urlscan.io logo urlscan.io
SecurityTrails logo

www.cheapoair.ca Open in urlscan Pro
104.108.56.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.cheapoair.ca/
Effective URL: https://www.cheapoair.ca/
Submission: On June 28 via manual from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 5 countries across 18 domains to perform 73 HTTP transactions. The main IP is 104.108.56.109, located in Amsterdam, Netherlands and belongs to AKAMAI-AS - Akamai Technologies, Inc., US. The main domain is www.cheapoair.ca.
TLS certificate: Issued by GeoTrust SSL CA - G3 on June 21st 2017. Valid for: a year.
This is the only time www.cheapoair.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 104.108.56.109 16625 (AKAMAI-AS)
17 104.111.251.189 20940 (AKAMAI-ASN1)
2 92.123.93.139 20940 (AKAMAI-ASN1)
2 34.195.120.173 14618 (AMAZON-AES)
3 34.194.234.180 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
1 54.192.55.43 16509 (AMAZON-02)
3 172.217.22.34 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:401... 15169 (GOOGLE)
1 2a03:2880:f02... 32934 (FACEBOOK)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.216.0.88 16509 (AMAZON-02)
2 104.108.49.6 16625 (AKAMAI-AS)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 198.232.124.194 54104 (AS-NETDNA)
1 172.217.23.130 15169 (GOOGLE)
1 52.216.32.3 16509 (AMAZON-02)
2 2a00:1450:401... 15169 (GOOGLE)
1 94.31.29.249 6461 (ZAYO-6461)
73 23
10    104.108.56.109 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-56-109.deploy.static.akamaitechnologies.com
www.cheapoair.ca
17    104.111.251.189 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-111-251-189.deploy.static.akamaitechnologies.com
c.fareportal.com
2    92.123.93.139 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-93-139.deploy.akamaitechnologies.com
cdn.optimizely.com
cdn3.optimizely.com
2    34.195.120.173 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-195-120-173.compute-1.amazonaws.com
logx.optimizely.com
3    34.194.234.180 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-194-234-180.compute-1.amazonaws.com
logx.optimizely.com
3    2a00:1450:4001:81b::2002 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.googletagservices.com
pagead2.googlesyndication.com
1    54.192.55.43 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-55-43.jfk6.r.cloudfront.net
dnn506yrbagrg.cloudfront.net
3    172.217.22.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra15s16-in-f34.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:81b::2001 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
tpc.googlesyndication.com
4    2a00:1450:401b:801::2004 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google.com
1    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
6    2a00:1450:4001:81b::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
apis.google.com
www.google-analytics.com
1    2a00:1450:4001:81b::2008 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.googletagmanager.com
2    52.216.0.88 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com
gtrk.s3.amazonaws.com
2    104.108.49.6 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-49-6.deploy.static.akamaitechnologies.com
www.cheapoair.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    2a00:1450:4001:81b::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.gstatic.com
1    198.232.124.194 (Los Angeles, United States)

ASN54104 (AS-NETDNA - netDNA, US)
PTR: 194-124-232-198.static.unitasglobal.net
static.hotjar.com
1    172.217.23.130 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra16s18-in-f130.1e100.net
www.googleadservices.com
1    52.216.32.3 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
2    2a00:1450:401b:801::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google.de
1    94.31.29.249 (United Kingdom)

ASN6461 (ZAYO-6461 - Zayo Bandwidth Inc, US)
PTR: 94.31.29.249.IPYX-077437-ZYO.above.net
script.hotjar.com
Domain Requested by
17 c.fareportal.com www.cheapoair.ca
www.googletagmanager.com
10 www.cheapoair.ca www.cheapoair.ca
securepubads.g.doubleclick.net
5 logx.optimizely.com cdn.optimizely.com
4 www.google.com www.cheapoair.ca
securepubads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.cheapoair.ca
3 apis.google.com www.cheapoair.ca
apis.google.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.cheapoair.ca
2 www.google.de
2 www.cheapoair.com www.cheapoair.ca
2 gtrk.s3.amazonaws.com www.cheapoair.ca
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
2 www.googletagservices.com www.cheapoair.ca
1 pagead2.googlesyndication.com securepubads.g.doubleclick.net
1 script.hotjar.com static.hotjar.com
1 s3.amazonaws.com www.cheapoair.ca
1 www.googleadservices.com www.googletagmanager.com
1 static.hotjar.com www.cheapoair.ca
1 www.gstatic.com www.google.com
1 www.facebook.com www.cheapoair.ca
1 www.googletagmanager.com c.fareportal.com
1 connect.facebook.net www.cheapoair.ca
1 dnn506yrbagrg.cloudfront.net www.cheapoair.ca
1 cdn3.optimizely.com cdn.optimizely.com
1 cdn.optimizely.com www.cheapoair.ca
0 accounts.google.com Failed apis.google.com
0 vars.hotjar.com Failed static.hotjar.com
0 staticxx.facebook.com Failed connect.facebook.net
73 27
Subject Issuer Validity Valid
www.fareportal.com
GeoTrust SSL CA - G3		 2017-06-21 -
2018-08-20		 a year crt.sh
*.optimizely.com
Symantec Class 3 Secure Server CA - G4		 2016-11-11 -
2017-11-11		 a year crt.sh
logx.optimizely.com
DigiCert SHA2 High Assurance Server CA		 2016-10-04 -
2018-10-09		 2 years crt.sh
*.g.doubleclick.net
Google Internet Authority G2		 2017-06-21 -
2017-09-13		 3 months crt.sh
*.cloudfront.net
Symantec Class 3 Secure Server CA - G4		 2016-10-26 -
2017-12-17		 a year crt.sh
tpc.googlesyndication.com
Google Internet Authority G2		 2017-06-21 -
2017-09-13		 3 months crt.sh
www.google.com
Google Internet Authority G2		 2017-06-14 -
2017-09-06		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2016-12-09 -
2018-01-25		 a year crt.sh
*.apis.google.com
Google Internet Authority G2		 2017-06-21 -
2017-09-13		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G2		 2017-06-21 -
2017-09-13		 3 months crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2016-07-29 -
2017-11-29		 a year crt.sh
www.cheapoair.com
Symantec Class 3 EV SSL CA - G3		 2017-05-05 -
2019-05-18		 2 years crt.sh
*.google.com
Google Internet Authority G2		 2017-06-21 -
2017-09-13		 3 months crt.sh
*.hotjar.com
Gandi Standard SSL CA 2		 2015-10-23 -
2018-11-16		 3 years crt.sh
www.googleadservices.com
Google Internet Authority G2		 2017-06-21 -
2017-09-13		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2016-07-29 -
2017-11-29		 a year crt.sh
www.google.de
Google Internet Authority G2		 2017-06-14 -
2017-09-06		 3 months crt.sh
*.googleusercontent.com
Google Internet Authority G2		 2017-06-21 -
2017-09-13		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.cheapoair.ca/
Frame ID: 21391.1
Requests: 66 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/XBwzv5Yrm_1.js?version=42
Frame ID: 21391.5
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/rcj-99d43ead6bdf30da8ed5ffcb4f17100c.html
Frame ID: 21391.6
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.cheapoair.ca&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.TxxZ5tqtOew.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPIFY-voWoJbfExGMndCwbQwRse-w
Frame ID: 21391.7
Requests: 1 HTTP requests in this frame

Frame: https://www.cheapoair.ca/travel/banners/mobile/160x600.html
Frame ID: 21391.8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20170619/r20110914/activeview/osd_listener.js
Frame ID: 21391.4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-9/html/container.html
Frame ID: 21391.9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

73
Requests

92 %
HTTPS

41 %
IPv6

18
Domains

27
Subdomains

23
IPs

5
Countries

1426 kB
Transfer

4238 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 51
  • https://www.google.com/ads/user-lists/1008477815/?random=1498656792234&cv=8&fst=1498656792234&num=1&fmt=3&label=Qx0gCNnE_wIQ98zw4AM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_t...
  • https://www.google.de/ads/user-lists/1008477815/?random=1498656792234&cv=8&fst=1498656792234&num=1&fmt=3&label=Qx0gCNnE_wIQ98zw4AM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz...
Request 54
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-20852452-1&cid=448478735.1498656792&jid=197142543&_v=j56&z=1413254935
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-20852452-1&cid=448478735.1498656792&jid=197142543&_v=j56&z=1413254935&slf_rd=1&random=2309049528

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.cheapoair.ca/
Redirect Chain
  • http://www.cheapoair.ca/
  • https://www.cheapoair.ca/
 		23 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.56.109 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-56-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
34ac45e59cad71a59c8f79d96074d7cc4eaf436f1d70fbed03ed56f4bbb46184

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Cteonnt-Length
23587
Date
Wed, 28 Jun 2017 13:33:10 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent, Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
private
Connection
keep-alive
Content-Length
6433

Redirect headers

Location
https://www.cheapoair.ca/
Date
Wed, 28 Jun 2017 13:33:10 GMT
Connection
keep-alive
Content-Length
0
vendors.min.css
www.cheapoair.ca/app/build/css/ 		119 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.ca/app/build/css/vendors.min.css?ver=1.0
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.56.109 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-56-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2ad9ffff987c6137721875db114fc341c823de65faf2d8544e57689f6861f03d

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Cteonnt-Length
121972
Date
Wed, 28 Jun 2017 13:33:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 08:59:44 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"7e49df9e7dbad21:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23199
appall.min.css
www.cheapoair.ca/app/build/css/ 		166 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.19
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.56.109 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-56-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c1a96ee1c286f0b5a0ff53a02e4e41635d0c3697e2ec94abcf0fa1ea43b4f311

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Cteonnt-Length
169503
Date
Wed, 28 Jun 2017 13:33:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 May 2017 06:43:22 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"d69c75356bd0d21:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40936
deals.min.css
c.fareportal.com/vd/ca/travel/r6/css/production/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/vd/ca/travel/r6/css/production/deals.min.css
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.251.189 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-251-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b75371fca2753353e840ed3a48e5346ad78fdaba26958f213f3236ad3061e3f4

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:10 GMT
content-encoding
gzip
last-modified
Thu, 20 Apr 2017 11:58:08 GMT
server
Apache
status
200
etag
"4fe0ad10e505f4f8ff420ba9c76baf03:1492927536"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1577
vendors.min.js
www.cheapoair.ca/app/build/js/ 		623 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.ca/app/build/js/vendors.min.js
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.56.109 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-56-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e8b24116788504154eb373d3606d7145427bf745ed76187fd4594685d80735d9

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Cteonnt-Length
638039
Date
Wed, 28 Jun 2017 13:33:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 May 2017 06:43:22 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"9b617a356bd0d21:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
193093
121108002.js
cdn.optimizely.com/js/ 		252 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/121108002.js
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.93.139 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-93-139.deploy.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7e1856f77a69672fbc0070a3d8947d4532c4b4cf7d9a0a70fef7c8db98f0e923

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

x-amz-version-id
pNh6It2ZK.sNyro9b47_wil3d82_q8Vs
Content-Encoding
gzip
ETag
"bea8f17b4de8fd7f6adf8e1e4f7217b5"
x-amz-request-id
17AAE6EC3AEEFD2B
x-amz-meta-revision
3127
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
77505
x-amz-id-2
Gofn7QQX0KjCvAaQGtfQHfchmQ4cTmjxuaaUc+AFFkO6XN6YDEqS9CBtsE/SildY
Last-Modified
Tue, 27 Jun 2017 15:10:47 GMT
Server
AmazonS3
Date
Wed, 28 Jun 2017 13:33:10 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amz-meta-revision
Cache-Control
max-age=126
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
*
appall.min.js
www.cheapoair.ca/app/build/js/ 		851 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.ca/app/build/js/appall.min.js?ver=2.23
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.56.109 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-56-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
506b0e89d6fe79205a56adf9ece76c495fd403241216a36c55ee8460bda10da2

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Cteonnt-Length
871598
Date
Wed, 28 Jun 2017 13:33:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 May 2017 07:11:04 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"71af4793cad2d21:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
tracker-0.1.min.js
c.fareportal.com/vd/coa/travel/travel_resources/resources/js/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/vd/coa/travel/travel_resources/resources/js/tracker-0.1.min.js
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.251.189 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-251-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5760fbdd8d47b7dda07922adcc6c5d73e5c46068ad29c861bdd958b28f6ce1ca

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:10 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2017 22:51:55 GMT
server
Apache
status
200
etag
"a6e0022407c2e6e091f309e2ec0e56dd:1493891709"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
2155
geo2.js
cdn3.optimizely.com/js/ 		294 B
294 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.optimizely.com/js/geo2.js
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/121108002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.93.139 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-93-139.deploy.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9707fd1b896c5ac9173054163fecbaee7c017bab52e0f08a47a03f0e862a1325

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

x-amz-version-id
Y1BKPK.c9lIaZx2uYj8JMWZye_vJfrh9
Server
AmazonS3
x-amz-request-id
5C1E1915F099FE5D
ETag
"adadfc5d7afd13e353d9d52cec1c7827"
Content-Type
application/javascript
Cache-Control
max-age=18062
Date
Wed, 28 Jun 2017 13:33:11 GMT
Connection
keep-alive
Content-Length
294
x-amz-id-2
XBEwaj9uqBPVopRCiWPz4w+5Cft3WeSdlzbcBJ3it80QmFdDSMnCMIHkoLoHl/GmoBw/cmr54xI=
event
logx.optimizely.com/log/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/log/event
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/121108002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.120.173 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-195-120-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cheapoair.ca/
Origin
https://www.cheapoair.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.cheapoair.ca
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Date
Wed, 28 Jun 2017 13:33:11 GMT
X-Request-Id
71d28920-97fc-4182-b2bf-3eeed53f4d0c
Content-Type
text/plain
decision
logx.optimizely.com/log/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/log/decision
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/121108002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.234.180 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-194-234-180.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cheapoair.ca/
Origin
https://www.cheapoair.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.cheapoair.ca
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Date
Wed, 28 Jun 2017 13:33:11 GMT
X-Request-Id
da78d0f8-31d7-4c46-9d47-a11fa4f75fbd
Content-Type
text/plain
gpt.js
www.googletagservices.com/tag/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
6c0a27cf87e212d934159d2f5914a144ed05bc798ef6315f07ee4276446474f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:32:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38
status
200
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,36,35",quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
1600
x-xss-protection
1; mode=block
last-modified
Tue, 27 Jun 2017 21:16:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2017 13:32:33 GMT
dealsJson.json
c.fareportal.com/vd/ca/travel/js/ 		15 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/vd/ca/travel/js/dealsJson.json
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.251.189 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-251-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aa311b9351092526867dd5dd50c41a1c0abb0e6df3fe850c5c0a7ec138601fee

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.cheapoair.ca/
Origin
https://www.cheapoair.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:11 GMT
last-modified
Tue, 27 Jun 2017 13:52:11 GMT
server
Apache
etag
"8e7302fa56dc8e16ba3b95659ef1d669:1498571646"
status
200
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
15114
ca-logo.gif
c.fareportal.com/vd/ca/travel/r6/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/vd/ca/travel/r6/images/ca-logo.gif
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.251.189 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-251-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9c9fad7f1b0e691be9fa27a5767b84dac1fceee560686192317b010dc4f53252

Request headers

Referer
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.19
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:11 GMT
last-modified
Mon, 13 Feb 2017 20:32:02 GMT
server
Apache
etag
"7a5394e8cfd544aa4f57dd4a79e3858e:1492927536"
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
3533
COA-font-icon.woff
c.fareportal.com/vd/coa/travel/r6/font/fonts/ 		164 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/vd/coa/travel/r6/font/fonts/COA-font-icon.woff?9waahs
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.251.189 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-251-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3fad79d315805f43f9bde04da5fc8b63670ac1bbc1a65247d701cd757f1025d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Referer
https://www.cheapoair.ca/app/build/css/vendors.min.css?ver=1.0
Origin
https://www.cheapoair.ca

Response headers

date
Wed, 28 Jun 2017 13:33:11 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2017 21:20:36 GMT
server
Apache
status
200
etag
"7c70c9f97b90119725a8f6390c4bc9d3:1493890536"
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
90769
home-sprite.png
c.fareportal.com/vd/ca/travel/r6/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/vd/ca/travel/r6/images/home-sprite.png
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.251.189 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-251-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c5bebc29cbd6f75e9c4556855ec082ea11197a97f268ad52715d7995615928f8

Request headers

Referer
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.19
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:11 GMT
last-modified
Mon, 13 Feb 2017 20:32:02 GMT
server
Apache
etag
"6bbf95c878a5ee71bacfd6a5212ca5a3:1492927536"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
11835
calus247n.png
c.fareportal.com/vd/coa/travel/r6/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/vd/coa/travel/r6/images/calus247n.png
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.251.189 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-251-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
14fc4046b61fcc54838eefd1368870d738b56b810a0da4375062786bebf9a86f

Request headers

Referer
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.19
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:11 GMT
last-modified
Wed, 03 May 2017 21:20:36 GMT
server
Apache
etag
"1c999a2b54562ad48382288352aa7c22:1493890536"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
14429
herobanner-slide1.jpg
c.fareportal.com/vd/ca/travel/r6/images/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/vd/ca/travel/r6/images/herobanner-slide1.jpg
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.251.189 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-251-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
896fb1331239af998032d12f557be903acfbdfcb469b928a88fdf2c33e2e3c80

Request headers

Referer
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.19
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:11 GMT
last-modified
Mon, 13 Feb 2017 20:32:02 GMT
server
Apache
etag
"b8e379323bd746d8a2a8b0e2630cf820:1492927536"
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
130018
home-sprite.png
c.fareportal.com/vd/coa/travel/r6/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/vd/coa/travel/r6/images/home-sprite.png
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.251.189 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-251-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e6c753b1150ac4a20658949932fdf26041a78f8d836e2fb68983793a798011cd

Request headers

Referer
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.19
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:11 GMT
last-modified
Wed, 03 May 2017 21:20:37 GMT
server
Apache
etag
"a4f8ffcd59f944054834671424e49f96:1493890536"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
18769
mobile.png
c.fareportal.com/vd/ca/travel/home-r1/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/vd/ca/travel/home-r1/img/mobile.png
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.251.189 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-251-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
51bc001ab83531c5951d35dca1eddec1272e82a352aab2650b77cff44f6f54b3

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:11 GMT
last-modified
Mon, 13 Feb 2017 20:32:02 GMT
server
Apache
etag
"56c6bf92a71d8882b9549f6db9465931:1492927432"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
5819
4182.js
dnn506yrbagrg.cloudfront.net/pages/scripts/0013/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dnn506yrbagrg.cloudfront.net/pages/scripts/0013/4182.js?416293
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.55.43 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-55-43.jfk6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd54d6bffe0bd3069676e896a0e1980325d74d06cfe6e3225d1122f1e85b1887

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 20 Jun 2017 19:00:33 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Jun 2017 18:32:01 GMT
Server
AmazonS3
Age
1923
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 64fc1ccc427044d03aa5724d4825ec8f.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
jpy2B7XuZ7TDmWX0FHCP9TTnIftySW060eG9yqER3YYSu5Oy7iwiMQ==
pubads_impl_121.js
securepubads.g.doubleclick.net/gpt/ 		185 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.22.34 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra15s16-in-f34.1e100.net
Software
sffe /
Resource Hash
ac4f9618be0b43e3a85ccb1b5ae9b9c5efbe4d1ac30bcd5db7b624a767024481
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Tue, 27 Jun 2017 09:38:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100468
status
200
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
65897
x-xss-protection
1; mode=block
last-modified
Tue, 06 Jun 2017 14:12:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jun 2018 09:38:43 GMT
cta_load01.gif
c.fareportal.com/vd/coa/travel/r6/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/vd/coa/travel/r6/images/cta_load01.gif
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.251.189 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-251-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
67c2d66515aab5829677fa0c6a6b249e3c3dff1ede2ab43b68198991e1a26bb1

Request headers

Referer
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.19
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:11 GMT
last-modified
Wed, 03 May 2017 21:20:36 GMT
server
Apache
etag
"d8f9f017c9733ff6bbca579f5276a043:1493890536"
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1715
sprite-logo-car.png
c.fareportal.com/vd/ca/travel/r6/images/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/vd/ca/travel/r6/images/sprite-logo-car.png?ver=1.0
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.251.189 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-251-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f725b4d8d798ddb41cb42af75f8603a7a819ced8bada7dc52e9de4f5471bc856

Request headers

Referer
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.19
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:11 GMT
last-modified
Mon, 13 Feb 2017 20:32:02 GMT
server
Apache
etag
"39353c5b2d68483537625c011bfa3591:1492927537"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
68049
rating-sprite.png
c.fareportal.com/gcms/portals/3/responsive-b3/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/gcms/portals/3/responsive-b3/img/rating-sprite.png
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.251.189 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-251-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8f30adfbbf2de1c952d6f1aceb31ab1be514853ebfa63cc1c4efd7bcc646c847

Request headers

Referer
https://www.cheapoair.ca/app/build/css/appall.min.css?ver=2.19
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:11 GMT
last-modified
Tue, 22 Jul 2014 14:50:00 GMT
server
Apache
etag
"c4e59d3512b53827400afc580b0fcca2:1406040600"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
2129
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e45d2a55a140ce64414fe4dae02b736f587002cf4be37a9d7843834e0d37a0a4

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
Windsor.jpg
c.fareportal.com/vd/ca/travel/r6/images/flights-deals/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/vd/ca/travel/r6/images/flights-deals/Windsor.jpg
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.251.189 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-251-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8d591801c518791db93cd3d68e77ed8ec067a2e0ae67ba57bccfb5f3c71fcd84

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:11 GMT
last-modified
Mon, 13 Feb 2017 20:32:02 GMT
server
Apache
etag
"b3c70f73675178de424fbce6d548c524:1492927540"
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
24234
container.html
tpc.googlesyndication.com/safeframe/1-0-9/html/ 		3 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-9/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
ae5f50b2f37e6d987eeeab05cc75c24906e6c4ccd7bb9f1ad842d635d3dfaee7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Purpose
prefetch
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Tue, 27 Jun 2017 09:38:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 24 May 2017 18:50:59 GMT
server
sffe
age
100470
vary
Accept-Encoding
content-type
text/html
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
1770
x-xss-protection
1; mode=block
expires
Wed, 27 Jun 2018 09:38:41 GMT
gpt.js
www.googletagservices.com/tag/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
6c0a27cf87e212d934159d2f5914a144ed05bc798ef6315f07ee4276446474f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:32:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
status
200
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,36,35",quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
1600
x-xss-protection
1; mode=block
last-modified
Tue, 27 Jun 2017 21:16:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2017 13:32:33 GMT
api.js
www.google.com/recaptcha/ 		797 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:401b:801::2004 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
GSE /
Resource Hash
f20f19374cad3fff54414e27e23942cb3820aa8bbf5d5fb0cb070ddc10d5d3f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
421
x-xss-protection
1; mode=block
expires
Wed, 28 Jun 2017 13:33:12 GMT
all.js
connect.facebook.net/en_US/ 		197 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
45b9e2824dace532641cfa89db17c54cbcf91e72dd95990063f48cb44e9ca908
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
5ATVogxUUgZLI5YpX9dlXA==
status
200
content-length
61824
x-xss-protection
0
x-fb-debug
0573t+BduyZOgPiymaWo2Q2aDp1n+mEguUVKgY7hbcnIhBK/fOofVilGu6IODwAZPAfzYehayPopIHLgvKvaUQ==
x-fb-content-md5
5fb33455f1ba36e68ea5338e7582cbb6
x-frame-options
DENY
date
Wed, 28 Jun 2017 13:33:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"206795e125784567c696f34dc80def5e"
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin
*
expires
Wed, 28 Jun 2017 13:52:13 GMT
client.js
apis.google.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client.js?onload=googleApiLoaded
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
ESF /
Resource Hash
068c4ef4a53eeec41bb5710c0e1eb09fd81a63fb0e29680abeee6bf2404e8524
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://support.google.com/accounts/answer/151657?hl=en for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"4f55d334d78dbc0815f42f49c10bbdc9"
strict-transport-security
max-age=10886400
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Wed, 28 Jun 2017 13:33:12 GMT
platform.js
apis.google.com/js/ 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
ESF /
Resource Hash
0b8ccf66e28670ce1d5b28b5903df2864dc60de8f14e28e586e4207d038443cc
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://support.google.com/accounts/answer/151657?hl=en for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"5a25a9eff7c3af0002da9aea244c351f"
strict-transport-security
max-age=10886400
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Wed, 28 Jun 2017 13:33:12 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=4264676029889086&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&json_a=1&eid=108809080%2C108809144%2C108809147%2C108809107%2C21060066&sc=1&sfv=1-0-9&iu_parts=10519168%2CCheapOAir.CA%2CCAC_Homepage%2CCAC_HP_LP_ATF_R_160x600_G%2CCAC_HP_LP_BTF_B_728x90_G&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4&prev_iu_szs=160x600%2C728x90&cookie_enabled=1&abxe=1&lmt=1498656792&dt=1498656792040&frm=20&biw=1585&bih=1200&oid=3&adxs=1398%2C430&adys=1079%2C2622&adks=3101717122%2C3060227179&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cheapoair.ca%2F&dssz=21&icsg=35862528&std=0&vrg=121&vrp=121&rumc=8308076209509696&ga_vid=448478735.1498656792&ga_sid=1498656792&ga_hid=230996705
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.22.34 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra15s16-in-f34.1e100.net
Software
cafe /
Resource Hash
522b2719bf0852aff9487f6c5b3c4c0b66f48a91708bfa4280805e3d01f5af15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
9646
x-xss-protection
1; mode=block
google-lineitem-id
369114888,6667968
pragma
no-cache
server
cafe
google-creative-id
92983872528,10692861048
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
searchpopunder.min.js
www.cheapoair.ca/travel/r6/widget/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.ca/travel/r6/widget/js/searchpopunder.min.js?ver=1.12
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.56.109 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-56-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e7689262d0fca6f44f0a7d981d3243411aed9e5762ad4a444849f09176a5ef03

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Cteonnt-Length
5693
Date
Wed, 28 Jun 2017 13:33:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Apr 2017 14:04:02 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"d35c29a24cb8d21:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2231
AnonymousUserTracking-live.js
c.fareportal.com/vd/ca/travel/r6/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/vd/ca/travel/r6/js/AnonymousUserTracking-live.js?ver=1.0
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.251.189 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-251-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
18b25000a9e868b5920a231c6c5a3bec2235ae15b59c8580745379c118f9589e

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:12 GMT
content-encoding
gzip
last-modified
Mon, 13 Feb 2017 20:32:02 GMT
server
Apache
status
200
etag
"3db3c3f99024a238c41c1f8ee1c63c84:1492927542"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1280
gtm.js
www.googletagmanager.com/ 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NDPC4G
Requested by
Host: c.fareportal.com
URL: https://c.fareportal.com/vd/coa/travel/travel_resources/resources/js/tracker-0.1.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::2008 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
3215e12accec30e2270c2dc0165b5292415d963abd1b15fbab8373cf0d9164dd
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:12 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
31271
x-xss-protection
1; mode=block
expires
Wed, 28 Jun 2017 13:33:12 GMT
csi
www.google.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/csi?v=3&s=gpt&action=global&it=rt_st.gpt.1526,rt_fs.gpt.1526,rt_dns.gpt.1,rt_tcp.gpt.22,rt_ssl.gpt.16,rt_rtt.gpt.28,rt_tft.gpt.0,rt_ts.gpt.1948,rt_eb.gpt.1600,rt_db.gpt.3156,rt_duration.gpt.29,pubads_load_period.6,rt_st.impl.1938,rt_fs.impl.1938,rt_dns.impl.0,rt_tcp.impl.20,rt_ssl.impl.15,rt_rtt.impl.27,rt_tft.impl.11,rt_ts.impl.66223,rt_eb.impl.65897,rt_db.impl.189817,rt_duration.impl.38&srt=699&count_of_slots=2&count_of_requested_slots=2&count_of_rendered_slots=0&count_of_requests=1&count_of_refreshes_called=0&count_of_passback=0&vrg=121&pl_id=8308076209509696&e=v121,n10519168,publisher_ads,sra,fif,page_load,108809080,108809144,108809147,108809107,21060066&rt=loader_loaded_instant.1399,loader_loaded_instant_nw.1399,impl_loaded_instant.1403,page_load_time.1528
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:401b:801::2004 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Cache-Control
max-age=0
Origin
https://www.cheapoair.ca
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Jun 2017 13:33:12 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
status
204
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
gtrk.s3.amazonaws.com/ 		32 B
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gtrk.s3.amazonaws.com/s?u=134182&t=os9ezc
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.0.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Wed, 28 Jun 2017 13:33:13 GMT
Last-Modified
Tue, 09 Feb 2016 23:57:19 GMT
Server
AmazonS3
x-amz-request-id
BC13071EEF334C37
ETag
"776f5f447e5e03b50f3bc4d4ec78daaa"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
32
x-amz-id-2
AjFssngAuaaLGLhQiqJY09s2prbeeEI60BsE4hfDnGrcHD2FIrtWZgo40Sottw8bTunvlCA1/9Y=
u
gtrk.s3.amazonaws.com/ 		32 B
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gtrk.s3.amazonaws.com/u?u=134182&t=os9ezc
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.0.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Wed, 28 Jun 2017 13:33:13 GMT
Last-Modified
Tue, 09 Feb 2016 23:57:32 GMT
Server
AmazonS3
x-amz-request-id
94615CC70B237621
ETag
"776f5f447e5e03b50f3bc4d4ec78daaa"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
32
x-amz-id-2
1xk5sDd6vjpoIfPWBpEG9IaByVYp8epMKxyCD1l6fIQjU9GmPPkwvc8hC42mWa4q64Q0cJQnZaE=
AnonymousUser
www.cheapoair.com/profiles/publicapi/v1/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/profiles/publicapi/v1/AnonymousUser?FPUserId=-3
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/app/build/js/vendors.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.49.6 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-49-6.deploy.static.akamaitechnologies.com
Software
nginx/1.11.5 / GlobalCMS
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
PUT
Origin
https://www.cheapoair.ca
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Access-Control-Request-Headers
x-domainid

Response headers

Date
Wed, 28 Jun 2017 13:33:12 GMT
Server
nginx/1.11.5
X-Powered-By
GlobalCMS
Allow
OPTIONS, TRACE, GET, HEAD, POST
Access-Control-Allow-Methods
GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Public
OPTIONS, TRACE, GET, HEAD, POST
Cache-Control
no-cache, public
X-Proxy-Server
lpnginx63
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-SessionToken,X-DomainId,X-AuthType,X-EncUserId,X-EmailId,X-EncEmailId,X-AppId,X-AppSecret,X-MigrationKey,X-AutoProfile,X-AutoRewardsSignUp,X-xecuteKey,TripTOAExpire,TripTOADetails,X-UserAgent,App-X-ClientIP,App-TripTOADetails,App-TripTOAExpire,X-ClientIP,X-AppVersion,X-DeviceID,TOATSettingsK
Content-Length
0
Expires
Tue, 27 Jun 2017 13:33:12 GMT
/
www.facebook.com/impression.php/f2014553452991/ 		43 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/impression.php/f2014553452991/?api_key=264246100438851&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
no-cache
x-fb-debug
Vk2WJbcrujUB81LUxmFnok1/C39/cpcK00ZRL7D4D5WRAFPRQUsfLANg5xHe7ht6GN4gaOA//r+Yf0EROujUeA==
date
Wed, 28 Jun 2017 13:33:12 GMT
strict-transport-security
max-age=15552000; preload
public-key-pins-report-only
max-age=500; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="q4PO2G2cbkZhZ82+JgmRUyGMoAeozA+BSXVXQWB8XWQ="; report-uri="http://reports.fb.com/hpkp/"
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-method
OPTIONS
expires
Sat, 01 Jan 2000 00:00:00 GMT
XBwzv5Yrm_1.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 2139 		0
0
recaptcha__en.js
www.gstatic.com/recaptcha/api2/r20170613131236/ 		227 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/api2/r20170613131236/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
5db0819891cb142796657a42fbed005a48331866dfe9d777589273fa6bd21865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Sun, 25 Jun 2017 03:28:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jun 2017 20:45:00 GMT
server
sffe
age
295479
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
73326
x-xss-protection
1; mode=block
expires
Mon, 25 Jun 2018 03:28:33 GMT
analytics.js
www.google-analytics.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDPC4G
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
765010cbfccaf06cb5b9166023a22b655a10b37075c91e276a5550c5ecd855ba
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Jun 2017 00:25:39 GMT
server
Golfe2
age
4562
date
Wed, 28 Jun 2017 12:17:10 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
12343
expires
Wed, 28 Jun 2017 14:17:10 GMT
hotjar-10218.js
static.hotjar.com/c/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-10218.js?sv=5
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.232.124.194 Los Angeles, United States, ASN54104 (AS-NETDNA - netDNA, US),
Reverse DNS
194-124-232-198.static.unitasglobal.net
Software
NetDNA-cache/2.2 /
Resource Hash
8ebc6d65f8fcd22242585c8d15997399cf7851724c3d9919325d35df7525b723
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:12 GMT
content-encoding
gzip
vary
Accept-Encoding
server
NetDNA-cache/2.2
cache-control
max-age=60
status
200
etag
W/6ae9e6e9ad5360488ecdda7e9d443de2
x-frame-options
SAMEORIGIN
x-cache
EXPIRED
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
access-control-allow-headers
content-type
ToASettings
www.cheapoair.ca/profiles/publicapi/v1/TripsDetailsTOA/ 		32 B
32 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.ca/profiles/publicapi/v1/TripsDetailsTOA/ToASettings
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.56.109 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-56-109.deploy.static.akamaitechnologies.com
Software
nginx/1.11.5 / GlobalCMS
Resource Hash
2a2a2e9a09afb966ed76d4e5e79a3fc2410b130fca36f4c749df0f8bf965b25f

Request headers

Referer
https://www.cheapoair.ca/
X-DomainId
www.cheapoair.ca
TOAPSettingsK
SADF324@#@$Fareportal
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 28 Jun 2017 13:33:12 GMT
X-Powered-By
GlobalCMS
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Connection
keep-alive
Content-Length
32
Pragma
no-cache
X-MachineStamp
CRM-2-NJ-232-80
Server
nginx/1.11.5
Access-Control-Allow-Methods
GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, public
X-Proxy-Server
lpnginx63
Access-Control-Allow-Headers
Content-Type,X-SessionToken,X-DomainId,X-AuthType,X-EncUserId,X-EmailId,X-EncEmailId,X-AppId,X-AppSecret,X-MigrationKey,X-AutoProfile,X-AutoRewardsSignUp,X-xecuteKey,TripTOAExpire,TripTOADetails,X-UserAgent,App-X-ClientIP,App-TripTOADetails,App-TripTOAExpire,X-ClientIP,X-AppVersion,X-DeviceID,TOATSettingsK
X-Proxy-Cache
BYPASS
Expires
Tue, 27 Jun 2017 13:33:12 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDPC4G
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s18-in-f130.1e100.net
Software
cafe /
Resource Hash
124d65b0e77a1c47d28b19c0e5b4f5f9e3c2fd138c5eef4c48630408c810ba5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
16466689649458602540
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=86400
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,36,35",quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
4711
x-xss-protection
1; mode=block
expires
Wed, 28 Jun 2017 13:33:12 GMT
noteservice-recentsearch-persona.min.js
c.fareportal.com/vd/coa/travel/UserProfile/JavaScript/ 		29 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fareportal.com/vd/coa/travel/UserProfile/JavaScript/noteservice-recentsearch-persona.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDPC4G
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.251.189 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-251-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8110b258049f2a78d93bee7c41dbf5acc29880cdc8ad5b98bc3cad58e8dab124

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:12 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2017 22:56:17 GMT
server
Apache
status
200
etag
"683fdcfd1038c3e5448a58d430066007:1493888518"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
5469
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.TxxZ5tqtOew.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPIFY-voWoJbfExGMndCwbQwRse-w/ 		237 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.TxxZ5tqtOew.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPIFY-voWoJbfExGMndCwbQwRse-w/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=googleApiLoaded
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
67acd7402fef3c70d98d87478e1c8e14a305945668dc1827a52dcd96e5773a6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Tue, 27 Jun 2017 20:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Jun 2017 00:53:03 GMT
server
sffe
age
61778
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
83831
x-xss-protection
1; mode=block
expires
Wed, 27 Jun 2018 20:23:34 GMT
aja.js
s3.amazonaws.com/ki.js/49264/ 		104 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/ki.js/49264/aja.js
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.32.3 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b800d2ba2430ecf1b6803dff7c72cd944fb7625914669360d323de88d2cb3318

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Wed, 28 Jun 2017 13:33:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 May 2017 13:13:01 GMT
Server
AmazonS3
x-amz-request-id
C50268871C1C757A
ETag
"3ca92f12fbdf0b57e08a87c195039286"
Content-Type
application/javascript
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Length
38297
x-amz-id-2
hq91l4G4lFzbUgCiXP8jGB4UOoeBkX+AJ5WZEF2V324RIkw0IHy9kkpJr/ljis/t/p77CrTjaus=
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
865 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:18:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
860
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
856
x-xss-protection
1; mode=block
expires
Wed, 28 Jun 2017 14:18:52 GMT
/
www.google.de/ads/user-lists/1008477815/
Redirect Chain
  • https://www.google.com/ads/user-lists/1008477815/?random=1498656792234&cv=8&fst=1498656792234&num=1&fmt=3&label=Qx0gCNnE_wIQ98zw4AM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_t...
  • https://www.google.de/ads/user-lists/1008477815/?random=1498656792234&cv=8&fst=1498656792234&num=1&fmt=3&label=Qx0gCNnE_wIQ98zw4AM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz...
 		42 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/user-lists/1008477815/?random=1498656792234&cv=8&fst=1498656792234&num=1&fmt=3&label=Qx0gCNnE_wIQ98zw4AM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=checkoutdate%3D%3Bprice%3D0%3Bpackagetype%3Dflights%3Bpagetype%3Dhome%3Bmobile%3DNO&frm=0&url=https%3A%2F%2Fwww.cheapoair.ca%2F&tiba=Cheap%20Airline%20Tickets%2C%20Air%20Travel%20%26%20Plane%20Tickets%20-%20CheapOair&async=1&cdct=2&is_vtc=1&random=466607152&fpvtc=/1008477815/%3Frandom%3D1730540695%26cv%3D8%26fst%3D1498654800000%26num%3D1%26fmt%3D3%26label%3DQx0gCNnE_wIQ98zw4AM%26guid%3DON%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_his%3D2%26u_tz%3D0%26u_java%3Dfalse%26u_nplug%3D0%26u_nmime%3D0%26data%3Dcheckoutdate%253D%253Bprice%253D0%253Bpackagetype%253Dflights%253Bpagetype%253Dhome%253Bmobile%253DNO%26frm%3D0%26url%3Dhttps%253A%252F%252Fwww.cheapoair.ca%252F%26tiba%3DCheap%2520Airline%2520Tickets%252C%2520Air%2520Travel%2520%2526%2520Plane%2520Tickets%2520-%2520CheapOair%26async%3D1%26cdct%3D2%26is_vtc%3D1&ipr=y&ulfeg=n
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:401b:801::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2017 13:33:12 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 28 Jun 2017 13:33:12 GMT
x-content-type-options
nosniff
server
adclick_server
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/user-lists/1008477815/?random=1498656792234&cv=8&fst=1498656792234&num=1&fmt=3&label=Qx0gCNnE_wIQ98zw4AM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=checkoutdate%3D%3Bprice%3D0%3Bpackagetype%3Dflights%3Bpagetype%3Dhome%3Bmobile%3DNO&frm=0&url=https%3A%2F%2Fwww.cheapoair.ca%2F&tiba=Cheap%20Airline%20Tickets%2C%20Air%20Travel%20%26%20Plane%20Tickets%20-%20CheapOair&async=1&cdct=2&is_vtc=1&random=466607152&fpvtc=/1008477815/%3Frandom%3D1730540695%26cv%3D8%26fst%3D1498654800000%26num%3D1%26fmt%3D3%26label%3DQx0gCNnE_wIQ98zw4AM%26guid%3DON%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_his%3D2%26u_tz%3D0%26u_java%3Dfalse%26u_nplug%3D0%26u_nmime%3D0%26data%3Dcheckoutdate%253D%253Bprice%253D0%253Bpackagetype%253Dflights%253Bpagetype%253Dhome%253Bmobile%253DNO%26frm%3D0%26url%3Dhttps%253A%252F%252Fwww.cheapoair.ca%252F%26tiba%3DCheap%2520Airline%2520Tickets%252C%2520Air%2520Travel%2520%2526%2520Plane%2520Tickets%2520-%2520CheapOair%26async%3D1%26cdct%3D2%26is_vtc%3D1&ipr=y&ulfeg=n
cache-control
private, max-age=43200
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
1404
x-xss-protection
1; mode=block
expires
Wed, 28 Jun 2017 13:33:12 GMT
modules-a6d5019071c0644862a2fb35ef94f6c7.js
script.hotjar.com/ 		347 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules-a6d5019071c0644862a2fb35ef94f6c7.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-10218.js?sv=5
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.249 , United Kingdom, ASN6461 (ZAYO-6461 - Zayo Bandwidth Inc, US),
Reverse DNS
94.31.29.249.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
a5e82c79ae6d16fb08cdfd30f55a0ea50d7a2c0425271e9d209e54b0942f70af

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:12 GMT
content-encoding
gzip
last-modified
Wed, 21 Jun 2017 11:05:53 GMT
server
NetDNA-cache/2.2
x-amz-request-id
05710E442F909A12
etag
W/"a6d5019071c0644862a2fb35ef94f6c7"
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-amz-id-2
OIMi6qil3CH3KbfeBuGUQnOTLFi2sTQUb7wvZdVzpLhB2eDdqi4Y0RPU+NAefeq/9o49MMwsFts=
rcj-99d43ead6bdf30da8ed5ffcb4f17100c.html
vars.hotjar.com/ Frame 2139 		0
0
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-20852452-1&cid=448478735.1498656792&jid=197142543&_v=j56&z=1413254935
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-20852452-1&cid=448478735.1498656792&jid=197142543&_v=j56&z=1413254935&slf_rd=1&random=2309049528
 		42 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-20852452-1&cid=448478735.1498656792&jid=197142543&_v=j56&z=1413254935&slf_rd=1&random=2309049528
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:401b:801::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2017 13:33:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2017 13:33:12 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-20852452-1&cid=448478735.1498656792&jid=197142543&_v=j56&z=1413254935&slf_rd=1&random=2309049528
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j56&a=230996705&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cheapoair.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Cheap%20Airline%20Tickets%2C%20Air%20Travel%20%26%20Plane%20Tickets%20-%20CheapOair&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAjI~&jid=&gjid=&cid=448478735.1498656792&uid=&tid=UA-20852452-1&_gid=233968364.1498656792&gtm=GTM-NDPC4G&cd4=-3&cd12=&z=796855087
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jun 2017 09:38:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
100473
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
event
logx.optimizely.com/log/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/log/event
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/121108002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.234.180 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-194-234-180.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cheapoair.ca/
Origin
https://www.cheapoair.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.cheapoair.ca
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Date
Wed, 28 Jun 2017 13:33:12 GMT
X-Request-Id
2b661c0f-bd43-4834-8e26-c34e53cfbc6c
Content-Type
text/plain
event
logx.optimizely.com/log/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/log/event
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/121108002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.120.173 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-195-120-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cheapoair.ca/
Origin
https://www.cheapoair.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.cheapoair.ca
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Date
Wed, 28 Jun 2017 13:33:12 GMT
X-Request-Id
47377504-3404-40fd-ba80-7f5ebe060fe4
Content-Type
text/plain
event
logx.optimizely.com/log/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/log/event
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/121108002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.234.180 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-194-234-180.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cheapoair.ca/
Origin
https://www.cheapoair.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.cheapoair.ca
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Date
Wed, 28 Jun 2017 13:33:12 GMT
X-Request-Id
d6110a22-8b16-4251-9b1f-32f7f8126698
Content-Type
text/plain
postmessageRelay
accounts.google.com/o/oauth2/ Frame 2139 		0
0
ToASettings
www.cheapoair.ca/profiles/publicapi/v1/TripsDetailsTOA/ 		58 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.ca/profiles/publicapi/v1/TripsDetailsTOA/ToASettings
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.56.109 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-56-109.deploy.static.akamaitechnologies.com
Software
nginx/1.11.5 / GlobalCMS
Resource Hash
7c66f4c773eb435c0079f9bd2de52e4d012eebff666587f53fbb92f198c7225c

Request headers

Referer
https://www.cheapoair.ca/
X-DomainId
www.cheapoair.ca
TOAPSettingsK
SADF324@#@$Fareportal
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2017 13:33:12 GMT
X-MachineStamp
CRM-1-NJ-231-80
Server
nginx/1.11.5
X-Powered-By
GlobalCMS
Access-Control-Allow-Methods
GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Expires
Tue, 27 Jun 2017 13:33:12 GMT
Cache-Control
no-cache, public
X-Proxy-Server
lpnginx63
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-SessionToken,X-DomainId,X-AuthType,X-EncUserId,X-EmailId,X-EncEmailId,X-AppId,X-AppSecret,X-MigrationKey,X-AutoProfile,X-AutoRewardsSignUp,X-xecuteKey,TripTOAExpire,TripTOADetails,X-UserAgent,App-X-ClientIP,App-TripTOADetails,App-TripTOAExpire,X-ClientIP,X-AppVersion,X-DeviceID,TOATSettingsK
Content-Length
58
X-Proxy-Cache
BYPASS
160x600.html
www.cheapoair.ca/travel/banners/mobile/ Frame 2139 		398 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.ca/travel/banners/mobile/160x600.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.56.109 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-56-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b07e3f5d8da1d4ec98fe9ce500edc7afebb8658992c5228c61d13e5bea96c929

Request headers

Upgrade-Insecure-Requests
1
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Cteonnt-Length
398
Date
Wed, 28 Jun 2017 13:33:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Oct 2015 08:45:20 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"17ffaaa5cafd11:0"
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
305
osd_listener.js
tpc.googlesyndication.com/pagead/js/r20170619/r20110914/activeview/ Frame 2139 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20170619/r20110914/activeview/osd_listener.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
0d41a8228ed75e3b66b23f5f5137f6f6c7bc9b75f1991160f9e72eacfc7ffe3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Tue, 20 Jun 2017 01:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
736308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
10395
x-xss-protection
1; mode=block
server
cafe
etag
8219881163298880149
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Jul 2017 01:01:24 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
c9acb3aad726e4007a3b27278390648f9da28680654f4e736db9754841a4f6b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
930
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,36,35",quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
29364
x-xss-protection
1; mode=block
server
cafe
etag
17503336867582198258
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Jun 2017 14:17:42 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-9/html/ Frame 2139 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2139 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8Oe-drkodUnHw-_nSxTx20yt0uO6XK5mgN7hEfWWJ1eoBm7LTpKl5mSSrOMV3NLIZMq4h62E3ywpzXtYMpKuDOFFPHAvGQ31C91sqfQhy57yVXDnQc4swvKOq-O2opNma8kd3uTehdAHZINCcIjF0ZA7gELhZN4hQAqaIXU1G9K0ajJCCtZIe585mDDjwFWghQBRkLGUMv4b1XiNkQeEMH9priNkzNDjJOqXO6yKQt2VxsGXXa_Y6OkTkuR5pYkaWcMUmMNCTOYvFbHV43m45iWErWee_vd0VQIeYPjg&sig=Cg0ArKJSzJIwgck0ZFuREAE&urlfix=1&adurl=
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.22.34 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra15s16-in-f34.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Jun 2017 13:33:12 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
0
x-xss-protection
1; mode=block
expires
Wed, 28 Jun 2017 13:33:12 GMT
truncated
/ Frame 2139 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21a315c3db9153bc9250c6d15ab51110c81bf5d8ca648216ec277c7923199175

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
csi
www.google.com/ 		0
0
csi
www.google.com/ 		0
0
AnonymousUser
www.cheapoair.com/profiles/publicapi/v1/ 		14 B
14 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.com/profiles/publicapi/v1/AnonymousUser?FPUserId=-3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.49.6 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-49-6.deploy.static.akamaitechnologies.com
Software
nginx/1.11.5 / GlobalCMS
Resource Hash
c61be1f787f42711ef1b74da0d3988057d488b163dd11dbfd174711892e67cc3

Request headers

Accept
*/*
Referer
https://www.cheapoair.ca/
Origin
https://www.cheapoair.ca
X-DomainId
92
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2017 13:33:12 GMT
X-MachineStamp
CRM-7-NJ-237-80
Server
nginx/1.11.5
X-Powered-By
GlobalCMS
Access-Control-Allow-Methods
GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, public
X-Proxy-Server
lpnginx63
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Headers
Content-Type,X-SessionToken,X-DomainId,X-AuthType,X-EncUserId,X-EmailId,X-EncEmailId,X-AppId,X-AppSecret,X-MigrationKey,X-AutoProfile,X-AutoRewardsSignUp,X-xecuteKey,TripTOAExpire,TripTOADetails,X-UserAgent,App-X-ClientIP,App-TripTOADetails,App-TripTOAExpire,X-ClientIP,X-AppVersion,X-DeviceID,TOATSettingsK
Content-Length
14
Expires
Tue, 27 Jun 2017 13:33:12 GMT
get
www.cheapoair.ca/profiles/publicapi/v1/TripsDetailsTOA/ 		58 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cheapoair.ca/profiles/publicapi/v1/TripsDetailsTOA/get
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.56.109 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-56-109.deploy.static.akamaitechnologies.com
Software
nginx/1.11.5 / GlobalCMS
Resource Hash
75c6ae4272e96daeb15ee2706807a3ec8e247d5791d3f25bf9c8981ea6df354a

Request headers

Referer
https://www.cheapoair.ca/
X-DomainId
www.cheapoair.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2017 13:33:12 GMT
X-MachineStamp
CRM-7-NJ-237-80
Server
nginx/1.11.5
X-Powered-By
GlobalCMS
Access-Control-Allow-Methods
GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Expires
Tue, 27 Jun 2017 13:33:12 GMT
Cache-Control
no-cache, public
X-Proxy-Server
lpnginx63
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-SessionToken,X-DomainId,X-AuthType,X-EncUserId,X-EmailId,X-EncEmailId,X-AppId,X-AppSecret,X-MigrationKey,X-AutoProfile,X-AutoRewardsSignUp,X-xecuteKey,TripTOAExpire,TripTOADetails,X-UserAgent,App-X-ClientIP,App-TripTOADetails,App-TripTOAExpire,X-ClientIP,X-AppVersion,X-DeviceID,TOATSettingsK
Content-Length
58
X-Proxy-Cache
BYPASS
160x600.jpg
c.fareportal.com/vd/ca/travel/banners/mobile/ Frame 2139 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.fareportal.com/vd/ca/travel/banners/mobile/160x600.jpg
Requested by
Host: www.cheapoair.ca
URL: https://www.cheapoair.ca/travel/banners/mobile/160x600.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.251.189 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-251-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f165f0e744ba9155deb98a0ff521abf259f0dfca87c0cee7c5519a2fb4d2c0cb

Request headers

Referer
https://www.cheapoair.ca/travel/banners/mobile/160x600.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 28 Jun 2017 13:33:12 GMT
last-modified
Mon, 13 Feb 2017 20:32:01 GMT
server
Apache
etag
"9b4ba950a4d077e1ce0e0285d8f7fdfc:1492927352"
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
34643
csi
www.google.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/csi?v=3&s=gpt&action=ad_events&it=ad_render_period.1.129,nres.1.3,tts.1.11699,ad_render_period.2.283&srt=699&vrg=121&pl_id=8308076209509696&e=v121,n10519168,publisher_ads,sra,fif,page_load,108809080,108809144,108809147,108809107,21060066&rt=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:401b:801::2004 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Cache-Control
max-age=0
Origin
https://www.cheapoair.ca
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Jun 2017 13:33:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
status
204
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
www.google.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/csi?v=3&s=gpt&action=ad_events&it=nres.1.3,tts.1.11699&srt=699&vrg=121&pl_id=8308076209509696&e=v121,n10519168,publisher_ads,sra,fif,page_load,108809080,108809144,108809147,108809107,21060066&rt=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:401b:801::2004 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Cache-Control
max-age=0
Origin
https://www.cheapoair.ca
Referer
https://www.cheapoair.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Jun 2017 13:33:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
status
204
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
staticxx.facebook.com
URL
https://staticxx.facebook.com/connect/xd_arbiter/r/XBwzv5Yrm_1.js?version=42
Domain
vars.hotjar.com
URL
https://vars.hotjar.com/rcj-99d43ead6bdf30da8ed5ffcb4f17100c.html
Domain
accounts.google.com
URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.cheapoair.ca&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.TxxZ5tqtOew.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPIFY-voWoJbfExGMndCwbQwRse-w
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/safeframe/1-0-9/html/container.html
Domain
www.google.com
URL
https://www.google.com/csi?v=3&s=gpt&action=global&it=rt_st.ad.1.2226,rt_fs.ad.1.2226,rt_dns.ad.1.0,rt_tcp.ad.1.0,rt_rtt.ad.1.350,rt_tft.ad.1.0,rt_ts.ad.1.10101,rt_eb.ad.1.9646,rt_db.ad.1.33814,rt_duration.ad.1.350&srt=699&vrg=121&pl_id=8308076209509696&e=v121,n10519168,publisher_ads,sra,fif,page_load,108809080,108809144,108809147,108809107,21060066&rt=page_load_time_nw.1529
Domain
www.google.com
URL
https://www.google.com/csi?v=3&s=gpt&action=ad_events&it=ad_fetch_period.1.359,exr.1.0,exr.2.0&srt=699&req_len=1_825&req_s=1_1-2&is_backfill_at_render=1_false,2_true&qqid=1_CK2J7c3T4NQCFYhIGwodC6EB-w,2_CO3x7s3T4NQCFYiNGwodgVkGaw&vrg=121&pl_id=8308076209509696&e=v121,n10519168,publisher_ads,sra,fif,page_load,108809080,108809144,108809147,108809107,21060066&rt=start_ad_fetch_period.1.1527,start_ad_render_period.1.1887,start_ad_render_period.2.1893

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Domain/Path Name / Value
.cheapoair.ca/ Name: optimizelyEndUserId
Value: oeu1498656791215r0.6738346477848685
.cheapoair.ca/ Name: cpcl
Value: Wed Jun 28 2017 13:33:11 GMT+0000 (UTC)
www.cheapoair.ca/ Name: NSC_difbqpbjs.db
Value: ffffffffaf1a149745525d5f4f58455e445a4a423660
www.cheapoair.ca/ Name: NSC_difbqpbjs.db-qpsu-81-CF-cbm-301
Value: ffffffffaf1a14b445525d5f4f58455e445a4a423660
www.cheapoair.ca/ Name: FPTraveller
Value: FPUserId=-3
www.cheapoair.ca/ Name: ASP.NET_SessionId
Value: 4r2sf2axvjb2echwopzdveal

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
c.fareportal.com
cdn.optimizely.com
cdn3.optimizely.com
connect.facebook.net
dnn506yrbagrg.cloudfront.net
gtrk.s3.amazonaws.com
logx.optimizely.com
pagead2.googlesyndication.com
s3.amazonaws.com
script.hotjar.com
securepubads.g.doubleclick.net
static.hotjar.com
staticxx.facebook.com
tpc.googlesyndication.com
vars.hotjar.com
www.cheapoair.ca
www.cheapoair.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
accounts.google.com
staticxx.facebook.com
tpc.googlesyndication.com
vars.hotjar.com
www.google.com
104.108.49.6
104.108.56.109
104.111.251.189
172.217.22.34
172.217.23.130
198.232.124.194
2a00:1450:4001:81b::2001
2a00:1450:4001:81b::2002
2a00:1450:4001:81b::2003
2a00:1450:4001:81b::2008
2a00:1450:4001:81b::200e
2a00:1450:401b:801::2003
2a00:1450:401b:801::2004
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.194.234.180
34.195.120.173
52.216.0.88
52.216.32.3
54.192.55.43
92.123.93.139
94.31.29.249
068c4ef4a53eeec41bb5710c0e1eb09fd81a63fb0e29680abeee6bf2404e8524
0b8ccf66e28670ce1d5b28b5903df2864dc60de8f14e28e586e4207d038443cc
0d41a8228ed75e3b66b23f5f5137f6f6c7bc9b75f1991160f9e72eacfc7ffe3e
124d65b0e77a1c47d28b19c0e5b4f5f9e3c2fd138c5eef4c48630408c810ba5e
14fc4046b61fcc54838eefd1368870d738b56b810a0da4375062786bebf9a86f
18b25000a9e868b5920a231c6c5a3bec2235ae15b59c8580745379c118f9589e
21a315c3db9153bc9250c6d15ab51110c81bf5d8ca648216ec277c7923199175
2a2a2e9a09afb966ed76d4e5e79a3fc2410b130fca36f4c749df0f8bf965b25f
2ad9ffff987c6137721875db114fc341c823de65faf2d8544e57689f6861f03d
3215e12accec30e2270c2dc0165b5292415d963abd1b15fbab8373cf0d9164dd
34ac45e59cad71a59c8f79d96074d7cc4eaf436f1d70fbed03ed56f4bbb46184
3fad79d315805f43f9bde04da5fc8b63670ac1bbc1a65247d701cd757f1025d1
45b9e2824dace532641cfa89db17c54cbcf91e72dd95990063f48cb44e9ca908
506b0e89d6fe79205a56adf9ece76c495fd403241216a36c55ee8460bda10da2
51bc001ab83531c5951d35dca1eddec1272e82a352aab2650b77cff44f6f54b3
522b2719bf0852aff9487f6c5b3c4c0b66f48a91708bfa4280805e3d01f5af15
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5760fbdd8d47b7dda07922adcc6c5d73e5c46068ad29c861bdd958b28f6ce1ca
5db0819891cb142796657a42fbed005a48331866dfe9d777589273fa6bd21865
67acd7402fef3c70d98d87478e1c8e14a305945668dc1827a52dcd96e5773a6a
67c2d66515aab5829677fa0c6a6b249e3c3dff1ede2ab43b68198991e1a26bb1
6c0a27cf87e212d934159d2f5914a144ed05bc798ef6315f07ee4276446474f8
75c6ae4272e96daeb15ee2706807a3ec8e247d5791d3f25bf9c8981ea6df354a
765010cbfccaf06cb5b9166023a22b655a10b37075c91e276a5550c5ecd855ba
7c66f4c773eb435c0079f9bd2de52e4d012eebff666587f53fbb92f198c7225c
7e1856f77a69672fbc0070a3d8947d4532c4b4cf7d9a0a70fef7c8db98f0e923
8110b258049f2a78d93bee7c41dbf5acc29880cdc8ad5b98bc3cad58e8dab124
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
896fb1331239af998032d12f557be903acfbdfcb469b928a88fdf2c33e2e3c80
8d591801c518791db93cd3d68e77ed8ec067a2e0ae67ba57bccfb5f3c71fcd84
8ebc6d65f8fcd22242585c8d15997399cf7851724c3d9919325d35df7525b723
8f30adfbbf2de1c952d6f1aceb31ab1be514853ebfa63cc1c4efd7bcc646c847
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9707fd1b896c5ac9173054163fecbaee7c017bab52e0f08a47a03f0e862a1325
9c9fad7f1b0e691be9fa27a5767b84dac1fceee560686192317b010dc4f53252
a5e82c79ae6d16fb08cdfd30f55a0ea50d7a2c0425271e9d209e54b0942f70af
aa311b9351092526867dd5dd50c41a1c0abb0e6df3fe850c5c0a7ec138601fee
ac4f9618be0b43e3a85ccb1b5ae9b9c5efbe4d1ac30bcd5db7b624a767024481
ae5f50b2f37e6d987eeeab05cc75c24906e6c4ccd7bb9f1ad842d635d3dfaee7
b07e3f5d8da1d4ec98fe9ce500edc7afebb8658992c5228c61d13e5bea96c929
b75371fca2753353e840ed3a48e5346ad78fdaba26958f213f3236ad3061e3f4
b800d2ba2430ecf1b6803dff7c72cd944fb7625914669360d323de88d2cb3318
c1a96ee1c286f0b5a0ff53a02e4e41635d0c3697e2ec94abcf0fa1ea43b4f311
c5bebc29cbd6f75e9c4556855ec082ea11197a97f268ad52715d7995615928f8
c61be1f787f42711ef1b74da0d3988057d488b163dd11dbfd174711892e67cc3
c9acb3aad726e4007a3b27278390648f9da28680654f4e736db9754841a4f6b8
cd54d6bffe0bd3069676e896a0e1980325d74d06cfe6e3225d1122f1e85b1887
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45d2a55a140ce64414fe4dae02b736f587002cf4be37a9d7843834e0d37a0a4
e6c753b1150ac4a20658949932fdf26041a78f8d836e2fb68983793a798011cd
e7689262d0fca6f44f0a7d981d3243411aed9e5762ad4a444849f09176a5ef03
e8b24116788504154eb373d3606d7145427bf745ed76187fd4594685d80735d9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f165f0e744ba9155deb98a0ff521abf259f0dfca87c0cee7c5519a2fb4d2c0cb
f20f19374cad3fff54414e27e23942cb3820aa8bbf5d5fb0cb070ddc10d5d3f1
f725b4d8d798ddb41cb42af75f8603a7a819ced8bada7dc52e9de4f5471bc856