urlscan.io logo urlscan.io
SecurityTrails logo

app.airhelp.com Open in urlscan Pro
2606:4700:10::6814:2b57  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mandrillapp.com/track/click/30612327/app.airhelp.com?p=eyJzIjoiNENlLVY0cVZod1BYNWhsRjFPeE1sUUIwR0c0IiwidiI6MSwic...
Effective URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&u...
Submission: On October 09 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 5 countries across 23 domains to perform 73 HTTP transactions. The main IP is 2606:4700:10::6814:2b57, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is app.airhelp.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 17th 2018. Valid for: 2 years.
This is the only time app.airhelp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.213.164.114 16509 (AMAZON-02)
15 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.16.129.227 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 146.185.16.178 13213 (UK2NET-AS)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2600:1901:0:4... 15169 (GOOGLE)
2 204.79.197.200 8068 (MICROSOFT...)
2 91.201.28.211 203480 (QUALITYUNIT)
4 107.178.240.159 15169 (GOOGLE)
3 2a03:2880:f11... 32934 (FACEBOOK)
2 50.19.117.75 14618 (AMAZON-AES)
1 1 13.32.159.225 16509 (AMAZON-02)
2 13.32.158.2 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20b... 16509 (AMAZON-02)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 54.225.160.93 14618 (AMAZON-AES)
2 13.32.158.203 16509 (AMAZON-02)
1 5 2a00:1450:400... 15169 (GOOGLE)
2 172.217.18.2 15169 (GOOGLE)
1 52.218.104.33 16509 (AMAZON-02)
2 4 172.217.22.102 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
3 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.23.79.169 14618 (AMAZON-AES)
1 18.211.249.85 14618 (AMAZON-AES)
3 13.32.158.239 16509 (AMAZON-02)
2 2 173.194.76.156 15169 (GOOGLE)
73 30
1    52.213.164.114 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-213-164-114.eu-west-1.compute.amazonaws.com
mandrillapp.com
15    2606:4700:10::6814:2b57 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
app.airhelp.com
2    2a02:26f0:6c00:29e::17ef (European Union)

ASN20940 (AKAMAI-ASN1, US)
cdn.dynamicyield.com
1    2a00:1450:4001:81d::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    104.16.129.227 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
st.dynamicyield.com
1    2a00:1450:4001:81d::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    146.185.16.178 (United Kingdom)

ASN13213 (UK2NET-AS, GB)
PTR: 92b910b2.rdns.100tb.com
static.dynamicyield.com
3    2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    2600:1901:0:498c:: (United States)

ASN15169 (GOOGLE - Google LLC, US)
cdn.mxpnl.com
2    204.79.197.200 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: a-0001.a-msedge.net
bat.bing.com
2    91.201.28.211 (None, )

ASN203480 (QUALITYUNIT, SK)
airhelp.postaffiliatepro.com
4    107.178.240.159 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 159.240.178.107.bc.googleusercontent.com
api.mixpanel.com
3    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
2    50.19.117.75 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-50-19-117-75.compute-1.amazonaws.com
px.dynamicyield.com
1    13.32.159.225 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-159-225.fra56.r.cloudfront.net
widget.intercom.io
2    13.32.158.2 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-2.fra56.r.cloudfront.net
js.intercomcdn.com
5    2a00:1450:4001:81d::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2600:9000:20bb:2a00:12:e6:2780:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
js.hellomedian.com
3    2606:4700:20::6819:a165 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.artfut.com
2    54.225.160.93 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-225-160-93.compute-1.amazonaws.com
px.dynamicyield.com
2    13.32.158.203 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-203.fra56.r.cloudfront.net
api-iam.intercom.io
5    2a00:1450:4001:81d::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
ampcid.google.com
2    172.217.18.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s28-in-f2.1e100.net
www.googleadservices.com
1    52.218.104.33 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-3-w.amazonaws.com
airhelp-public.s3.amazonaws.com
4    172.217.22.102 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f102.1e100.net
8617657.fls.doubleclick.net
1    2606:4700:30::681c:1c2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
app-cache.hellomedian.com
1    2a00:1450:4001:806::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:81d::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
3    2a00:1450:4001:806::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    2a00:1450:4001:80b::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ampcid.google.de
1    52.23.79.169 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-23-79-169.compute-1.amazonaws.com
nexus-websocket-a.intercom.io
1    18.211.249.85 (Cambridge, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-211-249-85.compute-1.amazonaws.com
nexus-websocket-b.intercom.io
3    13.32.158.239 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-239.fra56.r.cloudfront.net
static.intercomassets.com
2    173.194.76.156 (Portage, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: ws-in-f156.1e100.net
stats.g.doubleclick.net
Domain Requested by
15 app.airhelp.com app.airhelp.com
5 fonts.gstatic.com static.dynamicyield.com
app.airhelp.com
4 8617657.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
4 px.dynamicyield.com static.dynamicyield.com
4 api.mixpanel.com cdn.mxpnl.com
3 static.intercomassets.com
3 www.google.de
3 www.google.com 3 redirects
3 www.artfut.com www.googletagmanager.com
www.artfut.com
3 www.facebook.com app.airhelp.com
3 connect.facebook.net app.airhelp.com
connect.facebook.net
2 stats.g.doubleclick.net 2 redirects
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 api-iam.intercom.io js.intercomcdn.com
2 js.intercomcdn.com js.intercomcdn.com
2 airhelp.postaffiliatepro.com www.googletagmanager.com
airhelp.postaffiliatepro.com
2 bat.bing.com www.googletagmanager.com
app.airhelp.com
2 cdn.dynamicyield.com app.airhelp.com
1 nexus-websocket-b.intercom.io js.intercomcdn.com
1 nexus-websocket-a.intercom.io js.intercomcdn.com
1 ampcid.google.de www.google-analytics.com
1 googleads.g.doubleclick.net 1 redirects
1 app-cache.hellomedian.com js.hellomedian.com
1 ampcid.google.com www.google-analytics.com
1 airhelp-public.s3.amazonaws.com app.airhelp.com
1 js.hellomedian.com app.airhelp.com
1 widget.intercom.io 1 redirects
1 cdn.mxpnl.com app.airhelp.com
1 static.dynamicyield.com st.dynamicyield.com
1 www.googletagmanager.com app.airhelp.com
1 st.dynamicyield.com app.airhelp.com
1 fonts.googleapis.com app.airhelp.com
1 mandrillapp.com 1 redirects
73 34

This site contains links to these domains. Also see Links.

Domain
www.airhelp.com
money.cnn.com
www.wired.com
Subject Issuer Validity Valid
www.airhelp.com
DigiCert SHA2 Extended Validation Server CA		 2018-08-17 -
2020-09-07		 2 years crt.sh
cdn.dynamicyield.com
DigiCert ECC Secure Server CA		 2018-04-29 -
2018-12-31		 8 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-09-18 -
2018-12-11		 3 months crt.sh
st.dynamicyield.com
COMODO RSA Domain Validation Secure Server CA		 2018-01-14 -
2019-01-14		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-09-18 -
2018-12-11		 3 months crt.sh
static.dynamicyield.com
COMODO RSA Domain Validation Secure Server CA		 2018-01-09 -
2019-01-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2017-12-15 -
2019-03-22		 a year crt.sh
*.mxpnl.com
RapidSSL RSA CA 2018		 2018-02-16 -
2019-08-30		 2 years crt.sh
www.bing.com
Microsoft IT TLS CA 5		 2017-07-20 -
2019-07-10		 2 years crt.sh
*.postaffiliatepro.com
RapidSSL RSA CA 2018		 2017-12-14 -
2019-09-28		 2 years crt.sh
*.mixpanel.com
RapidSSL RSA CA 2018		 2018-01-11 -
2020-05-01		 2 years crt.sh
*.dynamicyield.com
Amazon		 2017-11-07 -
2018-12-07		 a year crt.sh
*.intercomcdn.com
Amazon		 2018-05-25 -
2019-06-25		 a year crt.sh
*.google.com
Google Internet Authority G3		 2018-09-18 -
2018-12-11		 3 months crt.sh
js.hellomedian.com
Amazon		 2018-05-07 -
2019-06-07		 a year crt.sh
ssl374131.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-06-10 -
2018-12-17		 6 months crt.sh
*.intercom.io
DigiCert SHA2 Secure Server CA		 2016-12-19 -
2020-01-03		 3 years crt.sh
www.googleadservices.com
Google Internet Authority G3		 2018-09-18 -
2018-12-11		 3 months crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2017-09-22 -
2019-01-03		 a year crt.sh
*.doubleclick.net
Google Internet Authority G3		 2018-09-18 -
2018-12-11		 3 months crt.sh
sni24213.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-09-20 -
2019-03-29		 6 months crt.sh
www.google.de
Google Internet Authority G3		 2018-09-18 -
2018-12-11		 3 months crt.sh
intercomassets.com
Amazon		 2018-08-16 -
2019-09-16		 a year crt.sh

This page contains 5 frames:

Primary Page: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Frame ID: 4BC1429A07A88D779DCD75997BD0C697
Requests: 63 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame.76117021.js
Frame ID: 16CF7EBD434A45E5F5F5F64732A84288
Requests: 5 HTTP requests in this frame

Frame: https://8617657.fls.doubleclick.net/activityi;dc_pre=CM6oktnz-d0CFQYO4Aod-3UM7g;src=8617657;type=airhe002;cat=airhe0;ord=6640927784702;gtm=Ga1;auiddc=1101825796.1539106817;u1=(undefined);u2=(undefined);u3=(undefined);u4=(undefined);u5=undefined;u6=(undefined);u7=(undefined);u8=BOS;u9=WAW;u10=(undefined);u11=(undefined);u12=(undefined);u13=(undefined);u14=(undefined);u15=(undefined);u16=gaClientId;u17=(undefined);u18=(undefined);u19=(undefined);u20=(undefined);u21=(undefined);u22=(undefined);u23=(undefined);u24=(undefined);u25=(undefined);u26=(undefined);u27=(undefined);u28=(undefined);u29=(undefined);u30=(undefined);u31=false;~oref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail
Frame ID: F011CAE571DF0C5DD415BB152D0C5EA8
Requests: 1 HTTP requests in this frame

Frame: https://8617657.fls.doubleclick.net/activityi;dc_pre=CM6wktnz-d0CFU8q4AodH7QNSw;src=8617657;type=airhe00;cat=airhe0;ord=642137242594;gtm=Ga1;auiddc=1101825796.1539106817;u1=OtaLeadsOtaLeadIndex;u2=AirHelpOta;u3=(undefined);u4=(undefined);u5=undefined;u6=(undefined);u7=(undefined);u8=BOS;u9=WAW;u10=USD;u11=en;u12=ect_united_states;u13=(undefined);u14=(undefined);u15=(undefined);u16=gaClientId;u17=(undefined);u18=(undefined);u19=(undefined);u20=(undefined);u21=(undefined);u22=(undefined);u23=(undefined);u24=(undefined);u25=(undefined);u26=(undefined);u27=(undefined);u28=(undefined);u29=(undefined);u30=(undefined);u31=false;~oref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail
Frame ID: C982974BE1027542637ABEA31A40E321
Requests: 1 HTTP requests in this frame

Frame: https://static.intercomassets.com/avatars/2115215/square_128/18032999_205393973289951_1754885976831775034_n-1528325819.jpg?1528325819
Frame ID: 9A0B385C041D480DB463C390ED1CD330
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://mandrillapp.com/track/click/30612327/app.airhelp.com?p=eyJzIjoiNENlLVY0cVZod1BYNWhsRjFPeE1sU... HTTP 302
    https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&ut... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • env /^Ember$/i
Overall confidence: 100%
Detected patterns
  • env /^requirejs$/i
Overall confidence: 100%
Detected patterns
  • env /^Ember$/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^Intercom$/i
Overall confidence: 100%
Detected patterns
  • env /^Mixpanel$/i
Overall confidence: 100%
Detected patterns
  • env /^moment$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

73
Requests

99 %
HTTPS

47 %
IPv6

23
Domains

34
Subdomains

30
IPs

5
Countries

2288 kB
Transfer

9722 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mandrillapp.com/track/click/30612327/app.airhelp.com?p=eyJzIjoiNENlLVY0cVZod1BYNWhsRjFPeE1sUUIwR0c0IiwidiI6MSwicCI6IntcInVcIjozMDYxMjMyNyxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2FwcC5haXJoZWxwLmNvbVxcXC9vdGFcXFwvZWN0X3VuaXRlZF9zdGF0ZXNcXFwvMTQxYjM0OTExOGI3YTQ2ODM0NmIwYTUxN2E3YmZiODA_bGFuZz1lbiZhaGNpZD02NDQ0JnV0bV9jYW1wYWlnbj1lZ2VuY2lhJnV0bV9zb3VyY2U9b3RhJnV0bV9tZWRpdW09ZW1haWxcIixcImlkXCI6XCIxY2VkZWQ2Mzg4ZTU0YTUzOGJiNGQ0NTdhYTM2MDY5YlwiLFwidXJsX2lkc1wiOltcIjcyNzU5MWVlMzNlMTc3NDYxOTJlY2Y0ZGFiYjM0NTE4MTU2NmY2Y2VcIl19In0 HTTP 302
    https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://widget.intercom.io/widget/w501ykte HTTP 302
  • https://js.intercomcdn.com/shim.f4cfb0d2.js
Request Chain 54
  • https://8617657.fls.doubleclick.net/activityi;src=8617657;type=airhe002;cat=airhe0;ord=6640927784702;gtm=Ga1;auiddc=1101825796.1539106817;u1=(undefined);u2=(undefined);u3=(undefined);u4=(undefined);u5=undefined;u6=(undefined);u7=(undefined);u8=BOS;u9=WAW;u10=(undefined);u11=(undefined);u12=(undefined);u13=(undefined);u14=(undefined);u15=(undefined);u16=gaClientId;u17=(undefined);u18=(undefined);u19=(undefined);u20=(undefined);u21=(undefined);u22=(undefined);u23=(undefined);u24=(undefined);u25=(undefined);u26=(undefined);u27=(undefined);u28=(undefined);u29=(undefined);u30=(undefined);u31=false;~oref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail HTTP 302
  • https://8617657.fls.doubleclick.net/activityi;dc_pre=CM6oktnz-d0CFQYO4Aod-3UM7g;src=8617657;type=airhe002;cat=airhe0;ord=6640927784702;gtm=Ga1;auiddc=1101825796.1539106817;u1=(undefined);u2=(undefined);u3=(undefined);u4=(undefined);u5=undefined;u6=(undefined);u7=(undefined);u8=BOS;u9=WAW;u10=(undefined);u11=(undefined);u12=(undefined);u13=(undefined);u14=(undefined);u15=(undefined);u16=gaClientId;u17=(undefined);u18=(undefined);u19=(undefined);u20=(undefined);u21=(undefined);u22=(undefined);u23=(undefined);u24=(undefined);u25=(undefined);u26=(undefined);u27=(undefined);u28=(undefined);u29=(undefined);u30=(undefined);u31=false;~oref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail
Request Chain 55
  • https://8617657.fls.doubleclick.net/activityi;src=8617657;type=airhe00;cat=airhe0;ord=642137242594;gtm=Ga1;auiddc=1101825796.1539106817;u1=OtaLeadsOtaLeadIndex;u2=AirHelpOta;u3=(undefined);u4=(undefined);u5=undefined;u6=(undefined);u7=(undefined);u8=BOS;u9=WAW;u10=USD;u11=en;u12=ect_united_states;u13=(undefined);u14=(undefined);u15=(undefined);u16=gaClientId;u17=(undefined);u18=(undefined);u19=(undefined);u20=(undefined);u21=(undefined);u22=(undefined);u23=(undefined);u24=(undefined);u25=(undefined);u26=(undefined);u27=(undefined);u28=(undefined);u29=(undefined);u30=(undefined);u31=false;~oref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail HTTP 302
  • https://8617657.fls.doubleclick.net/activityi;dc_pre=CM6wktnz-d0CFU8q4AodH7QNSw;src=8617657;type=airhe00;cat=airhe0;ord=642137242594;gtm=Ga1;auiddc=1101825796.1539106817;u1=OtaLeadsOtaLeadIndex;u2=AirHelpOta;u3=(undefined);u4=(undefined);u5=undefined;u6=(undefined);u7=(undefined);u8=BOS;u9=WAW;u10=USD;u11=en;u12=ect_united_states;u13=(undefined);u14=(undefined);u15=(undefined);u16=gaClientId;u17=(undefined);u18=(undefined);u19=(undefined);u20=(undefined);u21=(undefined);u22=(undefined);u23=(undefined);u24=(undefined);u25=(undefined);u26=(undefined);u27=(undefined);u28=(undefined);u29=(undefined);u30=(undefined);u31=false;~oref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail
Request Chain 60
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/978131069/?random=828382173&cv=9&fst=*&num=1&value=0&label=wFa9CLCY4oQBEP2wtNID&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=Ga1&sendb=1&frm=0&url=https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail&tiba=Egencia%20and%20AirHelp%20-%20Get%20the%20compensation%20you%20deserve&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Aei8W7_xLZWwbL6pq4gP&sscte=1&crd=CKrPGw&gtd= HTTP 302
  • https://www.google.com/ads/conversion/978131069/?random=828382173&cv=9&fst=*&num=1&value=0&label=wFa9CLCY4oQBEP2wtNID&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=Ga1&sendb=1&frm=0&url=https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail&tiba=Egencia%20and%20AirHelp%20-%20Get%20the%20compensation%20you%20deserve&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKrPGw&gtd=&cdct=2&is_vtc=1&ocp_id=Aei8W7_xLZWwbL6pq4gP&random=1851656900&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/ads/conversion/978131069/?random=828382173&cv=9&fst=*&num=1&value=0&label=wFa9CLCY4oQBEP2wtNID&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=Ga1&sendb=1&frm=0&url=https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail&tiba=Egencia%20and%20AirHelp%20-%20Get%20the%20compensation%20you%20deserve&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKrPGw&gtd=&cdct=2&is_vtc=1&ocp_id=Aei8W7_xLZWwbL6pq4gP&random=1851656900&resp=GooglemKTybQhCsO&ipr=y&ulfeg=n
Request Chain 67
  • https://www.google-analytics.com/r/collect?v=1&_v=j70&aip=1&a=934109662&t=event&ni=0&cu=USD&_s=1&dl=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail&dr=(undefined)&dp=(undefined)&ul=en-us&de=UTF-8&dt=(undefined)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Product&ea=ProductSelected&el=AirHelpOta&_u=aHBAAEALAAQC~&jid=45904705&gjid=544219818&cid=1151219027.1539106818&tid=UA-37442388-12&_gid=465159592.1539106818&_r=1&gtm=Ga1KRBL8PV&cd1=(undefined)&cd2=(undefined)&cd3=(undefined)&cd4=(undefined)&cd6=(undefined)&cd7=(undefined)&cd8=BOS&cd9=WAW&cd10=(undefined)&cd11=(undefined)&cd12=(undefined)&cd13=(undefined)&cd14=(undefined)&cd15=(undefined)&cd16=1151219027.1539106818&cd17=(undefined)&cd18=(undefined)&cd19=(undefined)&cd20=(undefined)&cd21=(undefined)&cd22=(undefined)&cd23=(undefined)&cd24=(undefined)&cd25=(undefined)&cd26=(undefined)&cd27=(undefined)&cd28=(undefined)&cd29=(undefined)&cd30=(undefined)&cd31=0&pa=add&pr1nm=AirHelpOta&pr1va=Lufthansa&pr1qt=1&z=1451949264 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37442388-12&cid=1151219027.1539106818&jid=45904705&_gid=465159592.1539106818&gjid=544219818&_v=j70&z=1451949264 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37442388-12&cid=1151219027.1539106818&jid=45904705&_v=j70&z=1451949264 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37442388-12&cid=1151219027.1539106818&jid=45904705&_v=j70&z=1451949264&slf_rd=1&random=3868085732
Request Chain 69
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j70&tid=UA-37442388-12&cid=1151219027.1539106818&jid=1902162135&gjid=1400486966&_gid=465159592.1539106818&_u=aHDAgEALAAQC~&z=980103280 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37442388-12&cid=1151219027.1539106818&jid=1902162135&_v=j70&z=980103280 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37442388-12&cid=1151219027.1539106818&jid=1902162135&_v=j70&z=980103280&slf_rd=1&random=882801531

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 141b349118b7a468346b0a517a7bfb80
app.airhelp.com/ota/ect_united_states/
Redirect Chain
  • https://mandrillapp.com/track/click/30612327/app.airhelp.com?p=eyJzIjoiNENlLVY0cVZod1BYNWhsRjFPeE1sUUIwR0c0IiwidiI6MSwicCI6IntcInVcIjozMDYxMjMyNyxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2FwcC5haX...
  • https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2b57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb449b607a9a40ce9a3cc6522a3cd4d14712efd272f480eb28811a0b738143e2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:method
GET
:authority
app.airhelp.com
:scheme
https
:path
/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Tue, 09 Oct 2018 17:40:15 GMT
content-type
text/html
set-cookie
__cfduid=d6144480544dfa36b5011c7484bc1923f1539106815; expires=Wed, 09-Oct-19 17:40:15 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
access-control-allow-origin
https://www.airhelp.com
last-modified
Tue, 09 Oct 2018 14:15:13 GMT
vary
Accept-Encoding
x-amz-version-id
kFe30Cth4ntVQ3cYs3hjYBAiJJToF8cJ
x-lb
mainlb1-production
strict-transport-security
max-age=15552000; includeSubDomains; preload
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4672a19e4e27c2dd-FRA
content-encoding
gzip

Redirect headers

Server
nginx/1.12.2
Date
Tue, 09 Oct 2018 17:40:15 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Set-Cookie
PHPSESSID=f0c60b24b55b8193c2712707d6cff495; expires=Wed, 10-Oct-2018 03:40:15 GMT; path=/; secure; HttpOnly PHPSESSID=f0c60b24b55b8193c2712707d6cff495; expires=Wed, 10-Oct-2018 03:40:15 GMT; path=/; secure; httponly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Location
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Content-Encoding
gzip
Vary
Accept-Encoding
vendor-e94b61c8a72c098aaf97ea1fbbaf1e0e.css
app.airhelp.com/assets/ 		152 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.airhelp.com/assets/vendor-e94b61c8a72c098aaf97ea1fbbaf1e0e.css
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2b57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09ebf15210a4de90dd6b5770174844cfab16f239bf36ecb71d26169d2d4ec0f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/assets/vendor-e94b61c8a72c098aaf97ea1fbbaf1e0e.css
pragma
no-cache
cookie
__cfduid=d6144480544dfa36b5011c7484bc1923f1539106815
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
app.airhelp.com
referer
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
:scheme
https
:method
GET
Referer
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 17:40:15 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
x-amz-version-id
yJ168e4GGaJ6IVZo7OCuJeR9ycvKvp71
last-modified
Tue, 09 Oct 2018 14:15:12 GMT
server
cloudflare
etag
W/"e94b61c8a72c098aaf97ea1fbbaf1e0e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
expires
Wed, 10 Oct 2018 17:40:15 GMT
cache-control
public, max-age=86400
cf-ray
4672a19f39e4c2dd-FRA
x-lb
mainlb2-production
frontend-1bfe0581c78f92f2c549d673c40d1fd7.css
app.airhelp.com/assets/ 		326 KB
79 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.airhelp.com/assets/frontend-1bfe0581c78f92f2c549d673c40d1fd7.css
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2b57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
deec59c1597be5f8ddb36b7d4bc547c61be52b388d34d616e607ae36b0570f45
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/assets/frontend-1bfe0581c78f92f2c549d673c40d1fd7.css
pragma
no-cache
cookie
__cfduid=d6144480544dfa36b5011c7484bc1923f1539106815
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
app.airhelp.com
referer
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
:scheme
https
:method
GET
Referer
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 17:40:15 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
x-amz-version-id
5BeuL2Um6i6PVdaXANscNMiG04L6csxX
last-modified
Tue, 09 Oct 2018 14:15:12 GMT
server
cloudflare
etag
W/"43dc76171f5c1b7158e8771214136cc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
expires
Wed, 10 Oct 2018 17:40:15 GMT
cache-control
public, max-age=86400
cf-ray
4672a19f39e5c2dd-FRA
x-lb
mainlb2-production
api_dynamic.js
cdn.dynamicyield.com/api/8768110/ 		120 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/api/8768110/api_dynamic.js
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:29e::17ef , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3db877b29913571bbeaa267d33b8b9142fd520c5f8bfd7bf5bb891acfb90ed6

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Oct 2018 17:40:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Oct 2018 12:50:27 GMT
Server
AmazonS3
ETag
"30640e582cf2b3f83ea8513c0bfa763b"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19759
Expires
Tue, 09 Oct 2018 17:45:15 GMT
api_static.js
cdn.dynamicyield.com/api/8768110/ 		235 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/api/8768110/api_static.js
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:29e::17ef , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f11329594c3c90d1b1449f45b23a959cc9adb56831e706c06da5e1e02dcdaf56

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Oct 2018 17:40:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Oct 2018 12:50:27 GMT
Server
AmazonS3
ETag
"6adf157122c87e7346fc7910c8ca5b75"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
67324
Expires
Tue, 09 Oct 2018 18:40:15 GMT
css
fonts.googleapis.com/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700|Roboto:400,900italic,900,700italic,700,500italic,500,400italic,300italic,300&subset=latin-ext
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
7e89b7211018aade011bd3f80e6967931aee0d4283d330d17277a870be85cf09
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Tue, 09 Oct 2018 17:40:15 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 09 Oct 2018 17:40:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Tue, 09 Oct 2018 17:40:15 GMT
vendor-958bd41dbea29b3fb08785f555ac6496.js
app.airhelp.com/assets/ 		3 MB
724 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.airhelp.com/assets/vendor-958bd41dbea29b3fb08785f555ac6496.js
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2b57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b43eab84a84d6f0a660d4a8c9defa0d5572d8de7cde379fa8c1a84dc1e781ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/assets/vendor-958bd41dbea29b3fb08785f555ac6496.js
pragma
no-cache
cookie
__cfduid=d6144480544dfa36b5011c7484bc1923f1539106815
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
app.airhelp.com
referer
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
:scheme
https
:method
GET
Referer
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 17:40:15 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
cf-polished
origSize=5537486
cf-ray
4672a19f39e7c2dd-FRA
status
200
cf-bgj
minify
last-modified
Tue, 09 Oct 2018 14:15:12 GMT
server
cloudflare
etag
W/"958bd41dbea29b3fb08785f555ac6496"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
FBdaeVoZRMvDITc1KEbcYJOyXCuxazt3
expires
Wed, 10 Oct 2018 17:40:15 GMT
cache-control
public, max-age=86400
content-type
application/javascript
x-lb
mainlb1-production
frontend-176ac528d9bdaad711efb503dac0bf0a.js
app.airhelp.com/assets/ 		2 MB
246 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.airhelp.com/assets/frontend-176ac528d9bdaad711efb503dac0bf0a.js
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2b57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d857a43df2e3eb7e718d15f7e6b5de0dec98b187c172fd359dc2234d175846ff
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/assets/frontend-176ac528d9bdaad711efb503dac0bf0a.js
pragma
no-cache
cookie
__cfduid=d6144480544dfa36b5011c7484bc1923f1539106815
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
app.airhelp.com
referer
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
:scheme
https
:method
GET
Referer
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 17:40:15 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
cf-polished
origSize=2182589
cf-ray
4672a19f39e8c2dd-FRA
status
200
cf-bgj
minify
last-modified
Tue, 09 Oct 2018 14:15:12 GMT
server
cloudflare
etag
W/"31b8e47e22e9d88cdcaa4430a1cb6cd5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
9BZ2AS74imYYoiYia5pN4urvN33DWXvE
expires
Wed, 10 Oct 2018 17:40:15 GMT
cache-control
public, max-age=86400
content-type
application/javascript
x-lb
mainlb1-production
st
st.dynamicyield.com/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.dynamicyield.com/st?sec=8768110&inHead=true&id=0&ref=&sr=1600x1200&altip=
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.129.227 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1b669ca0cccb7892eded8bd9a2d133cde66746d677ef03e9da5a40a11fbfc04

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 17:40:16 GMT
content-encoding
gzip
content-type
text/javascript; charset=utf-8
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun
7a044b47f9 39.24 0.010038 0030 57da
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
status
200
cache-control
no-cache
cf-ray
4672a1a0ca7dc2b5-FRA
expires
Tue, 09 Oct 2018 17:40:15 GMT
gtm.js
www.googletagmanager.com/ 		174 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KRBL8PV
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81d::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
0f3ef6b92053ddb2cb19d037db53c89c548de2ab624ccc6297dd3115061ea888
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 17:40:16 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
41229
x-xss-protection
1; mode=block
expires
Tue, 09 Oct 2018 17:40:16 GMT
feature_toggles
app.airhelp.com/api/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.airhelp.com/api/feature_toggles
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/assets/vendor-958bd41dbea29b3fb08785f555ac6496.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2b57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
111334674826930af885519d2db109076838cdb4fd208e59543a0cc3fd3a5be2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:path
/api/feature_toggles
pragma
no-cache
cookie
__cfduid=d6144480544dfa36b5011c7484bc1923f1539106815; _dy_csc_ses=t; _dy_ses_load_seq=13921%3A1539106816057; _dyexps=280967%7C3164131%3A%3A0%3A1539106816068%3A13921%3A13921%3A2%3A3%3A0%7C8556064%3A4561798%7C1%7C13921%3A1539106816069; _dy_c_exps=; _dy_soct=186634.271439.1539106816; sixpack_forced_alternatives={}; user_language=en
accept-encoding
gzip, deflate
x-csrf-token
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
app.airhelp.com
x-requested-with
XMLHttpRequest
:scheme
https
referer
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
X-CSRF-Token
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-Requested-With
XMLHttpRequest
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 09 Oct 2018 17:40:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-csrf-token
+unNsCVWm4LA1iD2oglpH2zqXe3RWKYLp8LNLcn42mBMTyofWWOs2aM5jFT5QDX3dz0uoKl/oIOdCaiC9U6+lQ==
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self'; child-src 'self' a3.cloud.net js.stripe.com static.olark.com vars.hotjar.com www.youtube.com; connect-src 'self' 1621922865.log.optimizely.com adm.dynamicyield.com api.mixpanel.com bam.nr-data.net insights.hotjar.com nrpc.olark.com olark.com optimizely.com px.dynamicyield.com; font-src 'self' cdn.dynamicyield.com fonts.googleapis.com fonts.gstatic.com; img-src 'self' a3.cloud.net cdn.optimizely.com googleusercontent.com graph.facebook.com log.olark.com scontent.xx.fbcdn.net static.g.doubleclick.net static.olark.com stats.g.doubleclick.net t.co www.facebook.com www.google-analytics.com www.google.com www.google.pl www.salesmanago.pl maps.google.com *.gstatic.com maps.googleapis.com *.googleusercontent.com; media-src 'self' static.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' a3.cloud.net airhelp.postaffiliatepro.com analytics.twitter.com api.olark.com assets.olark.com bam.nr-data.net cdn.dynamicyield.com cdn.mxpnl.com cdn.optimizely.com cdnjs.cloudflare.com connect.facebook.net js-agent.newrelic.com js.stripe.com maps.google.com maps.googleapis.com nrpc.olark.com scanner-stats-gate-production.airhelp.com scanner-stats-gate-staging.airhelp.com script.hotjar.com sixpack-staging.ahinternal.net sixpack.ahinternal.net st.dynamicyield.com static.ads-twitter.com static.dynamicyield.com static.hotjar.com static.olark.com www.google-analytics.com www.googletagmanager.com www.salesmanago.pl; style-src 'self' 'unsafe-inline' cdn.dynamicyield.com fonts.googleapis.com static.olark.com; report-uri https://csp-reports.airhelp.com/report
status
200
x-whom
webapp2-production
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-xss-protection
1; mode=block
x-request-id
60468188-3ab6-4580-8259-8ce6dd2794f4
x-runtime
0.024058
last-modified
Tue, 02 Oct 2018 10:50:54 GMT
server
cloudflare
x-frame-options
sameorigin
etag
W/"4a472c6e08056bf551b1b40de6a471e0"
x-download-options
noopen
vary
Origin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.airhelp.com
cache-control
max-age=60, public, must-revalidate
set-cookie
user_currency=EUR; domain=airhelp.com; path=/; expires=Wed, 09 Oct 2019 17:40:16 -0000; secure user_country_code=DE; domain=airhelp.com; path=/; expires=Wed, 09 Oct 2019 17:40:16 -0000; secure _ah-webapp_session=MnN6cDEvaTRRRmhDNkdHL0hacDJuVVRyK1VmK1ZMUW83blErS0cyVFByOXFyUEc4R3prbUUxQmdBbTE3RklwR0VsSmRrS2dxUkw4UUZubk9wcFlIRFhFZXF6L2hGTkQyam43aFNDdTlpT05xVmVlY0g1MkdFdnhka2xoc2hrT1RUcWw1bFZjekJ3dm9GR2c5Q1FqLzNYN203eWpGSGNhU1BVY2lrZDdPRTNkam81OENtLzNXN1kvZ3pZWW5vbUNJLS1ENmlwWEZQd0FkVFR5VkwxcTU1ejNRPT0%3D--548e245f8046c91fa395cecb9de3d00c765198f5; path=/; secure; HttpOnly
cf-ray
4672a1a4ac22c2dd-FRA
x-lb
mainlb1-production
en
app.airhelp.com/api/translations/ 		325 KB
80 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.airhelp.com/api/translations/en
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/assets/vendor-958bd41dbea29b3fb08785f555ac6496.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2b57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a16c329009eb11316f55ec995d8c6e3e8b64d5512f937722afa8d3bb45aca268
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:path
/api/translations/en
pragma
no-cache
cookie
__cfduid=d6144480544dfa36b5011c7484bc1923f1539106815; _dy_csc_ses=t; _dy_ses_load_seq=13921%3A1539106816057; _dyexps=280967%7C3164131%3A%3A0%3A1539106816068%3A13921%3A13921%3A2%3A3%3A0%7C8556064%3A4561798%7C1%7C13921%3A1539106816069; _dy_c_exps=; _dy_soct=186634.271439.1539106816; sixpack_forced_alternatives={}; user_language=en
accept-encoding
gzip, deflate
x-csrf-token
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
app.airhelp.com
x-requested-with
XMLHttpRequest
:scheme
https
referer
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
X-CSRF-Token
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-Requested-With
XMLHttpRequest
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 09 Oct 2018 17:40:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-csrf-token
Z9x34i6yu4lDfMYei4Bd0qoP7IycoCfk6KzRtP131ecqN/gKniqyGjZBN79cdlcyHruI9DWZVO8eQ+v8qkv9Ng==
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self'; child-src 'self' a3.cloud.net js.stripe.com static.olark.com vars.hotjar.com www.youtube.com; connect-src 'self' 1621922865.log.optimizely.com adm.dynamicyield.com api.mixpanel.com bam.nr-data.net insights.hotjar.com nrpc.olark.com olark.com optimizely.com px.dynamicyield.com; font-src 'self' cdn.dynamicyield.com fonts.googleapis.com fonts.gstatic.com; img-src 'self' a3.cloud.net cdn.optimizely.com googleusercontent.com graph.facebook.com log.olark.com scontent.xx.fbcdn.net static.g.doubleclick.net static.olark.com stats.g.doubleclick.net t.co www.facebook.com www.google-analytics.com www.google.com www.google.pl www.salesmanago.pl maps.google.com *.gstatic.com maps.googleapis.com *.googleusercontent.com; media-src 'self' static.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' a3.cloud.net airhelp.postaffiliatepro.com analytics.twitter.com api.olark.com assets.olark.com bam.nr-data.net cdn.dynamicyield.com cdn.mxpnl.com cdn.optimizely.com cdnjs.cloudflare.com connect.facebook.net js-agent.newrelic.com js.stripe.com maps.google.com maps.googleapis.com nrpc.olark.com scanner-stats-gate-production.airhelp.com scanner-stats-gate-staging.airhelp.com script.hotjar.com sixpack-staging.ahinternal.net sixpack.ahinternal.net st.dynamicyield.com static.ads-twitter.com static.dynamicyield.com static.hotjar.com static.olark.com www.google-analytics.com www.googletagmanager.com www.salesmanago.pl; style-src 'self' 'unsafe-inline' cdn.dynamicyield.com fonts.googleapis.com static.olark.com; report-uri https://csp-reports.airhelp.com/report
status
200
x-whom
webapp3-production
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-xss-protection
1; mode=block
x-request-id
ca22b78b-efda-4ba5-9c79-33513b6c9986
x-runtime
0.043596
server
cloudflare
x-frame-options
sameorigin
etag
W/"6db61ca9529431f5a4286ed87f16e184"
x-download-options
noopen
vary
Origin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.airhelp.com
cache-control
max-age=0, private, must-revalidate
set-cookie
user_currency=EUR; domain=airhelp.com; path=/; expires=Wed, 09 Oct 2019 17:40:16 -0000; secure user_country_code=DE; domain=airhelp.com; path=/; expires=Wed, 09 Oct 2019 17:40:16 -0000; secure _ah-webapp_session=ZXdKRDdqSHFWUkJ5ZXJRd2ozV05oWVlVRGp0dStYSVFYUzNaWGovQUpNZFVpU1hhWEl1WG5FTGZYODBqck8yM3JzUVdKYW9vaUU3cWgzVStqSlo2TWpIdXRHb2JzazdmUHFWby9BSkJWQ3dwclFudWVpeS90dTNSTjc0WUhxUXZYdUEycGRuUW9VLzNUOHNUdDgwNnhiQ1pGS3N3TlpYeUhnbEJWQXFIKzkyWTcyZ01wWFZUMmw3bXVyUFZ6clNvLS1SSnFPZWl1eDRKQTZETUZEd0tsMW1RPT0%3D--87f44898704266745adb203a5bd9f77912596f44; path=/; secure; HttpOnly
cf-ray
4672a1a4bc30c2dd-FRA
x-lb
mainlb1-production
exchange_rates
app.airhelp.com/api/ 		89 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.airhelp.com/api/exchange_rates
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/assets/vendor-958bd41dbea29b3fb08785f555ac6496.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2b57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
60c03e32273edf9bba01eb7b9bbea248a13ab775bed5909eb4125b2d86800b54
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:path
/api/exchange_rates
pragma
no-cache
cookie
__cfduid=d6144480544dfa36b5011c7484bc1923f1539106815; _dy_csc_ses=t; _dy_ses_load_seq=13921%3A1539106816057; _dyexps=280967%7C3164131%3A%3A0%3A1539106816068%3A13921%3A13921%3A2%3A3%3A0%7C8556064%3A4561798%7C1%7C13921%3A1539106816069; _dy_c_exps=; _dy_soct=186634.271439.1539106816; sixpack_forced_alternatives={}; user_language=en
accept-encoding
gzip, deflate
x-csrf-token
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
app.airhelp.com
x-requested-with
XMLHttpRequest
:scheme
https
referer
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
X-CSRF-Token
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-Requested-With
XMLHttpRequest
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 09 Oct 2018 17:40:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-csrf-token
LUgwP973P6UnyOvV4RwDZe7sPL81v0ckizEPWhQI69AKdYtC1xI5YCVNxKF2l/UvqS0U3q/3OXLrstjUr/0gXQ==
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self'; child-src 'self' a3.cloud.net js.stripe.com static.olark.com vars.hotjar.com www.youtube.com; connect-src 'self' 1621922865.log.optimizely.com adm.dynamicyield.com api.mixpanel.com bam.nr-data.net insights.hotjar.com nrpc.olark.com olark.com optimizely.com px.dynamicyield.com; font-src 'self' cdn.dynamicyield.com fonts.googleapis.com fonts.gstatic.com; img-src 'self' a3.cloud.net cdn.optimizely.com googleusercontent.com graph.facebook.com log.olark.com scontent.xx.fbcdn.net static.g.doubleclick.net static.olark.com stats.g.doubleclick.net t.co www.facebook.com www.google-analytics.com www.google.com www.google.pl www.salesmanago.pl maps.google.com *.gstatic.com maps.googleapis.com *.googleusercontent.com; media-src 'self' static.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' a3.cloud.net airhelp.postaffiliatepro.com analytics.twitter.com api.olark.com assets.olark.com bam.nr-data.net cdn.dynamicyield.com cdn.mxpnl.com cdn.optimizely.com cdnjs.cloudflare.com connect.facebook.net js-agent.newrelic.com js.stripe.com maps.google.com maps.googleapis.com nrpc.olark.com scanner-stats-gate-production.airhelp.com scanner-stats-gate-staging.airhelp.com script.hotjar.com sixpack-staging.ahinternal.net sixpack.ahinternal.net st.dynamicyield.com static.ads-twitter.com static.dynamicyield.com static.hotjar.com static.olark.com www.google-analytics.com www.googletagmanager.com www.salesmanago.pl; style-src 'self' 'unsafe-inline' cdn.dynamicyield.com fonts.googleapis.com static.olark.com; report-uri https://csp-reports.airhelp.com/report
status
200
x-whom
webapp1-production
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-xss-protection
1; mode=block
x-request-id
30c2d143-39e7-4cde-a0da-4d574c7a4111
x-runtime
0.006978
server
cloudflare
x-frame-options
sameorigin
etag
W/"765090ad585128ab805fea2daa68db85"
x-download-options
noopen
vary
Origin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.airhelp.com
cache-control
max-age=0, private, must-revalidate
set-cookie
user_currency=EUR; domain=airhelp.com; path=/; expires=Wed, 09 Oct 2019 17:40:16 -0000; secure user_country_code=DE; domain=airhelp.com; path=/; expires=Wed, 09 Oct 2019 17:40:16 -0000; secure _ah-webapp_session=ZTZFQUVYNjNKcmtvaUd3aFR4dVdUdVcxZDUrdFNnSG5nYS9tK0hySWVNYVlaNmhwcDNreUEwNUlEVVZNZ2dJbnZFa0Y2aE5kZGZpazZmN3VZM3dWaExyZ0V1ajA2VUdud3RkcDlqTEduMDdneWZScXYvTWcrMFB5QWNUMHhkaWpjRGZzQ2dHSGEydVBaUFc0Ui8wMkxyaW85TnNyZ0pxa0tXUGZmZE9aUGhXOWVFRllLYzNINDZLaTlxZzBMaDJCLS1sbTJHWG9COEMwdDVyYWtMYU9YTUNnPT0%3D--d93792ecab04e6e8db7ef59da2f513fb9d587ab4; path=/; secure; HttpOnly
cf-ray
4672a1a4bc3bc2dd-FRA
x-lb
mainlb1-production
dy-coll-min.js
static.dynamicyield.com/scripts/12324/ 		268 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dynamicyield.com/scripts/12324/dy-coll-min.js
Requested by
Host: st.dynamicyield.com
URL: https://st.dynamicyield.com/st?sec=8768110&inHead=true&id=0&ref=&sr=1600x1200&altip=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.16.178 , United Kingdom, ASN13213 (UK2NET-AS, GB),
Reverse DNS
92b910b2.rdns.100tb.com
Software
nginx/1.8.0 /
Resource Hash
707398c0103715eacb8f96fbfee41eb74c93a4f73b9fbcc252a634e2c5c6ab3a

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Oct 2018 17:40:16 GMT
Content-Encoding
gzip
Last-Modified
Sun, 02 Sep 2018 09:12:29 GMT
Server
nginx/1.8.0
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
85748
Expires
Thu, 31 Dec 2037 23:55:55 GMT
fbevents.js
connect.facebook.net/en_US/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
5e4fb5563218c9d2c6548a50764e052853fe611f3bd3e9e6b353c079a16b618f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
14117
x-xss-protection
0
pragma
private
x-fb-debug
UPFX1NQ2sbaMomdJLglLV7r5JCI24T0lGOBv07gYPBCWPjk5yq2yX3YJh0ZeQEwP6OONPx4mZMIETUF21Ba2mg==
x-frame-options
DENY
date
Tue, 09 Oct 2018 17:40:16 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		60 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1901:0:498c:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c0c6e82507425739c1f74eb0885245239fb353b2167000a11367515b72dfc434

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 17:31:30 GMT
content-encoding
gzip
age
526
x-guploader-uploadid
AEnB2UrEvQb5UwjPDxjmjRxukjt91RHHOXdXUOaytzx3B9iEHrks2IHvZJ2K3NRDQBRt3DW0OL_QgqABpq-xv0KlMSxpw43WZQ
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
20918
last-modified
Fri, 01 Jun 2018 21:17:23 GMT
server
UploadServer
etag
"630a7765ef2f0246a4380df524c0604f"
vary
Accept-Encoding
x-goog-hash
crc32c=onCe4Q==, md5=Ywp3Ze8vAkakOA31JMBgTw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1527887843258118
cache-control
public,max-age=600
x-goog-stored-content-length
20918
accept-ranges
bytes
content-type
application/octet-stream
expires
Tue, 09 Oct 2018 17:41:30 GMT
bat.js
bat.bing.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRBL8PV
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.79.197.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
3a9b1aaf047d7ab5119bb338a86bee9788c4e79392d4abb12408d62bec6e86fb

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 17:40:16 GMT
content-encoding
gzip
last-modified
Thu, 26 Jul 2018 13:15:21 GMT
x-msedge-ref
Ref A: CF3E926C96B54E58AD3E3DD7B0AC4E57 Ref B: FRAEDGE0716 Ref C: 2018-10-09T17:40:16Z
status
200
etag
"80ba7eb4e224d41:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7020
9ulljm
airhelp.postaffiliatepro.com/scripts/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://airhelp.postaffiliatepro.com/scripts/9ulljm
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRBL8PV
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.201.28.211 -, , ASN203480 (QUALITYUNIT, SK),
Reverse DNS
Software
nginx /
Resource Hash
aba35c62180347311f6cb364288e634bad37156c6823b0926a02ec6f1926ba57

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 17:40:16 GMT
content-encoding
gzip
x-srv
1
age
119
status
200
content-length
7272
last-modified
Mon, 17 Sep 2018 12:53:24 GMT
server
nginx
etag
W/"7da8-57610a89d7900"
vary
Accept-Encoding
x-varnish
504070856 503716953
via
1.1 varnish (1.lb-app.pap.ws-eu)
cache-control
max-age=120
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 09 Oct 2018 17:40:17 GMT
/
api.mixpanel.com/decide/ 		65 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=bed105cde3994ce06dd6e34dd9bdd0f1&ip=1&_=1539106816840
Requested by
Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.240.159 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
159.240.178.107.bc.googleusercontent.com
Software
gunicorn/19.3.0 /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com

Response headers

date
Tue, 09 Oct 2018 17:40:16 GMT
via
1.1 google
server
gunicorn/19.3.0
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://app.airhelp.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
alt-svc
clear
/
api.mixpanel.com/track/ 		1 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiTWFjIE9TIFgiLCIkYnJvd3NlciI6ICJDaHJvbWUiLCIkY3VycmVudF91cmwiOiAiaHR0cHM6Ly9hcHAuYWlyaGVscC5jb20vb3RhL2VjdF91bml0ZWRfc3RhdGVzLzE0MWIzNDkxMThiN2E0NjgzNDZiMGE1MTdhN2JmYjgwP2xhbmc9ZW4mYWhjaWQ9NjQ0NCZ1dG1fY2FtcGFpZ249ZWdlbmNpYSZ1dG1fc291cmNlPW90YSZ1dG1fbWVkaXVtPWVtYWlsIiwiJGJyb3dzZXJfdmVyc2lvbiI6IDY3LCIkc2NyZWVuX2hlaWdodCI6IDEyMDAsIiRzY3JlZW5fd2lkdGgiOiAxNjAwLCJtcF9saWIiOiAid2ViIiwiJGxpYl92ZXJzaW9uIjogIjIuMjIuNCIsImRpc3RpbmN0X2lkIjogIjE2NjU5ZWE0MzQ0YWMzLTA0NGNjMjIwZmVhOGFiLTE3MzY2OTUyLTFkNGMwMC0xNjY1OWVhNDM0NjE5NDQiLCJVVE0gQ2FtcGFpZ24gW0xhc3QgVG91Y2hdIjogImVnZW5jaWEiLCJVVE0gU291cmNlIFtMYXN0IFRvdWNoXSI6ICJvdGEiLCJVVE0gTWVkaXVtIFtMYXN0IFRvdWNoXSI6ICJlbWFpbCIsInV0bV9zb3VyY2UiOiAib3RhIiwidXRtX21lZGl1bSI6ICJlbWFpbCIsInV0bV9jYW1wYWlnbiI6ICJlZ2VuY2lhIiwiJGluaXRpYWxfcmVmZXJyZXIiOiAiJGRpcmVjdCIsIiRpbml0aWFsX3JlZmVycmluZ19kb21haW4iOiAiJGRpcmVjdCIsIm1wX3BhZ2UiOiAiaHR0cHM6Ly9hcHAuYWlyaGVscC5jb20vb3RhL2VjdF91bml0ZWRfc3RhdGVzLzE0MWIzNDkxMThiN2E0NjgzNDZiMGE1MTdhN2JmYjgwP2xhbmc9ZW4mYWhjaWQ9NjQ0NCZ1dG1fY2FtcGFpZ249ZWdlbmNpYSZ1dG1fc291cmNlPW90YSZ1dG1fbWVkaXVtPWVtYWlsIiwibXBfYnJvd3NlciI6ICJDaHJvbWUiLCJtcF9wbGF0Zm9ybSI6ICJNYWMgT1MgWCIsInRva2VuIjogImJlZDEwNWNkZTM5OTRjZTA2ZGQ2ZTM0ZGQ5YmRkMGYxIn19&ip=1&_=1539106816842
Requested by
Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.240.159 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
159.240.178.107.bc.googleusercontent.com
Software
envoy /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com

Response headers

date
Tue, 09 Oct 2018 17:40:16 GMT
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://app.airhelp.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
clear
content-length
1
identity.js
connect.facebook.net/signals/plugins/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.8.30
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
028be97ba58ed74c2260f1af19ff8af1dcfffecf6b5b206379589b8eaaf1df6d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
7404
x-xss-protection
0
pragma
public
x-fb-debug
gLgcGXmKkk3XuubCnKMt0c627dnJTqrlymUoVGbjPhyHqauaeNELpj+ri4fiC3MEi6VrATVqPFjDigHduRSamw==
x-frame-options
DENY
date
Tue, 09 Oct 2018 17:40:16 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
307133519633829
connect.facebook.net/signals/config/ 		88 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/307133519633829?v=2.8.30&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
ab03376128a704f67a2832583b037a25ac8462f3d4faf62b4e9da2a2faad4a7e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
17780
x-xss-protection
0
pragma
public
x-fb-debug
oRs4OGcbP6oOpndd/e4ouXa/fYNcwhN0EjQ9/l0KgOwdoPuE7JYCvsa4edOrTEImUyEOGK5IiPzZY6+V7l1H8A==
x-frame-options
DENY
date
Tue, 09 Oct 2018 17:40:16 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=307133519633829&ev=PageView&dl=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail&rl=&if=false&ts=1539106816872&sw=1600&sh=1200&ud[ge]=91ab5bbca993306358db9f3236e5019cb224a01daf8d94cda6b47ddb2c83487a&ud[ct]=91ab5bbca993306358db9f3236e5019cb224a01daf8d94cda6b47ddb2c83487a&ud[zp]=91ab5bbca993306358db9f3236e5019cb224a01daf8d94cda6b47ddb2c83487a&v=2.8.30&r=stable&ec=0&o=60&it=1539106816851&coo=false
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 17:40:16 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 09 Oct 2018 17:40:16 GMT
0
bat.bing.com/action/ 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5949493&Ver=2&mid=80d644c5-d1ca-11b3-3f45-8324430453be&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=AirHelp&p=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail&r=&lt=1114&evt=pageLoad&msclkid=N&rn=613945
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.79.197.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Tue, 09 Oct 2018 17:40:16 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 7AEF6589817D4898945A4979A5D70878 Ref B: FRAEDGE0716 Ref C: 2018-10-09T17:40:16Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
9ullrm
airhelp.postaffiliatepro.com/scripts/ 		66 B
338 B 		Script
General
Check archive.org
Download Go to
Full URL
https://airhelp.postaffiliatepro.com/scripts/9ullrm?accountId=default1&url=S_app.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80&referrer=&getParams=%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail&anchor=&isInIframe=false&cookies=
Requested by
Host: airhelp.postaffiliatepro.com
URL: https://airhelp.postaffiliatepro.com/scripts/9ulljm
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.201.28.211 -, , ASN203480 (QUALITYUNIT, SK),
Reverse DNS
Software
nginx /
Resource Hash
e5093541cdfae1d35425494ef4b717b0a6bdf417091b5a1c615f974fa84e72ca

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Tue, 09 Oct 2018 17:40:16 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
nginx
content-type
application/octet-stream, application/x-javascript
content-length
66
expires
Mon, 26 Jul 1997 05:00:00 GMT
me
app.airhelp.com/api/users/ 		0
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.airhelp.com/api/users/me
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/assets/vendor-958bd41dbea29b3fb08785f555ac6496.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2b57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:path
/api/users/me
pragma
no-cache
cookie
__cfduid=d6144480544dfa36b5011c7484bc1923f1539106815; _dy_csc_ses=t; _dy_ses_load_seq=13921%3A1539106816057; _dyexps=280967%7C3164131%3A%3A0%3A1539106816068%3A13921%3A13921%3A2%3A3%3A0%7C8556064%3A4561798%7C1%7C13921%3A1539106816069; _dy_c_exps=; _dy_soct=186634.271439.1539106816; sixpack_forced_alternatives={}; user_language=en; _dycnst=dg; user_currency=EUR; user_country_code=DE; mp_bed105cde3994ce06dd6e34dd9bdd0f1_mixpanel=%7B%22distinct_id%22%3A%20%2216659ea4344ac3-044cc220fea8ab-17366952-1d4c00-16659ea43461944%22%2C%22UTM%20Campaign%20%5BLast%20Touch%5D%22%3A%20%22egencia%22%2C%22UTM%20Source%20%5BLast%20Touch%5D%22%3A%20%22ota%22%2C%22UTM%20Medium%20%5BLast%20Touch%5D%22%3A%20%22email%22%2C%22utm_source%22%3A%20%22ota%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22egencia%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _ah-webapp_session=ZTZFQUVYNjNKcmtvaUd3aFR4dVdUdVcxZDUrdFNnSG5nYS9tK0hySWVNYVlaNmhwcDNreUEwNUlEVVZNZ2dJbnZFa0Y2aE5kZGZpazZmN3VZM3dWaExyZ0V1ajA2VUdud3RkcDlqTEduMDdneWZScXYvTWcrMFB5QWNUMHhkaWpjRGZzQ2dHSGEydVBaUFc0Ui8wMkxyaW85TnNyZ0pxa0tXUGZmZE9aUGhXOWVFRllLYzNINDZLaTlxZzBMaDJCLS1sbTJHWG9COEMwdDVyYWtMYU9YTUNnPT0%3D--d93792ecab04e6e8db7ef59da2f513fb9d587ab4; PAPVisitorId=Edy8Je2hfs4h8pGVfqi43JSrlgQwXK95
accept-encoding
gzip, deflate
x-csrf-token
LUgwP973P6UnyOvV4RwDZe7sPL81v0ckizEPWhQI69AKdYtC1xI5YCVNxKF2l/UvqS0U3q/3OXLrstjUr/0gXQ==
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
app.airhelp.com
x-requested-with
XMLHttpRequest
:scheme
https
referer
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
X-CSRF-Token
LUgwP973P6UnyOvV4RwDZe7sPL81v0ckizEPWhQI69AKdYtC1xI5YCVNxKF2l/UvqS0U3q/3OXLrstjUr/0gXQ==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 09 Oct 2018 17:40:17 GMT
x-content-type-options
nosniff
x-csrf-token
FYh8SmIFNoYTldpO30vPL7gD9mnu+SjN5hrNWa0KnY8ytcc3a+AwQxEQ9TpIwDll/8LeCHSxVpuGmRrXFv9WAg==
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self'; child-src 'self' a3.cloud.net js.stripe.com static.olark.com vars.hotjar.com www.youtube.com; connect-src 'self' 1621922865.log.optimizely.com adm.dynamicyield.com api.mixpanel.com bam.nr-data.net insights.hotjar.com nrpc.olark.com olark.com optimizely.com px.dynamicyield.com; font-src 'self' cdn.dynamicyield.com fonts.googleapis.com fonts.gstatic.com; img-src 'self' a3.cloud.net cdn.optimizely.com googleusercontent.com graph.facebook.com log.olark.com scontent.xx.fbcdn.net static.g.doubleclick.net static.olark.com stats.g.doubleclick.net t.co www.facebook.com www.google-analytics.com www.google.com www.google.pl www.salesmanago.pl maps.google.com *.gstatic.com maps.googleapis.com *.googleusercontent.com; media-src 'self' static.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' a3.cloud.net airhelp.postaffiliatepro.com analytics.twitter.com api.olark.com assets.olark.com bam.nr-data.net cdn.dynamicyield.com cdn.mxpnl.com cdn.optimizely.com cdnjs.cloudflare.com connect.facebook.net js-agent.newrelic.com js.stripe.com maps.google.com maps.googleapis.com nrpc.olark.com scanner-stats-gate-production.airhelp.com scanner-stats-gate-staging.airhelp.com script.hotjar.com sixpack-staging.ahinternal.net sixpack.ahinternal.net st.dynamicyield.com static.ads-twitter.com static.dynamicyield.com static.hotjar.com static.olark.com www.google-analytics.com www.googletagmanager.com www.salesmanago.pl; style-src 'self' 'unsafe-inline' cdn.dynamicyield.com fonts.googleapis.com static.olark.com; report-uri https://csp-reports.airhelp.com/report
status
401
x-whom
webapp3-production
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
0
x-xss-protection
1; mode=block
x-request-id
1b9bd22a-8eb0-4027-b4a0-db189d860f92
x-runtime
0.004702
server
cloudflare
x-frame-options
sameorigin
x-download-options
noopen
vary
Origin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
cache-control
no-cache, no-store
set-cookie
user_units_system=metric; domain=airhelp.com; path=/; expires=Wed, 09 Oct 2019 17:40:17 -0000; secure _ah-webapp_session=NU4wNDd1TWJHeGwyOE1WU3Q1aHh2ZTkzTlR5dnB2OUFITDZpK042aXUwbm5GUG4zVFNBNUxoc1NmSHlaN2lmenhyM2Iwb2I1NDhQWG5VZWRob2Q0YlNsVlMzbmdVNE1iaXlqNUpnOXZXQU5hMjdlcUZ6MzhtdDZzNjU2Tytlc2pmOW1UZHd1OHBTZzR0UU9SMHpraWlBVGticWJQdUpReVQyNGFwRjJFWUV5WFUzUTRZSFh4VktWNzlKcU1McDB5LS1waEF3UU1TcnNSdEhZVlF2bFF1OW93PT0%3D--e4dc7af4caa5a99a07ead43f2f94153f2e6ef2e7; path=/; secure; HttpOnly
cf-ray
4672a1a61897c2dd-FRA
x-lb
mainlb1-production
uia
px.dynamicyield.com/ 		4 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.dynamicyield.com/uia?cnst=1
Requested by
Host: static.dynamicyield.com
URL: https://static.dynamicyield.com/scripts/12324/dy-coll-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.117.75 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-50-19-117-75.compute-1.amazonaws.com
Software
nginx /
Resource Hash
545c38b0922de19734fbffde62792c37c2aef6a3216cfa472449173165220f7d

Request headers

Accept
*/*
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 09 Oct 2018 17:40:17 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
24
Expires
Tue, 09 Oct 2018 17:40:16 GMT
shim.f4cfb0d2.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/w501ykte
  • https://js.intercomcdn.com/shim.f4cfb0d2.js
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.f4cfb0d2.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.2 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-2.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cadeb33bc50ce36962f013041583aede99cc669bc115977956144e0a1843ddb

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 16:28:17 GMT
content-encoding
gzip
last-modified
Tue, 09 Oct 2018 16:28:16 GMT
server
AmazonS3
age
4321
etag
"5e6194bf8b9c7fff7bb94ccc66fd74a5"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=604800, s-maxage=7200, public
accept-ranges
bytes
content-length
1151
via
1.1 9740f884e58cfb465c19a8a2b144f34f.cloudfront.net (CloudFront)
x-amz-cf-id
7hor008PB4YaUbeboECbpBQkfD92UKH6MP5gOC0ph_PjF5dSwnoLzQ==

Redirect headers

date
Tue, 09 Oct 2018 17:36:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252
x-cache
Hit from cloudfront
status
302, 302 Found
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
00cb786dmv0g0rp8fvk0
x-runtime
0.005647
location
https://js.intercomcdn.com/shim.f4cfb0d2.js
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31557600; includeSubDomains; preload
content-type
text/html; charset=utf-8
via
1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
x-intercom-version
85d623192f370e3321c25655eea45720b417ea79
cache-control
no-cache
x-amz-cf-id
hho9PIh9gwZ6xCr83BTicOP29pwA9tdmSmCQ9ceYcPtj9v_u6lYeEA==
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: static.dynamicyield.com
URL: https://static.dynamicyield.com/scripts/12324/dy-coll-min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700|Roboto:400,900italic,900,700italic,700,500italic,500,400italic,300italic,300&subset=latin-ext
Origin
https://app.airhelp.com

Response headers

date
Tue, 02 Oct 2018 10:29:21 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
630656
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10748
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 10:29:21 GMT
mdn-screenshare.js
js.hellomedian.com/v1/ 		192 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hellomedian.com/v1/mdn-screenshare.js
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:2a00:12:e6:2780:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce80c7d729c02545b84c67cfaa88bba9d79b5c8d09ccdf2c65ddf0da9559f03

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Oct 2018 20:34:57 GMT
content-encoding
gzip
last-modified
Thu, 04 Oct 2018 20:34:53 GMT
server
AmazonS3
age
75916
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
OM_eiD.rAvQek52CNF3GpD4siPteeOfG
status
200
content-type
application/javascript
x-amz-cf-id
V2NtzLn3yWg6gE3zXLT7zZEHSVCr8l8GG7j_UeTq-F0Nm8WsX9s4Qg==
via
1.1 fc3a4fa8a6bf80fc624a0bc082bb5b4e.cloudfront.net (CloudFront)
tagtag.min.js
www.artfut.com/static/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/tagtag.min.js?campaign_code=51efc44b1b
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRBL8PV
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::6819:a165 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
edfc75726cf71265dd903eeb0f37bd74534194e42a0e6db6894beb6987023454
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Tue, 09 Oct 2018 17:40:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 09 Oct 2018 05:28:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5bbc3c8f-cb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1200, public
cf-ray
4672a1a6edfac2bf-FRA
expires
Tue, 09 Oct 2018 17:59:57 GMT
141b349118b7a468346b0a517a7bfb80
app.airhelp.com/api/ota_leads/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.airhelp.com/api/ota_leads/141b349118b7a468346b0a517a7bfb80
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/assets/vendor-958bd41dbea29b3fb08785f555ac6496.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2b57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
edca9ab3fa37e6a910c31753b2eeef29237f7282fd84eeb14d120608dd8c7834
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:path
/api/ota_leads/141b349118b7a468346b0a517a7bfb80
pragma
no-cache
cookie
__cfduid=d6144480544dfa36b5011c7484bc1923f1539106815; _dy_csc_ses=t; _dy_ses_load_seq=13921%3A1539106816057; _dyexps=280967%7C3164131%3A%3A0%3A1539106816068%3A13921%3A13921%3A2%3A3%3A0%7C8556064%3A4561798%7C1%7C13921%3A1539106816069; _dy_c_exps=; _dy_soct=186634.271439.1539106816; sixpack_forced_alternatives={}; user_language=en; _dycnst=dg; user_currency=EUR; user_country_code=DE; mp_bed105cde3994ce06dd6e34dd9bdd0f1_mixpanel=%7B%22distinct_id%22%3A%20%2216659ea4344ac3-044cc220fea8ab-17366952-1d4c00-16659ea43461944%22%2C%22UTM%20Campaign%20%5BLast%20Touch%5D%22%3A%20%22egencia%22%2C%22UTM%20Source%20%5BLast%20Touch%5D%22%3A%20%22ota%22%2C%22UTM%20Medium%20%5BLast%20Touch%5D%22%3A%20%22email%22%2C%22utm_source%22%3A%20%22ota%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22egencia%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; PAPVisitorId=Edy8Je2hfs4h8pGVfqi43JSrlgQwXK95; _dyid=-1950058229090424832; _dyfs=true; _dyjsession=f5d451392c1c4e25789ba937ebe89a75; _dyuss_8768110=1; _dycst=dk.m.c.ws.frv1.frs.; _dy_geo=DE.EU.DE_05.DE_05_Hofheim; _dy_df_geo=Germany..Hofheim; _dy_weather_8768110=%5B%5D; _dy_cweather_8768110=null; _dy_device=%7B%22brand%22%3A%22Apple%22%2C%22type%22%3A%22desktop%22%7D; _dy_tsrc=Direct; _dyus_8768110=0%7C0%7C0%7C0%7C0%7C0.0.1539106817006.1539106817006.0.0%7C281%7C41%7C9%7C118%7C1%7C0%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C0; _dy_toffset=-1; _dyprdobj=; _dyprd=; user_units_system=metric; _ah-webapp_session=NU4wNDd1TWJHeGwyOE1WU3Q1aHh2ZTkzTlR5dnB2OUFITDZpK042aXUwbm5GUG4zVFNBNUxoc1NmSHlaN2lmenhyM2Iwb2I1NDhQWG5VZWRob2Q0YlNsVlMzbmdVNE1iaXlqNUpnOXZXQU5hMjdlcUZ6MzhtdDZzNjU2Tytlc2pmOW1UZHd1OHBTZzR0UU9SMHpraWlBVGticWJQdUpReVQyNGFwRjJFWUV5WFUzUTRZSFh4VktWNzlKcU1McDB5LS1waEF3UU1TcnNSdEhZVlF2bFF1OW93PT0%3D--e4dc7af4caa5a99a07ead43f2f94153f2e6ef2e7
accept-encoding
gzip, deflate
x-csrf-token
Z9x34i6yu4lDfMYei4Bd0qoP7IycoCfk6KzRtP131ecqN/gKniqyGjZBN79cdlcyHruI9DWZVO8eQ+v8qkv9Ng==
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
app.airhelp.com
x-requested-with
XMLHttpRequest
:scheme
https
referer
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
X-CSRF-Token
Z9x34i6yu4lDfMYei4Bd0qoP7IycoCfk6KzRtP131ecqN/gKniqyGjZBN79cdlcyHruI9DWZVO8eQ+v8qkv9Ng==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 09 Oct 2018 17:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-csrf-token
NlfcIkjK/oaVpo6Ku2ue1+Dj6IQuPHjpUPq3oBHKoOQRamdfQS/4Q5cjof4s4GidpyLA5bR0Br8weWAuqj9raQ==
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self'; child-src 'self' a3.cloud.net js.stripe.com static.olark.com vars.hotjar.com www.youtube.com; connect-src 'self' 1621922865.log.optimizely.com adm.dynamicyield.com api.mixpanel.com bam.nr-data.net insights.hotjar.com nrpc.olark.com olark.com optimizely.com px.dynamicyield.com; font-src 'self' cdn.dynamicyield.com fonts.googleapis.com fonts.gstatic.com; img-src 'self' a3.cloud.net cdn.optimizely.com googleusercontent.com graph.facebook.com log.olark.com scontent.xx.fbcdn.net static.g.doubleclick.net static.olark.com stats.g.doubleclick.net t.co www.facebook.com www.google-analytics.com www.google.com www.google.pl www.salesmanago.pl maps.google.com *.gstatic.com maps.googleapis.com *.googleusercontent.com; media-src 'self' static.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' a3.cloud.net airhelp.postaffiliatepro.com analytics.twitter.com api.olark.com assets.olark.com bam.nr-data.net cdn.dynamicyield.com cdn.mxpnl.com cdn.optimizely.com cdnjs.cloudflare.com connect.facebook.net js-agent.newrelic.com js.stripe.com maps.google.com maps.googleapis.com nrpc.olark.com scanner-stats-gate-production.airhelp.com scanner-stats-gate-staging.airhelp.com script.hotjar.com sixpack-staging.ahinternal.net sixpack.ahinternal.net st.dynamicyield.com static.ads-twitter.com static.dynamicyield.com static.hotjar.com static.olark.com www.google-analytics.com www.googletagmanager.com www.salesmanago.pl; style-src 'self' 'unsafe-inline' cdn.dynamicyield.com fonts.googleapis.com static.olark.com; report-uri https://csp-reports.airhelp.com/report
status
200
x-whom
webapp1-production
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-xss-protection
1; mode=block
x-request-id
44f70c30-05e5-432e-9957-68855c19cd28
x-runtime
0.249260
server
cloudflare
x-frame-options
sameorigin
etag
W/"f8a8c6afe97bf859564c47f03a74eaf2"
x-download-options
noopen
vary
Origin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.airhelp.com
cache-control
max-age=0, private, must-revalidate
set-cookie
_ah-webapp_session=ZnY3Tk4yZTFEbGJpNUtXUFcyVUpISk0xdEdqMHV0SXVWZFF3ZVZHVlZpRGw0YmhVM3JzMXkvckRXNlJnU24ybGJjWDRxcUd3b3dSaUZIUzJOeEN1Wm9xcmlmK1ovMUZoNStvUFlRMzFvamJiaG5XWVpIMHZyOTdCNytxZC9senpQSVlHVDkvNlhWT1JBNDFEQ2xQOTlXblU3bTNWb1ovdFJxK1NXaEEzbG1OcXpnZ0g1djlsM2c0WDd6K1d0TjR4LS1CTkNjU2gya2Y5TWhrazJrckhvdkp3PT0%3D--b70c6a7eff52829f518d789b7a1d188bf79dcaa5; path=/; secure; HttpOnly
cf-ray
4672a1a6eacdc2dd-FRA
x-lb
mainlb1-production
batch
px.dynamicyield.com/ 		0
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.dynamicyield.com/batch?cnst=1&_=1539106817114_695616
Requested by
Host: static.dynamicyield.com
URL: https://static.dynamicyield.com/scripts/12324/dy-coll-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.160.93 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-225-160-93.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 09 Oct 2018 17:40:17 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
20
Expires
Tue, 09 Oct 2018 17:40:16 GMT
tracking.min.js
www.artfut.com/static/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/tracking.min.js
Requested by
Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=51efc44b1b
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::6819:a165 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
58533d80bd8d20bc9cecb48abc498e210002c0ad306d309502eed1bcc6a9f355
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Tue, 09 Oct 2018 17:40:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 09 Oct 2018 05:28:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5bbc3c8f-5cbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1200, public
cf-ray
4672a1a70e49c2bf-FRA
expires
Tue, 09 Oct 2018 17:58:11 GMT
crossdevice.min.js
www.artfut.com/static/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/crossdevice.min.js
Requested by
Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=51efc44b1b
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::6819:a165 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4062ce38c5556ead9c842303520b3d383616bd0917c5a1b598ef47c6720a48fb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Tue, 09 Oct 2018 17:40:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 09 Oct 2018 05:28:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5bbc3c8f-4e4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1200, public
cf-ray
4672a1a70e4bc2bf-FRA
expires
Tue, 09 Oct 2018 17:58:21 GMT
ea1cf7ad-84a4-4c0b-af17-2452b6bf03ab
https://app.airhelp.com/ 		29 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://app.airhelp.com/ea1cf7ad-84a4-4c0b-af17-2452b6bf03ab
Requested by
Host: js.hellomedian.com
URL: https://js.hellomedian.com/v1/mdn-screenshare.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8033ee1f8bda66488aeac181f00f8e8a3cebac2f7073ff017e9fb1cf4f17c23

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length
29591
frame.76117021.js
js.intercomcdn.com/ Frame 16CF 		2 MB
510 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame.76117021.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.f4cfb0d2.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.2 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-2.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
faae8626e12996ec3c886bd4bf82d3f8f6a2573488d44b6c163859ee7edd7206

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 16:28:18 GMT
content-encoding
gzip
last-modified
Tue, 09 Oct 2018 16:28:17 GMT
server
AmazonS3
age
4320
etag
"6b471b49ab1d086759a202e6720ce390"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=604800, s-maxage=7200, public
accept-ranges
bytes
content-length
521663
via
1.1 9740f884e58cfb465c19a8a2b144f34f.cloudfront.net (CloudFront)
x-amz-cf-id
6SQiDMq4eGnBAket2Dg7Yala8NQPARjCHEL5H19q2_tGJUoTayH3Eg==
ping
api-iam.intercom.io/messenger/web/ Frame 16CF 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.76117021.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.203 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-203.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e26fcb80744ddb01fbcd9da943b635541e4c65a8403e63f2a0130bf92a7404a8
Security Headers
Name Value
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 09 Oct 2018 17:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://app.airhelp.com
x-cache
Miss from cloudfront
status
200, 200 OK
strict-transport-security
max-age=31557600; includeSubDomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
000iuu9qv2g6a8m6hreg
x-runtime
0.269094
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"e26fcb80744ddb01fbcd9da943b63554"
x-ratelimit-remaining
1970
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
via
1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
x-intercom-version
85d623192f370e3321c25655eea45720b417ea79
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1539106860
x-ratelimit-limit
2000
access-control-allow-headers
Content-Type
x-amz-cf-id
BhS0jsMPVYdm5-8n3bbQedW2AXqiClGywunQDA-pIHHSbOGyraHxkA==
analytics.js
www.google-analytics.com/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRBL8PV
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
316fe2ef7b6caac81936e79571e2e0b742200f1c5b0e02d6bdeeb375eb419026
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 01 Oct 2018 17:56:18 GMT
server
Golfe2
age
4258
date
Tue, 09 Oct 2018 16:29:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17285
expires
Tue, 09 Oct 2018 18:29:19 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRBL8PV
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.18.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
0e42dcf7437563827d9f0c3afd7316d7e8ebcf9ea14e057a3770949ecbf6dce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 17:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8353
x-xss-protection
1; mode=block
server
cafe
etag
14697784320061775357
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 09 Oct 2018 17:40:17 GMT
/
api.mixpanel.com/track/ 		1 B
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJwcm9kdWN0U2VsZWN0ZWQiLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiTWFjIE9TIFgiLCIkYnJvd3NlciI6ICJDaHJvbWUiLCIkY3VycmVudF91cmwiOiAiaHR0cHM6Ly9hcHAuYWlyaGVscC5jb20vb3RhL2VjdF91bml0ZWRfc3RhdGVzLzE0MWIzNDkxMThiN2E0NjgzNDZiMGE1MTdhN2JmYjgwP2xhbmc9ZW4mYWhjaWQ9NjQ0NCZ1dG1fY2FtcGFpZ249ZWdlbmNpYSZ1dG1fc291cmNlPW90YSZ1dG1fbWVkaXVtPWVtYWlsIiwiJGJyb3dzZXJfdmVyc2lvbiI6IDY3LCIkc2NyZWVuX2hlaWdodCI6IDEyMDAsIiRzY3JlZW5fd2lkdGgiOiAxNjAwLCJtcF9saWIiOiAid2ViIiwiJGxpYl92ZXJzaW9uIjogIjIuMjIuNCIsImRpc3RpbmN0X2lkIjogIjE2NjU5ZWE0MzQ0YWMzLTA0NGNjMjIwZmVhOGFiLTE3MzY2OTUyLTFkNGMwMC0xNjY1OWVhNDM0NjE5NDQiLCJVVE0gQ2FtcGFpZ24gW0xhc3QgVG91Y2hdIjogImVnZW5jaWEiLCJVVE0gU291cmNlIFtMYXN0IFRvdWNoXSI6ICJvdGEiLCJVVE0gTWVkaXVtIFtMYXN0IFRvdWNoXSI6ICJlbWFpbCIsInV0bV9zb3VyY2UiOiAib3RhIiwidXRtX21lZGl1bSI6ICJlbWFpbCIsInV0bV9jYW1wYWlnbiI6ICJlZ2VuY2lhIiwiJGluaXRpYWxfcmVmZXJyZXIiOiAiJGRpcmVjdCIsIiRpbml0aWFsX3JlZmVycmluZ19kb21haW4iOiAiJGRpcmVjdCIsInRyaXBEZXBhcnR1cmUiOiAiQk9TIiwidHJpcERlc3RpbmF0aW9uIjogIldBVyIsImVjb21tZXJjZSI6IHsiY3VycmVuY3lDb2RlIjogIlVTRCIsImFkZCI6IHsicHJvZHVjdHMiOiBbCiAgICB7Im5hbWUiOiAiQWlySGVscE90YSIsInZhcmlhbnQiOiAiTHVmdGhhbnNhIiwicXVhbnRpdHkiOiAxfQpdfX0sImV2ZW50IjogInByb2R1Y3RTZWxlY3RlZCIsImd0bS51bmlxdWVFdmVudElkIjogMywidG9rZW4iOiAiYmVkMTA1Y2RlMzk5NGNlMDZkZDZlMzRkZDliZGQwZjEifX0%3D&ip=1&_=1539106817491
Requested by
Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.240.159 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
159.240.178.107.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com

Response headers

date
Tue, 09 Oct 2018 17:40:17 GMT
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://app.airhelp.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
alt-svc
clear
content-length
1
wired-logo-ea6af54f68619dbcc6d5d29f919a2cc6.png
app.airhelp.com/assets/images/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.airhelp.com/assets/images/logos/wired-logo-ea6af54f68619dbcc6d5d29f919a2cc6.png
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2b57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d5be1b2f2557066015bc0dd6f73ad9476bd38b2acde29880221b3c7d8aab4a1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/assets/images/logos/wired-logo-ea6af54f68619dbcc6d5d29f919a2cc6.png
pragma
no-cache
cookie
__cfduid=d6144480544dfa36b5011c7484bc1923f1539106815; _dy_csc_ses=t; _dy_ses_load_seq=13921%3A1539106816057; _dyexps=280967%7C3164131%3A%3A0%3A1539106816068%3A13921%3A13921%3A2%3A3%3A0%7C8556064%3A4561798%7C1%7C13921%3A1539106816069; _dy_c_exps=; _dy_soct=186634.271439.1539106816; sixpack_forced_alternatives={}; user_language=en; _dycnst=dg; user_currency=EUR; user_country_code=DE; mp_bed105cde3994ce06dd6e34dd9bdd0f1_mixpanel=%7B%22distinct_id%22%3A%20%2216659ea4344ac3-044cc220fea8ab-17366952-1d4c00-16659ea43461944%22%2C%22UTM%20Campaign%20%5BLast%20Touch%5D%22%3A%20%22egencia%22%2C%22UTM%20Source%20%5BLast%20Touch%5D%22%3A%20%22ota%22%2C%22UTM%20Medium%20%5BLast%20Touch%5D%22%3A%20%22email%22%2C%22utm_source%22%3A%20%22ota%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22egencia%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; PAPVisitorId=Edy8Je2hfs4h8pGVfqi43JSrlgQwXK95; _dyid=-1950058229090424832; _dyfs=true; _dyjsession=f5d451392c1c4e25789ba937ebe89a75; _dyuss_8768110=1; _dycst=dk.m.c.ws.frv1.frs.; _dy_geo=DE.EU.DE_05.DE_05_Hofheim; _dy_df_geo=Germany..Hofheim; _dy_weather_8768110=%5B%5D; _dy_cweather_8768110=null; _dy_device=%7B%22brand%22%3A%22Apple%22%2C%22type%22%3A%22desktop%22%7D; _dy_tsrc=Direct; _dyus_8768110=0%7C0%7C0%7C0%7C0%7C0.0.1539106817006.1539106817006.0.0%7C281%7C41%7C9%7C118%7C1%7C0%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C0; _dy_toffset=-1; _dyprdobj=; _dyprd=; user_units_system=metric; _ah-webapp_session=ZnY3Tk4yZTFEbGJpNUtXUFcyVUpISk0xdEdqMHV0SXVWZFF3ZVZHVlZpRGw0YmhVM3JzMXkvckRXNlJnU24ybGJjWDRxcUd3b3dSaUZIUzJOeEN1Wm9xcmlmK1ovMUZoNStvUFlRMzFvamJiaG5XWVpIMHZyOTdCNytxZC9senpQSVlHVDkvNlhWT1JBNDFEQ2xQOTlXblU3bTNWb1ovdFJxK1NXaEEzbG1OcXpnZ0g1djlsM2c0WDd6K1d0TjR4LS1CTkNjU2gya2Y5TWhrazJrckhvdkp3PT0%3D--b70c6a7eff52829f518d789b7a1d188bf79dcaa5; _gcl_au=1.1.1101825796.1539106817
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
app.airhelp.com
referer
https://app.airhelp.com/assets/frontend-1bfe0581c78f92f2c549d673c40d1fd7.css
:scheme
https
:method
GET
Referer
https://app.airhelp.com/assets/frontend-1bfe0581c78f92f2c549d673c40d1fd7.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 17:40:17 GMT
cf-cache-status
HIT
x-lb
mainlb1-production
cf-polished
origSize=4872
status
200
last-modified
Tue, 09 Oct 2018 14:15:12 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
content-length
2989
cf-bgj
imgq:100
server
cloudflare
etag
"ea6af54f68619dbcc6d5d29f919a2cc6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
d9dvZ3tppRQO3n.F26jXOIvt5j_T2PLG
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
4672a1aa1c7bc2dd-FRA
expires
Wed, 10 Oct 2018 17:40:17 GMT
cnn-logo-455cede7759b26362e23e546ffd054e2.png
app.airhelp.com/assets/images/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.airhelp.com/assets/images/logos/cnn-logo-455cede7759b26362e23e546ffd054e2.png
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2b57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
50e01072d0ddcad8808fafffa64f1319c383bfb5f701e9520b9b3653b0ab41eb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/assets/images/logos/cnn-logo-455cede7759b26362e23e546ffd054e2.png
pragma
no-cache
cookie
__cfduid=d6144480544dfa36b5011c7484bc1923f1539106815; _dy_csc_ses=t; _dy_ses_load_seq=13921%3A1539106816057; _dyexps=280967%7C3164131%3A%3A0%3A1539106816068%3A13921%3A13921%3A2%3A3%3A0%7C8556064%3A4561798%7C1%7C13921%3A1539106816069; _dy_c_exps=; _dy_soct=186634.271439.1539106816; sixpack_forced_alternatives={}; user_language=en; _dycnst=dg; user_currency=EUR; user_country_code=DE; mp_bed105cde3994ce06dd6e34dd9bdd0f1_mixpanel=%7B%22distinct_id%22%3A%20%2216659ea4344ac3-044cc220fea8ab-17366952-1d4c00-16659ea43461944%22%2C%22UTM%20Campaign%20%5BLast%20Touch%5D%22%3A%20%22egencia%22%2C%22UTM%20Source%20%5BLast%20Touch%5D%22%3A%20%22ota%22%2C%22UTM%20Medium%20%5BLast%20Touch%5D%22%3A%20%22email%22%2C%22utm_source%22%3A%20%22ota%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22egencia%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; PAPVisitorId=Edy8Je2hfs4h8pGVfqi43JSrlgQwXK95; _dyid=-1950058229090424832; _dyfs=true; _dyjsession=f5d451392c1c4e25789ba937ebe89a75; _dyuss_8768110=1; _dycst=dk.m.c.ws.frv1.frs.; _dy_geo=DE.EU.DE_05.DE_05_Hofheim; _dy_df_geo=Germany..Hofheim; _dy_weather_8768110=%5B%5D; _dy_cweather_8768110=null; _dy_device=%7B%22brand%22%3A%22Apple%22%2C%22type%22%3A%22desktop%22%7D; _dy_tsrc=Direct; _dyus_8768110=0%7C0%7C0%7C0%7C0%7C0.0.1539106817006.1539106817006.0.0%7C281%7C41%7C9%7C118%7C1%7C0%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C0; _dy_toffset=-1; _dyprdobj=; _dyprd=; user_units_system=metric; _ah-webapp_session=ZnY3Tk4yZTFEbGJpNUtXUFcyVUpISk0xdEdqMHV0SXVWZFF3ZVZHVlZpRGw0YmhVM3JzMXkvckRXNlJnU24ybGJjWDRxcUd3b3dSaUZIUzJOeEN1Wm9xcmlmK1ovMUZoNStvUFlRMzFvamJiaG5XWVpIMHZyOTdCNytxZC9senpQSVlHVDkvNlhWT1JBNDFEQ2xQOTlXblU3bTNWb1ovdFJxK1NXaEEzbG1OcXpnZ0g1djlsM2c0WDd6K1d0TjR4LS1CTkNjU2gya2Y5TWhrazJrckhvdkp3PT0%3D--b70c6a7eff52829f518d789b7a1d188bf79dcaa5; _gcl_au=1.1.1101825796.1539106817
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
app.airhelp.com
referer
https://app.airhelp.com/assets/frontend-1bfe0581c78f92f2c549d673c40d1fd7.css
:scheme
https
:method
GET
Referer
https://app.airhelp.com/assets/frontend-1bfe0581c78f92f2c549d673c40d1fd7.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 17:40:17 GMT
cf-cache-status
HIT
x-lb
mainlb1-production
cf-polished
origSize=5026
status
200
last-modified
Tue, 09 Oct 2018 14:15:12 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
content-length
2987
cf-bgj
imgq:100
server
cloudflare
etag
"455cede7759b26362e23e546ffd054e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
UbCpLTtYEwfoB_fGiLrIIxpZpY208P_H
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
4672a1aa1c7fc2dd-FRA
expires
Wed, 10 Oct 2018 17:40:17 GMT
airhelp-logo-d30eda8a2f63e4c1bf87f7529035e911.svg
app.airhelp.com/assets/images/logos/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.airhelp.com/assets/images/logos/airhelp-logo-d30eda8a2f63e4c1bf87f7529035e911.svg
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2b57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7c6571e28c9172aedb988b75b82ea234017c9456ba7ead4bcdf72fb15c48694
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/assets/images/logos/airhelp-logo-d30eda8a2f63e4c1bf87f7529035e911.svg
pragma
no-cache
cookie
__cfduid=d6144480544dfa36b5011c7484bc1923f1539106815; _dy_csc_ses=t; _dy_ses_load_seq=13921%3A1539106816057; _dyexps=280967%7C3164131%3A%3A0%3A1539106816068%3A13921%3A13921%3A2%3A3%3A0%7C8556064%3A4561798%7C1%7C13921%3A1539106816069; _dy_c_exps=; _dy_soct=186634.271439.1539106816; sixpack_forced_alternatives={}; user_language=en; _dycnst=dg; user_currency=EUR; user_country_code=DE; mp_bed105cde3994ce06dd6e34dd9bdd0f1_mixpanel=%7B%22distinct_id%22%3A%20%2216659ea4344ac3-044cc220fea8ab-17366952-1d4c00-16659ea43461944%22%2C%22UTM%20Campaign%20%5BLast%20Touch%5D%22%3A%20%22egencia%22%2C%22UTM%20Source%20%5BLast%20Touch%5D%22%3A%20%22ota%22%2C%22UTM%20Medium%20%5BLast%20Touch%5D%22%3A%20%22email%22%2C%22utm_source%22%3A%20%22ota%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22egencia%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; PAPVisitorId=Edy8Je2hfs4h8pGVfqi43JSrlgQwXK95; _dyid=-1950058229090424832; _dyfs=true; _dyjsession=f5d451392c1c4e25789ba937ebe89a75; _dyuss_8768110=1; _dycst=dk.m.c.ws.frv1.frs.; _dy_geo=DE.EU.DE_05.DE_05_Hofheim; _dy_df_geo=Germany..Hofheim; _dy_weather_8768110=%5B%5D; _dy_cweather_8768110=null; _dy_device=%7B%22brand%22%3A%22Apple%22%2C%22type%22%3A%22desktop%22%7D; _dy_tsrc=Direct; _dyus_8768110=0%7C0%7C0%7C0%7C0%7C0.0.1539106817006.1539106817006.0.0%7C281%7C41%7C9%7C118%7C1%7C0%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C0; _dy_toffset=-1; _dyprdobj=; _dyprd=; user_units_system=metric; _ah-webapp_session=ZnY3Tk4yZTFEbGJpNUtXUFcyVUpISk0xdEdqMHV0SXVWZFF3ZVZHVlZpRGw0YmhVM3JzMXkvckRXNlJnU24ybGJjWDRxcUd3b3dSaUZIUzJOeEN1Wm9xcmlmK1ovMUZoNStvUFlRMzFvamJiaG5XWVpIMHZyOTdCNytxZC9senpQSVlHVDkvNlhWT1JBNDFEQ2xQOTlXblU3bTNWb1ovdFJxK1NXaEEzbG1OcXpnZ0g1djlsM2c0WDd6K1d0TjR4LS1CTkNjU2gya2Y5TWhrazJrckhvdkp3PT0%3D--b70c6a7eff52829f518d789b7a1d188bf79dcaa5; _gcl_au=1.1.1101825796.1539106817
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
app.airhelp.com
referer
https://app.airhelp.com/assets/frontend-1bfe0581c78f92f2c549d673c40d1fd7.css
:scheme
https
:method
GET
Referer
https://app.airhelp.com/assets/frontend-1bfe0581c78f92f2c549d673c40d1fd7.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 17:40:17 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
x-amz-version-id
pTzINxDQfqn1iBUhJVAr3Gz.Lh.QKRSc
last-modified
Tue, 09 Oct 2018 14:15:12 GMT
server
cloudflare
etag
W/"d30eda8a2f63e4c1bf87f7529035e911"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/svg+xml
expires
Wed, 10 Oct 2018 17:40:17 GMT
cache-control
public, max-age=86400
cf-ray
4672a1aa1c80c2dd-FRA
x-lb
mainlb1-production
Egencia_20180613.png
airhelp-public.s3.amazonaws.com/partners/logos/ect_united_states/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://airhelp-public.s3.amazonaws.com/partners/logos/ect_united_states/Egencia_20180613.png?1528902678
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.104.33 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
fe9aab4cabb7ae07741bf8716120a27275d5a811401ac026822f17fdb2395570

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Oct 2018 17:40:18 GMT
Last-Modified
Wed, 13 Jun 2018 15:11:19 GMT
Server
AmazonS3
x-amz-request-id
CD8BE19916FAD2D4
ETag
"c590684b7d01b13fe1f30a3e08d151ca"
Content-Type
image/png
x-amz-version-id
ELmJx.8s2Cmcuk3OnuV9GClPH_Bij_OV
Accept-Ranges
bytes
Content-Length
25330
x-amz-id-2
wgv1qAu3SuZzvzx9cG4Jq7CEMMe5pCarCh3Ie5RIWclFqixWKgGiwjBjTBzKBbdDe7ILR0M8pN0=
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v11/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700|Roboto:400,900italic,900,700italic,700,500italic,500,400italic,300italic,300&subset=latin-ext
Origin
https://app.airhelp.com

Response headers

date
Tue, 02 Oct 2018 10:29:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:25:48 GMT
server
sffe
age
630652
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
12960
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 10:29:25 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v11/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
435102c6994284c58e63143d49204d6c3876633ffec220cc73ca05ff8e0156c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700|Roboto:400,900italic,900,700italic,700,500italic,500,400italic,300italic,300&subset=latin-ext
Origin
https://app.airhelp.com

Response headers

date
Tue, 02 Oct 2018 10:29:46 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:25:43 GMT
server
sffe
age
630631
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
12968
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 10:29:46 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700|Roboto:400,900italic,900,700italic,700,500italic,500,400italic,300italic,300&subset=latin-ext
Origin
https://app.airhelp.com

Response headers

date
Tue, 02 Oct 2018 10:29:21 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
630656
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10788
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 10:29:21 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v11/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4a58441133d85539974e4b136c25eaa5512ac1b018d4f6d53124a08c6f19b55e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700|Roboto:400,900italic,900,700italic,700,500italic,500,400italic,300italic,300&subset=latin-ext
Origin
https://app.airhelp.com

Response headers

date
Tue, 02 Oct 2018 10:29:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:25:50 GMT
server
sffe
age
630652
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
12916
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 10:29:25 GMT
fontawesome-webfont-af7ae505a9eed503f8b8e6982036873e.woff2
app.airhelp.com/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.airhelp.com/fonts/fontawesome-webfont-af7ae505a9eed503f8b8e6982036873e.woff2?v=4.7.0
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2b57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/fonts/fontawesome-webfont-af7ae505a9eed503f8b8e6982036873e.woff2?v=4.7.0
pragma
no-cache
cookie
__cfduid=d6144480544dfa36b5011c7484bc1923f1539106815; _dy_csc_ses=t; _dy_ses_load_seq=13921%3A1539106816057; _dyexps=280967%7C3164131%3A%3A0%3A1539106816068%3A13921%3A13921%3A2%3A3%3A0%7C8556064%3A4561798%7C1%7C13921%3A1539106816069; _dy_c_exps=; _dy_soct=186634.271439.1539106816; sixpack_forced_alternatives={}; user_language=en; _dycnst=dg; user_currency=EUR; user_country_code=DE; mp_bed105cde3994ce06dd6e34dd9bdd0f1_mixpanel=%7B%22distinct_id%22%3A%20%2216659ea4344ac3-044cc220fea8ab-17366952-1d4c00-16659ea43461944%22%2C%22UTM%20Campaign%20%5BLast%20Touch%5D%22%3A%20%22egencia%22%2C%22UTM%20Source%20%5BLast%20Touch%5D%22%3A%20%22ota%22%2C%22UTM%20Medium%20%5BLast%20Touch%5D%22%3A%20%22email%22%2C%22utm_source%22%3A%20%22ota%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22egencia%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; PAPVisitorId=Edy8Je2hfs4h8pGVfqi43JSrlgQwXK95; _dyid=-1950058229090424832; _dyfs=true; _dyjsession=f5d451392c1c4e25789ba937ebe89a75; _dyuss_8768110=1; _dycst=dk.m.c.ws.frv1.frs.; _dy_geo=DE.EU.DE_05.DE_05_Hofheim; _dy_df_geo=Germany..Hofheim; _dy_weather_8768110=%5B%5D; _dy_cweather_8768110=null; _dy_device=%7B%22brand%22%3A%22Apple%22%2C%22type%22%3A%22desktop%22%7D; _dy_tsrc=Direct; _dyus_8768110=0%7C0%7C0%7C0%7C0%7C0.0.1539106817006.1539106817006.0.0%7C281%7C41%7C9%7C118%7C1%7C0%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C0; _dy_toffset=-1; _dyprdobj=; _dyprd=; user_units_system=metric; _ah-webapp_session=ZnY3Tk4yZTFEbGJpNUtXUFcyVUpISk0xdEdqMHV0SXVWZFF3ZVZHVlZpRGw0YmhVM3JzMXkvckRXNlJnU24ybGJjWDRxcUd3b3dSaUZIUzJOeEN1Wm9xcmlmK1ovMUZoNStvUFlRMzFvamJiaG5XWVpIMHZyOTdCNytxZC9senpQSVlHVDkvNlhWT1JBNDFEQ2xQOTlXblU3bTNWb1ovdFJxK1NXaEEzbG1OcXpnZ0g1djlsM2c0WDd6K1d0TjR4LS1CTkNjU2gya2Y5TWhrazJrckhvdkp3PT0%3D--b70c6a7eff52829f518d789b7a1d188bf79dcaa5; _gcl_au=1.1.1101825796.1539106817
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
app.airhelp.com
referer
https://app.airhelp.com/assets/frontend-1bfe0581c78f92f2c549d673c40d1fd7.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://app.airhelp.com/assets/frontend-1bfe0581c78f92f2c549d673c40d1fd7.css
Origin
https://app.airhelp.com

Response headers

date
Tue, 09 Oct 2018 17:40:17 GMT
vary
Accept-Encoding
cf-cache-status
HIT
status
200
content-type
binary/octet-stream
content-length
77160
last-modified
Tue, 09 Oct 2018 14:15:12 GMT
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
hWiUxLGge9QgV1HJcl8P5Xyz_PuPhVAT
expires
Wed, 10 Oct 2018 17:40:17 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
4672a1aa1ca6c2dd-FRA
x-lb
mainlb2-production
FontAirhelp-4634cb6b7aac7b0a79652a94df277581.woff
app.airhelp.com/assets/fonts/airhelp/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.airhelp.com/assets/fonts/airhelp/FontAirhelp-4634cb6b7aac7b0a79652a94df277581.woff
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80?lang=en&ahcid=6444&utm_campaign=egencia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2b57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
21b64fa935247c0e39133381a10a6129c911a6e4fe8504321bba3084f645c30d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/assets/fonts/airhelp/FontAirhelp-4634cb6b7aac7b0a79652a94df277581.woff
pragma
no-cache
cookie
__cfduid=d6144480544dfa36b5011c7484bc1923f1539106815; _dy_csc_ses=t; _dy_ses_load_seq=13921%3A1539106816057; _dyexps=280967%7C3164131%3A%3A0%3A1539106816068%3A13921%3A13921%3A2%3A3%3A0%7C8556064%3A4561798%7C1%7C13921%3A1539106816069; _dy_c_exps=; _dy_soct=186634.271439.1539106816; sixpack_forced_alternatives={}; user_language=en; _dycnst=dg; user_currency=EUR; user_country_code=DE; mp_bed105cde3994ce06dd6e34dd9bdd0f1_mixpanel=%7B%22distinct_id%22%3A%20%2216659ea4344ac3-044cc220fea8ab-17366952-1d4c00-16659ea43461944%22%2C%22UTM%20Campaign%20%5BLast%20Touch%5D%22%3A%20%22egencia%22%2C%22UTM%20Source%20%5BLast%20Touch%5D%22%3A%20%22ota%22%2C%22UTM%20Medium%20%5BLast%20Touch%5D%22%3A%20%22email%22%2C%22utm_source%22%3A%20%22ota%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22egencia%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; PAPVisitorId=Edy8Je2hfs4h8pGVfqi43JSrlgQwXK95; _dyid=-1950058229090424832; _dyfs=true; _dyjsession=f5d451392c1c4e25789ba937ebe89a75; _dyuss_8768110=1; _dycst=dk.m.c.ws.frv1.frs.; _dy_geo=DE.EU.DE_05.DE_05_Hofheim; _dy_df_geo=Germany..Hofheim; _dy_weather_8768110=%5B%5D; _dy_cweather_8768110=null; _dy_device=%7B%22brand%22%3A%22Apple%22%2C%22type%22%3A%22desktop%22%7D; _dy_tsrc=Direct; _dyus_8768110=0%7C0%7C0%7C0%7C0%7C0.0.1539106817006.1539106817006.0.0%7C281%7C41%7C9%7C118%7C1%7C0%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C0; _dy_toffset=-1; _dyprdobj=; _dyprd=; user_units_system=metric; _ah-webapp_session=ZnY3Tk4yZTFEbGJpNUtXUFcyVUpISk0xdEdqMHV0SXVWZFF3ZVZHVlZpRGw0YmhVM3JzMXkvckRXNlJnU24ybGJjWDRxcUd3b3dSaUZIUzJOeEN1Wm9xcmlmK1ovMUZoNStvUFlRMzFvamJiaG5XWVpIMHZyOTdCNytxZC9senpQSVlHVDkvNlhWT1JBNDFEQ2xQOTlXblU3bTNWb1ovdFJxK1NXaEEzbG1OcXpnZ0g1djlsM2c0WDd6K1d0TjR4LS1CTkNjU2gya2Y5TWhrazJrckhvdkp3PT0%3D--b70c6a7eff52829f518d789b7a1d188bf79dcaa5; _gcl_au=1.1.1101825796.1539106817
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
app.airhelp.com
referer
https://app.airhelp.com/assets/frontend-1bfe0581c78f92f2c549d673c40d1fd7.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://app.airhelp.com/assets/frontend-1bfe0581c78f92f2c549d673c40d1fd7.css
Origin
https://app.airhelp.com

Response headers

date
Tue, 09 Oct 2018 17:40:17 GMT
vary
Accept-Encoding
cf-cache-status
HIT
status
200
content-type
application/x-font-woff
content-length
14808
last-modified
Tue, 09 Oct 2018 14:15:12 GMT
server
cloudflare
etag
"4634cb6b7aac7b0a79652a94df277581"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
APoyCFa_Bv6HXxW8FYokAp1.hTaDwYAZ
expires
Wed, 10 Oct 2018 17:40:17 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
4672a1aa3d24c2dd-FRA
x-lb
mainlb2-production
/
api.mixpanel.com/track/ 		1 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJwYWdlVmlld2VkIiwicHJvcGVydGllcyI6IHsiJG9zIjogIk1hYyBPUyBYIiwiJGJyb3dzZXIiOiAiQ2hyb21lIiwiJGN1cnJlbnRfdXJsIjogImh0dHBzOi8vYXBwLmFpcmhlbHAuY29tL290YS9lY3RfdW5pdGVkX3N0YXRlcy8xNDFiMzQ5MTE4YjdhNDY4MzQ2YjBhNTE3YTdiZmI4MD9sYW5nPWVuJmFoY2lkPTY0NDQmdXRtX2NhbXBhaWduPWVnZW5jaWEmdXRtX3NvdXJjZT1vdGEmdXRtX21lZGl1bT1lbWFpbCIsIiRicm93c2VyX3ZlcnNpb24iOiA2NywiJHNjcmVlbl9oZWlnaHQiOiAxMjAwLCIkc2NyZWVuX3dpZHRoIjogMTYwMCwibXBfbGliIjogIndlYiIsIiRsaWJfdmVyc2lvbiI6ICIyLjIyLjQiLCJkaXN0aW5jdF9pZCI6ICIxNjY1OWVhNDM0NGFjMy0wNDRjYzIyMGZlYThhYi0xNzM2Njk1Mi0xZDRjMDAtMTY2NTllYTQzNDYxOTQ0IiwiVVRNIENhbXBhaWduIFtMYXN0IFRvdWNoXSI6ICJlZ2VuY2lhIiwiVVRNIFNvdXJjZSBbTGFzdCBUb3VjaF0iOiAib3RhIiwiVVRNIE1lZGl1bSBbTGFzdCBUb3VjaF0iOiAiZW1haWwiLCJ1dG1fc291cmNlIjogIm90YSIsInV0bV9tZWRpdW0iOiAiZW1haWwiLCJ1dG1fY2FtcGFpZ24iOiAiZWdlbmNpYSIsIiRpbml0aWFsX3JlZmVycmVyIjogIiRkaXJlY3QiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJwYWdlVXJsIjogImh0dHBzOi8vYXBwLmFpcmhlbHAuY29tL290YS9lY3RfdW5pdGVkX3N0YXRlcy8xNDFiMzQ5MTE4YjdhNDY4MzQ2YjBhNTE3YTdiZmI4MD9sYW5nPWVuJmFoY2lkPTY0NDQmdXRtX2NhbXBhaWduPWVnZW5jaWEmdXRtX3NvdXJjZT1vdGEmdXRtX21lZGl1bT1lbWFpbCIsInBhZ2VQYXRoIjogIi9vdGEvZWN0X3VuaXRlZF9zdGF0ZXMvMTQxYjM0OTExOGI3YTQ2ODM0NmIwYTUxN2E3YmZiODAiLCJwYWdlVHlwZSI6ICJPdGFMZWFkc090YUxlYWRJbmRleCIsInBhZ2VUaXRsZSI6ICJBaXJIZWxwIiwicGFnZVJlZmVycmVyIjogImh0dHBzOi8vYXBwLmFpcmhlbHAuY29tL290YS9lY3RfdW5pdGVkX3N0YXRlcy8xNDFiMzQ5MTE4YjdhNDY4MzQ2YjBhNTE3YTdiZmI4MD9sYW5nPWVuJmFoY2lkPTY0NDQmdXRtX2NhbXBhaWduPWVnZW5jaWEmdXRtX3NvdXJjZT1vdGEmdXRtX21lZGl1bT1lbWFpbCIsInVzZXJBZ2VudCI6ICJNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xM181KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNjcuMC4zMzk2Ljg3IFNhZmFyaS81MzcuMzYiLCJkZXZpY2VUeXBlIjogIkRlc2t0b3AiLCJkZXZpY2VNb2RlbCI6ICJNYWMgT1MiLCJ3ZWJUaGVtZSI6ICJEZXNrdG9wIiwidmlld3BvcnRXaWR0aCI6IDE2MDAsInZpZXdwb3J0SGVpZ2h0IjogMTIwMCwicGFnZUxhbmd1YWdlIjogImVuIiwicGFnZUN1cnJlbmN5IjogIlVTRCIsImxvZ2dlZEluIjogZmFsc2UsImNsYWltVHlwZSI6ICJBaXJIZWxwT3RhIiwib3RhQnJhbmQiOiAiZWN0X3VuaXRlZF9zdGF0ZXMiLCJwb3RlbnRpYWxseU1pc3NlZENvbm5lY3Rpb24iOiB0cnVlLCJldmVudCI6ICJwYWdlVmlld2VkIiwiZ3RtLnVuaXF1ZUV2ZW50SWQiOiA1LCJ0b2tlbiI6ICJiZWQxMDVjZGUzOTk0Y2UwNmRkNmUzNGRkOWJkZDBmMSJ9fQ%3D%3D&ip=1&_=1539106817652
Requested by
Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.240.159 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
159.240.178.107.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com

Response headers

date
Tue, 09 Oct 2018 17:40:17 GMT
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://app.airhelp.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
alt-svc
clear
content-length
1
/
www.facebook.com/tr/ 		44 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=307133519633829&ev=Search&dl=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail&rl=&if=false&ts=1539106817489&cd[search_string]=CheckYourCompensation&cd[content_type]=Flight&cd[departing_departure_date]=na&cd[returning_departure_date]=na&cd[origin_airport]=BOS&cd[destination_airport]=WAW&cd[purchase_currency]=(undefined)&cd[content_ids]=%5B%22BOS%22%2C%22WAW%22%5D&sw=1600&sh=1200&ud[ge]=91ab5bbca993306358db9f3236e5019cb224a01daf8d94cda6b47ddb2c83487a&ud[ct]=91ab5bbca993306358db9f3236e5019cb224a01daf8d94cda6b47ddb2c83487a&ud[zp]=91ab5bbca993306358db9f3236e5019cb224a01daf8d94cda6b47ddb2c83487a&v=2.8.30&r=stable&ec=1&o=60&it=1539106816851&coo=false
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 17:40:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 09 Oct 2018 17:40:17 GMT
dpx
px.dynamicyield.com/ 		4 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.dynamicyield.com/dpx?cnst=1&_=742748&msn=webserve-d081bc8.use&name=StartEnquiry&props=%7B%22dyType%22%3A%22add-to-cart-v1%22%2C%22EventCategory%22%3A%22Product%22%2C%22EventAction%22%3A%22ProductSelected%22%2C%22EventLabel%22%3A%22AirHelpOta%22%2C%22value%22%3A1%2C%22currency%22%3A%22(undefined)%22%2C%22productId%22%3A%22NotApplicable%22%2C%22quantity%22%3A1%7D&uid=-1950058229090424832&sec=8768110&cl=dk.m.c.ws.frv1.frs.&ses=8d40dd57cb15fc890fad49c3932e421e&nses=false&sesst=0&l=def&p=1&sd=&rf=&trf=0&aud=334081.457222.509995.333563.333565&svars=&url=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail&exps=%5B%5D&expSes=13921&tsrc=Direct&reqts=1539106816668&rri=8232103
Requested by
Host: static.dynamicyield.com
URL: https://static.dynamicyield.com/scripts/12324/dy-coll-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.160.93 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-225-160-93.compute-1.amazonaws.com
Software
nginx /
Resource Hash
545c38b0922de19734fbffde62792c37c2aef6a3216cfa472449173165220f7d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com

Response headers

Date
Tue, 09 Oct 2018 17:40:17 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
24
Expires
Tue, 09 Oct 2018 17:40:16 GMT
uia
px.dynamicyield.com/ 		4 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.dynamicyield.com/uia?cnst=1
Requested by
Host: static.dynamicyield.com
URL: https://static.dynamicyield.com/scripts/12324/dy-coll-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.117.75 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-50-19-117-75.compute-1.amazonaws.com
Software
nginx /
Resource Hash
545c38b0922de19734fbffde62792c37c2aef6a3216cfa472449173165220f7d

Request headers

Accept
*/*
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 09 Oct 2018 17:40:17 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
24
Expires
Tue, 09 Oct 2018 17:40:16 GMT
activityi;dc_pre=CM6oktnz-d0CFQYO4Aod-3UM7g;src=8617657;type=airhe002;cat=airhe0;ord=6640927784702;gtm=Ga1;auiddc=1101825796.1539106817;u1=(undefined);u2=(undefined);u3=(undefined);u4=(undefined);u...
8617657.fls.doubleclick.net/ Frame F011
Redirect Chain
  • https://8617657.fls.doubleclick.net/activityi;src=8617657;type=airhe002;cat=airhe0;ord=6640927784702;gtm=Ga1;auiddc=1101825796.1539106817;u1=(undefined);u2=(undefined);u3=(undefined);u4=(undefined)...
  • https://8617657.fls.doubleclick.net/activityi;dc_pre=CM6oktnz-d0CFQYO4Aod-3UM7g;src=8617657;type=airhe002;cat=airhe0;ord=6640927784702;gtm=Ga1;auiddc=1101825796.1539106817;u1=(undefined);u2=(undefi...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8617657.fls.doubleclick.net/activityi;dc_pre=CM6oktnz-d0CFQYO4Aod-3UM7g;src=8617657;type=airhe002;cat=airhe0;ord=6640927784702;gtm=Ga1;auiddc=1101825796.1539106817;u1=(undefined);u2=(undefined);u3=(undefined);u4=(undefined);u5=undefined;u6=(undefined);u7=(undefined);u8=BOS;u9=WAW;u10=(undefined);u11=(undefined);u12=(undefined);u13=(undefined);u14=(undefined);u15=(undefined);u16=gaClientId;u17=(undefined);u18=(undefined);u19=(undefined);u20=(undefined);u21=(undefined);u22=(undefined);u23=(undefined);u24=(undefined);u25=(undefined);u26=(undefined);u27=(undefined);u28=(undefined);u29=(undefined);u30=(undefined);u31=false;~oref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRBL8PV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.22.102 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f102.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
8617657.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CM6oktnz-d0CFQYO4Aod-3UM7g;src=8617657;type=airhe002;cat=airhe0;ord=6640927784702;gtm=Ga1;auiddc=1101825796.1539106817;u1=(undefined);u2=(undefined);u3=(undefined);u4=(undefined);u5=undefined;u6=(undefined);u7=(undefined);u8=BOS;u9=WAW;u10=(undefined);u11=(undefined);u12=(undefined);u13=(undefined);u14=(undefined);u15=(undefined);u16=gaClientId;u17=(undefined);u18=(undefined);u19=(undefined);u20=(undefined);u21=(undefined);u22=(undefined);u23=(undefined);u24=(undefined);u25=(undefined);u26=(undefined);u27=(undefined);u28=(undefined);u29=(undefined);u30=(undefined);u31=false;~oref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://app.airhelp.com/
accept-encoding
gzip, deflate
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://app.airhelp.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 09 Oct 2018 17:40:17 GMT
expires
Tue, 09 Oct 2018 17:40:17 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
537
x-xss-protection
1; mode=block
set-cookie
IDE=AHWqTUn6Kl45WaHYZTSe0RAAQFG28gu6uQRdSNqwfy6MA1ciEsNrdD4B5j6DCSib; expires=Thu, 08-Oct-2020 17:40:17 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 09 Oct 2018 17:40:17 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8617657.fls.doubleclick.net/activityi;dc_pre=CM6oktnz-d0CFQYO4Aod-3UM7g;src=8617657;type=airhe002;cat=airhe0;ord=6640927784702;gtm=Ga1;auiddc=1101825796.1539106817;u1=(undefined);u2=(undefined);u3=(undefined);u4=(undefined);u5=undefined;u6=(undefined);u7=(undefined);u8=BOS;u9=WAW;u10=(undefined);u11=(undefined);u12=(undefined);u13=(undefined);u14=(undefined);u15=(undefined);u16=gaClientId;u17=(undefined);u18=(undefined);u19=(undefined);u20=(undefined);u21=(undefined);u22=(undefined);u23=(undefined);u24=(undefined);u25=(undefined);u26=(undefined);u27=(undefined);u28=(undefined);u29=(undefined);u30=(undefined);u31=false;~oref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Tue, 09-Oct-2018 17:55:17 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
activityi;dc_pre=CM6wktnz-d0CFU8q4AodH7QNSw;src=8617657;type=airhe00;cat=airhe0;ord=642137242594;gtm=Ga1;auiddc=1101825796.1539106817;u1=OtaLeadsOtaLeadIndex;u2=AirHelpOta;u3=(undefined);u4=(undefi...
8617657.fls.doubleclick.net/ Frame C982
Redirect Chain
  • https://8617657.fls.doubleclick.net/activityi;src=8617657;type=airhe00;cat=airhe0;ord=642137242594;gtm=Ga1;auiddc=1101825796.1539106817;u1=OtaLeadsOtaLeadIndex;u2=AirHelpOta;u3=(undefined);u4=(unde...
  • https://8617657.fls.doubleclick.net/activityi;dc_pre=CM6wktnz-d0CFU8q4AodH7QNSw;src=8617657;type=airhe00;cat=airhe0;ord=642137242594;gtm=Ga1;auiddc=1101825796.1539106817;u1=OtaLeadsOtaLeadIndex;u2=...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8617657.fls.doubleclick.net/activityi;dc_pre=CM6wktnz-d0CFU8q4AodH7QNSw;src=8617657;type=airhe00;cat=airhe0;ord=642137242594;gtm=Ga1;auiddc=1101825796.1539106817;u1=OtaLeadsOtaLeadIndex;u2=AirHelpOta;u3=(undefined);u4=(undefined);u5=undefined;u6=(undefined);u7=(undefined);u8=BOS;u9=WAW;u10=USD;u11=en;u12=ect_united_states;u13=(undefined);u14=(undefined);u15=(undefined);u16=gaClientId;u17=(undefined);u18=(undefined);u19=(undefined);u20=(undefined);u21=(undefined);u22=(undefined);u23=(undefined);u24=(undefined);u25=(undefined);u26=(undefined);u27=(undefined);u28=(undefined);u29=(undefined);u30=(undefined);u31=false;~oref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRBL8PV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.22.102 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f102.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
8617657.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CM6wktnz-d0CFU8q4AodH7QNSw;src=8617657;type=airhe00;cat=airhe0;ord=642137242594;gtm=Ga1;auiddc=1101825796.1539106817;u1=OtaLeadsOtaLeadIndex;u2=AirHelpOta;u3=(undefined);u4=(undefined);u5=undefined;u6=(undefined);u7=(undefined);u8=BOS;u9=WAW;u10=USD;u11=en;u12=ect_united_states;u13=(undefined);u14=(undefined);u15=(undefined);u16=gaClientId;u17=(undefined);u18=(undefined);u19=(undefined);u20=(undefined);u21=(undefined);u22=(undefined);u23=(undefined);u24=(undefined);u25=(undefined);u26=(undefined);u27=(undefined);u28=(undefined);u29=(undefined);u30=(undefined);u31=false;~oref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://app.airhelp.com/
accept-encoding
gzip, deflate
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://app.airhelp.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 09 Oct 2018 17:40:17 GMT
expires
Tue, 09 Oct 2018 17:40:17 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
563
x-xss-protection
1; mode=block
set-cookie
IDE=AHWqTUnWYpyX5ml7T8ngKNUZ_9upaPQJlJfigw4k9NHnf2RzhPheNmV32CBS_7Iq; expires=Thu, 08-Oct-2020 17:40:17 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 09 Oct 2018 17:40:17 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8617657.fls.doubleclick.net/activityi;dc_pre=CM6wktnz-d0CFU8q4AodH7QNSw;src=8617657;type=airhe00;cat=airhe0;ord=642137242594;gtm=Ga1;auiddc=1101825796.1539106817;u1=OtaLeadsOtaLeadIndex;u2=AirHelpOta;u3=(undefined);u4=(undefined);u5=undefined;u6=(undefined);u7=(undefined);u8=BOS;u9=WAW;u10=USD;u11=en;u12=ect_united_states;u13=(undefined);u14=(undefined);u15=(undefined);u16=gaClientId;u17=(undefined);u18=(undefined);u19=(undefined);u20=(undefined);u21=(undefined);u22=(undefined);u23=(undefined);u24=(undefined);u25=(undefined);u26=(undefined);u27=(undefined);u28=(undefined);u29=(undefined);u30=(undefined);u31=false;~oref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Tue, 09-Oct-2018 17:55:17 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
/
www.googleadservices.com/pagead/conversion/978131069/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/978131069/?random=1539106817744&cv=9&fst=1539106817744&num=1&value=0&label=wFa9CLCY4oQBEP2wtNID&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=Ga1&sendb=1&frm=0&url=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail&tiba=Egencia%20and%20AirHelp%20-%20Get%20the%20compensation%20you%20deserve&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.18.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
18ea07b7ad923420b42d0eb97d847437f78094b7a70f9dbf7684f648c0cb1e12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Oct 2018 17:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1140
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 17:29:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
659
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1296
x-xss-protection
1; mode=block
expires
Tue, 09 Oct 2018 18:29:18 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Oct 2018 17:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://app.airhelp.com
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
1; mode=block
376ac2ab-d557-4bac-ad3f-09beed91b8a9
app-cache.hellomedian.com/api/v1/organizations/settings/ 		287 B
674 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app-cache.hellomedian.com/api/v1/organizations/settings/376ac2ab-d557-4bac-ad3f-09beed91b8a9
Requested by
Host: js.hellomedian.com
URL: https://js.hellomedian.com/v1/mdn-screenshare.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a400dfc90aba7f81244398b5d5675c98f8747c53b8199f6136ee34e96ab06374
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com

Response headers

date
Tue, 09 Oct 2018 17:40:18 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-origin
*
x-cache-status
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
684e036a-13f6-449e-83dd-4b7ff8ee1bdb
x-runtime
0.083885
server
cloudflare
etag
W/"a400dfc90aba7f81244398b5d5675c98"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
604800
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
via
1.1 vegur
cache-control
max-age=30, public
cf-ray
4672a1ab8dddc2ce-FRA
/
www.google.de/ads/conversion/978131069/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/978131069/?random=828382173&cv=9&fst=*&num=1&value=0&label=wFa9CLCY4oQBEP2wtNID&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200...
  • https://www.google.com/ads/conversion/978131069/?random=828382173&cv=9&fst=*&num=1&value=0&label=wFa9CLCY4oQBEP2wtNID&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=16...
  • https://www.google.de/ads/conversion/978131069/?random=828382173&cv=9&fst=*&num=1&value=0&label=wFa9CLCY4oQBEP2wtNID&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=160...
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/conversion/978131069/?random=828382173&cv=9&fst=*&num=1&value=0&label=wFa9CLCY4oQBEP2wtNID&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=Ga1&sendb=1&frm=0&url=https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail&tiba=Egencia%20and%20AirHelp%20-%20Get%20the%20compensation%20you%20deserve&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKrPGw&gtd=&cdct=2&is_vtc=1&ocp_id=Aei8W7_xLZWwbL6pq4gP&random=1851656900&resp=GooglemKTybQhCsO&ipr=y&ulfeg=n
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Oct 2018 17:40:18 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 09 Oct 2018 17:40:18 GMT
x-content-type-options
nosniff
server
adclick_server
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/conversion/978131069/?random=828382173&cv=9&fst=*&num=1&value=0&label=wFa9CLCY4oQBEP2wtNID&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=Ga1&sendb=1&frm=0&url=https://app.airhelp.com/ota/ect_united_states/141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail&tiba=Egencia%20and%20AirHelp%20-%20Get%20the%20compensation%20you%20deserve&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKrPGw&gtd=&cdct=2&is_vtc=1&ocp_id=Aei8W7_xLZWwbL6pq4gP&random=1851656900&resp=GooglemKTybQhCsO&ipr=y&ulfeg=n
cache-control
private, max-age=43200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1056
x-xss-protection
1; mode=block
expires
Tue, 09 Oct 2018 17:40:18 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Oct 2018 17:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://app.airhelp.com
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
1; mode=block
client-test
nexus-websocket-a.intercom.io/ Frame 16CF 		2 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nexus-websocket-a.intercom.io/client-test
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.76117021.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.79.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-23-79-169.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com

Response headers

status
200
date
Tue, 09 Oct 2018 17:40:18 GMT
access-control-allow-origin
*
content-length
2
content-type
text/plain; charset=utf-8
client-test
nexus-websocket-b.intercom.io/ Frame 16CF 		2 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nexus-websocket-b.intercom.io/client-test
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.76117021.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.249.85 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-211-249-85.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com

Response headers

status
200
date
Tue, 09 Oct 2018 17:40:18 GMT
access-control-allow-origin
*
content-length
2
content-type
text/plain; charset=utf-8
18032999_205393973289951_1754885976831775034_n-1528325819.jpg
static.intercomassets.com/avatars/2115215/square_128/ Frame 9A0B 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.intercomassets.com/avatars/2115215/square_128/18032999_205393973289951_1754885976831775034_n-1528325819.jpg?1528325819
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.239 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-239.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
320d89e0a042e4ec6107dda3cf677dcede36d91bec8822d94daa6a52275b4190

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 Aug 2018 06:48:27 GMT
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jun 2018 22:57:00 GMT
server
AmazonS3
age
18918
etag
"98b8319c750cff0bb1d5ab21877484a1"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3472
x-amz-cf-id
1uzBbXhWzKBD1_mQp9rCqX8Fh-y8-jriEu1X7esJ-4E-mhke__Ea4w==
152062835759502655_%281%29-1520627789.jpeg
static.intercomassets.com/avatars/1875783/square_128/ Frame 9A0B 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.intercomassets.com/avatars/1875783/square_128/152062835759502655_%281%29-1520627789.jpeg?1520627789
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.239 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-239.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eaf7c9ee5a4fe1fdb72717b3a39ae35574374609a8596a93b24ac633cc3fc0a5

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 03 Apr 2018 07:01:35 GMT
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
last-modified
Fri, 09 Mar 2018 20:36:30 GMT
server
AmazonS3
age
82651
etag
"8d13954bf7a9f72802f085a7981636c0"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
6584
x-amz-cf-id
zDeGP-GxbTveUe5ziFpjvtC65P9Sbs7HycVvw2T0NZoqutM7p28vfg==
20180809_174623-1533829677.jpg
static.intercomassets.com/avatars/2274892/square_128/ Frame 9A0B 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.intercomassets.com/avatars/2274892/square_128/20180809_174623-1533829677.jpg?1533829677
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.239 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-239.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1425e27e89611ecc1a013f6deae59c399d7708567eae8b54b3d02971cceab38

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 09 Aug 2018 15:50:06 GMT
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
last-modified
Thu, 09 Aug 2018 15:47:59 GMT
server
AmazonS3
age
3754
etag
"db995cff39afa8b5d891c5e0cc38c566"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
11853
x-amz-cf-id
D9XMJOE8TH4oWx-7LuABNaHJraKQzZf8Bz5jsozEl1NDmmD16EeujQ==
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j70&aip=1&a=934109662&t=event&ni=0&cu=USD&_s=1&dl=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37442388-12&cid=1151219027.1539106818&jid=45904705&_gid=465159592.1539106818&gjid=544219818&_v=j70&z=1451949264
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37442388-12&cid=1151219027.1539106818&jid=45904705&_v=j70&z=1451949264
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37442388-12&cid=1151219027.1539106818&jid=45904705&_v=j70&z=1451949264&slf_rd=1&random=3868085732
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37442388-12&cid=1151219027.1539106818&jid=45904705&_v=j70&z=1451949264&slf_rd=1&random=3868085732
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Oct 2018 17:40:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Oct 2018 17:40:18 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37442388-12&cid=1151219027.1539106818&jid=45904705&_v=j70&z=1451949264&slf_rd=1&random=3868085732
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j70&aip=1&a=934109662&t=pageview&_s=1&dl=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail&dr=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail&dp=%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80&ul=en-us&de=UTF-8&dt=AirHelp&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAgEALAAQC~&jid=1902162135&gjid=1400486966&cid=1151219027.1539106818&tid=UA-37442388-12&_gid=465159592.1539106818&gtm=Ga1KRBL8PV&cd1=OtaLeadsOtaLeadIndex&cd2=AirHelpOta&cd3=(undefined)&cd4=(undefined)&cd6=(undefined)&cd7=(undefined)&cd8=BOS&cd9=WAW&cd10=USD&cd11=en&cd12=ect_united_states&cd13=(undefined)&cd14=(undefined)&cd15=(undefined)&cd16=1151219027.1539106818&cd17=(undefined)&cd18=(undefined)&cd19=(undefined)&cd20=(undefined)&cd21=(undefined)&cd22=(undefined)&cd23=(undefined)&cd24=(undefined)&cd25=(undefined)&cd26=(undefined)&cd27=(undefined)&cd28=(undefined)&cd29=(undefined)&cd30=(undefined)&cd31=0&z=528546448
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Oct 2018 10:32:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
630467
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j70&tid=UA-37442388-12&cid=1151219027.1539106818&jid=1902162135&gjid=1400486966&_gid=465159592.1539106818&_u=aHDAgEALAAQC~&z=980103280
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37442388-12&cid=1151219027.1539106818&jid=1902162135&_v=j70&z=980103280
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37442388-12&cid=1151219027.1539106818&jid=1902162135&_v=j70&z=980103280&slf_rd=1&random=882801531
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37442388-12&cid=1151219027.1539106818&jid=1902162135&_v=j70&z=980103280&slf_rd=1&random=882801531
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Oct 2018 17:40:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Oct 2018 17:40:18 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37442388-12&cid=1151219027.1539106818&jid=1902162135&_v=j70&z=980103280&slf_rd=1&random=882801531
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
api-iam.intercom.io/messenger/web/ Frame 16CF 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.76117021.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.203 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-203.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
7a489d5a38ccb9346a1fcac1d54cb6cf607ee5d77c7607a82a2c8b10df9a75c4
Security Headers
Name Value
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 09 Oct 2018 17:40:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://app.airhelp.com
x-cache
Miss from cloudfront
status
200, 200 OK
strict-transport-security
max-age=31557600; includeSubDomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
00047dcbhsn63dl5objg
x-runtime
0.316372
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"7a489d5a38ccb9346a1fcac1d54cb6cf"
x-ratelimit-remaining
1969
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
via
1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
x-intercom-version
85d623192f370e3321c25655eea45720b417ea79
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1539106860
x-ratelimit-limit
2000
access-control-allow-headers
Content-Type
x-amz-cf-id
MteD6w1cRAk6rhvRoD797RjoJFZucZK8EUKB2XFoa5zqGzkSq7tHjQ==
/
www.facebook.com/tr/ 		44 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=307133519633829&ev=Microdata&dl=https%3A%2F%2Fapp.airhelp.com%2Fota%2Fect_united_states%2F141b349118b7a468346b0a517a7bfb80%3Flang%3Den%26ahcid%3D6444%26utm_campaign%3Degencia%26utm_source%3Dota%26utm_medium%3Demail&rl=&if=false&ts=1539106818675&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20Egencia%20and%20AirHelp%20-%20Get%20the%20compensation%20you%20deserve%5Cn%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[ge]=91ab5bbca993306358db9f3236e5019cb224a01daf8d94cda6b47ddb2c83487a&ud[ct]=91ab5bbca993306358db9f3236e5019cb224a01daf8d94cda6b47ddb2c83487a&ud[zp]=91ab5bbca993306358db9f3236e5019cb224a01daf8d94cda6b47ddb2c83487a&v=2.8.30&r=stable&ec=2&o=60&it=1539106816851&coo=false&es=automatic
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 17:40:18 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 09 Oct 2018 17:40:18 GMT

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| DYExps object| DY object| DYO object| _dy_memStore object| DYJSON object| dataLayer object| intercomSettings function| Intercom boolean| runningTests object| loader function| define function| requireModule function| require function| requirejs function| createDeprecatedModule function| _createClass function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| Emitter function| Dropzone function| without function| camelize function| detectVerticalSquash function| drawImageIOSFix function| ExifRestore function| contentLoaded function| __guard__ function| __guardMethod__ object| _gsScope object| EmberENV object| IPv6 object| punycode object| SecondLevelDomains function| URI function| URITemplate function| moment object| core object| __core-js_shared__ object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery object| Ember object| Em object| CryptoJS object| showdown object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| CSSPlugin function| Inputmask object| sixpack object| DYWork function| $dy object| google_tag_manager function| fbq function| _fbq object| mixpanel object| uetq function| UET function| PostAssoc function| PostAffAction function| PostAffAttributeWriter function| PostUrlReplacer function| PostValueReplacer function| PostAffCookieManager function| PostAffParams function| PostAffCookie function| PostAffRequest function| PostAffInfo function| PostAffTrackingRequest object| PostAffTracker function| rpap function| setVisitor function| setAffiliate function| trackingFinished function| setAffiliateInfo function| papTrack object| expired object| parameters function| timer object| $dy17107899290042746079 object| Median object| ADMITAD function| handleadmitadUid object| ad_product string| GoogleAnalyticsObject function| ga string| cookie_name number| days_to_store function| getSourceParamFromUri function| getSourceCookie function| setSourceCookie function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| google_tag_data object| gaplugins object| sa object| gaGlobal object| gaData

31 Cookies

Domain/Path Name / Value
app.airhelp.com/ Name: _ah-webapp_session
Value: ZnY3Tk4yZTFEbGJpNUtXUFcyVUpISk0xdEdqMHV0SXVWZFF3ZVZHVlZpRGw0YmhVM3JzMXkvckRXNlJnU24ybGJjWDRxcUd3b3dSaUZIUzJOeEN1Wm9xcmlmK1ovMUZoNStvUFlRMzFvamJiaG5XWVpIMHZyOTdCNytxZC9senpQSVlHVDkvNlhWT1JBNDFEQ2xQOTlXblU3bTNWb1ovdFJxK1NXaEEzbG1OcXpnZ0g1djlsM2c0WDd6K1d0TjR4LS1CTkNjU2gya2Y5TWhrazJrckhvdkp3PT0%3D--b70c6a7eff52829f518d789b7a1d188bf79dcaa5
.airhelp.com/ Name: _gcl_au
Value: 1.1.1101825796.1539106817
.airhelp.com/ Name: user_units_system
Value: metric
.app.airhelp.com/ Name: _dyprdobj
Value:
.airhelp.com/ Name: __cfduid
Value: d6144480544dfa36b5011c7484bc1923f1539106815
.app.airhelp.com/ Name: _dy_weather_8768110
Value: %5B%5D
.airhelp.com/ Name: PAPVisitorId
Value: Edy8Je2hfs4h8pGVfqi43JSrlgQwXK95
.airhelp.com/ Name: _dy_df_geo
Value: Germany..Hofheim
.airhelp.com/ Name: _dycst
Value: dk.m.c.ws.frv1.frs.
.airhelp.com/ Name: _dyuss_8768110
Value: 1
.airhelp.com/ Name: _dyjsession
Value: f5d451392c1c4e25789ba937ebe89a75
.app.airhelp.com/ Name: _dy_tsrc
Value: Direct
.airhelp.com/ Name: _dyfs
Value: true
.airhelp.com/ Name: _dyid
Value: -1950058229090424832
.app.airhelp.com/ Name: _dyprd
Value:
.airhelp.com/ Name: sixpack_forced_alternatives
Value: {}
.airhelp.com/ Name: _dyexps
Value: 280967%7C3164131%3A%3A0%3A1539106816068%3A13921%3A13921%3A2%3A3%3A0%7C8556064%3A4561798%7C1%7C13921%3A1539106816069
.airhelp.com/ Name: _dyus_8768110
Value: 0%7C0%7C0%7C0%7C0%7C0.0.1539106817006.1539106817006.0.0%7C281%7C41%7C9%7C118%7C1%7C0%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C0
.airhelp.com/ Name: _dycnst
Value: dg
.airhelp.com/ Name: user_country_code
Value: DE
.airhelp.com/ Name: _dy_toffset
Value: -1
.app.airhelp.com/ Name: _dy_cweather_8768110
Value: null
.airhelp.com/ Name: user_language
Value: en
.app.airhelp.com/ Name: _dy_device
Value: %7B%22brand%22%3A%22Apple%22%2C%22type%22%3A%22desktop%22%7D
.airhelp.com/ Name: user_currency
Value: EUR
.airhelp.com/ Name: _dy_geo
Value: DE.EU.DE_05.DE_05_Hofheim
.airhelp.com/ Name: _dy_soct
Value: 186634.271439.1539106816
.airhelp.com/ Name: mp_bed105cde3994ce06dd6e34dd9bdd0f1_mixpanel
Value: %7B%22distinct_id%22%3A%20%2216659ea4344ac3-044cc220fea8ab-17366952-1d4c00-16659ea43461944%22%2C%22UTM%20Campaign%20%5BLast%20Touch%5D%22%3A%20%22egencia%22%2C%22UTM%20Source%20%5BLast%20Touch%5D%22%3A%20%22ota%22%2C%22UTM%20Medium%20%5BLast%20Touch%5D%22%3A%20%22email%22%2C%22utm_source%22%3A%20%22ota%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22egencia%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.airhelp.com/ Name: _dy_ses_load_seq
Value: 13921%3A1539106816057
.airhelp.com/ Name: _dy_c_exps
Value:
.airhelp.com/ Name: _dy_csc_ses
Value: t

2 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 25)
Message:
[Facebook Pixel] - An invalid email address was specified for 'em'. This data will not be sent with any events for this Pixel.
console-api log URL: https://app.airhelp.com/assets/frontend-176ac528d9bdaad711efb503dac0bf0a.js(Line 241)
Message:
Unauthorized

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8617657.fls.doubleclick.net
airhelp-public.s3.amazonaws.com
airhelp.postaffiliatepro.com
ampcid.google.com
ampcid.google.de
api-iam.intercom.io
api.mixpanel.com
app-cache.hellomedian.com
app.airhelp.com
bat.bing.com
cdn.dynamicyield.com
cdn.mxpnl.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.hellomedian.com
js.intercomcdn.com
mandrillapp.com
nexus-websocket-a.intercom.io
nexus-websocket-b.intercom.io
px.dynamicyield.com
st.dynamicyield.com
static.dynamicyield.com
static.intercomassets.com
stats.g.doubleclick.net
widget.intercom.io
www.artfut.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.16.129.227
107.178.240.159
13.32.158.2
13.32.158.203
13.32.158.239
13.32.159.225
146.185.16.178
172.217.18.2
172.217.22.102
173.194.76.156
18.211.249.85
204.79.197.200
2600:1901:0:498c::
2600:9000:20bb:2a00:12:e6:2780:93a1
2606:4700:10::6814:2b57
2606:4700:20::6819:a165
2606:4700:30::681c:1c2
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:81d::2008
2a00:1450:4001:81d::200a
2a00:1450:4001:81d::200e
2a02:26f0:6c00:29e::17ef
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
50.19.117.75
52.213.164.114
52.218.104.33
52.23.79.169
54.225.160.93
91.201.28.211
028be97ba58ed74c2260f1af19ff8af1dcfffecf6b5b206379589b8eaaf1df6d
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
09ebf15210a4de90dd6b5770174844cfab16f239bf36ecb71d26169d2d4ec0f8
0d5be1b2f2557066015bc0dd6f73ad9476bd38b2acde29880221b3c7d8aab4a1
0e42dcf7437563827d9f0c3afd7316d7e8ebcf9ea14e057a3770949ecbf6dce9
0f3ef6b92053ddb2cb19d037db53c89c548de2ab624ccc6297dd3115061ea888
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
111334674826930af885519d2db109076838cdb4fd208e59543a0cc3fd3a5be2
18ea07b7ad923420b42d0eb97d847437f78094b7a70f9dbf7684f648c0cb1e12
21b64fa935247c0e39133381a10a6129c911a6e4fe8504321bba3084f645c30d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
316fe2ef7b6caac81936e79571e2e0b742200f1c5b0e02d6bdeeb375eb419026
320d89e0a042e4ec6107dda3cf677dcede36d91bec8822d94daa6a52275b4190
3a9b1aaf047d7ab5119bb338a86bee9788c4e79392d4abb12408d62bec6e86fb
4062ce38c5556ead9c842303520b3d383616bd0917c5a1b598ef47c6720a48fb
435102c6994284c58e63143d49204d6c3876633ffec220cc73ca05ff8e0156c9
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
4a58441133d85539974e4b136c25eaa5512ac1b018d4f6d53124a08c6f19b55e
50e01072d0ddcad8808fafffa64f1319c383bfb5f701e9520b9b3653b0ab41eb
545c38b0922de19734fbffde62792c37c2aef6a3216cfa472449173165220f7d
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58533d80bd8d20bc9cecb48abc498e210002c0ad306d309502eed1bcc6a9f355
5e4fb5563218c9d2c6548a50764e052853fe611f3bd3e9e6b353c079a16b618f
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60c03e32273edf9bba01eb7b9bbea248a13ab775bed5909eb4125b2d86800b54
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
707398c0103715eacb8f96fbfee41eb74c93a4f73b9fbcc252a634e2c5c6ab3a
7a489d5a38ccb9346a1fcac1d54cb6cf607ee5d77c7607a82a2c8b10df9a75c4
7e89b7211018aade011bd3f80e6967931aee0d4283d330d17277a870be85cf09
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9cadeb33bc50ce36962f013041583aede99cc669bc115977956144e0a1843ddb
a1425e27e89611ecc1a013f6deae59c399d7708567eae8b54b3d02971cceab38
a16c329009eb11316f55ec995d8c6e3e8b64d5512f937722afa8d3bb45aca268
a1b669ca0cccb7892eded8bd9a2d133cde66746d677ef03e9da5a40a11fbfc04
a3db877b29913571bbeaa267d33b8b9142fd520c5f8bfd7bf5bb891acfb90ed6
a400dfc90aba7f81244398b5d5675c98f8747c53b8199f6136ee34e96ab06374
ab03376128a704f67a2832583b037a25ac8462f3d4faf62b4e9da2a2faad4a7e
aba35c62180347311f6cb364288e634bad37156c6823b0926a02ec6f1926ba57
b43eab84a84d6f0a660d4a8c9defa0d5572d8de7cde379fa8c1a84dc1e781ad9
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
b7c6571e28c9172aedb988b75b82ea234017c9456ba7ead4bcdf72fb15c48694
bce80c7d729c02545b84c67cfaa88bba9d79b5c8d09ccdf2c65ddf0da9559f03
c0c6e82507425739c1f74eb0885245239fb353b2167000a11367515b72dfc434
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb449b607a9a40ce9a3cc6522a3cd4d14712efd272f480eb28811a0b738143e2
d857a43df2e3eb7e718d15f7e6b5de0dec98b187c172fd359dc2234d175846ff
deec59c1597be5f8ddb36b7d4bc547c61be52b388d34d616e607ae36b0570f45
e26fcb80744ddb01fbcd9da943b635541e4c65a8403e63f2a0130bf92a7404a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5093541cdfae1d35425494ef4b717b0a6bdf417091b5a1c615f974fa84e72ca
eaf7c9ee5a4fe1fdb72717b3a39ae35574374609a8596a93b24ac633cc3fc0a5
edca9ab3fa37e6a910c31753b2eeef29237f7282fd84eeb14d120608dd8c7834
edfc75726cf71265dd903eeb0f37bd74534194e42a0e6db6894beb6987023454
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11329594c3c90d1b1449f45b23a959cc9adb56831e706c06da5e1e02dcdaf56
f8033ee1f8bda66488aeac181f00f8e8a3cebac2f7073ff017e9fb1cf4f17c23
faae8626e12996ec3c886bd4bf82d3f8f6a2573488d44b6c163859ee7edd7206
fe9aab4cabb7ae07741bf8716120a27275d5a811401ac026822f17fdb2395570