urlscan.io logo urlscan.io
SecurityTrails logo

www.tuifly.be Open in urlscan Pro
2a02:26f0:3500:18::1724:a28d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://r.sib.etraveligroup.com/tr/cl/8xP1ftWY8CUCDHlkld_6RJgy24Q7xl8t-cXFm-avGfi8ACZVVTXZQsgWq5TDnv89XVoWe4mXl3UTCHAMNCxZPnj9ox...
Effective URL: https://www.tuifly.be/nl/tuiflyapp?shortlink=65dm7pmo&is_retargeting=true&c=CustomerDocs&pid=CustomerDocs&af_xp=custom...
Submission: On April 13 via api from BE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 4 HTTP transactions. The main IP is 2a02:26f0:3500:18::1724:a28d, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.tuifly.be. The Cisco Umbrella rank of the primary domain is 762622.
TLS certificate: Issued by Thawte TLS ECC CA G1 on February 22nd 2024. Valid for: a year.
This is the only time www.tuifly.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1.179.112.195 396982 (GOOGLE-CL...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 23.50.131.68 20940 (AKAMAI-ASN1)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 3
Apex Domain
Subdomains		 Transfer
2 tuifly.be
www.tuifly.be — Cisco Umbrella Rank: 762622
1 KB
1 onelink.me
tuiappbelgiumfly.onelink.me
279 B
1 sibautomation.com
sibautomation.com — Cisco Umbrella Rank: 22483
1 etraveligroup.com
r.sib.etraveligroup.com — Cisco Umbrella Rank: 914863
849 B
4 4
Domain Requested by
2 www.tuifly.be r.sib.etraveligroup.com
1 tuiappbelgiumfly.onelink.me 1 redirects
1 sibautomation.com r.sib.etraveligroup.com
1 r.sib.etraveligroup.com
4 4

This site contains no links.

Subject Issuer Validity Valid
r.sib.etraveligroup.com
R3		 2024-04-06 -
2024-07-05		 3 months crt.sh
sibautomation.com
GTS CA 1P5		 2024-04-09 -
2024-07-08		 3 months crt.sh
www.tui.be
Thawte TLS ECC CA G1		 2024-02-22 -
2025-02-21		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.tuifly.be/nl/tuiflyapp?shortlink=65dm7pmo&is_retargeting=true&c=CustomerDocs&pid=CustomerDocs&af_xp=custom&source_caller=ui
Frame ID: DA46A5E025C30CD397BBFD4CDC5E4745
Requests: 3 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=2250316
Frame ID: 47E796F9F43C14F54EF943A99918E48A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Access Denied

Page URL History Show full URLs

  1. https://r.sib.etraveligroup.com/tr/cl/8xP1ftWY8CUCDHlkld_6RJgy24Q7xl8t-cXFm-avGfi8ACZVVTXZQsgWq5TDnv89XVoWe4... Page URL
  2. https://tuiappbelgiumfly.onelink.me/HWN1/65dm7pmo HTTP 301
    https://www.tuifly.be/nl/tuiflyapp?shortlink=65dm7pmo&is_retargeting=true&c=CustomerDocs&pid=Custo... Page URL

Page Statistics

4
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

2 kB
Transfer

1 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://r.sib.etraveligroup.com/tr/cl/8xP1ftWY8CUCDHlkld_6RJgy24Q7xl8t-cXFm-avGfi8ACZVVTXZQsgWq5TDnv89XVoWe4mXl3UTCHAMNCxZPnj9oxUeyOamYRNMZRBNyFaC6Fg2Bdx81fhaOiNMevQF9tSmvkGFttzleAZQlVEL4TPweihQ4mVNv28JJhZhq3ZPS7hZbVMsNsSGtUA4qyoYO-TRE92D6qDvC-uQPTSQ3RetBukIz9cXS8vNKBUxapmVWA7dp0hy6FnGK1x6acbISUJFwV3WQdxJ5cUEqGD8kpAzBuEpCzRRLbCOZpzI Page URL
  2. https://tuiappbelgiumfly.onelink.me/HWN1/65dm7pmo HTTP 301
    https://www.tuifly.be/nl/tuiflyapp?shortlink=65dm7pmo&is_retargeting=true&c=CustomerDocs&pid=CustomerDocs&af_xp=custom&source_caller=ui Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
8xP1ftWY8CUCDHlkld_6RJgy24Q7xl8t-cXFm-avGfi8ACZVVTXZQsgWq5TDnv89XVoWe4mXl3UTCHAMNCxZPnj9oxUeyOamYRNMZRBNyFaC6Fg2Bdx81fhaOiNMevQF9tSmvkGFttzleAZQlVEL4TPweihQ4mVNv28JJhZhq3ZPS7hZbVMsNsSGtUA4qyoYO-TRE...
r.sib.etraveligroup.com/tr/cl/ 		702 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://r.sib.etraveligroup.com/tr/cl/8xP1ftWY8CUCDHlkld_6RJgy24Q7xl8t-cXFm-avGfi8ACZVVTXZQsgWq5TDnv89XVoWe4mXl3UTCHAMNCxZPnj9oxUeyOamYRNMZRBNyFaC6Fg2Bdx81fhaOiNMevQF9tSmvkGFttzleAZQlVEL4TPweihQ4mVNv28JJhZhq3ZPS7hZbVMsNsSGtUA4qyoYO-TRE92D6qDvC-uQPTSQ3RetBukIz9cXS8vNKBUxapmVWA7dp0hy6FnGK1x6acbISUJFwV3WQdxJ5cUEqGD8kpAzBuEpCzRRLbCOZpzI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.179.112.195 , France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
m1179112195.mailinblue.me
Software
/
Resource Hash
a8a58e189df82333cc30725e99e307c56e4a58a164b02b31ec112bf569837f19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
702
content-type
text/html; charset=utf-8
date
Sat, 13 Apr 2024 15:09:23 GMT
x-content-type-options
nosniff
x-sib-server
gke-public-cluster-v2-1-179-112-138
x-xss-protection
1
cm.html
sibautomation.com/ Frame 47E7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cm.html?id=2250316
Requested by
Host: r.sib.etraveligroup.com
URL: https://r.sib.etraveligroup.com/tr/cl/8xP1ftWY8CUCDHlkld_6RJgy24Q7xl8t-cXFm-avGfi8ACZVVTXZQsgWq5TDnv89XVoWe4mXl3UTCHAMNCxZPnj9oxUeyOamYRNMZRBNyFaC6Fg2Bdx81fhaOiNMevQF9tSmvkGFttzleAZQlVEL4TPweihQ4mVNv28JJhZhq3ZPS7hZbVMsNsSGtUA4qyoYO-TRE92D6qDvC-uQPTSQ3RetBukIz9cXS8vNKBUxapmVWA7dp0hy6FnGK1x6acbISUJFwV3WQdxJ5cUEqGD8kpAzBuEpCzRRLbCOZpzI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2546 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://r.sib.etraveligroup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
age
849
cache-control
public, max-age=7200
cf-cache-status
HIT
cf-ray
873c607e69f69edf-CDG
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 13 Apr 2024 15:09:23 GMT
expires
Sat, 13 Apr 2024 17:09:23 GMT
server
cloudflare
vary
Accept-Encoding
x-powered-by
Sails <sailsjs.com>
Primary Request tuiflyapp
www.tuifly.be/nl/
Redirect Chain
  • https://tuiappbelgiumfly.onelink.me/HWN1/65dm7pmo
  • https://www.tuifly.be/nl/tuiflyapp?shortlink=65dm7pmo&is_retargeting=true&c=CustomerDocs&pid=CustomerDocs&af_xp=custom&source_caller=ui
388 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tuifly.be/nl/tuiflyapp?shortlink=65dm7pmo&is_retargeting=true&c=CustomerDocs&pid=CustomerDocs&af_xp=custom&source_caller=ui
Requested by
Host: r.sib.etraveligroup.com
URL: https://r.sib.etraveligroup.com/tr/cl/8xP1ftWY8CUCDHlkld_6RJgy24Q7xl8t-cXFm-avGfi8ACZVVTXZQsgWq5TDnv89XVoWe4mXl3UTCHAMNCxZPnj9oxUeyOamYRNMZRBNyFaC6Fg2Bdx81fhaOiNMevQF9tSmvkGFttzleAZQlVEL4TPweihQ4mVNv28JJhZhq3ZPS7hZbVMsNsSGtUA4qyoYO-TRE92D6qDvC-uQPTSQ3RetBukIz9cXS8vNKBUxapmVWA7dp0hy6FnGK1x6acbISUJFwV3WQdxJ5cUEqGD8kpAzBuEpCzRRLbCOZpzI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiGHost /
Resource Hash
4295fab741f20b8501d65ca3cbbf011bb73a84a276a4b05ce8ef0ea7ea484df5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://r.sib.etraveligroup.com/tr/cl/8xP1ftWY8CUCDHlkld_6RJgy24Q7xl8t-cXFm-avGfi8ACZVVTXZQsgWq5TDnv89XVoWe4mXl3UTCHAMNCxZPnj9oxUeyOamYRNMZRBNyFaC6Fg2Bdx81fhaOiNMevQF9tSmvkGFttzleAZQlVEL4TPweihQ4mVNv28JJhZhq3ZPS7hZbVMsNsSGtUA4qyoYO-TRE92D6qDvC-uQPTSQ3RetBukIz9cXS8vNKBUxapmVWA7dp0hy6FnGK1x6acbISUJFwV3WQdxJ5cUEqGD8kpAzBuEpCzRRLbCOZpzI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
0
cache-control
max-age=0
content-length
388
content-type
text/html
date
Sat, 13 Apr 2024 15:09:23 GMT
expires
Sat, 13 Apr 2024 15:09:23 GMT
mime-version
1.0
server
AkamaiGHost
strict-transport-security
max-age=31536000; includeSubDomains
x-akamai-request-id
245f3ff1

Redirect headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
cache-control
no-cache, no-store
content-length
0
content-type
application/octet-stream
date
Sat, 13 Apr 2024 15:09:23 GMT
location
https://www.tuifly.be/nl/tuiflyapp?shortlink=65dm7pmo&is_retargeting=true&c=CustomerDocs&pid=CustomerDocs&af_xp=custom&source_caller=ui
server
http-kit
strict-transport-security
max-age=31536000; includeSubDomains
favicon.ico
www.tuifly.be/ 		382 B
562 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.tuifly.be/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiGHost /
Resource Hash
b3f35101c6d1150f34a50842b2af08305ed505397d2b2e2bd31196de60024745
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.tuifly.be/nl/tuiflyapp?shortlink=65dm7pmo&is_retargeting=true&c=CustomerDocs&pid=CustomerDocs&af_xp=custom&source_caller=ui
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
245f4181
date
Sat, 13 Apr 2024 15:09:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
AkamaiGHost
age
0
content-type
text/html
cache-control
max-age=0
mime-version
1.0
content-length
382
expires
Sat, 13 Apr 2024 15:09:24 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
sibautomation.com/ Name: uuid
Value: 64f755d6-bbdb-4b93-87a8-30bfe14b1c70

3 Console Messages

Source Level URL
Text
other warning URL: https://r.sib.etraveligroup.com/tr/cl/8xP1ftWY8CUCDHlkld_6RJgy24Q7xl8t-cXFm-avGfi8ACZVVTXZQsgWq5TDnv89XVoWe4mXl3UTCHAMNCxZPnj9oxUeyOamYRNMZRBNyFaC6Fg2Bdx81fhaOiNMevQF9tSmvkGFttzleAZQlVEL4TPweihQ4mVNv28JJhZhq3ZPS7hZbVMsNsSGtUA4qyoYO-TRE92D6qDvC-uQPTSQ3RetBukIz9cXS8vNKBUxapmVWA7dp0hy6FnGK1x6acbISUJFwV3WQdxJ5cUEqGD8kpAzBuEpCzRRLbCOZpzI
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.tuifly.be/nl/tuiflyapp?shortlink=65dm7pmo&is_retargeting=true&c=CustomerDocs&pid=CustomerDocs&af_xp=custom&source_caller=ui
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.tuifly.be/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1