www.kayak.45off.co Open in urlscan Pro
34.199.49.65 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.kayak.45off.co/
Submission: On June 06 via api (June 6th 2024, 10:14:53 am UTC) from US — Scanned from DE

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 14 domains to perform 50 HTTP transactions. The main IP is 34.199.49.65, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.kayak.45off.co.
TLS certificate: Issued by R3 on April 15th 2024. Valid for: 3 months.

This is the only time www.kayak.45off.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	34.199.49.65 34.199.49.65	14618 (AMAZON-AES) (AMAZON-AES)
6	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	18.173.184.56 18.173.184.56	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
3	2a01:111:202c... 2a01:111:202c::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	18.245.175.49 18.245.175.49	16509 (AMAZON-02) (AMAZON-02)
1	18.173.187.114 18.173.187.114	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
4	54.246.242.218 54.246.242.218	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.252.40.201 34.252.40.201	16509 (AMAZON-02) (AMAZON-02)
50	19

4 34.199.49.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-49-65.compute-1.amazonaws.com

www.kayak.45off.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.173.184.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-184-56.muc50.r.cloudfront.net

d3aqrjkcaeszdb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:111:202c::237 (United Kingdom)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.175.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-175-49.cdg55.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-114.muc50.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.246.242.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-242-218.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.40.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-40-201.eu-west-1.compute.amazonaws.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2984 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 6383 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 6488 tracking.crazyegg.com — Cisco Umbrella Rank: 5345	76 KB
7	cloudfront.net d3aqrjkcaeszdb.cloudfront.net	248 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	465 KB
4	45off.co www.kayak.45off.co	535 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 361	14 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 119	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	71 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 693	7 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 65	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	3 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1683	500 B
1	google.de www.google.de — Cisco Umbrella Rank: 8139	63 B
1	google.com www.google.com — Cisco Umbrella Rank: 5	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130	352 B
50	14

	Domain	Requested by
7	d3aqrjkcaeszdb.cloudfront.net	www.kayak.45off.co
6	script.crazyegg.com	www.kayak.45off.co script.crazyegg.com
5	www.googletagmanager.com	www.kayak.45off.co www.googletagmanager.com
4	tracking.crazyegg.com	script.crazyegg.com
4	www.kayak.45off.co	www.kayak.45off.co
3	bat.bing.com	www.kayak.45off.co bat.bing.com
2	www.facebook.com	www.kayak.45off.co
2	connect.facebook.net	www.kayak.45off.co connect.facebook.net
2	s.yimg.com	www.kayak.45off.co s.yimg.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	www.kayak.45off.co
1	sp.analytics.yahoo.com	www.kayak.45off.co
1	www.google.de	www.kayak.45off.co
1	www.google.com	www.kayak.45off.co
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	stats.g.doubleclick.net	www.google-analytics.com
50	17

This site contains no links.

Subject Issuer	Validity	Valid
45off.com R3	`2024-04-15` - `2024-07-14`	3 months	crt.sh
script.crazyegg.com E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-05-30` - `2024-07-17`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-15` - `2024-06-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh
*.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.de WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-03-19` - `2024-09-11`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.kayak.45off.co/
Frame ID: 439818AAD82A3508A408D5924663AC57
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Find cheap hotel deals - 45Off.com

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

50
Requests

82 %
HTTPS

50 %
IPv6

14
Domains

17
Subdomains

19
IPs

5
Countries

1446 kB
Transfer

3591 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.kayak.45off.co/ 1 MB
242 KB 442ms
140ms Document
text/html 34.199.49.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kayak.45off.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.199.49.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-49-65.compute-1.amazonaws.com
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34 / PHP/7.2.34
Resource Hash: c25af2c768a39c93c1d34a9750d33cf00945aa0fd60b32d5422b30216a6835ba

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 06 Jun 2024 10:14:47 GMT
Keep-Alive: timeout=30, max=100
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34
Transfer-Encoding: chunked
Vary: Accept-Encoding,User-Agent
X-Powered-By: PHP/7.2.34

GET
H2 200 1528.js Show response
script.crazyegg.com/pages/scripts/0123/ 6 KB
2 KB 123ms
32ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0123/1528.js
Requested by: Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61a94fea660cde64fa9c37479fda2a5af8b9128b4af46d8aa40350744494ca93

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 10:14:47 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 17391
cf-polished: origSize=6229
ce-version: 11.5.214
cf-bgj: minify
last-modified: Thu, 06 Jun 2024 05:24:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 88f7a3345e86a031-FRA

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.kayak.45off.co/fonts/ 65 KB
65 KB 304ms
102ms Font
application/octet-stream 34.199.49.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kayak.45off.co/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.199.49.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-49-65.compute-1.amazonaws.com
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34 /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Origin: https://www.kayak.45off.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 10:14:47 GMT
Last-Modified: Mon, 20 May 2024 12:19:38 GMT
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34
ETag: "10440-618e1b7126a56"
Vary: User-Agent
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=100
Content-Length: 66624

GET
H2 200 hotelsbg.jpg
d3aqrjkcaeszdb.cloudfront.net/img/content/ 227 KB
227 KB 120ms
30ms Image
image/jpeg 18.173.184.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3aqrjkcaeszdb.cloudfront.net/img/content/hotelsbg.jpg
Requested by: Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.184.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-184-56.muc50.r.cloudfront.net
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34 /
Resource Hash: 209dd40b36b9b37b57d6a075bc0a64254e3257fbbf4fb308af4f8204ff775f6f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 03:22:58 GMT
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
last-modified: Mon, 20 May 2024 12:19:38 GMT
server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34
x-amz-cf-pop: MUC50-P4
age: 24709
etag: "38a22-618e1b712d7b6"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=28800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231970
x-amz-cf-id: biH4to35QK7DNcP5K6DOPYHfT4UyXkpfq_wYSt5z7zlUWMvnNge7yA==
expires: Fri, 06 Jun 2025 03:22:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 55ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,100,500,700

Requested by

Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

859bbc3840ddbfac2cbabd04217077fcab6f31a0e24a9f7ff1a2ee6246ba5319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jun 2024 10:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 10:14:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jun 2024 10:14:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,400,300,600

Requested by

Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c1a042b43957b8d3665506eb3a4584f769e68078684d934b990b4bd5ee176a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jun 2024 10:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 10:09:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jun 2024 10:14:48 GMT

GET
H2 200 www.kayak.45off.co.json Show response
script.crazyegg.com/pages/data-scripts/0123/1528/site/ 6 KB
2 KB 180ms
139ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0123/1528/site/www.kayak.45off.co.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0123/1528.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21d19a039bbd0eec7dc119c42cf47dea11d7b910c6da9b3caf23012b1ea12332

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 10:14:47 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2024 10:14:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.214
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88f7a334ce633a52-FRA
content-length: 2156

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 359 KB
114 KB 65ms
44ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TN2635

Requested by

Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe9540f177282b2176b12c72d8b721a9fcd4555fcb3279bca64c82a73d382301

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 10:14:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116562
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jun 2024 10:14:47 GMT

GET
H2 200 e5507cc921bdb5250cc380247d78c91a.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 95 KB
31 KB 32ms
31ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0123/1528.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fce3dd79f6439614bd0067fdb4747883bb1a414133f1d33cc75c3f43afdeb4f9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 10:14:48 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 21 May 2024 17:35:00 GMT
server: cloudflare
age: 61218
cf-polished: origSize=97322
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 88f7a3361993a031-FRA

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 229 KB
83 KB 41ms
39ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10951589406&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TN2635

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

591a03fb9fe0eb252848aefdccd7daf568e505fbc515ca9d7bea58ea79c22ed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 10:14:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84453
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jun 2024 10:14:48 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 229 KB
83 KB 61ms
60ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10972596866&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TN2635

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

26c870028fa446a11e35411aa0f01d6a57b81020944e9785ebeb466cb33f8708

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 10:14:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84426
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jun 2024 10:14:48 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 229 KB
83 KB 61ms
60ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10980979326&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TN2635

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb578c6b94eb2909bb24e2e36f1b0495cdac63b3abade86b17d8b9ef0f492d52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 10:14:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84452
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jun 2024 10:14:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 59ms
13ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TN2635

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Jun 2024 08:29:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6340
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 06 Jun 2024 10:29:08 GMT

GET
H2 200 logo-bw.png
d3aqrjkcaeszdb.cloudfront.net/img/layout/ 3 KB
3 KB 18ms
17ms Image
image/png 18.173.184.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3aqrjkcaeszdb.cloudfront.net/img/layout/logo-bw.png
Requested by: Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.184.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-184-56.muc50.r.cloudfront.net
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34 /
Resource Hash: 7829a93a676002aaeb20e606df81d49c9330ddafa53e88103b8e5c93527719c7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 05:04:56 GMT
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
last-modified: Mon, 20 May 2024 12:19:38 GMT
server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34
x-amz-cf-pop: MUC50-P4
age: 18592
etag: "b54-618e1b7136456"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=28800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2900
x-amz-cf-id: ELqM0_ujk-i118CyRFBdPGGRM3HQ_HySgGVX4HkxT_N9PsCId1aKMA==
expires: Fri, 06 Jun 2025 05:04:56 GMT

GET
H2 200 ads.js Show response
d3aqrjkcaeszdb.cloudfront.net/js/ 115 B
497 B 20ms
20ms Script
text/javascript 18.173.184.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3aqrjkcaeszdb.cloudfront.net/js/ads.js
Requested by: Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.184.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-184-56.muc50.r.cloudfront.net
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34 /
Resource Hash: 97927edf2394135435bd144e30af7f7c546d62cce196e5f8dc38b3b65030631b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 16:27:03 GMT
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
last-modified: Mon, 20 May 2024 12:19:38 GMT
server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34
x-amz-cf-pop: MUC50-P4
age: 64065
etag: "73-618e1b7136456"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 115
x-amz-cf-id: a_24OARLvL4fQz8btNq9Adazgh6yqB9F0jzCeQvERse-dpggwn0qOw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 311 KB
103 KB 47ms
47ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S6XH56HCNN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TN2635

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ec2858479daead1456f15f6848bcd9910fed24193e310bce05a8cc019c1864a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 10:14:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105870
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jun 2024 10:14:48 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 190ms
54ms Script
application/javascript 2a01:111:202c::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 06 Jun 2024 10:14:48 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4ABF6AAE6EE44FC5A3171A9B304C882A Ref B: VIEEDGE2419 Ref C: 2024-06-06T10:14:48Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 160ms
25ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

ats-carp-promotion: 1, 1
date: Thu, 06 Jun 2024 10:10:42 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 8XDWA88GR5RFYJ72
age: 247
x-amz-server-side-encryption: AES256
content-length: 6262
x-amz-id-2: /a3Xgge07UeNuofgmsugixxBTWMzEtWzM6vvboLSSJgwXUux8vlnIETLdatfgkxvITv2RJJrj48=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 157ms
24ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jun 2024 10:14:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=12, mss=1368, tbw=2788, tp=-1, tpl=-1, uplat=2, ullat=-1
pragma: public
x-fb-debug: IdMinwhC98/XYnonn1CZBuyuPH3vD9EjWlwl/GVrW0j3IwZhJcBno7s+izZieIG+ls0Jo9HuONlwrAiznjhIbw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Sale-min.png
d3aqrjkcaeszdb.cloudfront.net/img/banner/ 11 KB
12 KB 26ms
23ms Image
image/png 18.173.184.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3aqrjkcaeszdb.cloudfront.net/img/banner/Sale-min.png
Requested by: Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.184.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-184-56.muc50.r.cloudfront.net
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34 /
Resource Hash: 6cbd697ea4814a6b6af19942aa641541b8f4d6153282aaa41aa7c7234122a40d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 05:17:39 GMT
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
last-modified: Mon, 20 May 2024 12:19:38 GMT
server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34
x-amz-cf-pop: MUC50-P4
age: 17829
etag: "2ddd-618e1b7126a56"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=28800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 11741
x-amz-cf-id: 5KrXBMe2LCX1XguFVvAWVbBQb92MFiiGuVWoXzpWVR4bVrqYwhRm6A==
expires: Fri, 06 Jun 2025 05:17:39 GMT

GET
H/1.1 200
OK ui-bg_flat_75_ffffff_40x100.png
www.kayak.45off.co/images/ 74 B
486 B 106ms
105ms Image
image/png 34.199.49.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kayak.45off.co/images/ui-bg_flat_75_ffffff_40x100.png
Requested by: Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.199.49.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-49-65.compute-1.amazonaws.com
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34 /
Resource Hash: 4fbbd9fde7f00f9b6ef150c6bd800dd6469fd07d7c43ae847a7206e4f89e0c14

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 10:14:48 GMT
Last-Modified: Mon, 20 May 2024 12:19:38 GMT
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34
ETag: "4a-618e1b7126a56"
Vary: User-Agent
Content-Type: image/png
Cache-Control: max-age=28800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=99
Content-Length: 74
Expires: Fri, 06 Jun 2025 10:14:48 GMT

GET
H2 200 www.kayak.45off.co.json Show response
script.crazyegg.com/pages/data-scripts/0123/1528/sampling/ 148 B
249 B 151ms
151ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0123/1528/sampling/www.kayak.45off.co.json?t=477130
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17a6fc1bf3a3a60de09a7ad84174537620e731d05a8e12f1aec86a987ae77399

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 10:14:48 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 06 Jun 2024 10:14:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.214
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88f7a3375b1c3a52-FRA
content-length: 140

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 36ms
36ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=487530569&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kayak.45off.co%2F&ul=de-de&de=UTF-8&dt=Find%20cheap%20hotel%20deals%20-%2045Off.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=973142251&gjid=872119850&cid=1698840451.1717668888&tid=UA-1800020-13&_gid=1547237890.1717668888&_r=1&_slc=1&gtm=45He4630n71TN2635v72126260za200&cd2=non%20in%20app&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=1076462973

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 10:14:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kayak.45off.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 x-close-icon-white.png
d3aqrjkcaeszdb.cloudfront.net/img/layout/ 816 B
1 KB 20ms
16ms Image
image/png 18.173.184.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3aqrjkcaeszdb.cloudfront.net/img/layout/x-close-icon-white.png
Requested by: Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.184.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-184-56.muc50.r.cloudfront.net
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34 /
Resource Hash: 63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 05:04:56 GMT
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
last-modified: Mon, 20 May 2024 12:19:38 GMT
server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34
age: 18592
x-amz-cf-pop: MUC50-P4
etag: "330-618e1b7136456"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=28800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 816
x-amz-cf-id: DRaYQJ4hhm51TqveECjAH-T_fkObIvo-0ch0ZcX-zgqJ0HCCLDCvVw==
expires: Fri, 06 Jun 2025 05:04:56 GMT

GET
H3 200 SmartFaresPhone.svg
d3aqrjkcaeszdb.cloudfront.net/img/ 276 B
548 B 36ms
33ms Image
image/svg+xml 18.173.184.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3aqrjkcaeszdb.cloudfront.net/img/SmartFaresPhone.svg
Requested by: Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.184.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-184-56.muc50.r.cloudfront.net
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34 /
Resource Hash: ff323e72306795e717105c0a778c937f1ecaf57cebeecbed0818a3f6b4fb4f7a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 21:27:57 GMT
content-encoding: gzip
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
last-modified: Mon, 20 May 2024 12:19:38 GMT
server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34
age: 46011
x-amz-cf-pop: MUC50-P4
etag: "114-618e1b7126a56-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 213
x-amz-cf-id: EesEhYIlkhFZQs1U_eQySIq60VuM06VL7oV2Lup0al3cu6-Qz4IF4w==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 72ms
28ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1800020-13&cid=1698840451.1717668888&jid=973142251&gjid=872119850&_gid=1547237890.1717668888&npa=1&_u=YEBAAAAAAAAAAC~&z=1729826269

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Jun 2024 10:14:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kayak.45off.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK hotelsbg.jpg
www.kayak.45off.co/img/content/ 227 KB
227 KB 105ms
105ms Image
image/jpeg 34.199.49.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kayak.45off.co/img/content/hotelsbg.jpg
Requested by: Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.199.49.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-49-65.compute-1.amazonaws.com
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34 /
Resource Hash: 209dd40b36b9b37b57d6a075bc0a64254e3257fbbf4fb308af4f8204ff775f6f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 10:14:48 GMT
Last-Modified: Mon, 20 May 2024 12:19:38 GMT
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34
ETag: "38a22-618e1b712d7b6"
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=28800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=98
Content-Length: 231970
Expires: Fri, 06 Jun 2025 10:14:48 GMT

GET
H2 200 435596.json Show response
s.yimg.com/wi/config/ 2 B
486 B 367ms
334ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/435596.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 10:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 3KCB8TMVCREBM2J8
age: 0
content-length: 22
x-amz-id-2: vS0K1eOGZmaRBJ6LmrRVM06ECJSDe77Rx96CjfJJqmi9kFqfIxfVfMoFnyuY3ET8YWWSPthCwH8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 178342689342931 Show response
connect.facebook.net/signals/config/ 57 KB
12 KB 167ms
166ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/178342689342931?v=2.9.157&r=stable&domain=www.kayak.45off.co&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

88581e4ee67669e9e1af2807498f206947bb050ba5c3451bbaf0a449ac5b00c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jun 2024 10:14:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=40, mss=1368, tbw=63493, tp=-1, tpl=-1, uplat=130, ullat=0
pragma: public
x-fb-debug: Kp4jV5KyRjgCjYLryArwJ6GJ8UN8WStLdPOkwXN3WMWa8QQoKsrG3MWADp0LqjPPB9F1rpnPefP1Qw99L5IHvQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 5255814.js Show response
bat.bing.com/p/action/ 0
118 B 61ms
61ms Script
text/plain 2a01:111:202c::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5255814.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 06 Jun 2024 10:14:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1B6F7FECDC4F47E9BC6FB61D46E39D9D Ref B: VIEEDGE2419 Ref C: 2024-06-06T10:14:48Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 120ms
119ms Image
text/plain 2a01:111:202c::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5255814&Ver=2&mid=9575d6f6-568a-4d17-9d4a-4cbd76412b27&sid=9acc7a8023ed11efac2b11c97dcad2c2&vid=9acc90b023ed11ef8f83d5872d829710&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Find%20cheap%20hotel%20deals%20-%2045Off.com&kw=cruise%20deals,%20cruise%20discounts,%2045Off%20cruises,%20discount%20on%20cruises&p=https%3A%2F%2Fwww.kayak.45off.co%2F&r=&lt=1058&evt=pageLoad&sv=1&rn=534072

Requested by

Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Jun 2024 10:14:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E59FF4A5625645F7A1EE405B2ABE8B12 Ref B: VIEEDGE2419 Ref C: 2024-06-06T10:14:48Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
462 B 92ms
32ms XHR
application/json 18.245.175.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.175.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-175-49.cdg55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 20 Sep 2023 01:43:28 GMT
via: 1.1 1a6aa7a9d5b5b2b1e17797f708cdf9cc.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG55-P1
age: 22494681
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: EplzTikmt25TgEPb8CF9VOfuFsrim0X77JNlZDK9GAf3gum2uYdyGQ==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
461 B 53ms
14ms XHR
application/json 18.173.187.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-114.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 20 Dec 2023 01:23:29 GMT
via: 1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14633480
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: VdzwtY_UqYpeEEAh6wSp8OFstR41cDTpKEjBrrnCbISHqiuUi_n0lA==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 54ms
37ms Image
image/gif 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1800020-13&cid=1698840451.1717668888&jid=973142251&npa=1&_u=YEBAAAAAAAAAAC~&z=153757116

Requested by

Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 10:14:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 56ms
34ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1800020-13&cid=1698840451.1717668888&jid=973142251&npa=1&_u=YEBAAAAAAAAAAC~&z=153757116

Requested by

Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 10:14:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK e0c91780-3de5-4c0d-88d7-8ac811ba4ae6
https://www.kayak.45off.co/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.kayak.45off.co/e0c91780-3de5-4c0d-88d7-8ac811ba4ae6
Requested by: Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

GET
H2 200 clock Show response
tracking.crazyegg.com/ 40 B
147 B 266ms
47ms XHR
text/plain 54.246.242.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1717668888482&tk=c1cc55519cf091d36e7ba0b8e97125d0&s=442283&p=%2F&u=1231528&v=8a663b3f00cf5999bba9c5f5f28eb0ed27ca2f01&f=kayak.45off.co&ul=https%3A%2F%2Fwww.kayak.45off.co%2F
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.242.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-242-218.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 935a24cb18d4c2c8e12dac229d1b716bec20ad0fefb46241aee9c102222e0e4a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 06 Jun 2024 10:14:48 GMT
cache-control: no-store
server: awselb/2.0
content-length: 40
content-type: text/plain

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 39ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=178342689342931&ev=PageView&dl=https%3A%2F%2Fwww.kayak.45off.co%2F&rl=&if=false&ts=1717668888489&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717668888488.100911253603888397&ler=empty&cdl=API_unavailable&it=1717668888302&coo=false&rqm=GET

Requested by

Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1368, tbw=2813, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jun 2024 10:14:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 199ms
168ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=178342689342931&ev=PageView&dl=https%3A%2F%2Fwww.kayak.45off.co%2F&rl=&if=false&ts=1717668888489&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717668888488.100911253603888397&ler=empty&cdl=API_unavailable&it=1717668888302&coo=false&rqm=FGET

Requested by

Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x161115cb3376ee98","source_keys":["1","2"]},{"key_piece":"0x88cccb3f25ea5722","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 06 Jun 2024 10:14:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1368, tbw=3130, tp=-1, tpl=-1, uplat=161, ullat=0
pragma: no-cache
x-fb-debug: 8UpmpS2oYatrEX8RdD3ooD3JjnyKCXG6YLEiRAqyD0dPX29q8nrl7helIBr0Wl+M172Mq29RYb0qtNRqShhmNw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
500 B 140ms
35ms Image
image/gif 34.252.40.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2006%20Jun%202024%2010%3A14%3A48%20GMT&n=-2d&b=Find%20cheap%20hotel%20deals%20-%2045Off.com&.yp=435596&f=https%3A%2F%2Fwww.kayak.45off.co%2F&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.252.40.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-40-201.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.112 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 06 Jun 2024 10:14:48 GMT
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.112)
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS/9.1.10.112
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 06 Jun 2024 10:14:48 GMT

GET
H2 200 dda53996456118190a640875fa0663b1.js Show response
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 20 KB
8 KB 23ms
23ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/dda53996456118190a640875fa0663b1.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0123/1528.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 10:14:48 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 16:56:40 GMT
server: cloudflare
age: 61218
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 88f7a33ad91fa031-FRA

GET
BLOB 200
OK 4abf80bd-d1e8-440a-8ad0-62e430771cff
https://www.kayak.45off.co/ 241 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.kayak.45off.co/4abf80bd-d1e8-440a-8ad0-62e430771cff
Requested by: Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 275154b0a4aeea0253e28402a34f5572b58fd5d34a0cb04b9ec335409ec9bb7f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 241
Content-Type: text/javascript

GET
H2 200 bd3cf4fdad82d5b7119c9bb8c5d92327.js Show response
script.crazyegg.com/pages/versioned/tracking-scripts/ 95 KB
30 KB 28ms
27ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/tracking-scripts/bd3cf4fdad82d5b7119c9bb8c5d92327.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0123/1528.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef774bedbe77e522d4744a3309c90dbbc745df5253eb4972485898ba8ccf9bdd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 10:14:48 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 21 May 2024 17:35:11 GMT
server: cloudflare
age: 61218
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 88f7a33b0962a031-FRA

OPTIONS
H2 200 v11
tracking.crazyegg.com/ 0
0 58ms
58ms Preflight
application/octet-stream 54.246.242.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/v11?u=1231528&st=442283&ss=9b12da20-23ed-11ef-99b9-1119ecda47ad&p=1d41dede2158337b92a383ed0ca59adc&tk=c1cc55519cf091d36e7ba0b8e97125d0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.242.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-242-218.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.kayak.45off.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Access-Control-Allow-Origin,Access-Control-Allow-Methods
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
content-type: application/octet-stream
date: Thu, 06 Jun 2024 10:14:48 GMT
server: awselb/2.0

POST
H2 201 v11 Show response
tracking.crazyegg.com/ 0
82 B 64ms
64ms XHR
text/plain 54.246.242.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/v11?u=1231528&st=442283&ss=9b12da20-23ed-11ef-99b9-1119ecda47ad&p=1d41dede2158337b92a383ed0ca59adc&tk=c1cc55519cf091d36e7ba0b8e97125d0
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.242.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-242-218.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/gzip

Response headers

access-control-allow-origin: *
date: Thu, 06 Jun 2024 10:14:49 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain

GET
BLOB 200
OK f783c8e6-2ec6-4c54-bf83-6064db3ad798
https://www.kayak.45off.co/ 5 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.kayak.45off.co/f783c8e6-2ec6-4c54-bf83-6064db3ad798
Requested by: Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d372edb49a5ae087d8e451fa0560c2439b3a836c09c9d2a083800e10b190c2f5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 5451
Content-Type

GET
BLOB 200
OK ed335e86-1cfe-44b3-b435-f79da3c21dc0
https://www.kayak.45off.co/ 4 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.kayak.45off.co/ed335e86-1cfe-44b3-b435-f79da3c21dc0
Requested by: Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10a996996ec921d516899c0d3df103e5eca5a71cf9afec9c057ae240e11ab7be

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 4517
Content-Type

GET
BLOB 200
OK b22fe92f-4426-4af2-b3bd-c888bcff3acd
https://www.kayak.45off.co/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.kayak.45off.co/b22fe92f-4426-4af2-b3bd-c888bcff3acd
Requested by: Host: www.kayak.45off.co
URL: https://www.kayak.45off.co/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84c1a30f979fbaf477e5f0e4ce0b3fddfd82fd8c31102f21db3e5d991c3a1c67

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 1604
Content-Type: text/javascript

GET
H3 200 favicon.ico
d3aqrjkcaeszdb.cloudfront.net/img/layout/ 3 KB
4 KB 36ms
35ms Other
image/vnd.microsoft.icon 18.173.184.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3aqrjkcaeszdb.cloudfront.net/img/layout/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.184.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-184-56.muc50.r.cloudfront.net
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34 /
Resource Hash: 583bcf190880cfbb2243c2bb8b7d024e71201c0c089440e4c84b746e59a8acb7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 05:33:03 GMT
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
last-modified: Mon, 20 May 2024 12:19:38 GMT
server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips SVN/1.9.7 PHP/7.2.34
age: 16905
x-amz-cf-pop: MUC50-P4
etag: "ddf-618e1b7136456"
x-cache: Hit from cloudfront
content-type: image/vnd.microsoft.icon
cache-control: max-age=28800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3551
x-amz-cf-id: QOI-x_la3YuSpRCyiTnomo1FTtwBRraj-ezO5ZOQEipig9EpqBtMsQ==

POST
H2 201 v11 Show response
tracking.crazyegg.com/ 0
82 B 157ms
82ms XHR
text/plain 54.246.242.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/v11?u=1231528&st=442283&ss=9b12da20-23ed-11ef-99b9-1119ecda47ad&p=1d41dede2158337b92a383ed0ca59adc&tk=c1cc55519cf091d36e7ba0b8e97125d0
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.242.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-242-218.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.kayak.45off.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/gzip

Response headers

access-control-allow-origin: *
date: Thu, 06 Jun 2024 10:14:51 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.kayak.45off.co/	1970-01-20 21:51:00	Name: lang Value: EN
.45off.co/	1970-01-20 23:17:24	Name: _gcl_au Value: 1.1.1939195482.1717668888
www.kayak.45off.co/	1970-01-21 05:53:24	Name: visitorUUID Value: 26F01D14-C3BB-41E6-94EA-2FB503CC442F
www.kayak.45off.co/	1970-01-20 23:17:24	Name: userCountryIsoCode Value: GB
www.kayak.45off.co/	1970-01-20 23:17:24	Name: userContinentCode Value: EU
.kayak.45off.co/	1970-01-21 06:43:48	Name: _ga Value: GA1.3.1698840451.1717668888
.kayak.45off.co/	1970-01-20 21:09:15	Name: _gid Value: GA1.3.1547237890.1717668888
.kayak.45off.co/	1970-01-20 21:07:48	Name: _gat_UA-1800020-13 Value: 1
.45off.co/	1970-01-20 21:09:15	Name: _uetsid Value: 9acc7a8023ed11efac2b11c97dcad2c2
.45off.co/	1970-01-21 06:29:24	Name: _uetvid Value: 9acc90b023ed11ef8f83d5872d829710
.45off.co/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.45off.co/	1969-12-31 23:59:59	Name: cebs Value: 1
.bing.com/	1970-01-21 06:29:24	Name: MUID Value: 37CC183E688A609823A50CA8694C61AA
.45off.co/	1970-01-20 21:09:15	Name: _ce.clock_event Value: 1
.45off.co/	1970-01-20 23:17:24	Name: _fbp Value: fb.1.1717668888488.100911253603888397
.45off.co/	1970-01-20 21:09:15	Name: _ce.clock_data Value: 21%2C146.70.117.101%2C1%2Cc92baae71318dc81de51a663df2f8b4f%2CChrome%2CDE
.45off.co/	1969-12-31 23:59:59	Name: cebsp_ Value: 1
.45off.co/	1970-01-21 05:53:24	Name: _ce.s Value: v~8a663b3f00cf5999bba9c5f5f28eb0ed27ca2f01~lcw~1717668888850~lva~1717668888378~vpv~0~v11.fs~1~v11.cs~442283~v11.s~9b12da20-23ed-11ef-99b9-1119ecda47ad~v11ls~9b12da20-23ed-11ef-99b9-1119ecda47ad~v11.sla~1717668888850~v11nv~1~lcw~1717668888895

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.kayak.45off.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-tracking.crazyegg.com
bat.bing.com
connect.facebook.net
d3aqrjkcaeszdb.cloudfront.net
fonts.googleapis.com
pagestates-tracking.crazyegg.com
s.yimg.com
script.crazyegg.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
tracking.crazyegg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.kayak.45off.co
142.250.181.232
142.250.186.35
172.217.16.196
18.173.184.56
18.173.187.114
18.245.175.49
2606:4700::6813:9308
2a00:1288:80:807::1
2a00:1450:4001:803::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9d
2a01:111:202c::237
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.199.49.65
34.252.40.201
54.246.242.218
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10a996996ec921d516899c0d3df103e5eca5a71cf9afec9c057ae240e11ab7be
17a6fc1bf3a3a60de09a7ad84174537620e731d05a8e12f1aec86a987ae77399
1c1a042b43957b8d3665506eb3a4584f769e68078684d934b990b4bd5ee176a8
209dd40b36b9b37b57d6a075bc0a64254e3257fbbf4fb308af4f8204ff775f6f
21d19a039bbd0eec7dc119c42cf47dea11d7b910c6da9b3caf23012b1ea12332
26c870028fa446a11e35411aa0f01d6a57b81020944e9785ebeb466cb33f8708
275154b0a4aeea0253e28402a34f5572b58fd5d34a0cb04b9ec335409ec9bb7f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4fbbd9fde7f00f9b6ef150c6bd800dd6469fd07d7c43ae847a7206e4f89e0c14
583bcf190880cfbb2243c2bb8b7d024e71201c0c089440e4c84b746e59a8acb7
591a03fb9fe0eb252848aefdccd7daf568e505fbc515ca9d7bea58ea79c22ed8
61a94fea660cde64fa9c37479fda2a5af8b9128b4af46d8aa40350744494ca93
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
6cbd697ea4814a6b6af19942aa641541b8f4d6153282aaa41aa7c7234122a40d
7829a93a676002aaeb20e606df81d49c9330ddafa53e88103b8e5c93527719c7
7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
84c1a30f979fbaf477e5f0e4ce0b3fddfd82fd8c31102f21db3e5d991c3a1c67
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859bbc3840ddbfac2cbabd04217077fcab6f31a0e24a9f7ff1a2ee6246ba5319
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
88581e4ee67669e9e1af2807498f206947bb050ba5c3451bbaf0a449ac5b00c6
935a24cb18d4c2c8e12dac229d1b716bec20ad0fefb46241aee9c102222e0e4a
97927edf2394135435bd144e30af7f7c546d62cce196e5f8dc38b3b65030631b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c25af2c768a39c93c1d34a9750d33cf00945aa0fd60b32d5422b30216a6835ba
cb578c6b94eb2909bb24e2e36f1b0495cdac63b3abade86b17d8b9ef0f492d52
d372edb49a5ae087d8e451fa0560c2439b3a836c09c9d2a083800e10b190c2f5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec2858479daead1456f15f6848bcd9910fed24193e310bce05a8cc019c1864a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef774bedbe77e522d4744a3309c90dbbc745df5253eb4972485898ba8ccf9bdd
fce3dd79f6439614bd0067fdb4747883bb1a414133f1d33cc75c3f43afdeb4f9
fe9540f177282b2176b12c72d8b721a9fcd4555fcb3279bca64c82a73d382301
ff323e72306795e717105c0a778c937f1ecaf57cebeecbed0818a3f6b4fb4f7a
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.kayak.45off.co Open in urlscan Pro 34.199.49.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

82 %HTTPS

50 %IPv6

14 Domains

17 Subdomains

19 IPs

5 Countries

1446 kBTransfer

3591 kBSize

18 Cookies

0 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.kayak.45off.co Open in urlscan Pro
34.199.49.65 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

82 %
HTTPS

50 %
IPv6

14
Domains

17
Subdomains

19
IPs

5
Countries

1446 kB
Transfer

3591 kB
Size

18
Cookies

50 HTTP transactions
0 data transactions