promo.airtm.help Open in urlscan Pro
178.16.128.148 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://promo.airtm.help/
Effective URL:
https://promo.airtm.help/
Submission Tags: @phish_report
Submission: On February 21 via api (February 21st 2024, 1:04:17 am UTC) from FI — Scanned from FI

Summary HTTP 72 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 18 domains to perform 72 HTTP transactions. The main IP is 178.16.128.148, located in Germany and belongs to AS-HOSTINGER, CY. The main domain is promo.airtm.help.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on February 21st 2024. Valid for: 3 months.

This is the only time promo.airtm.help was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 29	178.16.128.148 178.16.128.148	47583 (AS-HOSTINGER) (AS-HOSTINGER)
4	52.222.250.57 52.222.250.57	16509 (AMAZON-02) (AMAZON-02)
3	216.58.212.136 216.58.212.136	15169 (GOOGLE) (GOOGLE)
3	13.32.99.123 13.32.99.123	16509 (AMAZON-02) (AMAZON-02)
4	142.250.185.238 142.250.185.238	15169 (GOOGLE) (GOOGLE)
3	173.194.76.154 173.194.76.154	15169 (GOOGLE) (GOOGLE)
3	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	142.250.186.36 142.250.186.36	15169 (GOOGLE) (GOOGLE)
2	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2.16.164.10 2.16.164.10	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.246.45 13.107.246.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.33.187.19 13.33.187.19	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
72	22

29 178.16.128.148 (Germany) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

promo.airtm.help	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.250.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-57.fra60.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.136 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-123.fra60.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.76.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.google.co.ve	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.164.10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-164-10.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.107.21.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.246.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-19.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	airtm.help 1 redirects promo.airtm.help	2 MB
7	google.com analytics.google.com — Cisco Umbrella Rank: 177 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 409 c.bing.com — Cisco Umbrella Rank: 280	16 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 113 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	2 KB
4	cloudfront.net d9hhrg4mnvzow.cloudfront.net	640 KB
3	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 934 c.clarity.ms — Cisco Umbrella Rank: 1449	2 KB
3	google.co.ve www.google.co.ve — Cisco Umbrella Rank: 23896	669 B
3	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 31711	67 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	302 KB
2	google.fi www.google.fi — Cisco Umbrella Rank: 30491	562 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 825 script.hotjar.com — Cisco Umbrella Rank: 1119	59 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	69 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	21 KB
2	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 391	859 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	185 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1036	16 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 916	15 KB
0	airtm.com Failed promo.airtm.com Failed
72	18

	Domain	Requested by
29	promo.airtm.help	1 redirects promo.airtm.help
4	analytics.google.com	promo.airtm.help
4	d9hhrg4mnvzow.cloudfront.net	promo.airtm.help
3	bat.bing.com	promo.airtm.help bat.bing.com
3	www.google.com	promo.airtm.help
3	www.google.co.ve	promo.airtm.help
3	stats.g.doubleclick.net	promo.airtm.help
3	fonts.ub-assets.com	promo.airtm.help
3	www.googletagmanager.com	promo.airtm.help
2	c.clarity.ms	1 redirects
2	www.google.fi	promo.airtm.help
2	connect.facebook.net	promo.airtm.help connect.facebook.net
2	www.google-analytics.com	promo.airtm.help
2	px.ads.linkedin.com	promo.airtm.help
1	c.bing.com	1 redirects
1	www.facebook.com	promo.airtm.help
1	script.hotjar.com	promo.airtm.help
1	www.clarity.ms	promo.airtm.help
1	snap.licdn.com	promo.airtm.help
1	googleads.g.doubleclick.net	promo.airtm.help
1	static.hotjar.com	promo.airtm.help
1	static.ads-twitter.com	promo.airtm.help
0	promo.airtm.com Failed	promo.airtm.help
72	23

This site contains links to these domains. Also see Links.

Domain
promo.airtm.com

Subject Issuer	Validity	Valid
promo.airtm.help ZeroSSL RSA Domain Secure Site CA	`2024-02-21` - `2024-05-21`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M02	`2023-06-01` - `2024-06-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.co.ve GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-30` - `2024-02-28`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.google.fi GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://promo.airtm.help/
Frame ID: 1F614277DBE6C09E7FD42BDCC5D6CA9A
Requests: 71 HTTP requests in this frame

Frame: https://promo.airtm.help/saved_resource.html
Frame ID: C60877BD80C33027CB9B271750523B3E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Airtm | Ganadores del Giveaway

Page URL History Show full URLs

http://promo.airtm.help/ HTTP 301
https://promo.airtm.help/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

72
Requests

96 %
HTTPS

0 %
IPv6

18
Domains

23
Subdomains

22
IPs

3
Countries

2838 kB
Transfer

4945 kB
Size

23
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://promo.airtm.com/resultados-giveaway/clkn/https/www.airtm.com/co/

Search URL Search Domain Scan URL

URL: https://promo.airtm.com/resultados-giveaway/clkn/https/help.airtm.com/es-LA/support/solutions/articles/47001191797-giveaway-gana-hasta-500-airusd-exclusivo-para-cajeros-
Title: Cajeros

Search URL Search Domain Scan URL

URL: https://promo.airtm.com/resultados-giveaway/clkn/https/help.airtm.com/es-LA/support/solutions/articles/47001191868-giveaway-gana-hasta-500-airusd-exclusivo-para-clientes-
Title: Clientes

Search URL Search Domain Scan URL

URL: https://promo.airtm.com/resultados-giveaway/clkn/https/www.airtm.com/wp-content/uploads/2024/02/Ganadores_cajeros_Jan24.pdf
Title: AQUÍ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://promo.airtm.help/ HTTP 301
https://promo.airtm.help/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5FE60A5B125F45BEA8905FAFC0910B53&RedC=c.clarity.ms&MXFR=3653B4007892613924CEA02C7C926FDB HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5FE60A5B125F45BEA8905FAFC0910B53&MUID=2291BA6B8DEF6260285AAE478CB863E4

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
promo.airtm.help/
Redirect Chain

http://promo.airtm.help/
https://promo.airtm.help/

23 KB
4 KB

1025ms
381ms

Document
text/html

178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

988c1408213f80b2f47e9a766861310600e970e30c00083b57e0aaf5cc99f211

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 3995
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Wed, 21 Feb 2024 01:04:06 GMT
etag: "5b5b-65d54260-738e079e2ef79210;br"
last-modified: Wed, 21 Feb 2024 00:22:56 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Wed, 21 Feb 2024 01:04:05 GMT
location: https://promo.airtm.help/
platform: hostinger
server: LiteSpeed

GET
H2 200 main-7b78720.z.css
promo.airtm.help/ 15 KB
3 KB 171ms
169ms Stylesheet
text/css 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/main-7b78720.z.css

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:06 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:13 GMT
server: LiteSpeed
etag: "3aaa-65d542ad-f4d7471c69880601;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2464
expires: Wed, 28 Feb 2024 01:04:06 GMT

GET
H2 200 clarity.js.descarga Show response
promo.airtm.help/ 60 KB
20 KB 279ms
278ms Script
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/clarity.js.descarga

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:06 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:13 GMT
server: LiteSpeed
etag: "ee5f-65d542ad-f3df19a8390cf65c;br"
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
platform: hostinger
content-length: 20393

GET
H2 200 js Show response
promo.airtm.help/ 285 KB
286 KB 172ms
156ms Script
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/js

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0f7e5b8f5750e8d1bf5916212555b01247c9d71d48f767f22e58d24cab679761

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:06 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:13 GMT
server: LiteSpeed
etag: "475b8-65d542ad-2ec2552c671672f7;;;"
accept-ranges: bytes
platform: hostinger
content-length: 292280

GET
H2 200 js(1) Show response
promo.airtm.help/ 316 KB
317 KB 392ms
385ms Script
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/js(1)

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

6f2f397e1641282d8189200380e0ce0effda68a6137c157f1576d0fe27b534aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:07 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:13 GMT
server: LiteSpeed
etag: "4f12f-65d542ad-51e33ba222c4cb12;;;"
accept-ranges: bytes
platform: hostinger
content-length: 323887

GET
H2 200 149003376 Show response
promo.airtm.help/ 692 B
773 B 392ms
386ms Script
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/149003376

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7b767dfc801c4ea6e4045fa2d5a37fd00d178328a329ab515b5338d7db656b23

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:07 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:12 GMT
server: LiteSpeed
etag: "2b4-65d542ac-2694006ff1aa27e7;;;"
accept-ranges: bytes
platform: hostinger
content-length: 692

GET
H2 200 bat.js.descarga Show response
promo.airtm.help/ 45 KB
12 KB 393ms
386ms Script
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/bat.js.descarga

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:07 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:12 GMT
server: LiteSpeed
etag: "b418-65d542ac-8fc09878ad531434;br"
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
platform: hostinger
content-length: 12602

GET
H2 200 insight.min.js.descarga Show response
promo.airtm.help/ 45 KB
16 KB 183ms
182ms Script
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/insight.min.js.descarga

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e9841d9258210b13f0870a80d02ce8f3224c8798d1c0d618f210a573ce96038e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:07 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:12 GMT
server: LiteSpeed
etag: "b5b6-65d542ac-a2751a4229ce7abf;br"
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
platform: hostinger
content-length: 16009

GET
H2 200 hotjar-1008237.js.descarga Show response
promo.airtm.help/ 9 KB
4 KB 460ms
460ms Script
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/hotjar-1008237.js.descarga

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7f1363a72ff2b7a29e90c4f29208e824394918b422d6977b3e33566f46359a3c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:07 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:12 GMT
server: LiteSpeed
etag: "2270-65d542ac-ce1ddbb850da7d64;br"
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
platform: hostinger
content-length: 3655

GET
H2 200 uwt.js.descarga Show response
promo.airtm.help/ 56 KB
14 KB 444ms
444ms Script
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/uwt.js.descarga

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:07 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:12 GMT
server: LiteSpeed
etag: "e0fc-65d542ac-9ac382859f2f127f;br"
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
platform: hostinger
content-length: 14608

GET
H2 200 385111101940836 Show response
promo.airtm.help/ 51 KB
51 KB 445ms
445ms Script
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/385111101940836

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

13b1dee5dd29c9cf62af2df886f9339ea08f390fe9e03c9fc81fe14a9f1e13dd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:08 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:12 GMT
server: LiteSpeed
etag: "ccba-65d542ac-4f1405793bff2014;;;"
accept-ranges: bytes
platform: hostinger
content-length: 52410

GET
H2 200 fbevents.js.descarga Show response
promo.airtm.help/ 214 KB
52 KB 538ms
538ms Script
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/fbevents.js.descarga

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:08 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:12 GMT
server: LiteSpeed
etag: "3597b-65d542ac-6af48f26af15dec5;br"
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
platform: hostinger
content-length: 53414

GET
H2 200 analytics.js.descarga Show response
promo.airtm.help/ 52 KB
20 KB 263ms
262ms Script
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/analytics.js.descarga

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:08 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:12 GMT
server: LiteSpeed
etag: "ceb4-65d542ac-d6869792f1f279f2;br"
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
platform: hostinger
content-length: 20319

GET
H2 200 js(2) Show response
promo.airtm.help/ 282 KB
282 KB 265ms
265ms Script
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/js(2)

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

8af7e6f1005ed090779144ded54e89f432f1cc8e2f2d4cc5a95a7e9d2de39864

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:08 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:12 GMT
server: LiteSpeed
etag: "466a7-65d542ac-3821fd2880faa7f9;;;"
accept-ranges: bytes
platform: hostinger
content-length: 288423

GET
H2 200 js(3) Show response
promo.airtm.help/ 312 KB
313 KB 265ms
265ms Script
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/js(3)

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ce3d8872343cd6132ddcf49365f18ad1f01e0e243aa8e20b5d1562a3999eb698

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:08 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:12 GMT
server: LiteSpeed
etag: "4e153-65d542ac-de5eec478842dbdc;;;"
accept-ranges: bytes
platform: hostinger
content-length: 319827

GET
H2 200 gtm.js.descarga Show response
promo.airtm.help/ 356 KB
103 KB 723ms
722ms Script
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/gtm.js.descarga

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

feb327e5874aeb5f024b8a58f3de73a27a21ac29ad5f2da661e9912c53d261f5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:08 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:11 GMT
server: LiteSpeed
etag: "59023-65d542ab-66b7a20a3ed51c3a;br"
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
platform: hostinger
content-length: 105434

GET
H2 200 bbd2c1606ea463f3010917a5cf4e7db1ce886192.js.descarga Show response
promo.airtm.help/ 43 KB
15 KB 821ms
821ms Script
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/bbd2c1606ea463f3010917a5cf4e7db1ce886192.js.descarga

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d6bd0181c47b7bd42a39889b5d7ca79527cdb8654329bb6c52efef5374ebab2e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:08 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:11 GMT
server: LiteSpeed
etag: "aca9-65d542ab-f2c4ed6c5f61f150;br"
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
platform: hostinger
content-length: 15162

GET
H2 200 fontawesome.min.css
promo.airtm.help/ 57 KB
12 KB 262ms
261ms Stylesheet
text/css 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/fontawesome.min.css

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0588d1661498d804543dc1537f9784877a962b9f0ef3c4ccee765eb7f2543611

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:06 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:11 GMT
server: LiteSpeed
etag: "e211-65d542ab-7676a08f2de0d4f9;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 12060
expires: Wed, 28 Feb 2024 01:04:06 GMT

GET
H2 200 css
promo.airtm.help/ 4 KB
4 KB 267ms
266ms Stylesheet
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/css

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5bd3954ac35c32b951de71bda16d1330999d246becd49c9f904265232f87ac5a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:06 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:10 GMT
server: LiteSpeed
etag: "1033-65d542aa-722c7ec536c214b5;;;"
accept-ranges: bytes
platform: hostinger
content-length: 4147

GET
H2 200 f.txt Show response
promo.airtm.help/ 3 KB
1 KB 823ms
823ms Script
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/f.txt

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0c45a143c5dbd1244205044d6a7fb37767cc6af0b6a11cb82b7670f452e0c82c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:08 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:11 GMT
server: LiteSpeed
etag: "b50-65d542ab-49ff858c24ef3d2e;br"
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
platform: hostinger
content-length: 1309

GET
H2 200 modules.a02b08e96dea6b9516bd.js.descarga Show response
promo.airtm.help/ 228 KB
63 KB 802ms
802ms Script
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/modules.a02b08e96dea6b9516bd.js.descarga

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

31f4db27d40c17ddd30179d71bfc7cd0ab6ce459c46e2a935609acf3cba1e295

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:08 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:11 GMT
server: LiteSpeed
etag: "3905e-65d542ab-16f3ad74ee881d39;br"
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
platform: hostinger
content-length: 64900

GET
H2 200 149003376.js.descarga Show response
promo.airtm.help/ 4 KB
1 KB 786ms
786ms Script
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/149003376.js.descarga

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

bbd1508e57d2fd473fc7f4c426e08e49c0e6c6a533ef8a0dbe4b2a6ed1b62667

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:08 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:10 GMT
server: LiteSpeed
etag: "e93-65d542aa-b4416f0d1c23c67;br"
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
platform: hostinger
content-length: 1116

GET
H2 200 832925ff-logo-airtm-black_102e00k000000000000028.png
d9hhrg4mnvzow.cloudfront.net/promo.airtm.com/resultados-giveaway/ 733 B
1 KB 731ms
542ms Image
image/png 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/promo.airtm.com/resultados-giveaway/832925ff-logo-airtm-black_102e00k000000000000028.png
Requested by: Host: promo.airtm.help
URL: https://promo.airtm.help/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a733bcd1b0651eac8d74426c4af4a16cfc5c62a529ca0b4474a53913ddad60ef

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:08 GMT
x-amz-version-id: 2evj5182a1NHCc6fFuri2eG8NnKgjqP6
via: 1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified: Fri, 02 Feb 2024 20:41:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: "ccb564a7ed6e84c5452e4d63f37bb290"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 733
x-amz-cf-id: r8o0Ql4nICFcNCoAMYJVAErRA9tSnS1arUI5OU_fCBfWQ8EYLf-fdQ==

GET
H2 200 d7f8a946-giftaway_10dp0c8000000000000028.png
d9hhrg4mnvzow.cloudfront.net/promo.airtm.com/resultados-giveaway/ 22 KB
22 KB 744ms
559ms Image
image/png 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/promo.airtm.com/resultados-giveaway/d7f8a946-giftaway_10dp0c8000000000000028.png
Requested by: Host: promo.airtm.help
URL: https://promo.airtm.help/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1534900bcdcb16b96286390825fa93fc4900142a1f05b0aa137bdeb676ceb8af

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:08 GMT
x-amz-version-id: UH7O24cvq.KZF5Bhs8MlKft.cHx8rEzq
via: 1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified: Fri, 02 Feb 2024 20:41:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: "21b6f11e17e6f050db973bfdd2d9ef28"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 22142
x-amz-cf-id: Jmkq30sfKakwxlzdBmHq053-eOT9K-k3BjBzyPfm47fKeM1qCdWnMA==

GET
H2 200 e0e2c9f8-logo-airtm-white_102800j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/promo.airtm.com/resultados-giveaway/ 686 B
1 KB 737ms
550ms Image
image/png 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/promo.airtm.com/resultados-giveaway/e0e2c9f8-logo-airtm-white_102800j000000000000028.png
Requested by: Host: promo.airtm.help
URL: https://promo.airtm.help/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 81faf5da79bd4a11d6f591d2045b021434d6c8b07449602a6169d8cbce3660bd

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:08 GMT
x-amz-version-id: 73hQ.wver2R9_RVo2TQzmu8KZywEV1TC
via: 1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified: Fri, 02 Feb 2024 20:41:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: "515b7d7e293f1abffe20a13d8b80ae9b"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 686
x-amz-cf-id: TUwHmfVeAEEgrVXFlq_2R_eeBwlHG5TqmN1gRUI4am_fG5d1saNz3w==

GET
H2 200 main.bundle-b8bce47.z.js.descarga Show response
promo.airtm.help/ 104 KB
31 KB 784ms
784ms Script
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/main.bundle-b8bce47.z.js.descarga

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:08 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:10 GMT
server: LiteSpeed
etag: "1a0c6-65d542aa-8576539e58d4f689;br"
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
platform: hostinger
content-length: 31523

GET
H2 200 adsct
promo.airtm.help/ 43 B
128 B 161ms
160ms Image
image/gif 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promo.airtm.help/adsct

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:09 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:10 GMT
server: LiteSpeed
etag: "2b-65d542aa-162fb995ebca5486;;;"
accept-ranges: bytes
platform: hostinger
content-length: 43

GET
H2 200 adsct(1)
promo.airtm.help/ 43 B
155 B 177ms
176ms Image
image/gif 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promo.airtm.help/adsct(1)

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:09 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:10 GMT
server: LiteSpeed
etag: "2b-65d542aa-ea52a154a2259038;;;"
accept-ranges: bytes
platform: hostinger
content-length: 43

GET
H2 200 0
promo.airtm.help/ 0
78 B 177ms
177ms Image
text/plain 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promo.airtm.help/0

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:09 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 21 Feb 2024 00:24:09 GMT
server: LiteSpeed
etag: "0-65d542a9-ea09e750c77b6985;;;"
accept-ranges: bytes
platform: hostinger
content-length: 0

GET f93bf019-bbe7-435e-b6bf-97c9a240654d
https://promo.airtm.com/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 356 KB
109 KB 710ms
178ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T5XRKKQ

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8619f8d6198273e0d94beb326792de128cf3ecca827dc48c98a2b1b9e135c9df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111296
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 00:04:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Feb 2024 01:04:09 GMT

GET
H2 200 saved_resource.html Show response
promo.airtm.help/ Frame C608 149 B
231 B 378ms
378ms Document
text/html 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/saved_resource.html

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://promo.airtm.help/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
content-length: 149
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Wed, 21 Feb 2024 01:04:07 GMT
etag: "95-65d542aa-c653b790e5153638;;;"
last-modified: Wed, 21 Feb 2024 00:24:10 GMT
platform: hostinger
server: LiteSpeed

GET
H2 200 92e5e9c8-background-2_11hc0tw000000000000028.png
d9hhrg4mnvzow.cloudfront.net/promo.airtm.com/resultados-giveaway/ 614 KB
616 KB 731ms
593ms Image
image/png 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/promo.airtm.com/resultados-giveaway/92e5e9c8-background-2_11hc0tw000000000000028.png
Requested by: Host: promo.airtm.help
URL: https://promo.airtm.help/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c704998f5b39bcf609d27309456634fbbbf5f5917c2448886f5482e4775ef976

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:08 GMT
x-amz-version-id: uT57VD0kwB_TJQaSFUg9nYyDKm1ZEidx
via: 1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified: Fri, 02 Feb 2024 20:41:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: "832a5e0372be3fd5569b60a4f37ec8b8"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 629169
x-amz-cf-id: GSZGBznNixHsL50PJwJQmWgSJE5oAkrNGhDkl2KB6vDN-llBmRGbLw==

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.ub-assets.com/fonts/s/worksans/v19/ 49 KB
50 KB 340ms
127ms Font
font/woff2 13.32.99.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-123.fra60.r.cloudfront.net

Software

Resource Hash

6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.airtm.help/
Origin: https://promo.airtm.help
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 00:55:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 50668
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 12874109
x-amzn-requestid: 69efda9c-9223-453e-9f5d-fe0d6bd2e665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: LycVpFoooAMEfzQ=
content-length: 50537
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:13:52 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6510da8a-585d99696d24d81920e64ae0
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Vfo65JUEjiSPhr3nAH_umTkNlTtFt9HKzChfkSj9KAPDqf3JE7QfUw==

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.ub-assets.com/fonts/s/montserrat/v26/ 15 KB
15 KB 314ms
121ms Font
font/woff2 13.32.99.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-123.fra60.r.cloudfront.net

Software

Resource Hash

4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.airtm.help/
Origin: https://promo.airtm.help
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 00:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 14940
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 6136948
x-amzn-requestid: 9449ba64-9f9a-4591-b0af-248d2d790ec4
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: PzcfHELEIAMEnVw=
content-length: 14963
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:46:07 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6577a793-6b66381d3f726d677a6505e4
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: jE7IZY2WszSQtPGw2HmkkpQTTsiotL8cLUWhmK65McA5GR1W4Z9PdA==

POST
H2 204 collect
analytics.google.com/g/ 0
254 B 705ms
163ms Ping
text/plain 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-6TX307EEPX&gtm=45je42e0v9102027064za200&_p=1708477446868&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1482014441.1708477448&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEAE&_s=1&sid=1708477447&sct=1&seg=0&dl=https%3A%2F%2Fpromo.airtm.help%2F&dt=Airtm%20%7C%20Ganadores%20del%20Giveaway&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90&tfd=2949
Requested by: Host: promo.airtm.help
URL: https://promo.airtm.help/js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:04:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.airtm.help
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 102ms
101ms Ping
text/plain 173.194.76.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6TX307EEPX&cid=1482014441.1708477448&gtm=45je42e0v9102027064za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: promo.airtm.help
URL: https://promo.airtm.help/js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:04:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.airtm.help
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.ve/ads/ 42 B
408 B 646ms
111ms Image
image/gif 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.ve/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6TX307EEPX&cid=1482014441.1708477448&gtm=45je42e0v9102027064za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=1753353578

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:04:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 511ms
164ms Ping
text/plain 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FGKED1MN98&gtm=45je42e0v879817550za200&_p=1708477446868&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1482014441.1708477448&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEAE&_s=1&sid=1708477447&sct=1&seg=0&dl=https%3A%2F%2Fpromo.airtm.help%2F&dt=Airtm%20%7C%20Ganadores%20del%20Giveaway&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90&tfd=3103
Requested by: Host: promo.airtm.help
URL: https://promo.airtm.help/js(1)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:04:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.airtm.help
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 93ms
93ms Ping
text/plain 173.194.76.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FGKED1MN98&cid=1482014441.1708477448&gtm=45je42e0v879817550za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: promo.airtm.help
URL: https://promo.airtm.help/js(1)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:04:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.airtm.help
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.ve/ads/ 42 B
107 B 556ms
112ms Image
image/gif 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.ve/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FGKED1MN98&cid=1482014441.1708477448&gtm=45je42e0v879817550za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=1075494587

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:04:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
px.ads.linkedin.com/ 0
531 B 739ms
268ms Image
application/javascript 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1708477448143&li_adsId=bef4b59d-2b3d-4d6a-b124-6030f0e538bf&url=https%3A%2F%2Fpromo.airtm.help%2F
Requested by: Host: promo.airtm.help
URL: https://promo.airtm.help/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:10 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 777B5CED2C3D4EFA8805FE017B434B2D Ref B: STOEDGE1717 Ref C: 2024-02-21T01:04:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYR2eeIG386JCTYnBQDtA==

POST
H2 404 i
promo.airtm.help/_ub/ 2 KB
1 KB 188ms
187ms Ping
text/html 178.16.128.148
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.airtm.help/_ub/i

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/bbd2c1606ea463f3010917a5cf4e7db1ce886192.js.descarga

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.16.128.148 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://promo.airtm.help/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Feb 2024 01:04:11 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 06 Dec 2023 08:57:54 GMT
server: LiteSpeed
etag: "999-65703792-8bf2a83b7b353787;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H2 200 /
www.google.com/pagead/1p-user-list/854122450/ 42 B
455 B 811ms
112ms Image
image/gif 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854122450/?random=1708473818133&cv=11&fst=1708473600000&bg=ffffff&guid=ON&async=1&gtm=45He42h0h2v79680744za200&gcd=13l3l3l3l1&dma=0&u_w=1536&u_h=864&url=https%3A%2F%2Fpromo.airtm.com%2Fresultados-giveaway%2F&ref=https%3A%2F%2Fhelp.airtm.com%2F&frm=0&tiba=Airtm%20%7C%20Ganadores%20del%20Giveaway&npa=0&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_HRaArY0ezwgExfb_2OibBtVt0ULhx_XsbLdcyPoCanpyKf1W&random=3283586129&rmt_tld=0&ipr=y

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:04:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.ve/pagead/1p-user-list/854122450/ 42 B
154 B 115ms
113ms Image
image/gif 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.ve/pagead/1p-user-list/854122450/?random=1708473818133&cv=11&fst=1708473600000&bg=ffffff&guid=ON&async=1&gtm=45He42h0h2v79680744za200&gcd=13l3l3l3l1&dma=0&u_w=1536&u_h=864&url=https%3A%2F%2Fpromo.airtm.com%2Fresultados-giveaway%2F&ref=https%3A%2F%2Fhelp.airtm.com%2F&frm=0&tiba=Airtm%20%7C%20Ganadores%20del%20Giveaway&npa=0&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_HRaArY0ezwgExfb_2OibBtVt0ULhx_XsbLdcyPoCanpyKf1W&random=3283586129&rmt_tld=1&ipr=y

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:04:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 30 B
342 B 676ms
155ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=376359458&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.airtm.help%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Airtm%20%7C%20Ganadores%20del%20Giveaway&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABEAAAACAAI~&jid=21952570&gjid=715195515&cid=1482014441.1708477448&tid=UA-63338158-1&_gid=127248212.1708477449&_r=1&_slc=1&gtm=45He42e0n81T5XRKKQv79680744za200&cd1=status%20not%20defined%20yet&cd3=cashier%20not%20defined%20yet&gcd=13l3l3l3l1&dma=0&z=1173298395

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/analytics.js.descarga

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a453b707b6b21f16b793fb374467fc2a715522f060a17d988cade19ab2074b44

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.airtm.help/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:04:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.airtm.help
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 146ms
145ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/gtm.js.descarga

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Feb 2024 23:30:40 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5609
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 21 Feb 2024 01:30:40 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 709ms
122ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/gtm.js.descarga

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 21 Feb 2024 01:04:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: PITt4CVIjH+IKjYcD5va5lLe+qQpiFkECm7damsw7XWqo6g7qzeRM5eMWf9L/WWgxBC988/v6SgbESOeHpu66w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 336ms
130ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: promo.airtm.help
URL: https://promo.airtm.help/gtm.js.descarga
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:10 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption: AES256
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100147-IAD, cache-muc13932-MUC

GET
H2 200 hotjar-1008237.js Show response
static.hotjar.com/c/ 9 KB
4 KB 286ms
94ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1008237.js?sv=7

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/gtm.js.descarga

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

b78e7f1eb1da17d1c06197e51833f1a384a6851ee2194a3355bec837251d68e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 21 Feb 2024 01:04:10 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 51
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/a919c94094b49e4e975e776d3c3766e3
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: G_DETzQ4vZ_Zt4fOEHZCqRFoXpAS3q0qh3QckQGBDUcs2PpRHTAASw==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/854122450/ 3 KB
2 KB 689ms
170ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854122450/?random=1708477449051&cv=11&fst=1708477449051&bg=ffffff&guid=ON&async=1&gtm=45He42e0v79680744za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromo.airtm.help%2F&hn=www.googleadservices.com&frm=0&tiba=Airtm%20%7C%20Ganadores%20del%20Giveaway&npa=0&pscdl=noapi&auid=224990537.1708477449&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/gtm.js.descarga

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

215d7280dc8948e2f61c48073895093cacda9777e0c2c400b52514ce3f173e07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1269
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 45 KB
16 KB 582ms
84ms Script
application/javascript 2.16.164.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/gtm.js.descarga

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.164.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-164-10.deploy.static.akamaitechnologies.com

Software

Resource Hash

e9841d9258210b13f0870a80d02ce8f3224c8798d1c0d618f210a573ce96038e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Feb 2024 09:12:49 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=29687
accept-ranges: bytes
content-length: 16480

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 619ms
97ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/gtm.js.descarga

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 21 Feb 2024 01:04:10 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C614447141624BA1A5C7AE4E5DA30B99 Ref B: STOEDGE1722 Ref C: 2024-02-21T01:04:10Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 149003376 Show response
www.clarity.ms/tag/uet/ 879 B
1 KB 750ms
279ms Script
application/x-javascript 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/149003376
Requested by: Host: promo.airtm.help
URL: https://promo.airtm.help/149003376.js.descarga
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7670cb5c80782f1e9fecd0ce34f449b00dcfaf92b12ae199d7cb461daae14e1a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: -1
date: Wed, 21 Feb 2024 01:04:11 GMT
x-azure-ref: 20240221T010411Z-134f9ssg9d5r5eg7ht6cepq48n0000000bs00000000002hw
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 879
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
BLOB 200
OK 55b1fd66-1eda-4c39-9280-d6d65d314cd6
https://promo.airtm.help/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://promo.airtm.help/55b1fd66-1eda-4c39-9280-d6d65d314cd6
Requested by: Host: promo.airtm.help
URL: https://promo.airtm.help/main.bundle-b8bce47.z.js.descarga
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 5611
Content-Type: text/css

GET
H2 200 css
fonts.ub-assets.com/ 4 KB
1 KB 618ms
425ms Stylesheet
text/css 13.32.99.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Work+Sans:600,regular%7CMontserrat:regular

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/main.bundle-b8bce47.z.js.descarga

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-123.fra60.r.cloudfront.net

Software

Resource Hash

5bd3954ac35c32b951de71bda16d1330999d246becd49c9f904265232f87ac5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: 6c424e00-dae1-487a-a790-96712247a60c
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: TdjRjFhIoAMEfwQ=
content-length: 621
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-65d54c09-676e245316bd136131aca78b
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: vW2a9qDSUjrLWlNElMP7jOiFp43LaFPxmcPVyuxWzKcFOd4ZIfq_7w==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 846ms
142ms XHR
text/plain 173.194.76.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-63338158-1&cid=1482014441.1708477448&jid=21952570&gjid=715195515&_gid=127248212.1708477449&_u=aADAAEAAEAAAACAAI~&z=554252566

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/analytics.js.descarga

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.airtm.help/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Feb 2024 01:04:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.airtm.help
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 316 KB
98 KB 121ms
120ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FGKED1MN98&cx=c&_slc=1

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/analytics.js.descarga

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

442624aedf3c1d7c3866263165dd6e80f8bae46352d6c9859db35b35c5eaf742

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99879
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Feb 2024 01:04:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
95 KB 129ms
127ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6TX307EEPX&cx=c&_slc=1

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/analytics.js.descarga

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

eb083b1254658fc414bcddc8c98e3355e8afa297d55679a07c8cf15140544210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97049
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Feb 2024 01:04:10 GMT

GET
H2 200 modules.a02b08e96dea6b9516bd.js Show response
script.hotjar.com/ 228 KB
55 KB 329ms
134ms Script
application/javascript 13.33.187.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a02b08e96dea6b9516bd.js

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/hotjar-1008237.js.descarga

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-19.fra60.r.cloudfront.net

Software

Resource Hash

31f4db27d40c17ddd30179d71bfc7cd0ab6ce459c46e2a935609acf3cba1e295

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 11:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2e8126aebd83e92e3cf50c4f9c832912.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 136984
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56163
last-modified: Mon, 19 Feb 2024 11:00:25 GMT
etag: "26c6b143280117fc6f6e3350a91924ce"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: NaL0aUIwzodTx0Nlh7UcgG6GgQNpSqKH-k_GYbumhifROP4-Bt1ONA==

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
328 B 254ms
254ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: promo.airtm.help
URL: https://promo.airtm.help/insight.min.js.descarga
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://promo.airtm.help/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Feb 2024 01:04:10 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 8375E233E976446099581274FBB5AEC2 Ref B: STOEDGE1717 Ref C: 2024-02-21T01:04:10Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://promo.airtm.help
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYR2eeMLnpVroRzu0VnvA==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 127ms
125ms Image
image/gif 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-63338158-1&cid=1482014441.1708477448&jid=21952570&_u=aADAAEAAEAAAACAAI~&z=1026801261

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:04:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
107 B 785ms
170ms Image
image/gif 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-63338158-1&cid=1482014441.1708477448&jid=21952570&_u=aADAAEAAEAAAACAAI~&z=1026801261

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:04:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 385111101940836 Show response
connect.facebook.net/signals/config/ 51 KB
12 KB 139ms
137ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/385111101940836?v=2.9.147&r=stable&domain=promo.airtm.help&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

13b1dee5dd29c9cf62af2df886f9339ea08f390fe9e03c9fc81fe14a9f1e13dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 21 Feb 2024 01:04:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: 2ypz24DLJQwFQm3x5t2Dnqf3fPr42dLJWLN8bzvsUf53CASbWY+azdN9oxDJ9yJWiQGjbW0T68k2N/9mZniZtA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/854122450/ 42 B
108 B 111ms
110ms Image
image/gif 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854122450/?random=1708477449051&cv=11&fst=1708477200000&bg=ffffff&guid=ON&async=1&gtm=45He42e0v79680744za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromo.airtm.help%2F&frm=0&tiba=Airtm%20%7C%20Ganadores%20del%20Giveaway&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_56HtsShto0dWNH6isSXA-BtJM_ZDLA&random=2178293706&rmt_tld=0&ipr=y

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:04:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fi/pagead/1p-user-list/854122450/ 42 B
455 B 583ms
169ms Image
image/gif 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/pagead/1p-user-list/854122450/?random=1708477449051&cv=11&fst=1708477200000&bg=ffffff&guid=ON&async=1&gtm=45He42e0v79680744za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromo.airtm.help%2F&frm=0&tiba=Airtm%20%7C%20Ganadores%20del%20Giveaway&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_56HtsShto0dWNH6isSXA-BtJM_ZDLA&random=2178293706&rmt_tld=1&ipr=y

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:04:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 606ms
129ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=385111101940836&ev=PageView&dl=https%3A%2F%2Fpromo.airtm.help&rl=&if=false&ts=1708477450991&sw=1600&sh=1200&v=2.9.147&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1708477450988.421853803&pm=1&hrl=52d78f&ler=empty&cdl=API_unavailable&it=1708477450646&coo=false&tm=1&cs_cc=1&cas=4355572504470216%2C1915318388576119&exp=e1&rqm=GET

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 21 Feb 2024 01:04:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 149003376.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 101ms
100ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/149003376.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bbd1508e57d2fd473fc7f4c426e08e49c0e6c6a533ef8a0dbe4b2a6ed1b62667

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Wed, 21 Feb 2024 01:04:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3BD6EEE597034753988D22925D6FDA70 Ref B: STOEDGE1722 Ref C: 2024-02-21T01:04:11Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
284 B 105ms
104ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=149003376&tm=gtm002&Ver=2&mid=7ab20ece-e14e-47c3-8ffa-88586a7228a0&sid=1f46c5c0d05511eeb8feef15e153c51b&vid=1f47dbe0d05511ee979bd10cb917d199&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Airtm%20%7C%20Ganadores%20del%20Giveaway&kw=Ganadores%20del%20Giveaway&p=https%3A%2F%2Fpromo.airtm.help%2F&r=&lt=2223&evt=pageLoad&sv=1&rn=426917

Requested by

Host: promo.airtm.help
URL: https://promo.airtm.help/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Feb 2024 01:04:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0C6D419E8985447D8EC0D9853424207F Ref B: STOEDGE1722 Ref C: 2024-02-21T01:04:11Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5FE60A5B125F45BEA8905FAFC0910B53&RedC=c.clarity.ms&MXFR=3653B4007892613924CEA02C7C926FDB
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5FE60A5B125F45BEA8905FAFC0910B53&MUID=2291BA6B8DEF6260285AAE478CB863E4

42 B
465 B

96ms
96ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5FE60A5B125F45BEA8905FAFC0910B53&MUID=2291BA6B8DEF6260285AAE478CB863E4
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:04:12 GMT
last-modified: Fri, 09 Feb 2024 19:55:32 GMT
server: Microsoft-IIS/10.0
etag: "2155d7f0915bda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:04:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5CBDBD7F3F6C4567B8E4F5BF9C9C8C5D Ref B: STOEDGE1722 Ref C: 2024-02-21T01:04:12Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5FE60A5B125F45BEA8905FAFC0910B53&MUID=2291BA6B8DEF6260285AAE478CB863E4
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 105ms
104ms Ping
text/plain 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-6TX307EEPX&gtm=45je42e0v9102027064z879680744za200&_p=1708477446868&gcd=13l3l3l3l1&npa=0&dma=0&cid=1482014441.1708477448&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=2&sid=1708477447&sct=1&seg=1&dl=https%3A%2F%2Fpromo.airtm.help%2F&dt=Airtm%20%7C%20Ganadores%20del%20Giveaway&en=page_view&_et=1463&tfd=9415
Requested by: Host: promo.airtm.help
URL: https://promo.airtm.help/js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:04:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.airtm.help
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 135ms
134ms Ping
text/plain 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FGKED1MN98&gtm=45je42e0v879817550z879680744za200&_p=1708477446868&gcd=13l3l3l3l1&npa=0&dma=0&cid=1482014441.1708477448&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=2&sid=1708477447&sct=1&seg=1&dl=https%3A%2F%2Fpromo.airtm.help%2F&dt=Airtm%20%7C%20Ganadores%20del%20Giveaway&en=page_view&_et=1320&tfd=9433
Requested by: Host: promo.airtm.help
URL: https://promo.airtm.help/js(1)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://promo.airtm.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:04:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.airtm.help
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: promo.airtm.com
URL: blob:https://promo.airtm.com/f93bf019-bbe7-435e-b6bf-97c9a240654d

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.airtm.help/	1970-01-20 20:44:13	Name: _gcl_au Value: 1.1.224990537.1708477449
.airtm.help/	1970-01-21 04:10:37	Name: _ga Value: GA1.2.1482014441.1708477448
.airtm.help/	1970-01-20 18:36:03	Name: _gid Value: GA1.2.127248212.1708477449
.airtm.help/	1970-01-20 18:34:37	Name: _gat_UA-63338158-1 Value: 1
.airtm.help/	1970-01-21 04:10:37	Name: _ga_6TX307EEPX Value: GS1.1.1708477447.1.1.1708477449.58.0.0
.airtm.help/	1970-01-21 04:10:37	Name: _ga_FGKED1MN98 Value: GS1.1.1708477447.1.1.1708477449.58.0.0
.linkedin.com/	1970-01-21 03:20:13	Name: bcookie Value: "v=2&c9c95415-b6a8-4521-88c7-7dc8ecfa862f"
.linkedin.com/	1970-01-20 18:36:03	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2773:u=1:x=1:i=1708477450:t=1708563850:v=2:sig=AQEKdqwN82lQQhQ7zCvZw2EXpwLb4gHo"
.linkedin.com/	1970-01-20 22:53:49	Name: li_gc Value: MTswOzE3MDg0Nzc0NTA7MjswMjFaycSI1rNRIlp6qjM+U08feDnaJWQamlEoM8BRuiEQNA==
.doubleclick.net/	1970-01-20 18:34:38	Name: test_cookie Value: CheckForPermission
.airtm.help/	1970-01-20 20:44:13	Name: _fbp Value: fb.1.1708477450988.421853803
.airtm.help/	1970-01-20 18:36:03	Name: _uetsid Value: 1f46c5c0d05511eeb8feef15e153c51b
.airtm.help/	1970-01-21 03:56:13	Name: _uetvid Value: 1f47dbe0d05511ee979bd10cb917d199
.airtm.help/	1970-01-21 03:20:13	Name: _hjSessionUser_1008237 Value: eyJpZCI6IjBhY2YwMWI4LWNlYTgtNTI1My05OGExLTJjMzg4ZTU2N2Y4NiIsImNyZWF0ZWQiOjE3MDg0Nzc0NTExNTcsImV4aXN0aW5nIjpmYWxzZX0=
.airtm.help/	1970-01-20 18:34:39	Name: _hjSession_1008237 Value: eyJpZCI6IjdmNGQ5OTM5LTc1YjctNGNiNS05Njg2LWI0ZTczMGU1OWM2YyIsImMiOjE3MDg0Nzc0NTExNTgsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.bing.com/	1970-01-21 03:56:13	Name: MUID Value: 2291BA6B8DEF6260285AAE478CB863E4
www.clarity.ms/	1970-01-21 03:20:13	Name: CLID Value: 042a21c3681246bf8d890da84981b778.20240221.20250220
.c.bing.com/	1970-01-20 18:44:42	Name: MR Value: 0
.c.bing.com/	1970-01-21 03:56:13	Name: SRM_B Value: 2291BA6B8DEF6260285AAE478CB863E4
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 03:56:13	Name: MUID Value: 2291BA6B8DEF6260285AAE478CB863E4
.c.clarity.ms/	1970-01-20 18:44:42	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 18:34:38	Name: ANONCHK Value: 0

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://promo.airtm.help/(Line 484) Message: Not allowed to load local resource: blob:https://promo.airtm.com/f93bf019-bbe7-435e-b6bf-97c9a240654d
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/385111101940836?v=2.9.147&r=stable&domain=promo.airtm.help&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 80) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://promo.airtm.help/_ub/i Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promo.airtm.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
d9hhrg4mnvzow.cloudfront.net
fonts.ub-assets.com
googleads.g.doubleclick.net
promo.airtm.com
promo.airtm.help
px.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.co.ve
www.google.com
www.google.fi
www.googletagmanager.com
promo.airtm.com
13.107.21.200
13.107.246.45
13.107.42.14
13.32.99.123
13.33.187.19
142.250.185.131
142.250.185.238
142.250.185.78
142.250.186.130
142.250.186.36
142.250.186.99
157.240.251.9
157.240.252.35
173.194.76.154
178.16.128.148
18.66.97.10
199.232.188.157
2.16.164.10
216.58.212.136
52.222.250.57
68.219.88.97
0588d1661498d804543dc1537f9784877a962b9f0ef3c4ccee765eb7f2543611
0c45a143c5dbd1244205044d6a7fb37767cc6af0b6a11cb82b7670f452e0c82c
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
0f7e5b8f5750e8d1bf5916212555b01247c9d71d48f767f22e58d24cab679761
13b1dee5dd29c9cf62af2df886f9339ea08f390fe9e03c9fc81fe14a9f1e13dd
1534900bcdcb16b96286390825fa93fc4900142a1f05b0aa137bdeb676ceb8af
215d7280dc8948e2f61c48073895093cacda9777e0c2c400b52514ce3f173e07
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
31f4db27d40c17ddd30179d71bfc7cd0ab6ce459c46e2a935609acf3cba1e295
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
442624aedf3c1d7c3866263165dd6e80f8bae46352d6c9859db35b35c5eaf742
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
5bd3954ac35c32b951de71bda16d1330999d246becd49c9f904265232f87ac5a
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
6f2f397e1641282d8189200380e0ce0effda68a6137c157f1576d0fe27b534aa
7670cb5c80782f1e9fecd0ce34f449b00dcfaf92b12ae199d7cb461daae14e1a
7b767dfc801c4ea6e4045fa2d5a37fd00d178328a329ab515b5338d7db656b23
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7f1363a72ff2b7a29e90c4f29208e824394918b422d6977b3e33566f46359a3c
81faf5da79bd4a11d6f591d2045b021434d6c8b07449602a6169d8cbce3660bd
8619f8d6198273e0d94beb326792de128cf3ecca827dc48c98a2b1b9e135c9df
8af7e6f1005ed090779144ded54e89f432f1cc8e2f2d4cc5a95a7e9d2de39864
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
988c1408213f80b2f47e9a766861310600e970e30c00083b57e0aaf5cc99f211
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
a453b707b6b21f16b793fb374467fc2a715522f060a17d988cade19ab2074b44
a733bcd1b0651eac8d74426c4af4a16cfc5c62a529ca0b4474a53913ddad60ef
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b78e7f1eb1da17d1c06197e51833f1a384a6851ee2194a3355bec837251d68e6
b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee
bbd1508e57d2fd473fc7f4c426e08e49c0e6c6a533ef8a0dbe4b2a6ed1b62667
c704998f5b39bcf609d27309456634fbbbf5f5917c2448886f5482e4775ef976
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
ce3d8872343cd6132ddcf49365f18ad1f01e0e243aa8e20b5d1562a3999eb698
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d6bd0181c47b7bd42a39889b5d7ca79527cdb8654329bb6c52efef5374ebab2e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9841d9258210b13f0870a80d02ce8f3224c8798d1c0d618f210a573ce96038e
eb083b1254658fc414bcddc8c98e3355e8afa297d55679a07c8cf15140544210
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
feb327e5874aeb5f024b8a58f3de73a27a21ac29ad5f2da661e9912c53d261f5

promo.airtm.help Open in urlscan Pro 178.16.128.148 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

96 %HTTPS

0 %IPv6

18 Domains

23 Subdomains

22 IPs

3 Countries

2838 kBTransfer

4945 kBSize

23 Cookies

4 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

promo.airtm.help Open in urlscan Pro
178.16.128.148 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

96 %
HTTPS

0 %
IPv6

18
Domains

23
Subdomains

22
IPs

3
Countries

2838 kB
Transfer

4945 kB
Size

23
Cookies

72 HTTP transactions
0 data transactions