fcmatch.youtube.com/ Frame 0C08
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=kayak_adh&google_hm=QWZmb0QtaEpWLS1xbU5TRGNUd3FxclU%3D&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=kayak_adh&google_hm=QWZmb0QtaEpWLS1xbU5TRGNUd3FxclU%3D&google_cm=&google_tc=
  • https://fcmatch.google.com/pixel?google_gm=AMnCDor8v3SYbHTGkpPWSGMxBFBX6H3gtSm6gRGV3AXMt9idAXdb2B36cHrYgufHYYMaLRWfGzbmzxE7yGb_GbQBSTvfl2H7Odhrye45n3-OU6rCv0j9AJm_49rDN93XDTMiyRcoE6eo
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDor8v3SYbHTGkpPWSGMxBFBX6H3gtSm6gRGV3AXMt9idAXdb2B36cHrYgufHYYMaLRWfGzbmzxE7yGb_GbQBSTvfl2H7Odhrye45n3-OU6rCv0j9AJm_49rDN93XDTMiyRcoE6eo
170 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcmatch.youtube.com/pixel?google_gm=AMnCDor8v3SYbHTGkpPWSGMxBFBX6H3gtSm6gRGV3AXMt9idAXdb2B36cHrYgufHYYMaLRWfGzbmzxE7yGb_GbQBSTvfl2H7Odhrye45n3-OU6rCv0j9AJm_49rDN93XDTMiyRcoE6eo
Protocol
H2
Server
2607:f8b0:4006:806::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Mar 2023 16:38:35 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Mar 2023 16:38:35 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://fcmatch.youtube.com/pixel?google_gm=AMnCDor8v3SYbHTGkpPWSGMxBFBX6H3gtSm6gRGV3AXMt9idAXdb2B36cHrYgufHYYMaLRWfGzbmzxE7yGb_GbQBSTvfl2H7Odhrye45n3-OU6rCv0j9AJm_49rDN93XDTMiyRcoE6eo
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
381
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
ads.travelaudience.com/ Frame 0C08 		35 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.travelaudience.com/cm?acc=KY&exid=AffoD-hJV--qmNSDcTwqqrU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 16:38:35 GMT
content-encoding
gzip
x-engine-version
0.0.0
via
1.1 google
server
nginx/1.21.6
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type
image/gif
x-host
tde-deliveryengine-production-86c874c4d8-xsn9p
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prof
a.clicktripz.com/api/advertisers/v1/ Frame 0C08 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.clicktripz.com/api/advertisers/v1/prof?advertiserID=422&format=image&s1=AffoD-hJV--qmNSDcTwqqrU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.232.249.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-249-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin
date
Fri, 24 Mar 2023 16:38:35 GMT
access-control-allow-credentials
true
content-length
43
content-type
image/gif
c.gif
c.bing.com/ Frame 0C08 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?vid=AffoD-hJV--qmNSDcTwqqrU&Red3=BACID_9036901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Mar 2023 16:38:34 GMT
last-modified
Thu, 16 Mar 2023 17:16:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EC0576F46B124791AF4E742B9593CB5C Ref B: MIAEDGE1520 Ref C: 2023-03-24T16:38:35Z
etag
"863cd1182b58d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
/
www.facebook.com/tr/ Frame 0C08 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1753019971445860&ev=PageView&ts=1679675914&fbp=fb.1.1679675914000.0.8370521953316648&ud[external_id]=AffoD-hJV--qmNSDcTwqqrU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 24 Mar 2023 16:38:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
measure
www.cheapflights.com/s/vestigo/ 		0
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/s/vestigo/measure
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.js?v=099d07860184e6f9c19b35ed6908b8b133f372de-14pre-flipped&cluster=4&tag=ui/packages/frontdoor/PackageFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cheapflights.com/book-flights-hotels/
X-Content-Type-Options
nosniff
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
x-sn-waf-code
date
Fri, 24 Mar 2023 16:38:34 GMT
server
KAYAK/1.0
accept-ranges
bytes
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
15000871.js
bat.bing.com/p/action/ Frame 0C08 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/15000871.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 24 Mar 2023 16:38:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CBF2AEAD9FA74644911D4504A2426E44 Ref B: MIAEDGE2719 Ref C: 2023-03-24T16:38:35Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame 0C08 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=15000871&Ver=2&mid=b048ffd1-9cd0-4b73-8f71-6291af40ecdb&sid=52137510ca6211ed84fb05e6b974339c&vid=52140600ca6211ed896627868a2f3cd7&vids=1&msclkid=N&page_path=%2Fbook-flights-hotels%2F&spa=Y&r=&lt=690&p=https%3A%2F%2Fww2.affinity.net%2Fbook-flights-hotels%2F&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Cheap%20Flights,%20Airline%20Tickets%20%26%20Airfares%20-%20Find%20Deals%20on%20Flights%20at%20Cheapflights.com&evt=pageLoad&ifm=1&sv=1&rn=65787
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Mar 2023 16:38:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A3F3C500392744CB9A69F15ECCD4EE13 Ref B: MIAEDGE2719 Ref C: 2023-03-24T16:38:35Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/833727979/ Frame 0C08 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/833727979/?random=1679675914577&cv=11&fst=1679673600000&bg=ffffff&guid=ON&async=1&gtm=45He33m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cheapflights.com%2Fbook-flights-hotels%2F&ref=https%3A%2F%2Fww2.affinity.net%2F&frm=1&tiba=Cheap%20Flights%2C%20Airline%20Tickets%20%26%20Airfares%20-%20Find%20Deals%20on%20Flights%20at%20Cheapflights.com&data=event_name%3DscreenView&fmt=3&is_vtc=1&random=405251265&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Mar 2023 16:38:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CIXnj7KA9f0CFdENaAgdCkYH3A;src=5142311;type=visit0;cat=front0;ord=6487488054266;gtm=45He33m0;auiddc=*;u12=V_ArwueFEKrH5quG6Q_OJCnODzk;u13=10eb7X5Jj_DreJ68VVk25ja4N7w;u16=en_US;u27=10eb7X5Jj_...
adservice.google.com/ddm/fls/z/ Frame 6421 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIXnj7KA9f0CFdENaAgdCkYH3A;src=5142311;type=visit0;cat=front0;ord=6487488054266;gtm=45He33m0;auiddc=*;u12=V_ArwueFEKrH5quG6Q_OJCnODzk;u13=10eb7X5Jj_DreJ68VVk25ja4N7w;u16=en_US;u27=10eb7X5Jj_DreJ68VVk25ja4N7w;~oref=https%3A%2F%2Fwww.cheapflights.com%2Fbook-flights-hotels%2F
Requested by
Host: 5142311.fls.doubleclick.net
URL: https://5142311.fls.doubleclick.net/activityi;dc_pre=CIXnj7KA9f0CFdENaAgdCkYH3A;src=5142311;type=visit0;cat=front0;ord=6487488054266;gtm=45He33m0;auiddc=1874702816.1679675915;u12=V_ArwueFEKrH5quG6Q_OJCnODzk;u13=10eb7X5Jj_DreJ68VVk25ja4N7w;u16=en_US;u27=10eb7X5Jj_DreJ68VVk25ja4N7w;~oref=https%3A%2F%2Fwww.cheapflights.com%2Fbook-flights-hotels%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://5142311.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Mar 2023 16:38:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.kayak.com
URL
https://www.kayak.com/s/ident/forbidden

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| __initializeR9Log object| R9 function| runInitWrapper function| _typeof function| _scoper object| jq object| jQuery object| $ object| @r9/logger object| R9Log object| @r9/perf object| babelHelpers function| define function| undefine function| require object| React object| ReactDOM object| Redux object| ReduxThunk object| ReactRedux function| moment function| IntlMessageFormat object| initDynamicImportLoader object| frameworkScriptsReactBoot function| requireInstance function| dynamicImport object| R9ApiClientCache object| _eventListeners object| globalVestigoSettings boolean| reactIsReady string| googleTagManagerId boolean| adblockEnabled

27 Cookies

Domain/Path Name / Value
.cheqpflights.com/ Name: sid
Value: 4ec48b0e-ca62-11ed-b661-97d693e48c3f
.dotomi.com/ Name: cjae
Value: DOpiyUNHH2G0
.dotomi.com/ Name: DotomiUser
Value: 800705116249468185$0$1
.dotomi.com/ Name: LCLK
Value: cjo!xj5m-n9dwzn4
.emjcd.com/ Name: S
Value: 800705116249468185:DOpiyUNHH2G0
.emjcd.com/ Name: LCLK
Value: cjo!xj5m-n9dwzn4
www.cheapflights.com/ Name: Apache
Value: JoR2Sg-AAABhxR8cQU-c9-fkAZ7w
www.cheapflights.com/ Name: cluster
Value: 4
www.cheapflights.com/ Name: kayak
Value: 0SMcZZFGYWYg0RrKcb8Y
www.cheapflights.com/ Name: p1.med.token
Value: _hKuECGuhlc7Dc7E4mUExL
www.cheapflights.com/ Name: p1.med.sid
Value: R-4vaFDjf$DgcPg4MeMGUPe-ZFJ7rv3rab22QbBzAjmlCA6MlTc_8M4ykWLnbYJU0
www.cheapflights.com/ Name: kanid
Value: cj
www.cheapflights.com/ Name: kanlabel
Value: AQ1C_Im-liyO9UnsMIHA2xqsm_1SS9sPHARo4hFXDpoGFfagzgT1_jY-ytmy_AShVgZOguYek-uTqZ_07umq0Qf3Wyy4hWJJxcFowF1aHt-xNp38F5L1pccftcYmmM5k9vhm0mKVr656q7ZiReEi03FaIp8WlNoLQs1sGJ2Z082nxCfYOdJzCFchicFbXD7oGgDTftd32MfMyPjY1tJoHnWhONRDLNTs22ukX5sDjzpEk3H1q-hunozmssQk6y5YZw
www.cheapflights.com/ Name: kmkid
Value: AffoD-hJV--qmNSDcTwqqrU
www.cheapflights.com/ Name: csid
Value: 904fe3c2-ba87-4361-aa46-17a78c0aa544
www.cheapflights.com/ Name: mst_iBfK2g
Value: c3r122O1ZfFnXrV9vpAtsWjq2jhDYoFm-XwTRQ0b1bhqREsKV3KwaZkyA_ry19MYO3eCBnhcjZDQWa3Op7Jfng
.cheapflights.com/ Name: _gcl_au
Value: 1.1.1874702816.1679675915
www.cheapflights.com/ Name: _fbp
Value: fb.1.1679675914000.0.8370521953316648
www.cheapflights.com/ Name: kayak.mc
Value: ARyGPGtgowfYMJsqKFvHQWrVRJDrW16QTLZ037KfSQPx58q-Y_lcWSCE2JDsxSppiurdFxYdoktcxe7aD64eBLqvKrd3WmnHm31OuQLZDxMKivooZOjENYLktSHqNpM20SHPb1nOrOEthQ9WEepXJWfgir9ebgw9DSWC5H91i5mLRiTqTI72PjV7egO6IjPAJ8IdywL0WQt0ERTc6IwpVL7OcULmEJ_9rCar_Scpik3p6bCcpNBe9sDC5krm2GvJkxalG15D1yK_49E2wqskiatFoqBPJpeihpmIyEDRCSHDL2qI1fJJ4udNSuKQscH0jrm-7lav4is13XsQH6wAtr7dH5mdxqgffWPYPAfo2xr0kZi-OTigVOrkR_cFySGfcqGJnczKq5DjTX9n3FS7ZDSeH9QKxaaO1kvKyHOlmRll-tvrN0kwYoQ4IFRmtk_a1kD7PP6tGaZIU5JSFIXkfH12yt1jCjS5mN8vlriiYQ1gT5f_LshBFKwUdOeLXa9kAg
.bing.com/ Name: MUID
Value: 174DD3FBA7246FF82CC9C125A6B46E5D
.c.bing.com/ Name: MR
Value: 0
.cheapflights.com/ Name: _uetsid
Value: 52137510ca6211ed84fb05e6b974339c
.cheapflights.com/ Name: _uetvid
Value: 52140600ca6211ed896627868a2f3cd7
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22354F8B80-3705-401D-8568-263BB77C3615%22%7D
.clicktripz.com/ Name: _ctuid
Value: d9c5bca3-f655-47c2-a3e7-aaa83021ea02
.bat.bing.com/ Name: MR
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUloVC_OGxuXX6HDmHpXxIASyqwaclIIJEyqjWoLHMUS3ofSNBddacWofPQtYmw

2 Console Messages

Source Level URL
Text
javascript error URL: https://www.cheapflights.com/book-flights-hotels/
Message:
Access to fetch at 'https://www.kayak.com/s/ident/forbidden' (redirected from 'https://www.cheapflights.com/s/ads/dfp/banner300x250/ads.js') from origin 'https://www.cheapflights.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://www.kayak.com/s/ident/forbidden
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5142311.fls.doubleclick.net
a.clicktripz.com
ads.travelaudience.com
adservice.google.com
bat.bing.com
c.bing.com
cheqpflights.com
cj.dotomi.com
cm.g.doubleclick.net
content.r9cdn.net
fcmatch.google.com
fcmatch.youtube.com
googleads.g.doubleclick.net
ww2.affinity.net
www.cheapflights.com
www.dpbolvw.net
www.emjcd.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.kayak.com
www.kayak.com
142.251.41.6
151.101.129.29
159.127.43.10
172.217.165.130
192.155.108.148
216.139.248.127
2607:f8b0:4006:806::200e
2607:f8b0:4006:80d::2008
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::200e
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2004
2620:1ec:c11::200
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:400::285
2a04:4e42:600::285
35.190.0.66
44.232.249.159
0b007742ea9134b759ef116d4812556d463b15608d2048aeeeb2b352be9ea251
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
2632a0a2715bdcc6db20b505595f8ac7ac633090f9743e93232ba8a4017c67f7
2f674805a5f6e266dc48be04355bc4d120ca3a54fa5bf5ff7cace64f37c0d681
49f10b3ec66a53b4b444b652b03c9c4decf0946d6a95682348acdf76d4a3d9d9
58e85f2a845f66d47f1b51edd30ca78486e6bc2f0ffe4ed14e19a7c0bec4bde4
5ca2731d34af0c873f54e6cb773592d9e7b949c05513ba70acfc2270656475fe
6614d5c2df742b4b56c05f902c1b3422c9890b692eaccb4bf288dfc4b7f646b3
674008de5bc8025b6db828cde159114d907e6b0c47be8829f3e5180844427e4a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6df354c91f2558cfec3d6618da740a0500d4f1703951427e0f9c59f2063222f0
7a8d97f266e0707f3557e806a69481f9ae4d0d0166785e4971ede72ca4ccdcdc
849b322ef12d3c0d201fb4cd5b4dbe01ce020a002dc383484ebd0252ab6b8f8c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cb3ef330ff7426ef7d6dd357e352473445a2234b0326fb037ee19e65f722367
9e84207f7003c9340912918389ebae9cef0ffd382ac917cc3a2901528547b2fe
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a342c43b5654d1f9ad08af6c80af2eee7e2f4a224874c1fa606850f0418d127c
abb522ea1869bc585dc8184b96500f21e7683bfecacdd667e58f85af6b746435
ae3cb9654653c0ead733d1262986b11d0c26e1da9cffd049c7cfab6c8f3a2eef
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7344c9f9c31277a8f0954834b45a9fc4d000414a4f6f55caf65cea4e98da71d
b79b7085c2e0719f6b7963c4684c2f0651c6b1e16a56e6b57a885e562005c6b0
b9758fe5dc7b23be621dede4630c18e279d46cc24451d99e5c20368182ce0b5f
b9ec148ca0f5ee59e3612681eb3334a9ed5711f05431427b4b164754d03ca569
c23cd230197bc8f09307ac26c54162579c700f38d1404b71f94c8ce6a2b47ea0
c471e9216eb383cbfe43a5ac1dfce28e2184275f4954e57cf2b7f722c0a18795
cd363138402dc1e0ff646b9af44cf0d989447e67085d26a66db502ee139d70ce
cdd8fc28041fdefd3fd22775a0c99c739788eca90d6bf2cccbeb85a1a527fbe1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d1fe02fba381638a403b95a35403f42d0bf9f29237db588b5945c159d451a0
f78a2816da36a78deacfc2a03d5509ce9ef55dad61de4c82b21ed5afc6ba30d5
f86ec564008e7f0a4031aef5fbbac7882542fef43e87a996be89e021c6dcfcf8
fb41015cef6c0a7409956f07d291bfb3ae056502376d221a6c1d1f51ea271464