www.airplus.com Open in urlscan Pro
212.21.164.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.airplus.com/
Effective URL:
https://www.airplus.com/de/de/
Submission Tags: falconsandbox
Submission: On May 16 via api (May 16th 2024, 9:43:10 am UTC) from US — Scanned from DE

Summary HTTP 56 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 56 HTTP transactions. The main IP is 212.21.164.12, located in Germany and belongs to TWL-KOM-AS Donnersbergweg 4, DE. The main domain is www.airplus.com. The Cisco Umbrella rank of the primary domain is 926629.
TLS certificate: Issued by Thawte TLS RSA CA G1 on November 6th 2023. Valid for: a year.

This is the only time www.airplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 45	212.21.164.12 212.21.164.12	9022 (TWL-KOM-A...) (TWL-KOM-AS Donnersbergweg 4)
1	178.237.33.51 178.237.33.51	8455 (ATOM86-AS...) (ATOM86-AS ATOM86)
1	104.18.142.119 104.18.142.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	18.245.46.22 18.245.46.22	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.102.75 18.66.102.75	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:272... 2600:9000:2724:5600:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
56	12

45 212.21.164.12 (Germany) 1 redirects

ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE)
PTR: www.airplus.com

www.airplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.237.33.51 (Netherlands)

ASN8455 (ATOM86-AS ATOM86, NL)

ssl.geoplugin.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.142.119 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-22.fra56.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-75.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2724:5600:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	airplus.com 1 redirects www.airplus.com — Cisco Umbrella Rank: 926629	2 MB
2	company-target.com s.company-target.com — Cisco Umbrella Rank: 1388 api.company-target.com — Cisco Umbrella Rank: 4111	945 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 64	16 KB
2	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 5741 tag-logger.demandbase.com — Cisco Umbrella Rank: 4940	22 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	212 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 809	99 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 533	296 B
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6801	155 KB
1	geoplugin.net ssl.geoplugin.net — Cisco Umbrella Rank: 45746	2 KB
56	9

	Domain	Requested by
45	www.airplus.com	1 redirects www.airplus.com
2	www.youtube.com	www.airplus.com www.youtube.com
2	www.googletagmanager.com	www.airplus.com
1	tag-logger.demandbase.com	tag.demandbase.com
1	api.company-target.com	tag.demandbase.com
1	id.rlcdn.com	www.airplus.com
1	s.company-target.com	tag.demandbase.com
1	geolocation.onetrust.com	www.airplus.com
1	tag.demandbase.com	www.airplus.com
1	js.hsforms.net	www.airplus.com
1	ssl.geoplugin.net	www.airplus.com
56	11

This site contains links to these domains. Also see Links.

Domain
comms.airplus.com
de.linkedin.com
twitter.com
www.facebook.com
www.youtube.com
open.spotify.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.airplus.com Thawte TLS RSA CA G1	`2023-11-06` - `2024-11-14`	a year	crt.sh
ssl.geoplugin.net Sectigo RSA Domain Validation Secure Server CA	`2024-04-16` - `2025-04-21`	a year	crt.sh
hsforms.net GTS CA 1P5	`2024-04-15` - `2024-07-14`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.company-target.com R3	`2024-04-17` - `2024-07-16`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
*.demandbase.com Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.airplus.com/de/de/
Frame ID: CA0BC564E6C78EB127DC8C5C5598C8A8
Requests: 56 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 88600E79625CD417A2D2D213C5105A18
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Smarte und einfache Lösungen für das Corporate Payment | AirPlus

Page URL History Show full URLs

http://www.airplus.com/ HTTP 307
https://www.airplus.com/ HTTP 301
https://www.airplus.com/technical/ Page URL
https://www.airplus.com/de/de/ Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Page Statistics

56
Requests

100 %
HTTPS

36 %
IPv6

9
Domains

11
Subdomains

12
IPs

4
Countries

2601 kB
Transfer

6636 kB
Size

15
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://comms.airplus.com/de/blog
Title: Blog

Search URL Search Domain Scan URL

URL: https://de.linkedin.com/company/airplus

Search URL Search Domain Scan URL

URL: https://twitter.com/AirPlus
Title: .st0{stroke:#e2eef5;stroke-miterlimit:10;} .st1{fill:#e2eef5;}

Search URL Search Domain Scan URL

URL: https://www.facebook.com/airplusinternational

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@AirPlusInternational

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/0EB7ZyJrU4g6vkDejlpxFS?si=c2cd53e1b3754680

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.airplus.com/ HTTP 307
https://www.airplus.com/ HTTP 301
https://www.airplus.com/technical/ Page URL
https://www.airplus.com/de/de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.airplus.com/ HTTP 307
https://www.airplus.com/ HTTP 301
https://www.airplus.com/technical/

56 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
www.airplus.com/technical/
Redirect Chain

http://www.airplus.com/
https://www.airplus.com/
https://www.airplus.com/technical/

4 KB
4 KB

43ms
43ms

Document
text/html

212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/technical/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

8ad6e8a8222d980a2fc7300d496cce22abd28b94747e75367e434ff739f62244

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 4001
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-type: text/html
date: Thu, 16 May 2024 09:43:05 GMT
etag: "664209f4-fa1"
expires: 0
last-modified: Mon, 13 May 2024 12:39:16 GMT
pragma: no-cache
referrer-policy: same-origin
server: Apache
strict-transport-security: max-age=16070400
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
x-xss-protection: 0

Redirect headers

cache-control: no-store
content-length: 0
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
date: Thu, 16 May 2024 09:43:05 GMT
location: /technical/
referrer-policy: same-origin
server: Apache
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK javascript.gp Show response
ssl.geoplugin.net/ 2 KB
2 KB 179ms
44ms Script
application/javascript 178.237.33.51
ATOM86-AS ATOM86

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.geoplugin.net/javascript.gp?k=089fa43c7aec4eb2
Requested by: Host: www.airplus.com
URL: https://www.airplus.com/technical/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.237.33.51 , Netherlands, ASN8455 (ATOM86-AS ATOM86, NL),
Reverse DNS
Software: Apache /
Resource Hash: 6156a869355ad15bc7de3d2ed139a02db8f08ff0a83266aed8b037fbe00561a9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 16 May 2024 09:43:05 GMT
cache-control: public, max-age=300
server: Apache
content-length: 1542
content-type: application/javascript; charset=utf-8

GET
H2 200 Primary Request / Show response
www.airplus.com/de/de/ 117 KB
29 KB 43ms
43ms Document
text/html 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/de/de/

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/technical/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

fe0f97bd19ec6856f81a801700c113502c918134d58765805549aaeaa5982f85

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.airplus.com/technical/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-type: text/html
date: Thu, 16 May 2024 09:43:05 GMT
etag: "664209c9-1d5d7-br"
expires: 0
last-modified: Mon, 13 May 2024 12:38:33 GMT
pragma: no-cache
referrer-policy: same-origin
server: Apache
strict-transport-security: max-age=16070400
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
x-xss-protection: 0

GET
H2 200 OtAutoBlock.js Show response
www.airplus.com/media/technical/onetrust/oneTrust_production/consent/93b54f95-3f49-4ba5-9f60-2c8ee7936680/ 141 KB
8 KB 82ms
80ms Script
application/javascript 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/media/technical/onetrust/oneTrust_production/consent/93b54f95-3f49-4ba5-9f60-2c8ee7936680/OtAutoBlock.js

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

996abf76babb23275266d02ce001c2b91e7cc1301084e97515a5067470523558

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:05 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-encoding: br
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Thu, 07 Mar 2024 10:30:46 GMT
server: Apache
etag: "65e99756-23267-br"
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 otSDKStub.js Show response
www.airplus.com/media/technical/onetrust/oneTrust_production/scripttemplates/ 21 KB
7 KB 82ms
81ms Script
application/javascript 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/media/technical/onetrust/oneTrust_production/scripttemplates/otSDKStub.js

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

d85e4dcb52ce714c7136eb95a32765325205a4aabdb51932bd9024c400be665d

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:05 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-encoding: br
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Thu, 07 Mar 2024 10:30:50 GMT
server: Apache
etag: "65e9975a-526c-br"
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 youtubeonetrust.js Show response
www.airplus.com/media/technical/js/ 849 B
436 B 47ms
45ms Script
application/javascript 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/media/technical/js/youtubeonetrust.js

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

e517f33a7f8e86c2c12ea4658892084461a4cf92814b683984b15616d203cc02

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:05 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-encoding: br
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 08 Apr 2024 11:58:43 GMT
server: Apache
etag: "6613dbf3-351-br"
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H3 200 v2.jss Show response
js.hsforms.net/forms/ 482 KB
155 KB 211ms
160ms Script
application/javascript 104.18.142.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.jss

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.142.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
age: 2284
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5064/bundles/project-v2.js&cfRay=884a6be43b881917-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"b0047a8901d8ed9f81db3dcb5982114e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5064/bundles/project-v2.js
date: Thu, 16 May 2024 09:43:05 GMT
x-amz-version-id: 4lHA5dnNobe4YqKec9CE2kPtPUzRSBNR
via: 1.1 66b6cd04ec22251498906e833eb08668.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 63340f4b-f37f-4139-bade-59b7bc89298c
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 63340f4b-f37f-4139-bade-59b7bc89298c
last-modified: Wed, 03 Apr 2024 11:15:05 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sr%2B6rR2gyeXlig18MOuH3NDhoSp0GVR2%2FwB4M1lgz39zM48GF00XbFTVnWcdCiT9%2BeQuEB2%2FghoC9WZMrF8y5c2JXSr0G1YZ%2BZZ1dVxwuR39MOY1UioP4plDzjzibXgA"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-sc4vs
cf-ray: 884a6be43b881917-FRA
x-amz-cf-id: P9OOWzy8GgmADLxNSkP-Bp1HmEiTFSlc2B-tGVsrukiCjnPBHs_yQw==

GET
H2 200 app_css.css
www.airplus.com/media/technical/css/ 604 KB
68 KB 46ms
45ms Stylesheet
text/css 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/media/technical/css/app_css.css

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

56794c1ffd0200971f20c28725e36ff48a79932e15efb573119617970af46273

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:05 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-encoding: br
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Fri, 26 Apr 2024 06:33:10 GMT
server: Apache
etag: "662b4aa6-971d3-br"
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: text/css
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 282 KB
95 KB 218ms
70ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PCQ5QDMH

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1fc3fc7c37de8a29e53c1573d45b2352f741759dbc62fa23ff75e11970cd6b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96470
x-xss-protection: 0
last-modified: Thu, 16 May 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 May 2024 09:43:06 GMT

GET
H2 200 001d290682560f36.min.js Show response
tag.demandbase.com/ 77 KB
22 KB 129ms
44ms Script
application/javascript 18.245.46.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/001d290682560f36.min.js

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-22.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b5af2a246758a7cfdddd8766b0f07b2cf2cadfbefede961653c13b71ac992ff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Euag_BWx1M_Mn4Gh92GphHuIYAiwf6xj
content-encoding: gzip
via: 1.1 77e414816706879c16a3707f261f0b5a.cloudfront.net (CloudFront)
date: Thu, 16 May 2024 09:02:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
age: 2500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 15 May 2024 21:42:01 GMT
server: AmazonS3
etag: W/"701fb4f1b7e62ad782d5b6cffb591eab"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: mEorgv-CoepV5TIC8EBlPZQ5dWWgaCpPuMCHjlX-6wqPiWVEItbirA==

GET
H2 200 corporate-payment-experts-airplus_contentimagetextbuttonteaser.jpg
www.airplus.com/media/media/images/on-page/ 66 KB
66 KB 76ms
76ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/on-page/corporate-payment-experts-airplus_contentimagetextbuttonteaser.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

314a89f037d72163b3ba5e52ea5474ae1801ecae5a8c90c8be04fd03284f52cb

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:05 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 67309
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 19 Feb 2024 13:26:00 GMT
server: Apache
etag: "65d356e8-106ed"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 careers-at-airplus_contentteasercards.jpg
www.airplus.com/media/media/images/headers/ 57 KB
57 KB 114ms
113ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/headers/careers-at-airplus_contentteasercards.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

22b1578539db66a0fdb9e8ad4d380f8dd0d56b3258630884d047be0612c49ead

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:05 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 58266
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Fri, 08 Mar 2024 11:54:49 GMT
server: Apache
etag: "65eafc89-e39a"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 airplus-partner-network_contentteasercards.jpg
www.airplus.com/media/media/images/headers/ 66 KB
66 KB 43ms
43ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/headers/airplus-partner-network_contentteasercards.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

4a344eb8835c20525c77c79ada58cba721666e73a1aa7e09284bcb647c4e55ff

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:05 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 67550
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Fri, 08 Mar 2024 11:54:49 GMT
server: Apache
etag: "65eafc89-107de"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 business-traveler-in-market_contentfactswithimages.jpg
www.airplus.com/media/media/images/on-page/ 18 KB
18 KB 49ms
47ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/on-page/business-traveler-in-market_contentfactswithimages.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

c919a414e4b1bd6a4f76262bb4d3e018067598ae2812c0d1c772d6caa3aaa3c2

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 18530
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Wed, 15 May 2024 15:16:00 GMT
server: Apache
etag: "6644d1b0-4862"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 airplus-sustainable-payment-solutions_contentfactswithimages.jpg
www.airplus.com/media/media/images/on-page/ 16 KB
16 KB 51ms
50ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/on-page/airplus-sustainable-payment-solutions_contentfactswithimages.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

a7f185c3d467f6558ca4abbad813bbcca81521b9190551a332a2bd70b649696a

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 16082
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Wed, 15 May 2024 15:16:00 GMT
server: Apache
etag: "6644d1b0-3ed2"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 smiling-corporate-payment-expert_contentfactswithimages.jpg
www.airplus.com/media/media/images/on-page/ 14 KB
14 KB 52ms
51ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/on-page/smiling-corporate-payment-expert_contentfactswithimages.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

d2da96b159ec044a3c7fe8ead633ba1d05b99119913b8ebc3a061f01b261e2c2

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 14734
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 19 Feb 2024 13:26:01 GMT
server: Apache
etag: "65d356e9-398e"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 procurement-office-card-airplus_contentfactswithimages.jpg
www.airplus.com/media/media/images/on-page/ 17 KB
17 KB 49ms
48ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/on-page/procurement-office-card-airplus_contentfactswithimages.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

d0dfda03a903b0c10d743a8cb589d2afb52f01dd45134f9519af73b23a0df31d

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 16979
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Wed, 15 May 2024 15:16:00 GMT
server: Apache
etag: "6644d1b0-4253"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 customer-contact-expert_contactsection.jpg
www.airplus.com/media/media/images/on-page/ 18 KB
18 KB 55ms
54ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/on-page/customer-contact-expert_contactsection.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

ec130df25f51f29dd005181a939fb0891c12991bcdb71f451aed0e8e4668b7f5

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 18601
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 19 Feb 2024 13:26:01 GMT
server: Apache
etag: "65d356e9-48a9"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 crisis-banner.js.js Show response
www.airplus.com/media/technical/js/ 1 KB
530 B 42ms
42ms Script
application/javascript 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/media/technical/js/crisis-banner.js.js

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

824e15c906e7d52c3c4c6b212cb7254a5a93496577a99b84c48e561e2269e8dc

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:05 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-encoding: br
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 08 Apr 2024 11:58:43 GMT
server: Apache
etag: "6613dbf3-4b9-br"
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 flaggen-new.css
www.airplus.com/media/technical/css/ 2 MB
471 KB 45ms
44ms Stylesheet
text/css 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/media/technical/css/flaggen-new.css

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

89faf5df28efa1eab1c38e35d17f6e9c528ee09971df10cc57d14dfc0b88d948

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:05 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-encoding: br
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Wed, 08 May 2024 13:42:45 GMT
server: Apache
etag: "663b8155-22364f-br"
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: text/css
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 app_js.js Show response
www.airplus.com/media/technical/js/ 208 KB
59 KB 42ms
42ms Script
application/javascript 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/media/technical/js/app_js.js

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

332c96e355df8715502f575a17eefe3023a2fdeb3841a4b75ab74f6fcac03a6d

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:05 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-encoding: br
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 15 Apr 2024 06:32:42 GMT
server: Apache
etag: "661cca0a-340fa-br"
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 93b54f95-3f49-4ba5-9f60-2c8ee7936680.json Show response
www.airplus.com/media/technical/onetrust/oneTrust_production/consent/93b54f95-3f49-4ba5-9f60-2c8ee7936680/ 4 KB
1 KB 71ms
71ms XHR
application/json 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/media/technical/onetrust/oneTrust_production/consent/93b54f95-3f49-4ba5-9f60-2c8ee7936680/93b54f95-3f49-4ba5-9f60-2c8ee7936680.json

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/onetrust/oneTrust_production/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

68b12d8c79d8a010eea28a6a18ed8dd5e32cacce048e21ab0e89e551ca377590

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:05 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-encoding: br
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Thu, 07 Mar 2024 10:30:46 GMT
server: Apache
etag: "65e99756-ef4-br"
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
296 B 165ms
80ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/onetrust/oneTrust_production/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 884a6be58ddc36de-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
www.airplus.com/media/technical/onetrust/oneTrust_production/scripttemplates/202402.1.0/ 430 KB
93 KB 53ms
52ms Script
application/javascript 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/media/technical/onetrust/oneTrust_production/scripttemplates/202402.1.0/otBannerSdk.js

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/onetrust/oneTrust_production/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

2e789e43937c7abc5959eba06825459f4e08e050ff9ea43ab8ec5a041a3e7558

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-encoding: br
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Thu, 29 Feb 2024 14:37:01 GMT
server: Apache
etag: "65e0968d-6b963-br"
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 careers-at-airplus_contentteasercards.jpg
www.airplus.com/media/media/images/headers/ 57 KB
57 KB 52ms
51ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/headers/careers-at-airplus_contentteasercards.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

22b1578539db66a0fdb9e8ad4d380f8dd0d56b3258630884d047be0612c49ead

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 58266
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Fri, 08 Mar 2024 11:54:49 GMT
server: Apache
etag: "65eafc89-e39a"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 airplus-partner-network_contentteasercards.jpg
www.airplus.com/media/media/images/headers/ 66 KB
66 KB 53ms
53ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/headers/airplus-partner-network_contentteasercards.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

4a344eb8835c20525c77c79ada58cba721666e73a1aa7e09284bcb647c4e55ff

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 67550
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Fri, 08 Mar 2024 11:54:49 GMT
server: Apache
etag: "65eafc89-107de"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 airplus-corporate-payment-solutions_mainstagedesktop.jpg
www.airplus.com/media/media/images/headers/ 173 KB
174 KB 45ms
45ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/headers/airplus-corporate-payment-solutions_mainstagedesktop.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

2b4103206d211f9c4a6ff0764e83e885aa101fe153ca116cd6f8101f62208240

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 177487
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 19 Feb 2024 13:26:00 GMT
server: Apache
etag: "65d356e8-2b54f"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 space-grotesk-medium-500-woff2.f33a53.woff2
www.airplus.com/media/technical/fonts/ 31 KB
31 KB 45ms
45ms Font
font/woff2 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/media/technical/fonts/space-grotesk-medium-500-woff2.f33a53.woff2

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/css/app_css.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

a89224a996fa84b1264afb697373b5c6efada356f984e49b03650f7e17aaad16

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/media/technical/css/app_css.css
Origin: https://www.airplus.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 31916
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 08 Apr 2024 11:58:43 GMT
server: Apache
etag: "6613dbf3-7cac"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: font/woff2
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 fa_light_300_d3271a.woff2
www.airplus.com/media/technical/fonts/ 180 KB
180 KB 44ms
44ms Font
font/woff2 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/media/technical/fonts/fa_light_300_d3271a.woff2

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/css/app_css.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

1ddc6ae069ea7aedb68a92d53a12933a5a326f28c714869b99f335377dcce217

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/media/technical/css/app_css.css
Origin: https://www.airplus.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 184204
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 08 Apr 2024 11:58:43 GMT
server: Apache
etag: "6613dbf3-2cf8c"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: font/woff2
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 space-grotesk-regular-400-woff2.0a711b.woff2
www.airplus.com/media/technical/fonts/ 31 KB
32 KB 47ms
47ms Font
font/woff2 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/media/technical/fonts/space-grotesk-regular-400-woff2.0a711b.woff2

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/css/app_css.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

7b27f2652f7963faa59937c1bfdcc42f777b8f09ac27ec06e6f800db09c239b6

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/media/technical/css/app_css.css
Origin: https://www.airplus.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 32216
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 08 Apr 2024 11:58:43 GMT
server: Apache
etag: "6613dbf3-7dd8"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: font/woff2
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 index.json Show response
www.airplus.com/technical/crisis-banner/ 91 KB
2 KB 46ms
44ms XHR
application/json 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/technical/crisis-banner/index.json

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/js/crisis-banner.js.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

5fd2a860064609b668c27276755cc598ab800d53600567dc39119f8689de9444

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-encoding: br
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 13 May 2024 12:39:16 GMT
server: Apache
etag: "664209f4-16af3-br"
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
DATA 200
OK truncated
/ 180 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4a6b520b4516b439e779494b3d836def3d5d82a6dd272e53edb47fa63fc208a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fa_brands_400_df5614.woff2
www.airplus.com/media/technical/fonts/ 75 KB
75 KB 46ms
46ms Font
font/woff2 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/media/technical/fonts/fa_brands_400_df5614.woff2

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/css/app_css.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

39c658ef377f9ec31442c5343a15bdfc4c4653bcca74bc7d6fe4b3e736a60aa4

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/media/technical/css/app_css.css
Origin: https://www.airplus.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 76728
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 08 Apr 2024 11:58:43 GMT
server: Apache
etag: "6613dbf3-12bb8"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: font/woff2
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 player_api Show response
www.youtube.com/ 993 B
2 KB 276ms
61ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/js/app_js.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aca3c908d9d8470bff8853cac25c829d799894a10ed9e81b8ed19b8023194f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 16 May 2024 09:43:06 GMT

GET
H2 200 corporate-payment-experts-airplus_contentimagetextbuttonteaser.jpg
www.airplus.com/media/media/images/on-page/ 66 KB
66 KB 90ms
90ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/on-page/corporate-payment-experts-airplus_contentimagetextbuttonteaser.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/js/app_js.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

314a89f037d72163b3ba5e52ea5474ae1801ecae5a8c90c8be04fd03284f52cb

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 67309
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 19 Feb 2024 13:26:00 GMT
server: Apache
etag: "65d356e8-106ed"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 careers-at-airplus_contentteasercards.jpg
www.airplus.com/media/media/images/headers/ 57 KB
57 KB 93ms
92ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/headers/careers-at-airplus_contentteasercards.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/js/app_js.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

22b1578539db66a0fdb9e8ad4d380f8dd0d56b3258630884d047be0612c49ead

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 58266
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Fri, 08 Mar 2024 11:54:49 GMT
server: Apache
etag: "65eafc89-e39a"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 airplus-partner-network_contentteasercards.jpg
www.airplus.com/media/media/images/headers/ 66 KB
66 KB 53ms
52ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/headers/airplus-partner-network_contentteasercards.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/js/app_js.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

4a344eb8835c20525c77c79ada58cba721666e73a1aa7e09284bcb647c4e55ff

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 67550
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Fri, 08 Mar 2024 11:54:49 GMT
server: Apache
etag: "65eafc89-107de"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 business-traveler-in-market_contentfactswithimages.jpg
www.airplus.com/media/media/images/on-page/ 18 KB
18 KB 93ms
92ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/on-page/business-traveler-in-market_contentfactswithimages.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/js/app_js.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

c919a414e4b1bd6a4f76262bb4d3e018067598ae2812c0d1c772d6caa3aaa3c2

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 18530
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Wed, 15 May 2024 15:16:00 GMT
server: Apache
etag: "6644d1b0-4862"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 airplus-sustainable-payment-solutions_contentfactswithimages.jpg
www.airplus.com/media/media/images/on-page/ 16 KB
16 KB 92ms
91ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/on-page/airplus-sustainable-payment-solutions_contentfactswithimages.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/js/app_js.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

a7f185c3d467f6558ca4abbad813bbcca81521b9190551a332a2bd70b649696a

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 16082
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Wed, 15 May 2024 15:16:00 GMT
server: Apache
etag: "6644d1b0-3ed2"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 smiling-corporate-payment-expert_contentfactswithimages.jpg
www.airplus.com/media/media/images/on-page/ 14 KB
14 KB 51ms
50ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/on-page/smiling-corporate-payment-expert_contentfactswithimages.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/js/app_js.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

d2da96b159ec044a3c7fe8ead633ba1d05b99119913b8ebc3a061f01b261e2c2

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 14734
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 19 Feb 2024 13:26:01 GMT
server: Apache
etag: "65d356e9-398e"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 procurement-office-card-airplus_contentfactswithimages.jpg
www.airplus.com/media/media/images/on-page/ 17 KB
17 KB 117ms
117ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/on-page/procurement-office-card-airplus_contentfactswithimages.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/js/app_js.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

d0dfda03a903b0c10d743a8cb589d2afb52f01dd45134f9519af73b23a0df31d

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 16979
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Wed, 15 May 2024 15:16:00 GMT
server: Apache
etag: "6644d1b0-4253"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 customer-contact-expert_contactsection.jpg
www.airplus.com/media/media/images/on-page/ 18 KB
18 KB 52ms
51ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/on-page/customer-contact-expert_contactsection.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/js/app_js.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

ec130df25f51f29dd005181a939fb0891c12991bcdb71f451aed0e8e4668b7f5

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 18601
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 19 Feb 2024 13:26:01 GMT
server: Apache
etag: "65d356e9-48a9"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 airplus-corporate-payment-solutions_mainstagedesktop.jpg
www.airplus.com/media/media/images/headers/ 173 KB
174 KB 53ms
52ms Image
image/jpeg 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/media/images/headers/airplus-corporate-payment-solutions_mainstagedesktop.jpg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/js/app_js.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

2b4103206d211f9c4a6ff0764e83e885aa101fe153ca116cd6f8101f62208240

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 177487
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 19 Feb 2024 13:26:00 GMT
server: Apache
etag: "65d356e8-2b54f"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/jpeg
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 de.json Show response
www.airplus.com/media/technical/onetrust/oneTrust_production/consent/93b54f95-3f49-4ba5-9f60-2c8ee7936680/3da06bb5-61a0-4e51-94db-267fbef928f7/ 69 KB
18 KB 95ms
94ms Fetch
application/json 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/media/technical/onetrust/oneTrust_production/consent/93b54f95-3f49-4ba5-9f60-2c8ee7936680/3da06bb5-61a0-4e51-94db-267fbef928f7/de.json

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/onetrust/oneTrust_production/scripttemplates/202402.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

4978b04983204e12458a71a5310f4f2406de7d2d473f1611b0fa93285c80b99c

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-encoding: br
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Thu, 07 Mar 2024 10:30:41 GMT
server: Apache
etag: "65e99751-11423-br"
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 sync
s.company-target.com/s/ Frame 8860 0
0 216ms
125ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/001d290682560f36.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Thu, 16 May 2024 09:43:06 GMT
via: 1.1 google

GET
H2 451 464526.gif
id.rlcdn.com/ 0
99 B 223ms
49ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: www.airplus.com
URL: https://www.airplus.com/de/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 ip.json Show response
api.company-target.com/api/v3/ 448 B
945 B 251ms
79ms XHR
application/json 18.66.102.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v3/ip.json?referrer=https%3A%2F%2Fwww.airplus.com%2Ftechnical%2F&page=https%3A%2F%2Fwww.airplus.com%2Fde%2Fde%2F&page_title=Smarte%20und%20einfache%20L%C3%B6sungen%20f%C3%BCr%20das%20Corporate%20Payment%20%7C%20AirPlus
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/001d290682560f36.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: a476ab002c6cf95b4e793996644830c662d6da222b921b28a70bf7b94012d4a2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
content-encoding: gzip
identification-source: CENTRAL
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
request-id: c697f519-d2a4-4c10-bfa6-6d93eaee200b
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.airplus.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: E4Ww0wDh3ZFshdf-kkbixKQ3927yRD_hHnRf8gobG50x0Dk6Z6vGCg==
expires: Wed, 15 May 2024 09:43:06 GMT

GET
H2 200 otCenterRounded.json Show response
www.airplus.com/media/technical/onetrust/oneTrust_production/scripttemplates/202402.1.0/assets/ 9 KB
3 KB 44ms
43ms Fetch
application/json 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/media/technical/onetrust/oneTrust_production/scripttemplates/202402.1.0/assets/otCenterRounded.json

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/onetrust/oneTrust_production/scripttemplates/202402.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-encoding: br
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Thu, 29 Feb 2024 14:37:01 GMT
server: Apache
etag: "65e0968d-25f9-br"
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 otPcPanel.json Show response
www.airplus.com/media/technical/onetrust/oneTrust_production/scripttemplates/202402.1.0/assets/v2/ 64 KB
13 KB 45ms
44ms Fetch
application/json 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/media/technical/onetrust/oneTrust_production/scripttemplates/202402.1.0/assets/v2/otPcPanel.json

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/onetrust/oneTrust_production/scripttemplates/202402.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

0ed759f9b0f407aa73df997bddf186c37a1927d2b0f8d2f7031067ecacf7581d

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-encoding: br
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Thu, 29 Feb 2024 14:37:01 GMT
server: Apache
etag: "65e0968d-10190-br"
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 otCommonStyles.css Show response
www.airplus.com/media/technical/onetrust/oneTrust_production/scripttemplates/202402.1.0/assets/ 21 KB
3 KB 47ms
47ms Fetch
text/css 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/media/technical/onetrust/oneTrust_production/scripttemplates/202402.1.0/assets/otCommonStyles.css

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/onetrust/oneTrust_production/scripttemplates/202402.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-encoding: br
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Thu, 29 Feb 2024 14:37:01 GMT
server: Apache
etag: "65e0968d-5512-br"
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: text/css
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 ot_guard_logo.svg Show response
www.airplus.com/media/technical/onetrust/oneTrust_production/consent/93b54f95-3f49-4ba5-9f60-2c8ee7936680/3da06bb5-61a0-4e51-94db-267fbef928f7/logos/static/ 497 B
403 B 43ms
42ms Fetch
image/svg+xml 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/media/technical/onetrust/oneTrust_production/consent/93b54f95-3f49-4ba5-9f60-2c8ee7936680/3da06bb5-61a0-4e51-94db-267fbef928f7/logos/static/ot_guard_logo.svg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/media/technical/onetrust/oneTrust_production/scripttemplates/202402.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-encoding: br
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Thu, 29 Feb 2024 14:36:55 GMT
server: Apache
etag: "65e09687-1f1-br"
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/svg+xml
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 eyJwYXRoIjoibHVmdGhhbnNhXC9maWxlXC9VakUyQnZDS1haQ05jUGRKTVpXQS5wbmcifQ_lufthansa_UARBg3VbxHCKeKfrV-yMYtTFreno763NTy_fRoAU2no.png
www.airplus.com/media/technical/onetrust/oneTrust_production/consent/93b54f95-3f49-4ba5-9f60-2c8ee7936680/3da06bb5-61a0-4e51-94db-267fbef928f7/logos/0d81c2a1-9b4e-4f82-9178-c7522a9bd318/73b219d7-99... 64 KB
64 KB 43ms
43ms Image
image/png 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/technical/onetrust/oneTrust_production/consent/93b54f95-3f49-4ba5-9f60-2c8ee7936680/3da06bb5-61a0-4e51-94db-267fbef928f7/logos/0d81c2a1-9b4e-4f82-9178-c7522a9bd318/73b219d7-99ba-48de-ae56-a160f9d69c40/4ea7710a-07fc-4a2e-be4c-b99313c236dd/eyJwYXRoIjoibHVmdGhhbnNhXC9maWxlXC9VakUyQnZDS1haQ05jUGRKTVpXQS5wbmcifQ_lufthansa_UARBg3VbxHCKeKfrV-yMYtTFreno763NTy_fRoAU2no.png

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

0003cc907bdbbb9a42c1043bab6e66e4de1f0be305b39d1b6398952b8362f77d

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 65361
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Thu, 29 Feb 2024 14:36:53 GMT
server: Apache
etag: "65e09685-ff51"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 powered_by_logo.svg
www.airplus.com/media/technical/onetrust/oneTrust_production/consent/93b54f95-3f49-4ba5-9f60-2c8ee7936680/3da06bb5-61a0-4e51-94db-267fbef928f7/logos/static/ 5 KB
2 KB 43ms
43ms Image
image/svg+xml 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airplus.com/media/technical/onetrust/oneTrust_production/consent/93b54f95-3f49-4ba5-9f60-2c8ee7936680/3da06bb5-61a0-4e51-94db-267fbef928f7/logos/static/powered_by_logo.svg

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-encoding: br
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Thu, 29 Feb 2024 14:36:56 GMT
server: Apache
etag: "65e09688-144a-br"
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/svg+xml
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/74a3a562/www-widgetapi.vflset/ 42 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/74a3a562/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3074d74b47a1fae140faeb7eadb8af0a6634f8262bf2436541d21243389d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 23:47:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13973
x-xss-protection: 0
last-modified: Tue, 14 May 2024 04:16:06 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 May 2025 23:47:46 GMT

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
417 B 513ms
416ms XHR
text/html 2600:9000:2724:5600:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=E4Ww0wDh3ZFshdf-kkbixKQ3927yRD_hHnRf8gobG50x0Dk6Z6vGCg==&api-version=v3
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/001d290682560f36.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:5600:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Thu, 16 May 2024 08:25:50 GMT
via: 1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
age: 4640
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: p_RCXh0o75ReeEo2F4bJOqOuhuuz4mnTV3-VNq3ZAio_NnIlsULD6Q==

GET
H2 200 favicon.ico
www.airplus.com/media/media/icons/ 15 KB
15 KB 44ms
43ms Other
image/x-icon 212.21.164.12
TWL-KOM-AS Donner...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airplus.com/media/media/icons/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.21.164.12 , Germany, ASN9022 (TWL-KOM-AS Donnersbergweg 4, DE),

Reverse DNS

www.airplus.com

Software

Apache /

Resource Hash

1439c6ce15c4546f6c2118f3ed7c01f9cb2720b0e2b51d2f5a38be522c11f968

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.airplus.com/de/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:06 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://*.youtube.com https://js.hsforms.net/forms/v2.jss https://*.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://*.g.doubleclick.net https://*.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
content-length: 15406
x-xss-protection: 0
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 08 Apr 2024 11:58:43 GMT
server: Apache
etag: "6613dbf3-3c2e"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: ALLOW-FROM https://connect.airplus.cards/
content-type: image/x-icon
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 360 KB
117 KB 73ms
73ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F58YBEXDYR

Requested by

Host: www.airplus.com
URL: https://www.airplus.com/de/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0159e8a53a1ce1dcd98f13815ed9219a79f25c44990a5268fed4f40b2e4e732c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:43:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 119585
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 May 2024 09:43:07 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.airplus.com/	1969-12-31 23:59:59	Name: AL_SESS-S Value: AdS1VP6HYZO!NyGTFs97sPpbN95mNKUbxN6yO19rQu!WfDJpecDXP2EhsEeka2bDfr6X
.hsforms.net/	1970-01-20 20:37:34	Name: __cf_bm Value: 8iKOrU3vWhr3fLzRKJI61IbVpqw37xVWyUTLboA2paM-1715852585-1.0.1.1-kDrZBKYE.eUt4VM4pY7.XEzGTa1Rlv562nfZaCf0Ix312XTjsBQdtTO94i6dqLFliUq7jQvXwZD9uYM.C4xemA
www.airplus.com/	1970-01-21 05:23:08	Name: airplus_selectedCountry Value: DE
www.airplus.com/	1970-01-21 05:23:08	Name: airplus_selectedLanguage Value: DE
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: xopzih1mvxQ
.youtube.com/	1970-01-21 00:56:44	Name: VISITOR_INFO1_LIVE Value: NGUEej-ZQWY
.youtube.com/	1970-01-21 00:56:44	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgQg%3D%3D
.airplus.com/	1970-01-21 05:23:08	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+May+16+2024+11%3A43%3A06+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202402.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=ff899ea8-84a6-4492-8207-dfe157d12caf&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.airplus.com%2Fde%2Fde%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CC0007%3A0
.company-target.com/	1970-01-21 06:13:32	Name: tuuid Value: 53a64420-3c95-4081-afaf-727fff4c807e
.company-target.com/	1970-01-21 06:13:32	Name: tuuid_lu Value: 1715852586\|ix:0\|mctv:0\|rp:0
.casalemedia.com/	1970-01-21 05:23:08	Name: CMID Value: ZkXVKrmqPMwAAHFDBecIlQAA
.casalemedia.com/	1970-01-20 22:47:08	Name: CMPS Value: 2173
.casalemedia.com/	1970-01-20 22:47:08	Name: CMPRO Value: 2173
.tremorhub.com/	1970-01-21 05:23:29	Name: tvid Value: a0ad6884a8ab4e40b8ee06d5d90f8635
.tremorhub.com/	1970-01-21 06:13:32	Name: tv_UIDM Value: 53a64420-3c95-4081-afaf-727fff4c807e

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.airplus.com/de/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://www.airplus.com/de/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.airplus.com/de/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.airplus.com/de/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.airplus.com/de/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.airplus.com/de/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.airplus.com/de/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.airplus.com/de/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.airplus.com/de/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.airplus.com/de/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.airplus.com/de/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.airplus.com/de/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.airplus.com/de/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src-elem 'self' https://connect.facebook.net https://www.googletagmanager.com https://googleads.g.doubleclick.net https://ssl.geoplugin.net https://.youtube.com https://js.hsforms.net/forms/v2.jss https://.hotjar.com https://snap.licdn.com https://tag.demandbase.com 'unsafe-inline'; frame-src 'self' https://www.youtube.com https://forms.hsforms.com https://td.doubleclick.net/ https://s.company-target.com/ 'unsafe-inline'; connect-src 'self' https://px.ads.linkedin.com/ https://.g.doubleclick.net https://.onetrust.com https://forms.hsforms.com https://*.analytics.google.com https://script.hotjar.com https://pagead2.googlesyndication.com https://www.google.com https://region1.google-analytics.com https://api.company-target.com https://tag-logger.demandbase.com 'unsafe-inline';
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://connect.airplus.cards/
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.company-target.com
geolocation.onetrust.com
id.rlcdn.com
js.hsforms.net
s.company-target.com
ssl.geoplugin.net
tag-logger.demandbase.com
tag.demandbase.com
www.airplus.com
www.googletagmanager.com
www.youtube.com
104.18.142.119
178.237.33.51
18.245.46.22
18.66.102.75
212.21.164.12
2600:9000:2724:5600:1d:8d6d:3b40:93a1
2606:4700:4400::6812:2089
2a00:1450:4001:80f::200e
2a00:1450:4001:82b::2008
34.96.71.22
35.244.174.68
0003cc907bdbbb9a42c1043bab6e66e4de1f0be305b39d1b6398952b8362f77d
0159e8a53a1ce1dcd98f13815ed9219a79f25c44990a5268fed4f40b2e4e732c
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
0ed759f9b0f407aa73df997bddf186c37a1927d2b0f8d2f7031067ecacf7581d
1439c6ce15c4546f6c2118f3ed7c01f9cb2720b0e2b51d2f5a38be522c11f968
1ddc6ae069ea7aedb68a92d53a12933a5a326f28c714869b99f335377dcce217
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
22b1578539db66a0fdb9e8ad4d380f8dd0d56b3258630884d047be0612c49ead
2b4103206d211f9c4a6ff0764e83e885aa101fe153ca116cd6f8101f62208240
2e789e43937c7abc5959eba06825459f4e08e050ff9ea43ab8ec5a041a3e7558
3074d74b47a1fae140faeb7eadb8af0a6634f8262bf2436541d21243389d022d
314a89f037d72163b3ba5e52ea5474ae1801ecae5a8c90c8be04fd03284f52cb
332c96e355df8715502f575a17eefe3023a2fdeb3841a4b75ab74f6fcac03a6d
39c658ef377f9ec31442c5343a15bdfc4c4653bcca74bc7d6fe4b3e736a60aa4
4978b04983204e12458a71a5310f4f2406de7d2d473f1611b0fa93285c80b99c
4a344eb8835c20525c77c79ada58cba721666e73a1aa7e09284bcb647c4e55ff
56794c1ffd0200971f20c28725e36ff48a79932e15efb573119617970af46273
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fd2a860064609b668c27276755cc598ab800d53600567dc39119f8689de9444
6156a869355ad15bc7de3d2ed139a02db8f08ff0a83266aed8b037fbe00561a9
68b12d8c79d8a010eea28a6a18ed8dd5e32cacce048e21ab0e89e551ca377590
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
7b27f2652f7963faa59937c1bfdcc42f777b8f09ac27ec06e6f800db09c239b6
824e15c906e7d52c3c4c6b212cb7254a5a93496577a99b84c48e561e2269e8dc
89faf5df28efa1eab1c38e35d17f6e9c528ee09971df10cc57d14dfc0b88d948
8ad6e8a8222d980a2fc7300d496cce22abd28b94747e75367e434ff739f62244
996abf76babb23275266d02ce001c2b91e7cc1301084e97515a5067470523558
a476ab002c6cf95b4e793996644830c662d6da222b921b28a70bf7b94012d4a2
a7f185c3d467f6558ca4abbad813bbcca81521b9190551a332a2bd70b649696a
a89224a996fa84b1264afb697373b5c6efada356f984e49b03650f7e17aaad16
aca3c908d9d8470bff8853cac25c829d799894a10ed9e81b8ed19b8023194f48
b1fc3fc7c37de8a29e53c1573d45b2352f741759dbc62fa23ff75e11970cd6b5
b4a6b520b4516b439e779494b3d836def3d5d82a6dd272e53edb47fa63fc208a
b5af2a246758a7cfdddd8766b0f07b2cf2cadfbefede961653c13b71ac992ff9
c919a414e4b1bd6a4f76262bb4d3e018067598ae2812c0d1c772d6caa3aaa3c2
d0dfda03a903b0c10d743a8cb589d2afb52f01dd45134f9519af73b23a0df31d
d2da96b159ec044a3c7fe8ead633ba1d05b99119913b8ebc3a061f01b261e2c2
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d85e4dcb52ce714c7136eb95a32765325205a4aabdb51932bd9024c400be665d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e517f33a7f8e86c2c12ea4658892084461a4cf92814b683984b15616d203cc02
ec130df25f51f29dd005181a939fb0891c12991bcdb71f451aed0e8e4668b7f5
f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2
fe0f97bd19ec6856f81a801700c113502c918134d58765805549aaeaa5982f85

www.airplus.com Open in urlscan Pro 212.21.164.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

100 %HTTPS

36 %IPv6

9 Domains

11 Subdomains

12 IPs

4 Countries

2601 kBTransfer

6636 kBSize

15 Cookies

7 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.airplus.com Open in urlscan Pro
212.21.164.12 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

100 %
HTTPS

36 %
IPv6

9
Domains

11
Subdomains

12
IPs

4
Countries

2601 kB
Transfer

6636 kB
Size

15
Cookies

56 HTTP transactions
1 data transactions