URL: https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-...
Submission: On June 20 via manual from US — Scanned from US

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 39 HTTP transactions. The main IP is 188.42.196.67, located in Luxembourg and belongs to SERVERS-COM, US. The main domain is airtickets.businessclassdeal.com.
TLS certificate: Issued by R3 on May 27th 2024. Valid for: 3 months.
This is the only time airtickets.businessclassdeal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 188.42.196.67 7979 (SERVERS-COM)
2 2607:f8b0:400... 15169 (GOOGLE)
7 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 108.138.106.23 16509 (AMAZON-02)
4 188.42.198.44 7979 (SERVERS-COM)
4 172.255.224.36 7979 (SERVERS-COM)
2 2607:f8b0:400... 15169 (GOOGLE)
1 142.250.176.200 15169 (GOOGLE)
1 142.250.80.68 15169 (GOOGLE)
1 2 185.106.81.236 7979 (SERVERS-COM)
1 2607:f8b0:400... 15169 (GOOGLE)
39 13
Apex Domain
Subdomains
Transfer
12 businessclassdeal.com
airtickets.businessclassdeal.com
997 KB
7 bing.com
bat.bing.com — Cisco Umbrella Rank: 361
31 KB
4 travelpayouts.com
www.travelpayouts.com — Cisco Umbrella Rank: 183331
travelpayouts.com — Cisco Umbrella Rank: 107990
25 KB
4 aviasales.ru
mamka.aviasales.ru
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
270 KB
2 avsplow.com
avsplow.com — Cisco Umbrella Rank: 277891
952 B
2 google.com
www.google.com — Cisco Umbrella Rank: 5
analytics.google.com — Cisco Umbrella Rank: 174
328 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
405 B
1 aviasales.com
static.aviasales.com — Cisco Umbrella Rank: 219517
14 KB
39 10
Domain Requested by
12 airtickets.businessclassdeal.com airtickets.businessclassdeal.com
7 bat.bing.com airtickets.businessclassdeal.com
bat.bing.com
4 mamka.aviasales.ru airtickets.businessclassdeal.com
3 www.travelpayouts.com airtickets.businessclassdeal.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com airtickets.businessclassdeal.com
www.googletagmanager.com
www.google-analytics.com
2 avsplow.com 1 redirects airtickets.businessclassdeal.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
1 travelpayouts.com airtickets.businessclassdeal.com
1 analytics.google.com www.googletagmanager.com
1 www.google.com airtickets.businessclassdeal.com
1 static.aviasales.com airtickets.businessclassdeal.com
39 12

This site contains links to these domains. Also see Links.

Domain
www.travelpayouts.com
Subject Issuer Validity Valid
airtickets.businessclassdeal.com
R3
2024-05-27 -
2024-08-25
3 months crt.sh
*.google-analytics.com
WR2
2024-06-03 -
2024-08-26
3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04
2024-06-19 -
2024-12-16
6 months crt.sh
aviasales.com
Amazon RSA 2048 M03
2023-12-24 -
2025-01-22
a year crt.sh
aviasales.ru
R3
2024-05-25 -
2024-08-23
3 months crt.sh
travelpayouts.com
R3
2024-04-21 -
2024-07-20
3 months crt.sh
*.g.doubleclick.net
WR2
2024-06-03 -
2024-08-26
3 months crt.sh
*.google.com
WR2
2024-06-03 -
2024-08-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Frame ID: C624182A39E13F986B6BA9FEB2EECE86
Requests: 47 HTTP requests in this frame

Screenshot

Page Title

Business Class & First Class Booking, Changes, Cancellations & Upgrades | United, Delta & American Airlines Support - airtickets.businessclassdeal.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

39
Requests

97 %
HTTPS

42 %
IPv6

10
Domains

12
Subdomains

13
IPs

3
Countries

1360 kB
Transfer

4740 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%22widget_id%22%3A%22whitelabel_en%22%2C%22trace_id%22%3A%22Zzfbfcd322d552457d981482a-510082%22%2C%22promo_id%22%3A%224238%22%7D%7D%5D%7D HTTP 302
  • https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_en%22,%22trace_id%22:%22Zzfbfcd322d552457d981482a-510082%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web

39 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
airtickets.businessclassdeal.com/
46 KB
11 KB
Document
General
Full URL
https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
989589df4c2cadeadd8f82f2a811c1791698827e85aee654fceae4b8b483138e

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 20 Jun 2024 17:48:16 GMT
vary
Accept-Encoding
x-request-id
22acf0c35d4a50d61f650ae22fbe31d0
whitelabel_en.js
airtickets.businessclassdeal.com/widgets/
7 KB
2 KB
Script
General
Full URL
https://airtickets.businessclassdeal.com/widgets/whitelabel_en.js?v=002&rtl=false&locale=en
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
1e1b8c6c56f38a3b6554e2431fcc9b2dadced262562aa305d6854d3b828424c9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-promo-id
4238
date
Thu, 20 Jun 2024 17:48:16 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=0
x-robots-tag
noindex
timing-allow-origin
*
link
</mewtwo/styles.css?locale=en&rtl=false&v=002>; rel=preload; as=style, </widgets_static/whitelabel_en.js?locale=en&rtl=false&v=002>; rel=preload; as=script
content-length
1890
x-request-id
65b89e384a6ad2226a87683ad943352c
main.en.js
airtickets.businessclassdeal.com/
786 KB
225 KB
Script
General
Full URL
https://airtickets.businessclassdeal.com/main.en.js
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
f573c3065d053acccaf6f90fa3b71e0779ad1b55c709a07ad91bc52084e69f72

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:48:16 GMT
content-encoding
gzip
last-modified
Thursday, 20-Jun-2024 17:48:16 UTC
etag
W/"6669a2a2-c4895"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
x-request-id
c43ecd10edd894067ca6c41857ca0db0
expires
Thu, 20 Jun 2024 18:18:16 GMT
main.css
airtickets.businessclassdeal.com/
2 MB
542 KB
Stylesheet
General
Full URL
https://airtickets.businessclassdeal.com/main.css
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
a6cb4c91723ee879e398f4eb4eaf98b23b91eb8d1ef8367fc22bce64d7332e2d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:48:16 GMT
content-encoding
gzip
last-modified
Thursday, 20-Jun-2024 17:48:16 UTC
etag
W/"6669a1c5-1b9126"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
x-request-id
1dbd9d90415585cc0e59ecea81bf7dfb
expires
Thu, 20 Jun 2024 18:18:16 GMT
gtm.js
www.googletagmanager.com/
225 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M47KB56
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
924f4e276e765d38d16bbcab8e17748530e1ff741f4a5d74e4a68bf38f4cb3f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:48:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80904
x-xss-protection
0
last-modified
Thu, 20 Jun 2024 17:10:30 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 20 Jun 2024 17:48:16 GMT
bat.js
bat.bing.com/
45 KB
13 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 20 Jun 2024 17:48:16 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 795708F8051847378FE5C32490D16639 Ref B: MIAEDGE1513 Ref C: 2024-06-20T17:48:16Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbbc2905b71a77be23c6d759a7a1f09f92529841308f594eb7c4593be6f514a1

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
styles.css
airtickets.businessclassdeal.com/mewtwo/
167 KB
21 KB
Stylesheet
General
Full URL
https://airtickets.businessclassdeal.com/mewtwo/styles.css?locale=en&rtl=false&v=002
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:48:16 GMT
content-encoding
gzip
last-modified
Thursday, 20-Jun-2024 17:48:16 UTC
etag
W/"6548cf09-29ce6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
x-request-id
89ded366c47e2132f95527e3688fc0c0
expires
Thu, 20 Jun 2024 18:18:16 GMT
whitelabel_en.js
airtickets.businessclassdeal.com/widgets_static/
309 KB
76 KB
Script
General
Full URL
https://airtickets.businessclassdeal.com/widgets_static/whitelabel_en.js?locale=en&rtl=false&v=002
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e52b29ccac7ffce1e5f4d5dd23f016d2dfd9080830d83f1c227cfa69f56e1438

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:48:16 GMT
content-encoding
gzip
last-modified
Thursday, 20-Jun-2024 17:48:16 UTC
etag
W/"6548cf0c-4d278"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
x-request-id
9519e97062164988ea7e15fcadca4139
expires
Thu, 20 Jun 2024 18:18:16 GMT
97128398.js
bat.bing.com/p/action/
1 KB
840 B
Script
General
Full URL
https://bat.bing.com/p/action/97128398.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9a0591befff4e32d4612bc531fefe3ba439b1d074a2c30061ed0cb5500cd6df3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Thu, 20 Jun 2024 17:48:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B89C3F1612214E868052E1C6FD46B1FC Ref B: MIAEDGE1513 Ref C: 2024-06-20T17:48:16Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/
0
360 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=97128398&Ver=2&mid=f8590b11-0aac-4703-8865-4f2c7f693b9d&sid=45fdc6e02f2d11ef9bc947526b66a0bb&vid=45fde0702f2d11efa1e2b1b658da48aa&vids=1&msclkid=974ed6098c2b10292d3bb07b529aad2e-1&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Business%20Class%20%26%20First%20Class%20Booking,%20Changes,%20Cancellations%20%26%20Upgrades%20%7C%20United,%20Delta%20%26%20American%20Airlines%20Support%20-%20airtickets.businessclassdeal.com&p=https%3A%2F%2Fairtickets.businessclassdeal.com%2F%3Fmsclkid%3D974ed6098c2b10292d3bb07b529aad2e%26utm_source%3Dbing%26utm_medium%3Dcpc%26utm_campaign%3DSearchads-Business-Generic%26utm_term%3Dflight%2520reservation%26utm_content%3Dflights%2520reservations&r=&lt=1071&evt=pageLoad&sv=1&rn=544248
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 20 Jun 2024 17:48:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F08999BB25A84638A942A5DA0A37A4C1 Ref B: MIAEDGE1513 Ref C: 2024-06-20T17:48:16Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
97128398
bat.bing.com/p/insights/t/
711 B
881 B
Script
General
Full URL
https://bat.bing.com/p/insights/t/97128398
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/97128398.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e6c83220061040a76314652844e4b5690d44119e40f7f7950b12e0ebb3cb1e08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 20 Jun 2024 17:48:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 43C5404D075840DAA608DB09247FA7C9 Ref B: MIAEDGE1513 Ref C: 2024-06-20T17:48:16Z
vary
Accept-Encoding
x-azure-ref
20240620T174816Z-r1f79b646995lftr855g5h885s00000000y000000000c3r8
content-type
application/x-javascript
x-cache
CONFIG_NOCACHE
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
603
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
js
www.googletagmanager.com/gtag/
283 KB
97 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6C1GFWKMT9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M47KB56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4668226a03284a1466d034685cdaa90be29625969f803ff153e35bf99b4aa840
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:48:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98873
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 20 Jun 2024 17:48:16 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M47KB56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Jun 2024 17:46:37 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
99
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 20 Jun 2024 19:46:37 GMT
0.7.34
bat.bing.com/p/insights/s/
35 KB
15 KB
Script
General
Full URL
https://bat.bing.com/p/insights/s/0.7.34
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/97128398
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
05196bbc70bbbb7e8b6775fd38c82a3eedff7ee9a81c2b330083f8086df45754
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Thu, 20 Jun 2024 17:48:16 GMT
x-cache
CONFIG_NOCACHE
x-fd-int-roxy-purgeid
51562430
content-length
15075
last-modified
Thu, 23 May 2024 23:20:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7AA7FA6C8C344289814BA61B83308895 Ref B: MIAEDGE1513 Ref C: 2024-06-20T17:48:16Z
etag
W/"0x8DC7B7EEE48270A"
vary
Accept-Encoding
x-azure-ref
20240620T174816Z-r1f79b64699wtmq2vkycev6wew00000000yg000000002s6g
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
de6dbc85-201e-0051-69d0-c2b357000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
x
bat.bing.com/p/insights/c/
0
221 B
XHR
General
Full URL
https://bat.bing.com/p/insights/c/x
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.34
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-webinsights-gzip
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 20 Jun 2024 17:48:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DD34BDFA02AF40CBB30AB7DED5E85849 Ref B: MIAEDGE1513 Ref C: 2024-06-20T17:48:17Z
vary
Origin
x-cache
CONFIG_NOCACHE
access-control-allow-origin
https://airtickets.businessclassdeal.com
access-control-allow-credentials
true
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6C1GFWKMT9&gtm=45je46h0v893968163z878526466za200zb78526466&_p=1718905696429&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=580053293.1718905697&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718905697&sct=1&seg=0&dl=https%3A%2F%2Fairtickets.businessclassdeal.com%2F%3Fmsclkid%3D974ed6098c2b10292d3bb07b529aad2e%26utm_source%3Dbing%26utm_medium%3Dcpc%26utm_campaign%3DSearchads-Business-Generic%26utm_term%3Dflight%2520reservation%26utm_content%3Dflights%2520reservations&dt=Business%20Class%20%26%20First%20Class%20Booking%2C%20Changes%2C%20Cancellations%20%26%20Upgrades%20%7C%20United%2C%20Delta%20%26%20American%20Airlines%20Support%20-%20airtickets.businessclassdeal.com&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1629&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6C1GFWKMT9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 17:48:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://airtickets.businessclassdeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
16 B
107 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1840206113&t=pageview&_s=1&dl=https%3A%2F%2Fairtickets.businessclassdeal.com%2F%3Fmsclkid%3D974ed6098c2b10292d3bb07b529aad2e%26utm_source%3Dbing%26utm_medium%3Dcpc%26utm_campaign%3DSearchads-Business-Generic%26utm_term%3Dflight%2520reservation%26utm_content%3Dflights%2520reservations&ul=en-us&de=UTF-8&dt=Business%20Class%20%26%20First%20Class%20Booking%2C%20Changes%2C%20Cancellations%20%26%20Upgrades%20%7C%20United%2C%20Delta%20%26%20American%20Airlines%20Support%20-%20airtickets.businessclassdeal.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1984967819&gjid=412444167&cid=580053293.1718905697&tid=UA-70090146-9&_gid=1377312398.1718905697&_r=1&_slc=1&gtm=45He46h0n81M47KB56v78526466za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1721543205
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
478e24551e2c62c09dad71685f8ffcb22a0e3d6d3d4d4274d4a6b337b56189fc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 17:48:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://airtickets.businessclassdeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp.js
static.aviasales.com/snowplow/19.20.1/
43 KB
14 KB
Script
General
Full URL
https://static.aviasales.com/snowplow/19.20.1/sp.js
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/main.en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-23.jfk50.r.cloudfront.net
Software
/
Resource Hash
5b7961e43ba73a1ec7a400060934040077aef584ce1a6ab0185d9c41ce029d32

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 04:45:11 GMT
content-encoding
br
via
1.1 410372c9ac35ccad4a4fd5dbf80c9f38.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 07:57:47 GMT
x-amz-cf-pop
JFK50-P3
age
6267786
etag
W/"56c168eae5c685d285eeaf940c1f21d5"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
TkDuohM2BAtXKFBCpc3-3HkDPyXxwVRp41xf4ExByCrXD97fPttkCw==
whitelabel_en.js
airtickets.businessclassdeal.com/widgets/
7 KB
2 KB
Script
General
Full URL
https://airtickets.businessclassdeal.com/widgets/whitelabel_en.js
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/main.en.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
46644ae9ba9adcfb24377d42001b184e51c421eac10b8e252502afe27bf8c4d5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-promo-id
4238
date
Thu, 20 Jun 2024 17:48:17 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=0
x-robots-tag
noindex
timing-allow-origin
*
link
</mewtwo/styles.css>; rel=preload; as=style, </widgets_static/whitelabel_en.js>; rel=preload; as=script
content-length
1839
x-request-id
0365869b1964f6dcb0d5f4df63b40e6d
set
mamka.aviasales.ru/third_party_cookies/
0
277 B
Image
General
Full URL
https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2024-06-20T17%3A48%3A17.062Z
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:48:17 GMT
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
tp.png
www.travelpayouts.com/powered_by/img/
4 KB
4 KB
Image
General
Full URL
https://www.travelpayouts.com/powered_by/img/tp.png
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
2485b6352182e9b84c6010dedea330b64058983d22008327a64fd7d9b10df905

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:48:17 GMT
last-modified
Mon, 13 Nov 2023 11:56:56 GMT
server
nginx
content-type
image/png
cache-control
no-store, no-cache
accept-ranges
bytes
x-robots-tag
noindex
content-length
3584
x-request-id
e65c9f25b4f400dacb027947f6223e8b
collect
stats.g.doubleclick.net/j/
2 B
358 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-70090146-9&cid=580053293.1718905697&jid=1984967819&gjid=412444167&_gid=1377312398.1718905697&_u=YADAAEAAAAAAACAAI~&z=141829325
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 20 Jun 2024 17:48:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://airtickets.businessclassdeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
272 KB
94 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1HXW6H26GB&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3fc76b3cd63e1209e49ec1d7b5c4619809ccab6a5e5d06adc5be93990f8480ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:48:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96493
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 20 Jun 2024 17:48:17 GMT
truncated
/
863 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ceddb5c380cb8111a0beb07fcf991cc290b7a8d8afbe21c8a9831d419d6b467

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
currency-regular-webfont.woff2
www.travelpayouts.com/currency_fonts/
4 KB
4 KB
Font
General
Full URL
https://www.travelpayouts.com/currency_fonts/currency-regular-webfont.woff2
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
4ba3cac275ae4d06824607aa55da87e077a60cc9608aa0d6d8b6004922573d2e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Origin
https://airtickets.businessclassdeal.com
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:48:17 GMT
last-modified
Tue, 14 May 2024 12:08:58 GMT
server
nginx
etag
"6643545a-e08"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3592
x-request-id
aafdacb1f290321741f43ab8549986e1
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/
348 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0cd533223411d5bab615e57af6eab20ecd15e20bc76f12487a38c0daf82e54cc

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
styles.css
airtickets.businessclassdeal.com/mewtwo/
167 KB
21 KB
Stylesheet
General
Full URL
https://airtickets.businessclassdeal.com/mewtwo/styles.css
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:48:17 GMT
content-encoding
gzip
last-modified
Thursday, 20-Jun-2024 17:48:17 UTC
etag
W/"6548cf09-29ce6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
x-request-id
afd6a65bd491989f3ac8c7aa3e0bd3eb
expires
Thu, 20 Jun 2024 18:18:17 GMT
whitelabel_en.js
airtickets.businessclassdeal.com/widgets_static/
309 KB
76 KB
Script
General
Full URL
https://airtickets.businessclassdeal.com/widgets_static/whitelabel_en.js
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e52b29ccac7ffce1e5f4d5dd23f016d2dfd9080830d83f1c227cfa69f56e1438

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:48:17 GMT
content-encoding
gzip
last-modified
Thursday, 20-Jun-2024 17:48:17 UTC
etag
W/"6548cf0c-4d278"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
x-request-id
a67028ba84c2359d04fb5f7360cf8fdf
expires
Thu, 20 Jun 2024 18:18:17 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-70090146-9&cid=580053293.1718905697&jid=1984967819&_u=YADAAEAAAAAAACAAI~&z=362614539
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 17:48:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
j.gif
avsplow.com/a/
Redirect Chain
  • https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%2...
  • https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_en%22,%22trace_id%22:%22Zzfbfcd322...
43 B
388 B
Image
General
Full URL
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_en%22,%22trace_id%22:%22Zzfbfcd322d552457d981482a-510082%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Protocol
H2
Server
185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://airtickets.businessclassdeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 20 Jun 2024 17:48:17 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43

Redirect headers

date
Thu, 20 Jun 2024 17:48:17 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
location
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_en%22,%22trace_id%22:%22Zzfbfcd322d552457d981482a-510082%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
0
collect
analytics.google.com/g/
0
265 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-1HXW6H26GB&gtm=45je46h0v9126237212za200&_p=1718905696429&_gaz=1&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=0&ul=en-us&sr=1600x1200&cid=580053293.1718905697&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fairtickets.businessclassdeal.com%2F%3Fmsclkid%3D974ed6098c2b10292d3bb07b529aad2e%26utm_source%3Dbing%26utm_medium%3Dcpc%26utm_campaign%3DSearchads-Business-Generic%26utm_term%3Dflight%2520reservation%26utm_content%3Dflights%2520reservations&dt=Business%20Class%20%26%20First%20Class%20Booking%2C%20Changes%2C%20Cancellations%20%26%20Upgrades%20%7C%20United%2C%20Delta%20%26%20American%20Airlines%20Support%20-%20airtickets.businessclassdeal.com&sid=1718905697&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2064&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1HXW6H26GB&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 17:48:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://airtickets.businessclassdeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
47 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1HXW6H26GB&cid=580053293.1718905697&gtm=45je46h0v9126237212za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1HXW6H26GB&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 17:48:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://airtickets.businessclassdeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles.css
airtickets.businessclassdeal.com/mewtwo/
167 KB
21 KB
Stylesheet
General
Full URL
https://airtickets.businessclassdeal.com/mewtwo/styles.css?v=002
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/widgets_static/whitelabel_en.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:48:17 GMT
content-encoding
gzip
last-modified
Thursday, 20-Jun-2024 17:48:17 UTC
etag
W/"6548cf09-29ce6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
x-request-id
1b3b44f555ead21c9e28b91ce0baf6fa
expires
Thu, 20 Jun 2024 18:18:17 GMT
whereami
airtickets.businessclassdeal.com/
129 B
262 B
Script
General
Full URL
https://airtickets.businessclassdeal.com/whereami?locale=en&callback=mewtwoForms.geoIPSetter.lang_en
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/widgets_static/whitelabel_en.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
ded00be73fead4f6fb80f5795ace75bac0a29052b4ed89a5640d19e731400cbf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 20 Jun 2024 17:48:17 GMT
content-encoding
br
content-length
112
x-request-id
261707f2d5d0dccc7575401668a97b41
content-type
application/x-javascript; charset=utf-8
powered_by.js
travelpayouts.com/powered_by/
40 KB
14 KB
Script
General
Full URL
https://travelpayouts.com/powered_by/powered_by.js
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/widgets_static/whitelabel_en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
1da316975270755e27f6558b9a5f979d30e6e981d98354c84f171e59bb2b55fc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:48:17 GMT
content-encoding
br
last-modified
Mon, 13 Nov 2023 11:56:56 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache
x-robots-tag
noindex
x-request-id
426fe0c69e15d7a1cfa141924634c103
set
mamka.aviasales.ru/third_party_cookies/
0
276 B
Image
General
Full URL
https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2024-06-20T17%3A48%3A17.908Z&mamka_attempts=1
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:48:17 GMT
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
truncated
/
611 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2b7d1dceb195397d6858d10056b5d42015d99219efec16aac0a85afbbe9fd3c

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
381 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77818150b66ff906089c6af3736a0925cb43a6136bb848a6c92d05e3d0c174cc

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
129 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df44430acd7f76780b9cb433a90678e4b8abb436a8294919ac3191b64a35fab1

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
903 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c68573d57af2167a699c645236af00bf91e103bca25e851b7e6245605fdcacda

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
196 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b07169adb5265b1f2475ebfd8d8d9b28b2eee9a283a263be746a484384d1ad7

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
tp_white.png
www.travelpayouts.com/powered_by/img/
3 KB
3 KB
Image
General
Full URL
https://www.travelpayouts.com/powered_by/img/tp_white.png
Requested by
Host: airtickets.businessclassdeal.com
URL: https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
2b987833855741a74ca43f6003d83d784ed04ff8a496ea912ea48a1433f87f84

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:48:18 GMT
last-modified
Thu, 23 Nov 2023 12:39:16 GMT
server
nginx
content-type
image/png
cache-control
no-store, no-cache
accept-ranges
bytes
x-robots-tag
noindex
content-length
2672
x-request-id
33593e4c4d0af25842217f466f5b10c1
favicon.ico
airtickets.businessclassdeal.com/
19 B
179 B
Other
General
Full URL
https://airtickets.businessclassdeal.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.67 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/?msclkid=974ed6098c2b10292d3bb07b529aad2e&utm_source=bing&utm_medium=cpc&utm_campaign=Searchads-Business-Generic&utm_term=flight%20reservation&utm_content=flights%20reservations
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:48:18 GMT
x-content-type-options
nosniff
content-length
19
x-request-id
a0056090bd7437d881123eb296b154e1
content-type
text/plain; charset=utf-8
set
mamka.aviasales.ru/third_party_cookies/
0
276 B
Image
General
Full URL
https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2024-06-20T17%3A48%3A18.553Z&mamka_attempts=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:48:18 GMT
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
x
bat.bing.com/p/insights/c/
0
120 B
XHR
General
Full URL
https://bat.bing.com/p/insights/c/x
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.34
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-webinsights-gzip
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 20 Jun 2024 17:48:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 879F3829EA0D46FDB1972FCBEC14225C Ref B: MIAEDGE1513 Ref C: 2024-06-20T17:48:18Z
vary
Origin
x-cache
CONFIG_NOCACHE
access-control-allow-origin
https://airtickets.businessclassdeal.com
access-control-allow-credentials
true
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
set
mamka.aviasales.ru/third_party_cookies/
0
276 B
Image
General
Full URL
https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2024-06-20T17%3A48%3A21.196Z&mamka_attempts=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airtickets.businessclassdeal.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:48:21 GMT
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| dataLayer object| GEOIP object| TPWLCONFIG object| uetq function| generateUUID function| hideElement function| isMobile function| loadCSS boolean| MewtwoIsLoaded function| UET function| UET_init function| UET_push object| ueto_701a1c7e64 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| webinsights object| insightsuetq function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| mamka_queue object| mamka_tpc function| setImmediate function| clearImmediate function| cssx string| TP_WL_LOCALE function| ResizeSensor object| TP_DISPATCHER boolean| SHOW_GOOGLE_ADSENSE boolean| HANDLE_ALL_MARKERS function| f object| GSN function| mamka object| TP_POWERED_BY_DATA boolean| TP_MEWTWO_SKIPSTYLES object| TP_FORM_SETTINGS string| _location object| TP_PERF_METRICS object| mewtwo boolean| mewtwoFormsInitialized boolean| mewtwoFormsStylesLoaded object| mewtwoForms object| TP_POWERED_BY

19 Cookies

Domain/Path Name / Value
.businessclassdeal.com/ Name: _uetmsclkid
Value: _uet974ed6098c2b10292d3bb07b529aad2e
.bing.com/ Name: MUID
Value: 15CDFCAD1A046E750738E8091B946FA8
.bat.bing.com/ Name: MR
Value: 0
.bat.bing.com/ Name: MSPTC
Value: _GYauK2D6GxqUGMmKmsBkPOT_GNm4xqGgJjPYSbPMnk
.businessclassdeal.com/ Name: _uetsid
Value: 45fdc6e02f2d11ef9bc947526b66a0bb|qfkzv8|2|fms|0|1632
.businessclassdeal.com/ Name: _ga_6C1GFWKMT9
Value: GS1.1.1718905697.1.0.1718905697.0.0.0
.businessclassdeal.com/ Name: _ga
Value: GA1.2.580053293.1718905697
.businessclassdeal.com/ Name: _gid
Value: GA1.2.1377312398.1718905697
.businessclassdeal.com/ Name: _gat_UA-70090146-9
Value: 1
.businessclassdeal.com/ Name: mtdc_2VEA4
Value: true
airtickets.businessclassdeal.com/ Name: locale
Value: en
.businessclassdeal.com/ Name: marker
Value: 510082.%241489
airtickets.businessclassdeal.com/ Name: utmDetail
Value: utm_source%3Dbing%26utm_medium%3Dcpc%26utm_campaign%3DSearchads-Business-Generic%26utm_term%3Dflight%20reservation%26utm_content%3Dflights%20reservations
airtickets.businessclassdeal.com/ Name: currency
Value: USD
.businessclassdeal.com/ Name: _uetvid
Value: 45fde0702f2d11efa1e2b1b658da48aa|19trjjl|1718905697201|1|1|bat.bing.com/p/insights/c/x
.businessclassdeal.com/ Name: _sp_ses.aa90
Value: *
.businessclassdeal.com/ Name: _ga_1HXW6H26GB
Value: GS1.2.1718905697.1.0.1718905697.60.0.0
.avsplow.com/ Name: nuid
Value: 416c3736-d93d-42e7-ba96-af7623f7cfd6
.businessclassdeal.com/ Name: _sp_id.aa90
Value: 1cd5203e-1359-4bd8-8b66-76b18772409a.1718905697.1.1718905698.1718905697.40bb1118-88b2-4a4d-9c6c-b72f8e7176d1

1 Console Messages

Source Level URL
Text
network error URL: https://airtickets.businessclassdeal.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airtickets.businessclassdeal.com
analytics.google.com
avsplow.com
bat.bing.com
mamka.aviasales.ru
static.aviasales.com
stats.g.doubleclick.net
travelpayouts.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.travelpayouts.com
108.138.106.23
142.250.176.200
142.250.80.68
172.255.224.36
185.106.81.236
188.42.196.67
188.42.198.44
2607:f8b0:4004:c1b::9a
2607:f8b0:4006:807::200e
2607:f8b0:4006:80f::200e
2607:f8b0:4006:81e::2008
2620:1ec:c11::237
05196bbc70bbbb7e8b6775fd38c82a3eedff7ee9a81c2b330083f8086df45754
0cd533223411d5bab615e57af6eab20ecd15e20bc76f12487a38c0daf82e54cc
1da316975270755e27f6558b9a5f979d30e6e981d98354c84f171e59bb2b55fc
1e1b8c6c56f38a3b6554e2431fcc9b2dadced262562aa305d6854d3b828424c9
2485b6352182e9b84c6010dedea330b64058983d22008327a64fd7d9b10df905
2b987833855741a74ca43f6003d83d784ed04ff8a496ea912ea48a1433f87f84
3fc76b3cd63e1209e49ec1d7b5c4619809ccab6a5e5d06adc5be93990f8480ed
46644ae9ba9adcfb24377d42001b184e51c421eac10b8e252502afe27bf8c4d5
4668226a03284a1466d034685cdaa90be29625969f803ff153e35bf99b4aa840
478e24551e2c62c09dad71685f8ffcb22a0e3d6d3d4d4274d4a6b337b56189fc
4ba3cac275ae4d06824607aa55da87e077a60cc9608aa0d6d8b6004922573d2e
5b7961e43ba73a1ec7a400060934040077aef584ce1a6ab0185d9c41ce029d32
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
77818150b66ff906089c6af3736a0925cb43a6136bb848a6c92d05e3d0c174cc
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8b07169adb5265b1f2475ebfd8d8d9b28b2eee9a283a263be746a484384d1ad7
924f4e276e765d38d16bbcab8e17748530e1ff741f4a5d74e4a68bf38f4cb3f3
9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d
989589df4c2cadeadd8f82f2a811c1791698827e85aee654fceae4b8b483138e
9a0591befff4e32d4612bc531fefe3ba439b1d074a2c30061ed0cb5500cd6df3
9ceddb5c380cb8111a0beb07fcf991cc290b7a8d8afbe21c8a9831d419d6b467
a6cb4c91723ee879e398f4eb4eaf98b23b91eb8d1ef8367fc22bce64d7332e2d
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
c68573d57af2167a699c645236af00bf91e103bca25e851b7e6245605fdcacda
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d2b7d1dceb195397d6858d10056b5d42015d99219efec16aac0a85afbbe9fd3c
dbbc2905b71a77be23c6d759a7a1f09f92529841308f594eb7c4593be6f514a1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ded00be73fead4f6fb80f5795ace75bac0a29052b4ed89a5640d19e731400cbf
df44430acd7f76780b9cb433a90678e4b8abb436a8294919ac3191b64a35fab1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52b29ccac7ffce1e5f4d5dd23f016d2dfd9080830d83f1c227cfa69f56e1438
e6c83220061040a76314652844e4b5690d44119e40f7f7950b12e0ebb3cb1e08
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f573c3065d053acccaf6f90fa3b71e0779ad1b55c709a07ad91bc52084e69f72