www.tui.co.uk - urlscan.io

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 1 HTTP transactions. The main IP is 159.180.84.18, located in United States and belongs to INSTART, US. The main domain is www.tui.co.uk.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 25th 2019. Valid for: a year.

This is the only time www.tui.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	63.33.154.20 63.33.154.20	16509 (AMAZON-02) (AMAZON-02)
1 1	69.16.175.10 69.16.175.10	20446 (HIGHWINDS3) (HIGHWINDS3)
2 2	18.184.247.200 18.184.247.200	16509 (AMAZON-02) (AMAZON-02)
1	159.180.84.18 159.180.84.18	33047 (INSTART) (INSTART)
1	2

1 63.33.154.20 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-154-20.eu-west-1.compute.amazonaws.com

tui-uk.7cnq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (Phoenix, United States) 1 redirects

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net

poweredby.tui.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.247.200 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-247-200.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.180.84.18 (United States)

ASN33047 (INSTART, US)

www.tui.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	myvisualiq.net 2 redirects t.myvisualiq.net	2 KB
2	tui.co.uk 1 redirects poweredby.tui.co.uk www.tui.co.uk	6 KB
1	7cnq.net 1 redirects tui-uk.7cnq.net	1 KB
1	3

	Domain	Requested by
2	t.myvisualiq.net	2 redirects
1	www.tui.co.uk
1	poweredby.tui.co.uk	1 redirects
1	tui-uk.7cnq.net	1 redirects
1	4

This site contains no links.

Subject Issuer	Validity	Valid
www.tui.co.uk DigiCert SHA2 Secure Server CA	`2019-06-25` - `2020-07-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.tui.co.uk/?im_id=affiliate&ia_id=0&ip_id=651774&irclickid=VdiXp11EhxyOWRJ0WlXSvXJOUknVs4SVjU6dwk0&irgwc=1
Frame ID: 5B0F78175380C3DFF798051B86715F20
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://tui-uk.7cnq.net/xch/16029/651774/10316 HTTP 301
https://poweredby.tui.co.uk/click/1/83673;4089648;369311;253;0/?ft_custom=&url=https://t.myvisualiq.net/... HTTP 302
https://t.myvisualiq.net/click_pixel?et=c&ago=212&ao=787&aca=10316&si=-4&ci=-4&pi=-4&ad=651774&advt=0... HTTP 302
https://t.myvisualiq.net/ul_cb/click_pixel?et=c&ago=212&ao=787&aca=10316&si=-4&ci=-4&pi=-4&ad=651774&... HTTP 302
https://www.tui.co.uk/?im_id=affiliate&ia_id=0&ip_id=651774&irclickid=VdiXp11EhxyOWRJ0WlXSvXJOUknV... Page URL

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

3
Countries

6 kB
Transfer

6 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tui-uk.7cnq.net/xch/16029/651774/10316 HTTP 301
https://poweredby.tui.co.uk/click/1/83673;4089648;369311;253;0/?ft_custom=&url=https://t.myvisualiq.net/click_pixel?et=c&ago=212&ao=787&aca=10316&si=-4&ci=-4&pi=-4&ad=651774&advt=0&chnl=-4&vndr=1275&sz=9681&u=TUI&red=https%3A%2F%2Fwww.tui.co.uk%3Fim_id%3Daffiliate%26ia_id%3D0%26ip_id%3D651774%26irclickid%3DVdiXp11EhxyOWRJ0WlXSvXJOUknVs4SVjU6dwk0%26irgwc%3D1 HTTP 302
https://t.myvisualiq.net/click_pixel?et=c&ago=212&ao=787&aca=10316&si=-4&ci=-4&pi=-4&ad=651774&advt=0&chnl=-4&vndr=1275&sz=9681&u=TUI&red=https://www.tui.co.uk?im_id=affiliate&ia_id=0&ip_id=651774&irclickid=VdiXp11EhxyOWRJ0WlXSvXJOUknVs4SVjU6dwk0&irgwc=1 HTTP 302
https://t.myvisualiq.net/ul_cb/click_pixel?et=c&ago=212&ao=787&aca=10316&si=-4&ci=-4&pi=-4&ad=651774&advt=0&chnl=-4&vndr=1275&sz=9681&u=TUI&red=https://www.tui.co.uk?im_id=affiliate&ia_id=0&ip_id=651774&irclickid=VdiXp11EhxyOWRJ0WlXSvXJOUknVs4SVjU6dwk0&irgwc=1 HTTP 302
https://www.tui.co.uk/?im_id=affiliate&ia_id=0&ip_id=651774&irclickid=VdiXp11EhxyOWRJ0WlXSvXJOUknVs4SVjU6dwk0&irgwc=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	403	Primary Request / Show response www.tui.co.uk/ Redirect Chain https://tui-uk.7cnq.net/xch/16029/651774/10316 https://poweredby.tui.co.uk/click/1/83673;4089648;369311;253;0/?ft_custom=&url=https://t.myvisualiq.net/click_pixel?et=c&ago=212&ao=787&aca=10316&si=-4&ci=-4&pi=-4&ad=651774&advt=0&chnl=-4&vndr=127... https://t.myvisualiq.net/click_pixel?et=c&ago=212&ao=787&aca=10316&si=-4&ci=-4&pi=-4&ad=651774&advt=0&chnl=-4&vndr=1275&sz=9681&u=TUI&red=https://www.tui.co.uk?im_id=affiliate&ia_id=0&ip_id=651774&... https://t.myvisualiq.net/ul_cb/click_pixel?et=c&ago=212&ao=787&aca=10316&si=-4&ci=-4&pi=-4&ad=651774&advt=0&chnl=-4&vndr=1275&sz=9681&u=TUI&red=https://www.tui.co.uk?im_id=affiliate&ia_id=0&ip_id=6... https://www.tui.co.uk/?im_id=affiliate&ia_id=0&ip_id=651774&irclickid=VdiXp11EhxyOWRJ0WlXSvXJOUknVs4SVjU6dwk0&irgwc=1	5 KB 6 KB	49ms 18ms	Document text/html	159.180.84.18 INSTART
General Check archive.org Show headers Download Go to Full URL https://www.tui.co.uk/?im_id=affiliate&ia_id=0&ip_id=651774&irclickid=VdiXp11EhxyOWRJ0WlXSvXJOUknVs4SVjU6dwk0&irgwc=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.180.84.18 , United States, ASN33047 (INSTART, US), Reverse DNS Software 1.14.0 / Resource Hash `13b7992a86207447ec80facd79a561a84a83a3a49409d1b4ca676c5fd22d04e2` Request headers :method GET :authority www.tui.co.uk :scheme https :path /?im_id=affiliate&ia_id=0&ip_id=651774&irclickid=VdiXp11EhxyOWRJ0WlXSvXJOUknVs4SVjU6dwk0&irgwc=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US cookie flashtalkingad1="GUID=44360F5D2BEBB1\|tp=(18860-8264-c-44360755,18860-8725-c-44360755,18860-9149-c-44360755)" Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50 Sec-Fetch-Dest document Response headers status 403 server 1.14.0 date Sun, 23 Feb 2020 07:55:31 GMT content-type text/html content-length 5530 x-instart-request-id 12658106561804698651:SEN01-CPVNPPRY17:1582444531:0 Redirect headers Cache-Control no-cache, no-store, must-revalidate Date Sun, 23 Feb 2020 07:55:31 GMT Location https://www.tui.co.uk?im_id=affiliate&ia_id=0&ip_id=651774&irclickid=VdiXp11EhxyOWRJ0WlXSvXJOUknVs4SVjU6dwk0&irgwc=1 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Set-Cookie tuuid=bec60d82-d79f-4761-8e01-ec59b8b0d22c; SameSite=None; Secure; path=/; expires=Tue, 22-Feb-2022 07:55:31 GMT; domain=.myvisualiq.net tuuid_lu=1582444531; SameSite=None; Secure; path=/; expires=Tue, 22-Feb-2022 07:55:31 GMT; domain=.myvisualiq.net Content-Length 0 Connection keep-alive
GET DATA	200 OK	truncated /	1019 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `279a80c5385a62d78e0a7738084e1408eec094fba123b6581ad6f2b480dbab3c` Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.tui.co.uk/	1970-01-20 01:05:16	Name: flashtalkingad1 Value: "GUID=44360F5D2BEBB1\|tp=(18860-8264-c-44360755,18860-8725-c-44360755,18860-9149-c-44360755)"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

poweredby.tui.co.uk
t.myvisualiq.net
tui-uk.7cnq.net
www.tui.co.uk
159.180.84.18
18.184.247.200
63.33.154.20
69.16.175.10
13b7992a86207447ec80facd79a561a84a83a3a49409d1b4ca676c5fd22d04e2
279a80c5385a62d78e0a7738084e1408eec094fba123b6581ad6f2b480dbab3c

www.tui.co.uk Open in urlscan Pro 159.180.84.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

1 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

2 IPs

3 Countries

6 kBTransfer

6 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

1 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

www.tui.co.uk Open in urlscan Pro
159.180.84.18 Public Scan

Screenshot
Live screenshot

Full Image

1
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

3
Countries

6 kB
Transfer

6 kB
Size

1
Cookies

1 HTTP transactions
1 data transactions