urlscan.io logo urlscan.io
SecurityTrails logo

www.cheapflights.com Open in urlscan Pro
151.101.129.29  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1-okta-connodeg-page-cars.global.cheapflights.com/
Effective URL: https://www.cheapflights.com/
Submission: On January 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 12 domains to perform 49 HTTP transactions. The main IP is 151.101.129.29, located in United States and belongs to FASTLY, US. The main domain is www.cheapflights.com. The Cisco Umbrella rank of the primary domain is 124224.
TLS certificate: Issued by R3 on November 18th 2022. Valid for: 3 months.
This is the only time www.cheapflights.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2600:1f16:b2f:b02:30f0:8272:83fd:165f (Columbus, United States)

ASN16509 (AMAZON-02, US)
1-okta-connodeg-page-cars.global.cheapflights.com
11    151.101.129.29 (United States)

ASN54113 (FASTLY, US)
www.cheapflights.com
23    2a04:4e42::285 (United States)

ASN54113 (FASTLY, US)
content.r9cdn.net
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    142.251.39.38 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f6.1e100.net
5142311.fls.doubleclick.net
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    142.251.39.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net
cm.g.doubleclick.net
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fcmatch.google.com
fcmatch.youtube.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    3.75.164.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-164-185.eu-central-1.compute.amazonaws.com
a.clicktripz.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
Apex Domain
Subdomains		 Transfer
23 r9cdn.net
content.r9cdn.net — Cisco Umbrella Rank: 24983
1 MB
12 cheapflights.com
1-okta-connodeg-page-cars.global.cheapflights.com
www.cheapflights.com — Cisco Umbrella Rank: 124224
45 KB
5 doubleclick.net
5142311.fls.doubleclick.net — Cisco Umbrella Rank: 61226
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
cm.g.doubleclick.net — Cisco Umbrella Rank: 321
4 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 619
c.bing.com — Cisco Umbrella Rank: 444
13 KB
3 google.com
fcmatch.google.com — Cisco Umbrella Rank: 4568
www.google.com — Cisco Umbrella Rank: 16
adservice.google.com — Cisco Umbrella Rank: 142
2 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 3658
548 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 clicktripz.com
a.clicktripz.com — Cisco Umbrella Rank: 17400
435 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 11371
490 B
1 youtube.com
fcmatch.youtube.com — Cisco Umbrella Rank: 4630
244 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
393 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
92 KB
49 12
Domain Requested by
23 content.r9cdn.net www.cheapflights.com
content.r9cdn.net
11 www.cheapflights.com content.r9cdn.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
2 cm.g.doubleclick.net 2 redirects
2 5142311.fls.doubleclick.net 1 redirects www.googletagmanager.com
1 adservice.google.com 5142311.fls.doubleclick.net
1 www.google.de
1 www.google.com
1 www.facebook.com
1 c.bing.com
1 a.clicktripz.com
1 ads.travelaudience.com
1 fcmatch.youtube.com
1 fcmatch.google.com 1 redirects
1 googleads.g.doubleclick.net www.googletagmanager.com
1 www.google-analytics.com www.cheapflights.com
1 www.googletagmanager.com www.cheapflights.com
1 1-okta-connodeg-page-cars.global.cheapflights.com 1 redirects
49 18

This site contains links to these domains. Also see Links.

Domain
affiliates.kayak.com
Subject Issuer Validity Valid
www.cheapflights.com
R3		 2022-11-18 -
2023-02-16		 3 months crt.sh
content.r9cdn.net
R3		 2022-11-18 -
2023-02-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
ads.travelaudience.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.clicktripz.com
Amazon		 2022-04-26 -
2023-05-25		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-17 -
2023-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.cheapflights.com/
Frame ID: 9D9018B7B112BC8A2829EB50DA9B8DAB
Requests: 34 HTTP requests in this frame

Frame: https://www.cheapflights.com/ugtm/
Frame ID: 44CA03253C27F23EE7B627B6965D4A32
Requests: 13 HTTP requests in this frame

Frame: https://5142311.fls.doubleclick.net/activityi;dc_pre=CJ2stNK0t_wCFcEHogMdtrgBBg;src=5142311;type=visit0;cat=front0;ord=7467857148405;gtm=2wg120;auiddc=1972826507.1673161591;u12=quJhdl6XhS_pEmQkmXEZbR8eESM;u13=POHDNvnO-XbFbUpqC2PbN51V97M;u16=en_US;u27=POHDNvnO-XbFbUpqC2PbN51V97M;~oref=https%3A%2F%2Fwww.cheapflights.com%2F
Frame ID: 03AFFB00118953AF424C4AC381027103
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cheap Flights, Airline Tickets & Airfares - Find Deals on Flights at Cheapflights.com

Page URL History Show full URLs

  1. http://1-okta-connodeg-page-cars.global.cheapflights.com/ HTTP 301
    https://www.cheapflights.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

49
Requests

98 %
HTTPS

69 %
IPv6

12
Domains

18
Subdomains

14
IPs

3
Countries

1601 kB
Transfer

3593 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1-okta-connodeg-page-cars.global.cheapflights.com/ HTTP 301
    https://www.cheapflights.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://5142311.fls.doubleclick.net/activityi;src=5142311;type=visit0;cat=front0;ord=7467857148405;gtm=2wg120;auiddc=1972826507.1673161591;u12=quJhdl6XhS_pEmQkmXEZbR8eESM;u13=POHDNvnO-XbFbUpqC2PbN51V97M;u16=en_US;u27=POHDNvnO-XbFbUpqC2PbN51V97M;~oref=https%3A%2F%2Fwww.cheapflights.com%2F HTTP 302
  • https://5142311.fls.doubleclick.net/activityi;dc_pre=CJ2stNK0t_wCFcEHogMdtrgBBg;src=5142311;type=visit0;cat=front0;ord=7467857148405;gtm=2wg120;auiddc=1972826507.1673161591;u12=quJhdl6XhS_pEmQkmXEZbR8eESM;u13=POHDNvnO-XbFbUpqC2PbN51V97M;u16=en_US;u27=POHDNvnO-XbFbUpqC2PbN51V97M;~oref=https%3A%2F%2Fwww.cheapflights.com%2F
Request Chain 37
  • https://cm.g.doubleclick.net/pixel?google_nid=kayak_adh&google_hm=QXhaU2VadVIzcFFvNW1FWFN4LS1ZWU0%3D&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kayak_adh&google_hm=QXhaU2VadVIzcFFvNW1FWFN4LS1ZWU0%3D&google_cm=&google_tc= HTTP 302
  • https://fcmatch.google.com/pixel?google_gm=AMnCDoq7KlT5hR6Ms61rxik0bsJiP6ere02Y7Trvk6W_ecQKQKDdcetYHuAvdpKW3Pc4M61aRifsXsdMFthTPMPbUKSkpSXiziAP0R4j-mX1UgSc4fftymoCaUOjBivoRvUvmFsRivnX HTTP 302
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDoq7KlT5hR6Ms61rxik0bsJiP6ere02Y7Trvk6W_ecQKQKDdcetYHuAvdpKW3Pc4M61aRifsXsdMFthTPMPbUKSkpSXiziAP0R4j-mX1UgSc4fftymoCaUOjBivoRvUvmFsRivnX

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.cheapflights.com/
Redirect Chain
  • http://1-okta-connodeg-page-cars.global.cheapflights.com/
  • https://www.cheapflights.com/
191 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
2d03f095666be8d38cccc51e4db2a43b206fa7983062518aa73d43b4a69912b3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
private, no-store
content-encoding
br
content-language
en-US
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self'
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
content-type
text/html;charset=UTF-8
date
Sun, 08 Jan 2023 07:06:30 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Accept-Encoding
x-content-type-options
nosniff
x-sn-waf-code
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
Date
Sun, 08 Jan 2023 07:06:29 GMT
Location
https://www.cheapflights.com/
Server
awselb/2.0
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
accept-encoding
gzip, deflate
accept-language
de-DE,de;q=0.9
cache-control
no-cache
host
1-okta-connodeg-page-cars.global.cheapflights.com
pragma
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-amzn-trace-id
Root=1-63ba6b75-37e8a7ff287470884e1629cb
x-forwarded-for
2a01:4a0:1338:92::5
x-forwarded-port
80
x-forwarded-proto
http
combined.css
content.r9cdn.net/res/ 		36 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://content.r9cdn.net/res/combined.css?v=0e3cfc6b3359dbdc4fcf395db06834a1e705d5a3-frpreducers&cluster=5
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
afb0241ba7317efd888189b29ff712a4043493c8f61e6e08e9994d78d5ae87b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
br
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Thu, 10 Nov 2022 20:33:07 GMT
server
KAYAK/1.0
age
4692450
etag
0e3cfc6b3359dbdc4fcf395db06834a1e705d5a3-frpreducers
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
3846
expires
Tue, 14 Nov 2023 23:39:00 GMT
combined.css
content.r9cdn.net/res/ 		302 KB
302 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://content.r9cdn.net/res/combined.css?v=079bd533a6d07144fac773a6117d02280ce4d16c-frpreducers&cluster=5&tag=ui/flights/frontdoor/FlightFrontDoor
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
bc31a8db85bdee7f5bc438df9b9162cb582c02c4e917c94044de7aa70bee0554

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
x-sn-waf-code
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Thu, 05 Jan 2023 13:12:02 GMT
server
KAYAK/1.0
age
233541
etag
079bd533a6d07144fac773a6117d02280ce4d16c-frpreducers
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
309093
expires
Fri, 05 Jan 2024 14:14:09 GMT
combined.js
content.r9cdn.net/res/ 		388 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.r9cdn.net/res/combined.js?v=3a0fdbd36664ae4a081e2862ab6e30afe195d111-frpreducers&cluster=5
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
2d43df0dca99812636a367777644cd2a0a9331407f49e8e34fe289a5af2e47c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
br
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Thu, 05 Jan 2023 13:12:01 GMT
server
KAYAK/1.0
age
214598
etag
3a0fdbd36664ae4a081e2862ab6e30afe195d111-frpreducers
vary
Accept-Encoding
content-type
application/x-javascript;charset=UTF-8
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
101703
expires
Fri, 05 Jan 2024 19:29:51 GMT
combined.js
content.r9cdn.net/res/ 		2 MB
323 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.r9cdn.net/res/combined.js?v=b725764c829c9fd2b836837ade50283aa64bfa9d-frpreducers&cluster=5&tag=ui/flights/frontdoor/FlightFrontDoor
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
3ca45895ce8342d2a049541a19cc6703f0e47db6595cdae977f74172f17fc264

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
br
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Thu, 05 Jan 2023 13:12:02 GMT
server
KAYAK/1.0
age
214598
etag
b725764c829c9fd2b836837ade50283aa64bfa9d-frpreducers
vary
Accept-Encoding
content-type
application/x-javascript;charset=UTF-8
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
330493
expires
Fri, 05 Jan 2024 19:29:51 GMT
frontdoor-cover-photo.jpg
content.r9cdn.net/res/images/horizon/ui/frontdoor/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/frontdoor/frontdoor-cover-photo.jpg?v=7e8c30b4c6386c865a9912246c2bb1a390a1f9c7&cluster=5
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
f86ec564008e7f0a4031aef5fbbac7882542fef43e87a996be89e021c6dcfcf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
x-sn-waf-code
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Tue, 13 Jun 2017 06:11:53 GMT
server
KAYAK/1.0
age
281934
etag
7e8c30b4c6386c865a9912246c2bb1a390a1f9c7
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
98394
expires
Fri, 05 Jan 2024 00:47:36 GMT
a-small-flag-sprite.png
content.r9cdn.net/res/images/newImagesStructure/sprites/flags/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/newImagesStructure/sprites/flags/a-small-flag-sprite.png?v=a80f673dae8f8482485d1eeed85eebff6ddd78b5&cluster=5
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.css?v=079bd533a6d07144fac773a6117d02280ce4d16c-frpreducers&cluster=5&tag=ui/flights/frontdoor/FlightFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
f78a2816da36a78deacfc2a03d5509ce9ef55dad61de4c82b21ed5afc6ba30d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.r9cdn.net/res/combined.css?v=079bd533a6d07144fac773a6117d02280ce4d16c-frpreducers&cluster=5&tag=ui/flights/frontdoor/FlightFrontDoor
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
x-sn-waf-code
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Thu, 08 Oct 2020 12:32:35 GMT
server
KAYAK/1.0
age
3298973
etag
a80f673dae8f8482485d1eeed85eebff6ddd78b5
content-type
image/png
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
44647
expires
Fri, 01 Dec 2023 02:43:37 GMT
gibson-semibold.ttf
content.r9cdn.net/res/css/font/gibson/ 		135 KB
135 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://content.r9cdn.net/res/css/font/gibson/gibson-semibold.ttf?v=f874e9693706655358e68e44278bd141e8c667ec&cluster=5
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.css?v=0e3cfc6b3359dbdc4fcf395db06834a1e705d5a3-frpreducers&cluster=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
f3d1fe02fba381638a403b95a35403f42d0bf9f29237db588b5945c159d451a0

Request headers

Referer
https://content.r9cdn.net/res/combined.css?v=0e3cfc6b3359dbdc4fcf395db06834a1e705d5a3-frpreducers&cluster=5
Origin
https://www.cheapflights.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
x-sn-waf-code
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Thu, 08 Mar 2018 11:47:11 GMT
server
KAYAK/1.0
age
4669180
etag
f874e9693706655358e68e44278bd141e8c667ec
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
138212
expires
Wed, 15 Nov 2023 06:06:50 GMT
gibson-regular.ttf
content.r9cdn.net/res/css/font/gibson/ 		136 KB
136 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://content.r9cdn.net/res/css/font/gibson/gibson-regular.ttf?v=c94c7ff68ec152d57bca6dcb703bb16ad32e5736&cluster=5
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.css?v=0e3cfc6b3359dbdc4fcf395db06834a1e705d5a3-frpreducers&cluster=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
849b322ef12d3c0d201fb4cd5b4dbe01ce020a002dc383484ebd0252ab6b8f8c

Request headers

Referer
https://content.r9cdn.net/res/combined.css?v=0e3cfc6b3359dbdc4fcf395db06834a1e705d5a3-frpreducers&cluster=5
Origin
https://www.cheapflights.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Thu, 08 Mar 2018 11:47:11 GMT
server
KAYAK/1.0
age
6826831
etag
c94c7ff68ec152d57bca6dcb703bb16ad32e5736
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
139288
expires
Sat, 21 Oct 2023 06:45:59 GMT
gibson-regular.ttf
content.r9cdn.net/res/resources/horizon/ui/server/components/SsrPageHead/brands/cheapflights/ 		136 KB
136 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://content.r9cdn.net/res/resources/horizon/ui/server/components/SsrPageHead/brands/cheapflights/gibson-regular.ttf?v=c94c7ff68ec152d57bca6dcb703bb16ad32e5736&cluster=5
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
849b322ef12d3c0d201fb4cd5b4dbe01ce020a002dc383484ebd0252ab6b8f8c

Request headers

Referer
https://www.cheapflights.com/
Origin
https://www.cheapflights.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
x-sn-waf-code
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Thu, 08 Mar 2018 11:47:11 GMT
server
KAYAK/1.0
age
4652050
etag
c94c7ff68ec152d57bca6dcb703bb16ad32e5736
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
139288
expires
Wed, 15 Nov 2023 10:52:20 GMT
CompareToConfigStateProviderAction
www.cheapflights.com/s/horizon/react/component/ 		1 KB
871 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/s/horizon/react/component/CompareToConfigStateProviderAction
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.js?v=b725764c829c9fd2b836837ade50283aa64bfa9d-frpreducers&cluster=5&tag=ui/flights/frontdoor/FlightFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
28a1b74de17a91b23c096cf243821d1aebcb2d0376398ade571c7893a0462342

Request headers

Referer
https://www.cheapflights.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-sn-waf-code
date
Sun, 08 Jan 2023 07:06:30 GMT
content-encoding
br
server
KAYAK/1.0
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
content-language
en-US
cache-control
no-store
accept-ranges
bytes
FooterSiteMapLinksProviderAction
www.cheapflights.com/s/horizon/react/component/ 		639 B
439 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/s/horizon/react/component/FooterSiteMapLinksProviderAction
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.js?v=b725764c829c9fd2b836837ade50283aa64bfa9d-frpreducers&cluster=5&tag=ui/flights/frontdoor/FlightFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
cdd8fc28041fdefd3fd22775a0c99c739788eca90d6bf2cccbeb85a1a527fbe1

Request headers

Referer
https://www.cheapflights.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-sn-waf-code
date
Sun, 08 Jan 2023 07:06:30 GMT
content-encoding
gzip
server
KAYAK/1.0
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
content-language
en-US
cache-control
no-store
accept-ranges
bytes
content-length
276
CurrencyPickerStateProviderAction
www.cheapflights.com/s/horizon/react/component/ 		14 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/s/horizon/react/component/CurrencyPickerStateProviderAction
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.js?v=b725764c829c9fd2b836837ade50283aa64bfa9d-frpreducers&cluster=5&tag=ui/flights/frontdoor/FlightFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
abb522ea1869bc585dc8184b96500f21e7683bfecacdd667e58f85af6b746435

Request headers

Referer
https://www.cheapflights.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-sn-waf-code
date
Sun, 08 Jan 2023 07:06:30 GMT
content-encoding
br
server
KAYAK/1.0
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
content-language
en-US
cache-control
no-store
accept-ranges
bytes
PrivacyMenuStateProviderAction
www.cheapflights.com/s/horizon/react/component/ 		147 B
276 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/s/horizon/react/component/PrivacyMenuStateProviderAction
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.js?v=b725764c829c9fd2b836837ade50283aa64bfa9d-frpreducers&cluster=5&tag=ui/flights/frontdoor/FlightFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
6df354c91f2558cfec3d6618da740a0500d4f1703951427e0f9c59f2063222f0

Request headers

Referer
https://www.cheapflights.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-sn-waf-code
date
Sun, 08 Jan 2023 07:06:30 GMT
content-encoding
gzip
server
KAYAK/1.0
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
content-language
en-US
cache-control
no-store
accept-ranges
bytes
content-length
118
CookiesDataProvider
www.cheapflights.com/s/horizon/common/privacy/providers/ 		124 B
615 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/s/horizon/common/privacy/providers/CookiesDataProvider
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.js?v=b725764c829c9fd2b836837ade50283aa64bfa9d-frpreducers&cluster=5&tag=ui/flights/frontdoor/FlightFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
459436396e32a40a4feaf2e90e6a0598cbdf97bbc3c036108023b5f4135ca6e8

Request headers

Referer
https://www.cheapflights.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-sn-waf-code
date
Sun, 08 Jan 2023 07:06:30 GMT
content-encoding
gzip
server
KAYAK/1.0
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
content-language
en-US
cache-control
no-store
accept-ranges
bytes
content-length
115
ads.js
www.cheapflights.com/s/ads/dfp/banner300x250/ 		43 B
138 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/s/ads/dfp/banner300x250/ads.js
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.js?v=b725764c829c9fd2b836837ade50283aa64bfa9d-frpreducers&cluster=5&tag=ui/flights/frontdoor/FlightFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
7b2c6c095c19d3f9fc7f7930c6ea7bd0d7a178bd26d5d93dd21b8a8eeb055f41

Request headers

Referer
https://www.cheapflights.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-sn-waf-code
date
Sun, 08 Jan 2023 07:06:30 GMT
server
KAYAK/1.0
age
7509
content-language
en-US
content-type
image/gif;charset=ISO-8859-1
cache-control
max-age=0, no-store, no-cache, must-revalidate
accept-ranges
bytes
content-length
43
expires
0
/
www.cheapflights.com/ugtm/ Frame 44CA 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/ugtm/
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.js?v=b725764c829c9fd2b836837ade50283aa64bfa9d-frpreducers&cluster=5&tag=ui/flights/frontdoor/FlightFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
49f10b3ec66a53b4b444b652b03c9c4decf0946d6a95682348acdf76d4a3d9d9

Request headers

Referer
https://www.cheapflights.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6097
cache-control
max-age=0, no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
1063
content-type
text/html;charset=UTF-8
date
Sun, 08 Jan 2023 07:06:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
KAYAK/1.0
vary
fastly-ssl,x-kayak-presentation,accept-encoding,host
x-sn-waf-code
GetFlightSearchHistoryAction
www.cheapflights.com/s/horizon/flights/common/ 		4 B
503 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/s/horizon/flights/common/GetFlightSearchHistoryAction
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.js?v=b725764c829c9fd2b836837ade50283aa64bfa9d-frpreducers&cluster=5&tag=ui/flights/frontdoor/FlightFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
8167efeffeddd28b0f690cbbec679f77c53a4aa978d64666522c00fafb7b4f94

Request headers

Referer
https://www.cheapflights.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
X-CSRF
rzMmX9YtCnsJXt4gLIIuGd3gr8hoJ8iKIponDOenFZ4-31$QIpuXQCHEun$M00j$zEXBEAevWvguTYLtLgjnVYc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-sn-waf-code
date
Sun, 08 Jan 2023 07:06:30 GMT
server
KAYAK/1.0
vary
Accept-Encoding
content-language
en-US
content-type
application/json;charset=UTF-8
cache-control
no-store
accept-ranges
bytes
content-length
4
search
www.cheapflights.com/mvm/smartyv2/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/mvm/smartyv2/search?f=j&s=airportonly&where=Frankfurt%20am%20Main%20(FRA)&lc_cc=US&lc=en&sv=5&cv=undefined&c=undefined&searchId=undefined&v=undefined
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.js?v=b725764c829c9fd2b836837ade50283aa64bfa9d-frpreducers&cluster=5&tag=ui/flights/frontdoor/FlightFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
71644425cd2c40c8cb1ba014e09c0ef829e035cb315a9008677337d4ea1dc8ac

Request headers

Referer
https://www.cheapflights.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-sn-waf-code
date
Sun, 08 Jan 2023 07:06:30 GMT
content-encoding
br
server
KAYAK/1.0
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cheapflights.com
content-language
en-US
accept-ranges
bytes
cheapflightsfares.svg
content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/cheapflightsfares.svg?v=153d818df59c41b3530c431a736795555cbd742c&cluster=5
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
f773f00519edeed36022dba950502430e1caf66e31d1f2c1d838a82623950c1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
gzip
dnt
1
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Tue, 17 Nov 2020 12:24:22 GMT
server
KAYAK/1.0
age
4666269
etag
153d818df59c41b3530c431a736795555cbd742c
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
3934
expires
Wed, 15 Nov 2023 06:55:22 GMT
cheaptickets.svg
content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/cheaptickets.svg?v=c63a9f1bb5cd364aa8fa6411913b6f708adedc3f&cluster=5
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
f9ba97b943b50d74e64ad7d5344d363171377f143c5d520bc45367948712bf85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
date
Sun, 08 Jan 2023 07:06:30 GMT
content-encoding
gzip
last-modified
Wed, 08 Jan 2020 12:03:41 GMT
server
KAYAK/1.0
age
6822360
etag
c63a9f1bb5cd364aa8fa6411913b6f708adedc3f
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
2259
expires
Sat, 21 Oct 2023 08:00:31 GMT
justfly.svg
content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/justfly.svg?v=6487a3c35e18ae930e644e47bb7430c8c9ef1d5b&cluster=5
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
784e440e40620a810f6caa2a66cc4d4eeffe6958a1039629acc99472a139bee0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
gzip
dnt
1
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Wed, 26 May 2021 09:58:59 GMT
server
KAYAK/1.0
age
2840601
etag
6487a3c35e18ae930e644e47bb7430c8c9ef1d5b
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
1038
expires
Wed, 06 Dec 2023 10:03:10 GMT
travel-tips.svg
content.r9cdn.net/res/images/horizon/ui/seoCommon/cheapflights/ 		15 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/seoCommon/cheapflights/travel-tips.svg?v=ba38b4dc3cdcb4f2a2a38052b1d7f6d6e6d3a4e7&cluster=5
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
5ca2731d34af0c873f54e6cb773592d9e7b949c05513ba70acfc2270656475fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
gzip
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Tue, 13 Jun 2017 06:23:01 GMT
server
KAYAK/1.0
age
321738
etag
ba38b4dc3cdcb4f2a2a38052b1d7f6d6e6d3a4e7
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
4174
expires
Thu, 04 Jan 2024 13:44:13 GMT
newsletter.svg
content.r9cdn.net/res/images/horizon/ui/seoCommon/cheapflights/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/seoCommon/cheapflights/newsletter.svg?v=ebb57b26ce79d66c294ac4668f41e14a0c037188&cluster=5
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
a342c43b5654d1f9ad08af6c80af2eee7e2f4a224874c1fa606850f0418d127c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
date
Sun, 08 Jan 2023 07:06:30 GMT
content-encoding
gzip
dnt
1
last-modified
Tue, 13 Jun 2017 06:23:01 GMT
server
KAYAK/1.0
age
6805753
etag
ebb57b26ce79d66c294ac4668f41e14a0c037188
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
3047
expires
Sat, 21 Oct 2023 12:37:17 GMT
hawaiianairlines.svg
content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/hawaiianairlines.svg?v=59e7fbf7e5efa62dcb86420ecd9bb63845cf1e77&cluster=5
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
f43795b1036440d8dee7e74e5f8d2278bec7c3291b5b76cce5278cbf902408ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
gzip
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Wed, 08 Jan 2020 12:03:41 GMT
server
KAYAK/1.0
age
4665104
etag
59e7fbf7e5efa62dcb86420ecd9bb63845cf1e77
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
3792
expires
Wed, 15 Nov 2023 07:14:46 GMT
priceline.svg
content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/priceline.svg?v=2f085ef06a1a3177f979f49be7009d599547e22d&cluster=5
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
6a6022d7a4cc2addcd0a59d97164fda9882f1504bb8f550c18eb0c6550184780

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
gzip
dnt
1
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Wed, 26 May 2021 09:58:59 GMT
server
KAYAK/1.0
age
2840601
etag
2f085ef06a1a3177f979f49be7009d599547e22d
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
1499
expires
Wed, 06 Dec 2023 10:03:10 GMT
qatarairways.svg
content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/qatarairways.svg?v=b48a192cc760819296afe734a9b9d973caf39004&cluster=5
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
4900798e23a8307ce32c7e1bff72bcceefb921ee62b2eadcb5d729329facdf8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
gzip
dnt
1
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Wed, 08 Jan 2020 12:03:41 GMT
server
KAYAK/1.0
age
4666269
etag
b48a192cc760819296afe734a9b9d973caf39004
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
4271
expires
Wed, 15 Nov 2023 06:55:22 GMT
asaptickets.svg
content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/asaptickets.svg?v=b2b57af5fc64130019eced097d7d2a005ed64a59&cluster=5
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
3254ecdff0fa2cd12a012d6c4c637cc6628120787082daab61b6054dd48d986a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
date
Sun, 08 Jan 2023 07:06:30 GMT
content-encoding
gzip
last-modified
Tue, 17 Nov 2020 12:24:22 GMT
server
KAYAK/1.0
age
6406320
etag
b2b57af5fc64130019eced097d7d2a005ed64a59
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
1990
expires
Thu, 26 Oct 2023 03:34:31 GMT
special-offers.svg
content.r9cdn.net/res/images/horizon/ui/seoCommon/cheapflights/ 		14 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/seoCommon/cheapflights/special-offers.svg?v=a617f55b4d10378005a953c6ce06974ec337f4bb&cluster=5
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
2f674805a5f6e266dc48be04355bc4d120ca3a54fa5bf5ff7cace64f37c0d681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
gzip
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Tue, 13 Jun 2017 06:23:01 GMT
server
KAYAK/1.0
age
245512
etag
a617f55b4d10378005a953c6ce06974ec337f4bb
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
2958
expires
Fri, 05 Jan 2024 10:54:39 GMT
alaska.svg
content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/alaska.svg?v=2cde0fdd7f79983d42d4f3f89cc4580b581e58ae&cluster=5
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
7490a0591185cf0486257213623b5b09aa05236b8155dfefa9f77aa544ca35f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
gzip
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Tue, 17 Nov 2020 12:24:22 GMT
server
KAYAK/1.0
age
1995183
etag
2cde0fdd7f79983d42d4f3f89cc4580b581e58ae
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
1344
expires
Sat, 16 Dec 2023 04:53:27 GMT
expedia.svg
content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/expedia.svg?v=79f4964d7dbda581e5b16c489d62d919515e89fc&cluster=5
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
f0827447221625a35e308c130c3573bc5617f456f2517e2fcc68977f1d92b61e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
date
Sun, 08 Jan 2023 07:06:30 GMT
content-encoding
gzip
last-modified
Wed, 08 Jan 2020 12:03:41 GMT
server
KAYAK/1.0
age
6822360
etag
79f4964d7dbda581e5b16c489d62d919515e89fc
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
1795
expires
Sat, 21 Oct 2023 08:00:31 GMT
smartfares.svg
content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.r9cdn.net/res/images/horizon/ui/searchforms/flights/components/providerLogos/smartfares.svg?v=94189161e51da8f6ae2b537b5b93e0eeebb7d42a&cluster=5
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
0405cc20ca9d43864295b1e26601462e8ab43e02d195f9e5172e2461537d0976

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
x-sn-waf-code
content-encoding
gzip
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Tue, 17 Nov 2020 12:24:22 GMT
server
KAYAK/1.0
age
349546
etag
94189161e51da8f6ae2b537b5b93e0eeebb7d42a
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
3517
expires
Thu, 04 Jan 2024 06:00:44 GMT
gtm.js
www.googletagmanager.com/ Frame 44CA 		283 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PSCCSHQ&l=unifiedDataLayer
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
104287e440e88f778bf089d3e0487a4ca5efaba9ab8c7cbacd52d94afd1132f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 07:06:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93384
x-xss-protection
0
last-modified
Sun, 08 Jan 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 Jan 2023 07:06:30 GMT
collect
www.google-analytics.com/ 		35 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?intended=1
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 Jan 2023 18:07:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
46740
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
gibson-semibold.ttf
content.r9cdn.net/res/resources/horizon/ui/server/components/SsrPageHead/brands/cheapflights/ 		135 KB
135 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://content.r9cdn.net/res/resources/horizon/ui/server/components/SsrPageHead/brands/cheapflights/gibson-semibold.ttf?v=f874e9693706655358e68e44278bd141e8c667ec&cluster=5
Requested by
Host: www.cheapflights.com
URL: https://www.cheapflights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
f3d1fe02fba381638a403b95a35403f42d0bf9f29237db588b5945c159d451a0

Request headers

Referer
https://www.cheapflights.com/
Origin
https://www.cheapflights.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
x-sn-waf-code
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Thu, 08 Mar 2018 11:47:11 GMT
server
KAYAK/1.0
age
245512
etag
f874e9693706655358e68e44278bd141e8c667ec
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
138212
expires
Fri, 05 Jan 2024 10:54:39 GMT
activityi;dc_pre=CJ2stNK0t_wCFcEHogMdtrgBBg;src=5142311;type=visit0;cat=front0;ord=7467857148405;gtm=2wg120;auiddc=1972826507.1673161591;u12=quJhdl6XhS_pEmQkmXEZbR8eESM;u13=POHDNvnO-XbFbUpqC2PbN51V...
5142311.fls.doubleclick.net/ Frame 03AF
Redirect Chain
  • https://5142311.fls.doubleclick.net/activityi;src=5142311;type=visit0;cat=front0;ord=7467857148405;gtm=2wg120;auiddc=1972826507.1673161591;u12=quJhdl6XhS_pEmQkmXEZbR8eESM;u13=POHDNvnO-XbFbUpqC2PbN5...
  • https://5142311.fls.doubleclick.net/activityi;dc_pre=CJ2stNK0t_wCFcEHogMdtrgBBg;src=5142311;type=visit0;cat=front0;ord=7467857148405;gtm=2wg120;auiddc=1972826507.1673161591;u12=quJhdl6XhS_pEmQkmXEZ...
502 B
633 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5142311.fls.doubleclick.net/activityi;dc_pre=CJ2stNK0t_wCFcEHogMdtrgBBg;src=5142311;type=visit0;cat=front0;ord=7467857148405;gtm=2wg120;auiddc=1972826507.1673161591;u12=quJhdl6XhS_pEmQkmXEZbR8eESM;u13=POHDNvnO-XbFbUpqC2PbN51V97M;u16=en_US;u27=POHDNvnO-XbFbUpqC2PbN51V97M;~oref=https%3A%2F%2Fwww.cheapflights.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSCCSHQ&l=unifiedDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f6.1e100.net
Software
cafe /
Resource Hash
5193a37a45a5731d8eec3a68e1656771eb515ff268481c023b7de8251def70d9
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cheapflights.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 07:06:31 GMT
expires
Sun, 08 Jan 2023 07:06:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 07:06:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5142311.fls.doubleclick.net/activityi;dc_pre=CJ2stNK0t_wCFcEHogMdtrgBBg;src=5142311;type=visit0;cat=front0;ord=7467857148405;gtm=2wg120;auiddc=1972826507.1673161591;u12=quJhdl6XhS_pEmQkmXEZbR8eESM;u13=POHDNvnO-XbFbUpqC2PbN51V97M;u16=en_US;u27=POHDNvnO-XbFbUpqC2PbN51V97M;~oref=https%3A%2F%2Fwww.cheapflights.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/833727979/ Frame 44CA 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/833727979/?random=1673161591043&cv=11&fst=1673161591043&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.cheapflights.com%2F&tiba=Cheap%20Flights%2C%20Airline%20Tickets%20%26%20Airfares%20-%20Find%20Deals%20on%20Flights%20at%20Cheapflights.com&auid=1972826507.1673161591&uaw=0&data=event_name%3DscreenView%3Bgoogle_business_vertical%3Dflights&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSCCSHQ&l=unifiedDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffaa0e18e1b7450e1d30751297b681de8068d64e21ade7db3ddd6654961c5670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 07:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
941
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ Frame 44CA 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSCCSHQ&l=unifiedDataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sun, 08 Jan 2023 07:06:31 GMT
last-modified
Mon, 05 Dec 2022 17:15:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5AFEA692FA0C41C889AE5B5D1B5D51EF Ref B: FRA31EDGE0515 Ref C: 2023-01-08T07:06:31Z
etag
"027e538cd8d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11460
pixel
fcmatch.youtube.com/ Frame 44CA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=kayak_adh&google_hm=QXhaU2VadVIzcFFvNW1FWFN4LS1ZWU0%3D&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=kayak_adh&google_hm=QXhaU2VadVIzcFFvNW1FWFN4LS1ZWU0%3D&google_cm=&google_tc=
  • https://fcmatch.google.com/pixel?google_gm=AMnCDoq7KlT5hR6Ms61rxik0bsJiP6ere02Y7Trvk6W_ecQKQKDdcetYHuAvdpKW3Pc4M61aRifsXsdMFthTPMPbUKSkpSXiziAP0R4j-mX1UgSc4fftymoCaUOjBivoRvUvmFsRivnX
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDoq7KlT5hR6Ms61rxik0bsJiP6ere02Y7Trvk6W_ecQKQKDdcetYHuAvdpKW3Pc4M61aRifsXsdMFthTPMPbUKSkpSXiziAP0R4j-mX1UgSc4fftymoCaUOjBivoRvUvmFsRivnX
170 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoq7KlT5hR6Ms61rxik0bsJiP6ere02Y7Trvk6W_ecQKQKDdcetYHuAvdpKW3Pc4M61aRifsXsdMFthTPMPbUKSkpSXiziAP0R4j-mX1UgSc4fftymoCaUOjBivoRvUvmFsRivnX
Protocol
H2
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 07:06:31 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 Jan 2023 07:06:31 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoq7KlT5hR6Ms61rxik0bsJiP6ere02Y7Trvk6W_ecQKQKDdcetYHuAvdpKW3Pc4M61aRifsXsdMFthTPMPbUKSkpSXiziAP0R4j-mX1UgSc4fftymoCaUOjBivoRvUvmFsRivnX
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
381
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
ads.travelaudience.com/ Frame 44CA 		35 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.travelaudience.com/cm?acc=KY&exid=AxZSeZuR3pQo5mEXSx--YYM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 07:06:31 GMT
content-encoding
gzip
x-engine-version
0.0.0
via
1.1 google
server
nginx/1.21.6
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type
image/gif
x-host
tde-deliveryengine-production-769c9db745-q45rm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prof
a.clicktripz.com/api/advertisers/v1/ Frame 44CA 		43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.clicktripz.com/api/advertisers/v1/prof?advertiserID=422&format=image&s1=AxZSeZuR3pQo5mEXSx--YYM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.164.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-164-185.eu-central-1.compute.amazonaws.com
Software
openresty/1.19.9.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 07:06:31 GMT
server
openresty/1.19.9.1
content-type
image/gif
access-control-allow-origin
cache-control
private
access-control-allow-credentials
true
content-length
43
expires
Thu, 19 Nov 1981 08:52:00 GMT
c.gif
c.bing.com/ Frame 44CA 		42 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?vid=AxZSeZuR3pQo5mEXSx--YYM&Red3=BACID_9036901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 07:06:30 GMT
last-modified
Thu, 05 Jan 2023 17:40:42 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1EC557509A514319B9A7F14DBCF9018C Ref B: FRA31EDGE0608 Ref C: 2023-01-08T07:06:31Z
etag
"d59a6ed52c21d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
/
www.facebook.com/tr/ Frame 44CA 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1753019971445860&ev=PageView&ts=1673161591&ud[external_id]=AxZSeZuR3pQo5mEXSx--YYM&fbp=fb.1.1673161591000.0.5405222812032084&cd[locale]=en_US&cd[referrer]=cheapflights&cd[brand]=cheapflights&cd[obfuscatedTrackingCookie]=quJhdl6XhS_pEmQkmXEZbR8eESM&cd[currency]=USD&cd[obfuscatedSessionId]=POHDNvnO-XbFbUpqC2PbN51V97M&dpo=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 08 Jan 2023 07:06:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
measure
www.cheapflights.com/s/vestigo/ 		0
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cheapflights.com/s/vestigo/measure
Requested by
Host: content.r9cdn.net
URL: https://content.r9cdn.net/res/combined.js?v=b725764c829c9fd2b836837ade50283aa64bfa9d-frpreducers&cluster=5&tag=ui/flights/frontdoor/FlightFrontDoor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cheapflights.com/
X-Content-Type-Options
nosniff
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
x-sn-waf-code
date
Sun, 08 Jan 2023 07:06:31 GMT
server
KAYAK/1.0
accept-ranges
bytes
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
15000871.js
bat.bing.com/p/action/ Frame 44CA 		0
119 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/15000871.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Sun, 08 Jan 2023 07:06:31 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 77B4569C0AD84E108133909179DA2E69 Ref B: FRA31EDGE0515 Ref C: 2023-01-08T07:06:31Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame 44CA 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=15000871&Ver=2&mid=51561b0b-857d-4af2-b14f-b1609766e60d&sid=fa78d6908f2211ed94ccdfe2447bd10b&vid=fa790a608f2211edaafaa31b00492177&vids=1&msclkid=N&page_path=%2F&spa=Y&r=&lt=316&p=https%3A%2F%2Fwww.cheapflights.com%2F&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Cheap%20Flights,%20Airline%20Tickets%20%26%20Airfares%20-%20Find%20Deals%20on%20Flights%20at%20Cheapflights.com&evt=pageLoad&ifm=1&sv=1&rn=605014
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 08 Jan 2023 07:06:31 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8E54B3A0784C45A0BF269E83EF02886B Ref B: FRA31EDGE0515 Ref C: 2023-01-08T07:06:31Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/833727979/ Frame 44CA 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/833727979/?random=1673161591043&cv=11&fst=1673161200000&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.cheapflights.com%2F&tiba=Cheap%20Flights%2C%20Airline%20Tickets%20%26%20Airfares%20-%20Find%20Deals%20on%20Flights%20at%20Cheapflights.com&data=event_name%3DscreenView%3Bgoogle_business_vertical%3Dflights&fmt=3&is_vtc=1&random=3559515813&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 07:06:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/833727979/ Frame 44CA 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/833727979/?random=1673161591043&cv=11&fst=1673161200000&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.cheapflights.com%2F&tiba=Cheap%20Flights%2C%20Airline%20Tickets%20%26%20Airfares%20-%20Find%20Deals%20on%20Flights%20at%20Cheapflights.com&data=event_name%3DscreenView%3Bgoogle_business_vertical%3Dflights&fmt=3&is_vtc=1&random=3559515813&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cheapflights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 07:06:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CJ2stNK0t_wCFcEHogMdtrgBBg;src=5142311;type=visit0;cat=front0;ord=7467857148405;gtm=2wg120;auiddc=*;u12=quJhdl6XhS_pEmQkmXEZbR8eESM;u13=POHDNvnO-XbFbUpqC2PbN51V97M;u16=en_US;u27=POHDNvnO-XbF...
adservice.google.com/ddm/fls/z/ Frame 03AF 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJ2stNK0t_wCFcEHogMdtrgBBg;src=5142311;type=visit0;cat=front0;ord=7467857148405;gtm=2wg120;auiddc=*;u12=quJhdl6XhS_pEmQkmXEZbR8eESM;u13=POHDNvnO-XbFbUpqC2PbN51V97M;u16=en_US;u27=POHDNvnO-XbFbUpqC2PbN51V97M;~oref=https%3A%2F%2Fwww.cheapflights.com%2F
Requested by
Host: 5142311.fls.doubleclick.net
URL: https://5142311.fls.doubleclick.net/activityi;dc_pre=CJ2stNK0t_wCFcEHogMdtrgBBg;src=5142311;type=visit0;cat=front0;ord=7467857148405;gtm=2wg120;auiddc=1972826507.1673161591;u12=quJhdl6XhS_pEmQkmXEZbR8eESM;u13=POHDNvnO-XbFbUpqC2PbN51V97M;u16=en_US;u27=POHDNvnO-XbFbUpqC2PbN51V97M;~oref=https%3A%2F%2Fwww.cheapflights.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5142311.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 07:06:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange function| __initializeR9Log object| R9 function| runInitWrapper function| ConsentHandler function| _typeof function| _scoper object| jq object| jQuery object| $ object| @r9/logger object| R9Log object| @r9/perf object| babelHelpers function| define function| undefine function| require object| React object| ReactDOM object| Redux object| ReduxThunk object| ReactRedux function| moment function| IntlMessageFormat object| initDynamicImportLoader object| frameworkScriptsReactBoot function| requireInstance function| dynamicImport object| _eventListeners object| R9ApiClientCache object| globalVestigoSettings boolean| reactIsReady string| googleTagManagerId boolean| adblockEnabled

17 Cookies

Domain/Path Name / Value
www.cheapflights.com/ Name: Apache
Value: UP8HbA-AAABhZAzw0s-d7-RIrD3w
www.cheapflights.com/ Name: cluster
Value: 5
www.cheapflights.com/ Name: kayak
Value: zRaJgImPUw9U4ZTtCEQZ
www.cheapflights.com/ Name: p1.med.sid
Value: R-5OA8XI1Ejy4uCKuZEYbfD-JWpLhTaWdHqWox17nWcfGx8OL5F97YxjU3eU8H6Uk
www.cheapflights.com/ Name: kmkid
Value: AxZSeZuR3pQo5mEXSx--YYM
www.cheapflights.com/ Name: csid
Value: a418fb11-7266-457d-a288-d7d617b92898
www.cheapflights.com/ Name: mst_iBfK2w
Value: Ts3FNgw3DzMDQmPWKtbIkJT22nKAMJwFPafcgHAbmTrxokS_fMLNUt3SbrIl8fstW2Vr9CIZFdeqGD4jrwdzCQ
.cheapflights.com/ Name: _gcl_au
Value: 1.1.1972826507.1673161591
www.cheapflights.com/ Name: _fbp
Value: fb.1.1673161591000.0.5405222812032084
.bing.com/ Name: MUID
Value: 3E56537BBB46608308B041E8BACD6117
.cheapflights.com/ Name: _uetsid
Value: fa78d6908f2211ed94ccdfe2447bd10b
.cheapflights.com/ Name: _uetvid
Value: fa790a608f2211edaafaa31b00492177
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22C929BB22-342F-4E45-934D-4E78E7A9916D%22%7D
www.cheapflights.com/ Name: kayak.mc
Value: AU_8GsXQoWZJ8BTGGBW79EMypGWAxm1FlEHV3gJGNl8YhQ21E1Mkyof3_LziPPXMoqwXPm9JqHjrmziAnfV_Qkmmj95wfogFw1moWOMeHXUcasej84iNLjKQPbvRcj9VQy25LFO2X4dhUXoig2mQy549RatXtSaG767-1gfp6Ukky-g8xafZMjfM8V71nKXnQ-e4BcVOpMG1dx6pT8gdvKlE4YsmCtK9SR5DGLP2LG4pru0HmW3OVK9cDUBSmdcq35YLaCdmzi4hjHMrGjzW1jecqekZUSgJJFKOM3xjqCE0LXx_59nlJj2ODCEtiLIZmg
.doubleclick.net/ Name: IDE
Value: AHWqTUmYo5izleEde0HIGlF_FdSDy6iR8-5Jyuj06zH8bB2R6OlJBBMHbQEJlhRxO8w
a.clicktripz.com/ Name: PHPSESSID
Value: 5205de3cf685783f1851d5a4c25c8b44
.clicktripz.com/ Name: _ctuid
Value: 3de98816-253c-40eb-8f72-c04eb6e8aa0d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1-okta-connodeg-page-cars.global.cheapflights.com
5142311.fls.doubleclick.net
a.clicktripz.com
ads.travelaudience.com
adservice.google.com
bat.bing.com
c.bing.com
cm.g.doubleclick.net
content.r9cdn.net
fcmatch.google.com
fcmatch.youtube.com
googleads.g.doubleclick.net
www.cheapflights.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
142.251.39.2
142.251.39.38
151.101.129.29
2600:1f16:b2f:b02:30f0:8272:83fd:165f
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:813::2004
2a00:1450:400d:807::200e
2a00:1450:400d:80d::2003
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42::285
3.75.164.185
35.190.0.66
0405cc20ca9d43864295b1e26601462e8ab43e02d195f9e5172e2461537d0976
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
104287e440e88f778bf089d3e0487a4ca5efaba9ab8c7cbacd52d94afd1132f5
28a1b74de17a91b23c096cf243821d1aebcb2d0376398ade571c7893a0462342
2d03f095666be8d38cccc51e4db2a43b206fa7983062518aa73d43b4a69912b3
2d43df0dca99812636a367777644cd2a0a9331407f49e8e34fe289a5af2e47c7
2f674805a5f6e266dc48be04355bc4d120ca3a54fa5bf5ff7cace64f37c0d681
3254ecdff0fa2cd12a012d6c4c637cc6628120787082daab61b6054dd48d986a
3ca45895ce8342d2a049541a19cc6703f0e47db6595cdae977f74172f17fc264
459436396e32a40a4feaf2e90e6a0598cbdf97bbc3c036108023b5f4135ca6e8
4900798e23a8307ce32c7e1bff72bcceefb921ee62b2eadcb5d729329facdf8b
49f10b3ec66a53b4b444b652b03c9c4decf0946d6a95682348acdf76d4a3d9d9
5193a37a45a5731d8eec3a68e1656771eb515ff268481c023b7de8251def70d9
5ca2731d34af0c873f54e6cb773592d9e7b949c05513ba70acfc2270656475fe
6a6022d7a4cc2addcd0a59d97164fda9882f1504bb8f550c18eb0c6550184780
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6df354c91f2558cfec3d6618da740a0500d4f1703951427e0f9c59f2063222f0
71644425cd2c40c8cb1ba014e09c0ef829e035cb315a9008677337d4ea1dc8ac
7490a0591185cf0486257213623b5b09aa05236b8155dfefa9f77aa544ca35f4
784e440e40620a810f6caa2a66cc4d4eeffe6958a1039629acc99472a139bee0
7b2c6c095c19d3f9fc7f7930c6ea7bd0d7a178bd26d5d93dd21b8a8eeb055f41
8167efeffeddd28b0f690cbbec679f77c53a4aa978d64666522c00fafb7b4f94
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849b322ef12d3c0d201fb4cd5b4dbe01ce020a002dc383484ebd0252ab6b8f8c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a342c43b5654d1f9ad08af6c80af2eee7e2f4a224874c1fa606850f0418d127c
abb522ea1869bc585dc8184b96500f21e7683bfecacdd667e58f85af6b746435
afb0241ba7317efd888189b29ff712a4043493c8f61e6e08e9994d78d5ae87b8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc31a8db85bdee7f5bc438df9b9162cb582c02c4e917c94044de7aa70bee0554
cdd8fc28041fdefd3fd22775a0c99c739788eca90d6bf2cccbeb85a1a527fbe1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0827447221625a35e308c130c3573bc5617f456f2517e2fcc68977f1d92b61e
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f3d1fe02fba381638a403b95a35403f42d0bf9f29237db588b5945c159d451a0
f43795b1036440d8dee7e74e5f8d2278bec7c3291b5b76cce5278cbf902408ff
f773f00519edeed36022dba950502430e1caf66e31d1f2c1d838a82623950c1b
f78a2816da36a78deacfc2a03d5509ce9ef55dad61de4c82b21ed5afc6ba30d5
f86ec564008e7f0a4031aef5fbbac7882542fef43e87a996be89e021c6dcfcf8
f9ba97b943b50d74e64ad7d5344d363171377f143c5d520bc45367948712bf85
ffaa0e18e1b7450e1d30751297b681de8068d64e21ade7db3ddd6654961c5670