urlscan.io logo urlscan.io
SecurityTrails logo

app.airhelp.com Open in urlscan Pro
104.20.42.87  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://link.mailer.ebookers.com/c/4/?T=MjI3MzYyMDA%3AMDItYzE4MTQyLTQ5MWVmMzgzZDZkNzQ2YThiOTUxNjYyZmNjMTI4YjJk%3AcGh5bGxpcy5wYW5n...
Effective URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_s...
Submission: On May 28 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 6 countries across 28 domains to perform 99 HTTP transactions. The main IP is 104.20.42.87, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is app.airhelp.com.
TLS certificate: Issued by Symantec Class 3 EV SSL CA - G3 on September 12th 2016. Valid for: 2 years.
This is the only time app.airhelp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.195.234.127 14618 (AMAZON-AES)
3 104.108.45.183 16625 (AKAMAI-AS)
1 52.212.107.248 16509 (AMAZON-02)
4 104.20.42.87 13335 (CLOUDFLAR...)
2 23.67.133.228 20940 (AKAMAI-ASN1)
1 172.217.23.138 15169 (GOOGLE)
1 104.16.128.227 13335 (CLOUDFLAR...)
1 172.217.22.8 15169 (GOOGLE)
3 157.240.20.19 32934 (FACEBOOK)
1 130.211.5.208 15169 (GOOGLE)
1 159.122.19.158 36351 (SOFTLAYER)
1 159.122.19.207 36351 (SOFTLAYER)
1 146.185.16.178 13213 (UK2NET-AS)
2 185.60.216.38 32934 (FACEBOOK)
39 104.20.25.221 13335 (CLOUDFLAR...)
2 204.79.197.200 8068 (MICROSOFT...)
2 139.162.206.25 63949 (LINODE-AP...)
1 104.16.88.20 13335 (CLOUDFLAR...)
2 5 77.88.21.119 13238 (YANDEX)
1 50.19.214.5 14618 (AMAZON-AES)
1 3 18.184.128.7 16509 (AMAZON-02)
2 50.16.215.156 14618 (AMAZON-AES)
1 23.23.152.43 14618 (AMAZON-AES)
1 1 13.32.159.230 16509 (AMAZON-02)
2 13.32.222.80 16509 (AMAZON-02)
1 151.101.14.110 54113 (FASTLY)
1 172.217.23.131 15169 (GOOGLE)
2 151.101.14.2 54113 (FASTLY)
1 104.244.43.176 13414 (TWITTER)
1 13.32.222.64 16509 (AMAZON-02)
1 35.158.155.203 16509 (AMAZON-02)
1 104.244.42.131 13414 (TWITTER)
1 104.244.42.5 13414 (TWITTER)
2 162.247.242.19 23467 (NEWRELIC-...)
2 34.236.183.36 14618 (AMAZON-AES)
1 34.224.230.241 14618 (AMAZON-AES)
1 52.5.37.150 16509 (AMAZON-02)
1 52.71.188.242 14618 (AMAZON-AES)
3 13.32.222.110 16509 (AMAZON-02)
2 13.32.222.100 16509 (AMAZON-02)
99 39
1    34.195.234.127 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-195-234-127.compute-1.amazonaws.com
link.mailer.ebookers.com
3    104.108.45.183 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-45-183.deploy.static.akamaitechnologies.com
www.ebookers.com
1    52.212.107.248 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-212-107-248.eu-west-1.compute.amazonaws.com
www.trvl-px.com
4    104.20.42.87 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
app.airhelp.com
2    23.67.133.228 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-67-133-228.deploy.static.akamaitechnologies.com
cdn.dynamicyield.com
1    172.217.23.138 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f10.1e100.net
fonts.googleapis.com
1    104.16.128.227 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
st.dynamicyield.com
1    172.217.22.8 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f8.1e100.net
www.googletagmanager.com
3    157.240.20.19 (Menlo Park, United States)

ASN32934 (FACEBOOK - Facebook, Inc., US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net
1    130.211.5.208 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 208.5.211.130.bc.googleusercontent.com
cdn.mxpnl.com
1    159.122.19.158 (United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 9e.13.7a9f.ip4.static.sl-reverse.com
api.mixpanel.com
1    159.122.19.207 (United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: cf.13.7a9f.ip4.static.sl-reverse.com
api.mixpanel.com
1    146.185.16.178 (United Kingdom)

ASN13213 (UK2NET-AS, GB)
PTR: 92b910b2.rdns.100tb.com
static.dynamicyield.com
2    185.60.216.38 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
39    104.20.25.221 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
csp-reports.airhelp.com
2    204.79.197.200 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: a-0001.a-msedge.net
bat.bing.com
2    139.162.206.25 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1369-25.members.linode.com
airhelp.postaffiliatepro.com
1    104.16.88.20 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.jsdelivr.net
5    77.88.21.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
1    50.19.214.5 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-50-19-214-5.compute-1.amazonaws.com
px.dynamicyield.com
3    18.184.128.7 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-184-128-7.eu-central-1.compute.amazonaws.com
ymetrica1.com
2    50.16.215.156 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-50-16-215-156.compute-1.amazonaws.com
px.dynamicyield.com
1    23.23.152.43 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-23-152-43.compute-1.amazonaws.com
px.dynamicyield.com
1    13.32.159.230 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-159-230.fra56.r.cloudfront.net
widget.intercom.io
2    13.32.222.80 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-222-80.fra56.r.cloudfront.net
js.intercomcdn.com
1    151.101.14.110 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    172.217.23.131 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f3.1e100.net
fonts.gstatic.com
2    151.101.14.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
cdn.taboola.com
trc.taboola.com
1    104.244.43.176 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
static.ads-twitter.com
1    13.32.222.64 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-222-64.fra56.r.cloudfront.net
js.hellomedian.com
1    35.158.155.203 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-158-155-203.eu-central-1.compute.amazonaws.com
sync.sharethis.com
1    104.244.42.131 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
analytics.twitter.com
1    104.244.42.5 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
2    162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net
bam.nr-data.net
2    34.236.183.36 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-236-183-36.compute-1.amazonaws.com
api-iam.intercom.io
1    34.224.230.241 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-224-230-241.compute-1.amazonaws.com
app.hellomedian.com
1    52.5.37.150 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-5-37-150.compute-1.amazonaws.com
nexus-websocket-a.intercom.io
1    52.71.188.242 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-71-188-242.compute-1.amazonaws.com
nexus-websocket-b.intercom.io
3    13.32.222.110 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-222-110.fra56.r.cloudfront.net
static.intercomassets.com
2    13.32.222.100 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-222-100.fra56.r.cloudfront.net
js.intercomcdn.com
Domain Requested by
39 csp-reports.airhelp.com app.airhelp.com
js.intercomcdn.com
js.hellomedian.com
5 mc.yandex.ru 2 redirects app.airhelp.com
4 js.intercomcdn.com js.intercomcdn.com
4 px.dynamicyield.com app.airhelp.com
4 app.airhelp.com www.ebookers.com
app.airhelp.com
3 static.intercomassets.com
3 ymetrica1.com 1 redirects app.airhelp.com
3 connect.facebook.net app.airhelp.com
3 www.ebookers.com www.ebookers.com
2 api-iam.intercom.io js.intercomcdn.com
2 bam.nr-data.net app.airhelp.com
2 airhelp.postaffiliatepro.com app.airhelp.com
2 bat.bing.com app.airhelp.com
2 www.facebook.com app.airhelp.com
2 api.mixpanel.com app.airhelp.com
2 cdn.dynamicyield.com app.airhelp.com
1 nexus-websocket-b.intercom.io js.intercomcdn.com
1 nexus-websocket-a.intercom.io js.intercomcdn.com
1 app.hellomedian.com app.airhelp.com
1 t.co
1 analytics.twitter.com app.airhelp.com
1 trc.taboola.com
1 sync.sharethis.com
1 js.hellomedian.com app.airhelp.com
1 static.ads-twitter.com app.airhelp.com
1 cdn.taboola.com app.airhelp.com
1 fonts.gstatic.com static.dynamicyield.com
1 js-agent.newrelic.com app.airhelp.com
1 widget.intercom.io 1 redirects
1 cdn.jsdelivr.net app.airhelp.com
1 static.dynamicyield.com app.airhelp.com
1 cdn.mxpnl.com app.airhelp.com
1 www.googletagmanager.com app.airhelp.com
1 st.dynamicyield.com www.ebookers.com
1 fonts.googleapis.com app.airhelp.com
1 www.trvl-px.com
1 link.mailer.ebookers.com 1 redirects
0 dpm.demdex.net Failed www.ebookers.com
99 38

This site contains no links.

Subject Issuer Validity Valid
www.ebookers.com
DigiCert ECC Secure Server CA		 2018-04-03 -
2019-04-03		 a year crt.sh
www.airhelp.com
Symantec Class 3 EV SSL CA - G3		 2016-09-12 -
2018-09-08		 2 years crt.sh
airhelp.com
CloudFlare Inc ECC CA-2		 2017-07-20 -
2018-07-20		 a year crt.sh

This page contains 4 frames:

Primary Page: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Frame ID: 71C6C2DCB39B014ECFD5D237F353AE61
Requests: 73 HTTP requests in this frame

Frame: https://csp-reports.airhelp.com/report
Frame ID: 5F0F6A47FEB360BB8096D3F5A422230A
Requests: 11 HTTP requests in this frame

Frame: https://csp-reports.airhelp.com/report
Frame ID: 1BDD9FD996ABA0CC0749F5BBBB50DCD3
Requests: 11 HTTP requests in this frame

Frame: https://csp-reports.airhelp.com/report
Frame ID: 674107CBED77D6DE5D6662C02326BF73
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://link.mailer.ebookers.com/c/4/?T=MjI3MzYyMDA%3AMDItYzE4MTQyLTQ5MWVmMzgzZDZkNzQ2YThiOTUxNjYyZmNjMTI4YjJ... HTTP 302
    https://www.ebookers.com/api/airhelp/claim/93160c71-abf1-4262-a2f1-470bc934135f?EMLCID=EBOOKERS-UK.PT... Page URL
  2. https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_ca... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^Ember$/i
Overall confidence: 100%
Detected patterns
  • env /^requirejs$/i
Overall confidence: 100%
Detected patterns
  • env /^Ember$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^Intercom$/i
Overall confidence: 100%
Detected patterns
  • env /^Mixpanel$/i
Overall confidence: 100%
Detected patterns
  • env /^moment$/i
Overall confidence: 100%
Detected patterns
  • env /^NREUM/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

99
Requests

46 %
HTTPS

0 %
IPv6

28
Domains

38
Subdomains

39
IPs

6
Countries

2011 kB
Transfer

8306 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://link.mailer.ebookers.com/c/4/?T=MjI3MzYyMDA%3AMDItYzE4MTQyLTQ5MWVmMzgzZDZkNzQ2YThiOTUxNjYyZmNjMTI4YjJk%3AcGh5bGxpcy5wYW5nQGdtYWlsLmNvbQ%3ARUJPT0tFUlMtVUsuUFQuRVZFTlRUUklHR0VSRURNQUlMSU5HLkFJUkhFTFBOT1RJRklDQVRJT05TLkdFTkVSSUMmRU1MRFRMPURBVEUyMDE4MDUyMy1JU1NVWC5TSURYLktFWTkzMzUwMjQwODc0LlBBSURYLkxBTkdFTl9HQi5NQ0lEWC5URVNUWC5WRVJTWC5NSURTWA%3AZmFsc2U%3AMQ%3A%3AaHR0cHM6Ly93d3cuZWJvb2tlcnMuY29tL2FwaS9haXJoZWxwL2NsYWltLzkzMTYwYzcxLWFiZjEtNDI2Mi1hMmYxLTQ3MGJjOTM0MTM1Zj9FTUxDSUQ9RUJPT0tFUlMtVUsuUFQuRVZFTlRUUklHR0VSRURNQUlMSU5HLkFJUkhFTFBOT1RJRklDQVRJT05TLkdFTkVSSUMmRU1MRFRMPURBVEUyMDE4MDUyMy1JU1NVWC5TSURYLktFWTkzMzUwMjQwODc0LlBBSURYLkxBTkdFTl9HQi5NQ0lEWC5URVNUWC5WRVJTWC5NSURTWA&K=lCUCXg0E3FJXWka5cmGFWg HTTP 302
    https://www.ebookers.com/api/airhelp/claim/93160c71-abf1-4262-a2f1-470bc934135f?EMLCID=EBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC&EMLDTL=DATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX Page URL
  2. https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://link.mailer.ebookers.com/c/4/?T=MjI3MzYyMDA%3AMDItYzE4MTQyLTQ5MWVmMzgzZDZkNzQ2YThiOTUxNjYyZmNjMTI4YjJk%3AcGh5bGxpcy5wYW5nQGdtYWlsLmNvbQ%3ARUJPT0tFUlMtVUsuUFQuRVZFTlRUUklHR0VSRURNQUlMSU5HLkFJUkhFTFBOT1RJRklDQVRJT05TLkdFTkVSSUMmRU1MRFRMPURBVEUyMDE4MDUyMy1JU1NVWC5TSURYLktFWTkzMzUwMjQwODc0LlBBSURYLkxBTkdFTl9HQi5NQ0lEWC5URVNUWC5WRVJTWC5NSURTWA%3AZmFsc2U%3AMQ%3A%3AaHR0cHM6Ly93d3cuZWJvb2tlcnMuY29tL2FwaS9haXJoZWxwL2NsYWltLzkzMTYwYzcxLWFiZjEtNDI2Mi1hMmYxLTQ3MGJjOTM0MTM1Zj9FTUxDSUQ9RUJPT0tFUlMtVUsuUFQuRVZFTlRUUklHR0VSRURNQUlMSU5HLkFJUkhFTFBOT1RJRklDQVRJT05TLkdFTkVSSUMmRU1MRFRMPURBVEUyMDE4MDUyMy1JU1NVWC5TSURYLktFWTkzMzUwMjQwODc0LlBBSURYLkxBTkdFTl9HQi5NQ0lEWC5URVNUWC5WRVJTWC5NSURTWA&K=lCUCXg0E3FJXWka5cmGFWg HTTP 302
  • https://www.ebookers.com/api/airhelp/claim/93160c71-abf1-4262-a2f1-470bc934135f?EMLCID=EBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC&EMLDTL=DATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX
Request Chain 27
  • https://mc.yandex.ru/watch/3?wmode=7&page-ref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Febookers_com%2F4df5bd2465a75aa7183532ad5f19b79f%3Flang%3Den%26ahcid%3D25may%26utm_campaign%3Dexpedia%26utm_source%3Dota%26utm_medium%3Demail&charset=utf-8&browser-info=ti%3A10%3Ast%3A1527527777%3Au%3A1527527777775950031%3Ahi%3A HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Febookers_com%2F4df5bd2465a75aa7183532ad5f19b79f%3Flang%3Den%26ahcid%3D25may%26utm_campaign%3Dexpedia%26utm_source%3Dota%26utm_medium%3Demail&charset=utf-8&browser-info=ti%3A10%3Ast%3A1527527777%3Au%3A1527527777775950031%3Ahi%3A
Request Chain 41
  • https://ymetrica1.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=ymetrica1.com&token=1801.txjzl2tNuqSHvxqSs65c4T-vbTLYhlWrlsqiOopA0g_I2fe-mrbDu6xfbXktKvFB.unHlEV-yfUDuPV55QUoI1bELK6Q%2C HTTP 302
  • https://ymetrica1.com/sync_cookie_image_decide?token=1801.tyMZEU_Hx8-OHTnMm9WRoPGuGYjCkkJ70thhxoLWSWQhUawSSOE8skKEDUE8fwSQkRsBgmWth4XxR-j2Axs3MXOBY_mlA3si6By3aY7huYI%2C.CRPl0DMT79mHoPAGJGPxMmC3Lk8%2C
Request Chain 47
  • https://widget.intercom.io/widget/w501ykte HTTP 302
  • https://js.intercomcdn.com/shim.4ae54d20.js

99 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
93160c71-abf1-4262-a2f1-470bc934135f
www.ebookers.com/api/airhelp/claim/
Redirect Chain
  • http://link.mailer.ebookers.com/c/4/?T=MjI3MzYyMDA%3AMDItYzE4MTQyLTQ5MWVmMzgzZDZkNzQ2YThiOTUxNjYyZmNjMTI4YjJk%3AcGh5bGxpcy5wYW5nQGdtYWlsLmNvbQ%3ARUJPT0tFUlMtVUsuUFQuRVZFTlRUUklHR0VSRURNQUlMSU5HLkFJ...
  • https://www.ebookers.com/api/airhelp/claim/93160c71-abf1-4262-a2f1-470bc934135f?EMLCID=EBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC&EMLDTL=DATE20180523-ISSUX.SIDX.KEY9335024087...
1011 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ebookers.com/api/airhelp/claim/93160c71-abf1-4262-a2f1-470bc934135f?EMLCID=EBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC&EMLDTL=DATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.108.45.183 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-45-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f1f12b0b037749d02608fd436f505e36531ae9e102e0b76fa53fa5e7af30a164
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.suntours.co.il https://www.cruiseshipcenters.com 'self' *.tripadvisor.com *.intentmedia.net https://*.schmetterling-argus.de https://travel.biglobe.ne.jp https://proxy.schmetterling-argus.de *.kayak.com https://www.jal.co.jp https://www.planetto.co.il
Strict-Transport-Security max-age=1200; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.ebookers.com
:scheme
https
:path
/api/airhelp/claim/93160c71-abf1-4262-a2f1-470bc934135f?EMLCID=EBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC&EMLDTL=DATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
71C6C2DCB39B014ECFD5D237F353AE61

Response headers

status
200
activity-id
<!--tlactivity-id: f113155e-0359-4eb2-8164-fbf533dfcad5-->
content-encoding
gzip
content-language
en-GB
content-security-policy
frame-ancestors https://www.suntours.co.il https://www.cruiseshipcenters.com 'self' *.tripadvisor.com *.intentmedia.net https://*.schmetterling-argus.de https://travel.biglobe.ne.jp https://proxy.schmetterling-argus.de *.kayak.com https://www.jal.co.jp https://www.planetto.co.il
content-type
text/html;charset=UTF-8
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP IND COR ADM CONo CUR CUSi DEV PSA PSD DELi OUR COM NAV PHY ONL PUR UNI"
server
nginx
strict-transport-security
max-age=1200; includeSubDomains;
trace-id
f113155e-0359-4eb2-8164-fbf533dfcad5
x-app-info
expweb,release-2018-05-r4.8024.2025501,ch
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-hcom-styx-info
STYX.0.14.0.52;d3fa6c10-629a-11e8-9fbd-024272ce0cc0;noJvmRouteSet
x-page-id
api.airHelp.email,F,500
x-ua-compatible
IE=Edge
x-xss-protection
1
content-length
482
vary
Accept-Encoding
date
Mon, 28 May 2018 17:16:16 GMT
set-cookie
HMS=9baf67fb-32ee-4b73-a798-0d3023f3db88; Max-Age=1799; Expires=Mon, 28 May 2018 17:46:15 GMT; Path=/; Domain=.ebookers.com tpid=v.1,70403; Max-Age=999999; Expires=Sat, 09 Jun 2018 07:02:55 GMT; Path=/; Domain=.ebookers.com userGroupId=; Expires=Sun, 28 May 2017 17:16:16 GMT; Path=/; Domain=.ebookers.com iEAPID=0; Path=/; Domain=.ebookers.com linfo=v.4,|0|0|255|1|0||||||||2057|0|0||0|0|0|-1|-1; Max-Age=157999999; Expires=Wed, 31 May 2023 10:09:35 GMT; Path=/; Domain=.ebookers.com currency=GBP; Max-Age=157679999; Expires=Sat, 27 May 2023 17:16:15 GMT; Path=/; Domain=.ebookers.com JSESSION=ce9ca3a1-c898-476d-894a-523d576c9cbb; Path=/; Domain=.ebookers.com; Secure; HTTPOnly abucket=CgUB0VsMOV/BYyviM87KAg==; Max-Age=31536000; Expires=Tue, 28 May 2019 17:16:16 GMT; Path=/ DUAID=e3c6cc93-6c28-4fdf-9ae8-10d6be3b2a74; Max-Age=157680000; Expires=Sat, 27 May 2023 17:16:16 GMT; Path=/; Domain=.ebookers.com OIP=gdpr|-1,ab.gdpr|1; Max-Age=94608000; Expires=Thu, 27 May 2021 17:16:16 GMT; Path=/; Domain=.ebookers.com MC1=GUID=e3c6cc936c284fdf9ae810d6be3b2a74; Max-Age=157679999; Expires=Sat, 27 May 2023 17:16:15 GMT; Path=/ abucket=CgUBaVsMOV9RkzgLMKr+Ag==; expires=Tue, 28-May-19 17:16:16 GMT; path=/
x-edgeconnect-cache-status
0

Redirect headers

Date
Mon, 28 May 2018 17:16:14 GMT
Location
https://www.ebookers.com/api/airhelp/claim/93160c71-abf1-4262-a2f1-470bc934135f?EMLCID=EBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC&EMLDTL=DATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX
X-Application-Context
application:deployed:8080
Content-Length
0
Connection
keep-alive
jquery.min.js
www.ebookers.com/static/default/default/scripts/external/jquery/1.7.1/ 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ebookers.com/static/default/default/scripts/external/jquery/1.7.1/jquery.min.js
Requested by
Host: www.ebookers.com
URL: https://www.ebookers.com/api/airhelp/claim/93160c71-abf1-4262-a2f1-470bc934135f?EMLCID=EBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC&EMLDTL=DATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.108.45.183 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-45-183.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f9f9b6bad0cb0f2bf21ab2d526a50979fb9e9dc71139749c1f1a0742b5ffa15d
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.suntours.co.il https://www.cruiseshipcenters.com 'self' *.tripadvisor.com *.intentmedia.net https://*.schmetterling-argus.de https://proxy.schmetterling-argus.de *.kayak.com https://www.planetto.co.il
Strict-Transport-Security max-age=1200; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

:path
/static/default/default/scripts/external/jquery/1.7.1/jquery.min.js
pragma
no-cache
cookie
HMS=9baf67fb-32ee-4b73-a798-0d3023f3db88; tpid=v.1,70403; iEAPID=0; linfo=v.4,|0|0|255|1|0||||||||2057|0|0||0|0|0|-1|-1; currency=GBP; JSESSION=ce9ca3a1-c898-476d-894a-523d576c9cbb; DUAID=e3c6cc93-6c28-4fdf-9ae8-10d6be3b2a74; OIP=gdpr|-1,ab.gdpr|1; MC1=GUID=e3c6cc936c284fdf9ae810d6be3b2a74; abucket=CgUBaVsMOV9RkzgLMKr+Ag==
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.ebookers.com
referer
https://www.ebookers.com/api/airhelp/claim/93160c71-abf1-4262-a2f1-470bc934135f?EMLCID=EBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC&EMLDTL=DATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX
:scheme
https
:method
GET
Referer
https://www.ebookers.com/api/airhelp/claim/93160c71-abf1-4262-a2f1-470bc934135f?EMLCID=EBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC&EMLDTL=DATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

content-security-policy
frame-ancestors https://www.suntours.co.il https://www.cruiseshipcenters.com 'self' *.tripadvisor.com *.intentmedia.net https://*.schmetterling-argus.de https://proxy.schmetterling-argus.de *.kayak.com https://www.planetto.co.il
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP IND COR ADM CONo CUR CUSi DEV PSA PSD DELi OUR COM NAV PHY ONL PUR UNI"
status
200
vary
Accept-Encoding
content-length
31963
x-xss-protection
1
x-ua-compatible
IE=Edge
last-modified
Sun, 27 May 2018 10:53:00 GMT
server
Akamai Resource Optimizer
x-frame-options
SAMEORIGIN
date
Mon, 28 May 2018 17:16:16 GMT
strict-transport-security
max-age=1200; includeSubDomains;
x-hcom-styx-info
STYX.0.14.0.52;28278080-5e67-11e8-8fab-0242f9c3e154;noJvmRouteSet
cache-control
max-age=43200
x-edgeconnect-cache-status
2
etag
"5e0e0c-16eb3-562309f1c7d35"
accept-ranges
bytes
content-type
application/x-javascript; charset=utf-8
trace-id
a4f706e8-a06c-489d-9a0d-fb36439025f9
siteAnalytics.js
www.ebookers.com/static/default/default/scripts/ 		204 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ebookers.com/static/default/default/scripts/siteAnalytics.js
Requested by
Host: www.ebookers.com
URL: https://www.ebookers.com/api/airhelp/claim/93160c71-abf1-4262-a2f1-470bc934135f?EMLCID=EBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC&EMLDTL=DATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.108.45.183 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-45-183.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
724f5148769ac64498a753d99cc06bee0a758896ecfbca49f6804d882a6b5118
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.suntours.co.il https://www.cruiseshipcenters.com 'self' *.tripadvisor.com *.intentmedia.net https://*.schmetterling-argus.de https://travel.biglobe.ne.jp https://proxy.schmetterling-argus.de *.kayak.com https://www.jal.co.jp https://www.planetto.co.il
Strict-Transport-Security max-age=1200; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

:path
/static/default/default/scripts/siteAnalytics.js
pragma
no-cache
cookie
HMS=9baf67fb-32ee-4b73-a798-0d3023f3db88; tpid=v.1,70403; iEAPID=0; linfo=v.4,|0|0|255|1|0||||||||2057|0|0||0|0|0|-1|-1; currency=GBP; JSESSION=ce9ca3a1-c898-476d-894a-523d576c9cbb; DUAID=e3c6cc93-6c28-4fdf-9ae8-10d6be3b2a74; OIP=gdpr|-1,ab.gdpr|1; MC1=GUID=e3c6cc936c284fdf9ae810d6be3b2a74; abucket=CgUBaVsMOV9RkzgLMKr+Ag==
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.ebookers.com
referer
https://www.ebookers.com/api/airhelp/claim/93160c71-abf1-4262-a2f1-470bc934135f?EMLCID=EBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC&EMLDTL=DATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX
:scheme
https
:method
GET
Referer
https://www.ebookers.com/api/airhelp/claim/93160c71-abf1-4262-a2f1-470bc934135f?EMLCID=EBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC&EMLDTL=DATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

content-security-policy
frame-ancestors https://www.suntours.co.il https://www.cruiseshipcenters.com 'self' *.tripadvisor.com *.intentmedia.net https://*.schmetterling-argus.de https://travel.biglobe.ne.jp https://proxy.schmetterling-argus.de *.kayak.com https://www.jal.co.jp https://www.planetto.co.il
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP IND COR ADM CONo CUR CUSi DEV PSA PSD DELi OUR COM NAV PHY ONL PUR UNI"
status
200
vary
Accept-Encoding
content-length
59907
x-xss-protection
1
x-ua-compatible
IE=Edge
last-modified
Mon, 28 May 2018 04:44:38 GMT
server
Akamai Resource Optimizer
x-frame-options
SAMEORIGIN
date
Mon, 28 May 2018 17:16:16 GMT
strict-transport-security
max-age=1200; includeSubDomains;
x-hcom-styx-info
STYX.0.14.0.52;3114d9a0-6217-11e8-b495-02424d1f3c19;noJvmRouteSet
cache-control
max-age=43200
x-edgeconnect-cache-status
2
etag
"7818b3-32ea2-56cef1549a72d"
accept-ranges
bytes
content-type
application/x-javascript; charset=utf-8
trace-id
f2db8322-0025-4fc2-9c25-b36ab31b4df2
id
dpm.demdex.net/ 		0
0
pix.gif
www.trvl-px.com/ 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.trvl-px.com/pix.gif?guid=&tpid=&eapid=&expUserId=&amcv=&inAuthId=&emailHash=
Protocol
HTTP/1.1
Server
52.212.107.248 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-107-248.eu-west-1.compute.amazonaws.com
Software
openresty/1.9.3.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.ebookers.com/api/airhelp/claim/93160c71-abf1-4262-a2f1-470bc934135f?EMLCID=EBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC&EMLDTL=DATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 28 May 2018 17:16:16 GMT
Cache-Control
no-cache
Server
openresty/1.9.3.1
Connection
keep-alive
Strict-Transport-Security
max-age=2592000; includeSubDomains
Expires
Mon, 28 May 2018 17:16:15 GMT
Primary Request 4df5bd2465a75aa7183532ad5f19b79f
app.airhelp.com/ota/ebookers_com/ 		24 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Requested by
Host: www.ebookers.com
URL: https://www.ebookers.com/api/airhelp/claim/93160c71-abf1-4262-a2f1-470bc934135f?EMLCID=EBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC&EMLDTL=DATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.20.42.87 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b279bc6a30e5921436e8d20266c4a00c95fac6e4d1b9630a1324b89f2c135afe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
app.airhelp.com
:scheme
https
:path
/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.ebookers.com/api/airhelp/claim/93160c71-abf1-4262-a2f1-470bc934135f?EMLCID=EBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC&EMLDTL=DATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
71C6C2DCB39B014ECFD5D237F353AE61
Referer
https://www.ebookers.com/api/airhelp/claim/93160c71-abf1-4262-a2f1-470bc934135f?EMLCID=EBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC&EMLDTL=DATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX

Response headers

status
200
date
Mon, 28 May 2018 17:16:16 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd6074510dfce23001a63d551dc47818b1527527776; expires=Tue, 28-May-19 17:16:16 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure user_currency=EUR; domain=airhelp.com; path=/; expires=Tue, 28 May 2019 17:16:16 -0000; secure user_country_code=DE; domain=airhelp.com; path=/; expires=Tue, 28 May 2019 17:16:16 -0000; secure
access-control-allow-origin
https://www.airhelp.com
cache-control
max-age=0, private, must-revalidate
content-security-policy-report-only
default-src 'self'; connect-src 'self' 1621922865.log.optimizely.com adm.dynamicyield.com api.mixpanel.com bam.nr-data.net insights.hotjar.com nrpc.olark.com olark.com optimizely.com px.dynamicyield.com; font-src 'self' cdn.dynamicyield.com fonts.googleapis.com fonts.gstatic.com; frame-src 'self' a3.cloud.net js.stripe.com static.olark.com vars.hotjar.com www.youtube.com; img-src 'self' a3.cloud.net cdn.optimizely.com googleusercontent.com graph.facebook.com log.olark.com scontent.xx.fbcdn.net static.g.doubleclick.net static.olark.com stats.g.doubleclick.net t.co www.facebook.com www.google-analytics.com www.google.com www.google.pl www.salesmanago.pl maps.google.com *.gstatic.com maps.googleapis.com *.googleusercontent.com; media-src 'self' static.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' a3.cloud.net airhelp.postaffiliatepro.com analytics.twitter.com api.olark.com assets.olark.com bam.nr-data.net cdn.dynamicyield.com cdn.mxpnl.com cdn.optimizely.com cdnjs.cloudflare.com connect.facebook.net js-agent.newrelic.com js.stripe.com maps.google.com maps.googleapis.com nrpc.olark.com scanner-stats-gate-production.airhelp.com scanner-stats-gate-staging.airhelp.com script.hotjar.com sixpack-staging.ahinternal.net sixpack.ahinternal.net st.dynamicyield.com static.ads-twitter.com static.dynamicyield.com static.hotjar.com static.olark.com www.google-analytics.com www.googletagmanager.com www.salesmanago.pl; style-src 'self' 'unsafe-inline' cdn.dynamicyield.com fonts.googleapis.com static.olark.com; report-uri https://csp-reports.airhelp.com/report
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding Origin
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
sameorigin
x-lb
mainlb2-production
x-permitted-cross-domain-policies
none
x-request-id
05d48e15-e31d-46ac-befb-1b35fd0cb31c
x-runtime
0.019089
x-whom
webapp2-production
x-xss-protection
1; mode=block
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
42225e3a1f4d6463-FRA
content-encoding
gzip
api_dynamic.js
cdn.dynamicyield.com/api/8768110/ 		226 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/api/8768110/api_dynamic.js
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Server
23.67.133.228 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-67-133-228.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
78a7b789706fd17b84d2e9b08b5f374158d06abeec0ccdfc6a76c99b7349a522

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 28 May 2018 17:16:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 May 2018 11:53:24 GMT
Server
AmazonS3
ETag
"d7ad4aaa521fa948a8138ba09a2dc542"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39339
Expires
Mon, 28 May 2018 17:21:16 GMT
api_static.js
cdn.dynamicyield.com/api/8768110/ 		233 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/api/8768110/api_static.js
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Server
23.67.133.228 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-67-133-228.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5840d31b7503de1af6719b6aec3e37443d9ee22a1d44a63d4df9abd106cec456

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 28 May 2018 17:16:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 May 2018 11:53:25 GMT
Server
AmazonS3
ETag
"80a2f5f4e03b6e79c9ece938bbcb1392"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66506
Expires
Mon, 28 May 2018 18:16:16 GMT
css
fonts.googleapis.com/ 		3 KB
600 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700|Roboto:400,900italic,900,700italic,700,500italic,500,400italic,300italic,300&subset=latin-ext
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
SPDY
Server
172.217.23.138 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f10.1e100.net
Software
ESF /
Resource Hash
5ed5b72921ddf1f509f86555b96315b4e700612cc8e52bec721e70497898f943
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 28 May 2018 17:16:16 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection
1; mode=block
expires
Mon, 28 May 2018 17:16:16 GMT
vendor-f8226ce8a53c65368f8ed44f45ea79aa.css
app.airhelp.com/assets/ember-cli/apps/frontend/assets/ 		160 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.airhelp.com/assets/ember-cli/apps/frontend/assets/vendor-f8226ce8a53c65368f8ed44f45ea79aa.css
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.20.42.87 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
559f2f82db41480678960b52f24f23bd56bfb0c5a7f1c589c1a05fcd50550e36
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/assets/ember-cli/apps/frontend/assets/vendor-f8226ce8a53c65368f8ed44f45ea79aa.css
pragma
no-cache
cookie
__cfduid=dd6074510dfce23001a63d551dc47818b1527527776; user_currency=EUR; user_country_code=DE
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
app.airhelp.com
referer
https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
:scheme
https
:method
GET
Referer
https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 28 May 2018 17:16:16 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
x-cache-status
MISS
status
200
last-modified
Mon, 28 May 2018 12:58:17 GMT
server
cloudflare
etag
W/"f8226ce8a53c65368f8ed44f45ea79aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
expires
Tue, 29 May 2018 17:16:16 GMT
cache-control
public, max-age=86400
cf-ray
42225e3aafe46463-FRA
x-lb
mainlb2-production
frontend-d29a1fa4d5a99ab615465837e7df1427.css
app.airhelp.com/assets/ember-cli/apps/frontend/assets/ 		353 KB
84 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.airhelp.com/assets/ember-cli/apps/frontend/assets/frontend-d29a1fa4d5a99ab615465837e7df1427.css
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.20.42.87 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb752d87efda3c97dc31dcc2e9adbc70730fde612505d1b942cffd6e0b9c818f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/assets/ember-cli/apps/frontend/assets/frontend-d29a1fa4d5a99ab615465837e7df1427.css
pragma
no-cache
cookie
__cfduid=dd6074510dfce23001a63d551dc47818b1527527776; user_currency=EUR; user_country_code=DE
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
app.airhelp.com
referer
https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
:scheme
https
:method
GET
Referer
https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 28 May 2018 17:16:16 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
x-cache-status
MISS
status
200
last-modified
Mon, 28 May 2018 12:58:16 GMT
server
cloudflare
etag
W/"ac2c25b60f17fe3187d9b71c8fa0d903"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
expires
Tue, 29 May 2018 17:16:16 GMT
cache-control
public, max-age=86400
cf-ray
42225e3aafe56463-FRA
x-lb
mainlb1-production
ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js
app.airhelp.com/assets/ 		4 MB
798 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.20.42.87 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d9d2a1992dc80751afe730cc3e68fbd2fa596264bcc71b0e8dafc7272ef83ad
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js
pragma
no-cache
cookie
__cfduid=dd6074510dfce23001a63d551dc47818b1527527776; user_currency=EUR; user_country_code=DE
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
app.airhelp.com
referer
https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
:scheme
https
:method
GET
Referer
https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 28 May 2018 17:16:16 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
cf-polished
origSize=3870457
x-cache-status
MISS
status
200
cf-bgj
minify
last-modified
Mon, 28 May 2018 12:58:17 GMT
server
cloudflare
etag
W/"8d5a004b310566e5352b79e40dadcdde"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
expires
Tue, 29 May 2018 17:16:16 GMT
cache-control
public, max-age=86400
cf-ray
42225e3aafe66463-FRA
x-lb
mainlb1-production
st
st.dynamicyield.com/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.dynamicyield.com/st?sec=8768110&inHead=true&id=0&ref=https%3A%2F%2Fwww.ebookers.com%2Fapi%2Fairhelp%2Fclaim%2F93160c71-abf1-4262-a2f1-470bc934135f%3FEMLCID%3DEBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC%26EMLDTL%3DDATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX&sr=1600x1200&altip=
Requested by
Host: www.ebookers.com
URL: https://www.ebookers.com/api/airhelp/claim/93160c71-abf1-4262-a2f1-470bc934135f?EMLCID=EBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC&EMLDTL=DATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX
Protocol
SPDY
Server
104.16.128.227 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
167a7e91e48039dca8f2eb3b91397837c40fa19018a8831bd6c0e0cb77066e4e

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 28 May 2018 17:16:16 GMT
content-encoding
gzip
content-type
text/javascript; charset=utf-8
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun
9611244934 stream 0.000000 0210 e6be
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
status
200
cache-control
no-cache
cf-ray
42225e3b9a189706-FRA
expires
Mon, 28 May 2018 17:16:15 GMT
gtm.js
www.googletagmanager.com/ 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KRBL8PV
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
SPDY
Server
172.217.22.8 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f8.1e100.net
Software
Google Tag Manager (scaffolding) /
Resource Hash
5fbe0ebfdbd266610f54bfd01a68a2bdd21c415dc0cd674226ba65d34501a47e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 28 May 2018 17:16:16 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
32798
x-xss-protection
1; mode=block
expires
Mon, 28 May 2018 17:16:16 GMT
fbevents.js
connect.facebook.net/en_US/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
SPDY
Server
157.240.20.19 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
112560223d7dcf6f78bd1f4f1271590233b6cd02adf7a10f896b0f628c2c4d24
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
12398
x-xss-protection
0
pragma
public
x-fb-debug
sEi06v+tIeDCmb6wym52ZQ08/Oo1AZBKrDxCNpTSM60cEk5xO6BnJHi6+xKDjV8XZ/SnGpRXyZVpYBKMDWz0uA==
x-frame-options
DENY
date
Mon, 28 May 2018 17:16:16 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
SPDY
Server
130.211.5.208 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
208.5.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4a2cc824166231689520718f5c6c1e486f8f202ad634db9b901f2f3e2b2a9210

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 28 May 2018 17:11:31 GMT
content-encoding
gzip
age
285
x-guploader-uploadid
AEnB2UoqNOsqk4DQ7FsY2aFBabc7vkR_lieMlejaihbQaKzl7e-KcAUpTiploLwcSELlHlf04hBSHxpyOYCRXvHptWqZ5IPqSg
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
20733
last-modified
Sat, 26 May 2018 09:07:49 GMT
server
UploadServer
etag
"3c2e1cab5d047e42d1961ccedcb54927"
vary
Accept-Encoding
x-goog-hash
crc32c=CQZ5Zg==, md5=PC4cq10EfkLRlhzO3LVJJw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1527325669188779
cache-control
public,max-age=600
x-goog-stored-content-length
20733
accept-ranges
bytes
content-type
application/octet-stream
expires
Mon, 28 May 2018 17:21:31 GMT
/
api.mixpanel.com/decide/ 		65 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=bed105cde3994ce06dd6e34dd9bdd0f1&ip=1&_=1527527776726
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Server
159.122.19.158 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
9e.13.7a9f.ip4.static.sl-reverse.com
Software
nginx/1.11.1 /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com

Response headers

Date
Mon, 28 May 2018 17:16:16 GMT
Via
1.1 google
Server
nginx/1.11.1
Access-Control-Allow-Headers
X-Requested-With
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://app.airhelp.com
Access-Control-Max-Age
1728000
Cache-Control
no-cache, no-store
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
Alt-Svc
clear
/
api.mixpanel.com/track/ 		1 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiTGludXgiLCIkYnJvd3NlciI6ICJDaHJvbWUiLCIkcmVmZXJyZXIiOiAiaHR0cHM6Ly93d3cuZWJvb2tlcnMuY29tL2FwaS9haXJoZWxwL2NsYWltLzkzMTYwYzcxLWFiZjEtNDI2Mi1hMmYxLTQ3MGJjOTM0MTM1Zj9FTUxDSUQ9RUJPT0tFUlMtVUsuUFQuRVZFTlRUUklHR0VSRURNQUlMSU5HLkFJUkhFTFBOT1RJRklDQVRJT05TLkdFTkVSSUMmRU1MRFRMPURBVEUyMDE4MDUyMy1JU1NVWC5TSURYLktFWTkzMzUwMjQwODc0LlBBSURYLkxBTkdFTl9HQi5NQ0lEWC5URVNUWC5WRVJTWC5NSURTWCIsIiRyZWZlcnJpbmdfZG9tYWluIjogInd3dy5lYm9va2Vycy5jb20iLCIkY3VycmVudF91cmwiOiAiaHR0cHM6Ly9hcHAuYWlyaGVscC5jb20vb3RhL2Vib29rZXJzX2NvbS80ZGY1YmQyNDY1YTc1YWE3MTgzNTMyYWQ1ZjE5Yjc5Zj9sYW5nPWVuJmFoY2lkPTI1bWF5JnV0bV9jYW1wYWlnbj1leHBlZGlhJnV0bV9zb3VyY2U9b3RhJnV0bV9tZWRpdW09ZW1haWwiLCIkYnJvd3Nlcl92ZXJzaW9uIjogNjYsIiRzY3JlZW5faGVpZ2h0IjogMTIwMCwiJHNjcmVlbl93aWR0aCI6IDE2MDAsIm1wX2xpYiI6ICJ3ZWIiLCIkbGliX3ZlcnNpb24iOiAiMi4yMi4xIiwiZGlzdGluY3RfaWQiOiAiMTYzYTdjMDIxZDM0ZTAtMGQwZDhiNjQ1ZTljZWItM2I2MjEyN2MtMWQ0YzAwLTE2M2E3YzAyMWQ0NmMzIiwidXRtX3NvdXJjZSI6ICJvdGEiLCJ1dG1fbWVkaXVtIjogImVtYWlsIiwidXRtX2NhbXBhaWduIjogImV4cGVkaWEiLCIkaW5pdGlhbF9yZWZlcnJlciI6ICJodHRwczovL3d3dy5lYm9va2Vycy5jb20vYXBpL2FpcmhlbHAvY2xhaW0vOTMxNjBjNzEtYWJmMS00MjYyLWEyZjEtNDcwYmM5MzQxMzVmP0VNTENJRD1FQk9PS0VSUy1VSy5QVC5FVkVOVFRSSUdHRVJFRE1BSUxJTkcuQUlSSEVMUE5PVElGSUNBVElPTlMuR0VORVJJQyZFTUxEVEw9REFURTIwMTgwNTIzLUlTU1VYLlNJRFguS0VZOTMzNTAyNDA4NzQuUEFJRFguTEFOR0VOX0dCLk1DSURYLlRFU1RYLlZFUlNYLk1JRFNYIiwiJGluaXRpYWxfcmVmZXJyaW5nX2RvbWFpbiI6ICJ3d3cuZWJvb2tlcnMuY29tIiwibXBfcGFnZSI6ICJodHRwczovL2FwcC5haXJoZWxwLmNvbS9vdGEvZWJvb2tlcnNfY29tLzRkZjViZDI0NjVhNzVhYTcxODM1MzJhZDVmMTliNzlmP2xhbmc9ZW4mYWhjaWQ9MjVtYXkmdXRtX2NhbXBhaWduPWV4cGVkaWEmdXRtX3NvdXJjZT1vdGEmdXRtX21lZGl1bT1lbWFpbCIsIm1wX3JlZmVycmVyIjogImh0dHBzOi8vd3d3LmVib29rZXJzLmNvbS9hcGkvYWlyaGVscC9jbGFpbS85MzE2MGM3MS1hYmYxLTQyNjItYTJmMS00NzBiYzkzNDEzNWY%2FRU1MQ0lEPUVCT09LRVJTLVVLLlBULkVWRU5UVFJJR0dFUkVETUFJTElORy5BSVJIRUxQTk9USUZJQ0FUSU9OUy5HRU5FUklDJkVNTERUTD1EQVRFMjAxODA1MjMtSVNTVVguU0lEWC5LRVk5MzM1MDI0MDg3NC5QQUlEWC5MQU5HRU5fR0IuTUNJRFguVEVTVFguVkVSU1guTUlEU1giLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIkxpbnV4IiwidG9rZW4iOiAiYmVkMTA1Y2RlMzk5NGNlMDZkZDZlMzRkZDliZGQwZjEifX0%3D&ip=1&_=1527527776743
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Server
159.122.19.207 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
cf.13.7a9f.ip4.static.sl-reverse.com
Software
nginx/1.11.1 /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com

Response headers

Date
Mon, 28 May 2018 17:16:17 GMT
Server
nginx/1.11.1
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://app.airhelp.com
Access-Control-Expose-Headers
X-MP-CE-Backoff
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1
identity.js
connect.facebook.net/signals/plugins/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.8.14
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
SPDY
Server
157.240.20.19 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
ac28f3941c05aead617596d4b8430a297856a4c1ac9f9db3db2a5f2dd0ed43c3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
6701
x-xss-protection
0
pragma
public
x-fb-debug
80ZHxGY0gKjvbaZZmVxFLgujLGyiEDLEk75yho+F2XjodgRwINH35n9+3/uk55jtk6inBcYf/WRSC3xiy3luDg==
x-frame-options
DENY
date
Mon, 28 May 2018 17:16:16 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
307133519633829
connect.facebook.net/signals/config/ 		55 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/307133519633829?v=2.8.14&r=stable
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
SPDY
Server
157.240.20.19 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
ff8829046d797af369ec919737de49ca6684bb8260d20fc9111ece53a8397d30
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
13394
x-xss-protection
0
pragma
public
x-fb-debug
ck66kA4meKzLk1l+czXslp3x2xXMzXSTWqpZ7aE7X4EGjudP8sdJ9uur0z1X8FOkEY+FjWex6xub89ltdaHzSQ==
x-frame-options
DENY
date
Mon, 28 May 2018 17:16:16 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
dy-coll-min.js
static.dynamicyield.com/scripts/12308/ 		267 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dynamicyield.com/scripts/12308/dy-coll-min.js
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Server
146.185.16.178 , United Kingdom, ASN13213 (UK2NET-AS, GB),
Reverse DNS
92b910b2.rdns.100tb.com
Software
nginx/1.8.0 /
Resource Hash
5f67a59ebc331e00970d522945ac136d1955db04a9ddafe190a63d8f8f8fc9c3

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 28 May 2018 17:16:16 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 May 2018 09:01:43 GMT
Server
nginx/1.8.0
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
85384
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
www.facebook.com/tr/ 		44 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=307133519633829&ev=PageView&dl=https%3A%2F%2Fapp.airhelp.com%2Fota%2Febookers_com%2F4df5bd2465a75aa7183532ad5f19b79f%3Flang%3Den%26ahcid%3D25may%26utm_campaign%3Dexpedia%26utm_source%3Dota%26utm_medium%3Demail&rl=https%3A%2F%2Fwww.ebookers.com%2Fapi%2Fairhelp%2Fclaim%2F93160c71-abf1-4262-a2f1-470bc934135f%3FEMLCID%3DEBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC%26EMLDTL%3DDATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX&if=false&ts=1527527776853&sw=1600&sh=1200&ud[ge]=91ab5bbca993306358db9f3236e5019cb224a01daf8d94cda6b47ddb2c83487a&ud[ct]=91ab5bbca993306358db9f3236e5019cb224a01daf8d94cda6b47ddb2c83487a&ud[zp]=91ab5bbca993306358db9f3236e5019cb224a01daf8d94cda6b47ddb2c83487a&v=2.8.14&r=stable&ec=0&o=60&it=1527527776787
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
SPDY
Server
185.60.216.38 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 28 May 2018 17:16:16 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 28 May 2018 17:16:16 GMT
report
csp-reports.airhelp.com/ 		0
34 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2405
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e3f6b4396b2-FRA
content-length
0
bat.js
bat.bing.com/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
SPDY
Server
204.79.197.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
b16aa4872ac68c1c93b346d265c99d6a83aacac1ba43f1e8f180573a3408787c

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 28 May 2018 17:16:16 GMT
content-encoding
gzip
last-modified
Thu, 17 May 2018 20:25:04 GMT
x-msedge-ref
Ref A: 06A212B92AA3461BA75A4E13F7461F5F Ref B: FRAEDGE0218 Ref C: 2018-05-28T17:16:17Z
status
200
etag
"0d071231deed31:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
6586
9ulljm
airhelp.postaffiliatepro.com/scripts/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://airhelp.postaffiliatepro.com/scripts/9ulljm
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
SPDY
Server
139.162.206.25 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1369-25.members.linode.com
Software
nginx /
Resource Hash
e496d2362d451b3b4f900317addc08ae9ba4e780d2b777228760ee72b850de10

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
content-encoding
gzip
last-modified
Tue, 22 May 2018 15:12:08 GMT
server
nginx
age
104
etag
W/"7d74-56cccd77d6200"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=120
x-varnish
895977830 897847178
accept-ranges
bytes
content-length
7262
via
1.1 varnish (2.lb-app.pap.linode-uk)
expires
Mon, 28 May 2018 17:16:32 GMT
report
csp-reports.airhelp.com/ 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2436
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e3f6b4596b2-FRA
content-length
0
watch.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		107 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
SPDY
Server
104.16.88.20 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
edc211e9b5530cc5dae1b76455d98ab1550e90813d473143eaf8aa04f9c9d9ee

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cache
MISS, HIT
status
200
content-length
38219
x-served-by
cache-ams4129-AMS, cache-hhn1532-HHN
timing-allow-origin
*
server
cloudflare
etag
"1aad8-xBuNq26wpMDFC7GL2IWNNlDb69w"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
cf-ray
42225e3f4f1463eb-FRA
report
csp-reports.airhelp.com/ 		0
299 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2691
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e3fbb8196b2-FRA
content-length
0
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-ref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Febookers_com%2F4df5bd2465a75aa7183532ad5f19b79f%3Flang%3Den%26ahcid%3D25may%26utm_campaign%3Dexpedia%26utm_source...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Febookers_com%2F4df5bd2465a75aa7183532ad5f19b79f%3Flang%3Den%26ahcid%3D25may%26utm_campaign%3Dexpedia%26utm_sour...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Febookers_com%2F4df5bd2465a75aa7183532ad5f19b79f%3Flang%3Den%26ahcid%3D25may%26utm_campaign%3Dexpedia%26utm_source%3Dota%26utm_medium%3Demail&charset=utf-8&browser-info=ti%3A10%3Ast%3A1527527777%3Au%3A1527527777775950031%3Ahi%3A
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
nginx/1.8.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 May 2018 17:16:17 GMT
Last-Modified
Mon, 28 May 2018 17:16:17 GMT
Server
nginx/1.8.1
Location
https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Febookers_com%2F4df5bd2465a75aa7183532ad5f19b79f%3Flang%3Den%26ahcid%3D25may%26utm_campaign%3Dexpedia%26utm_source%3Dota%26utm_medium%3Demail&charset=utf-8&browser-info=ti%3A10%3Ast%3A1527527777%3Au%3A1527527777775950031%3Ahi%3A
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin
https://app.airhelp.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 28 May 2018 17:16:17 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 May 2018 17:16:17 GMT
Last-Modified
Mon, 28 May 2018 17:16:17 GMT
Server
nginx/1.8.1
Location
https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Febookers_com%2F4df5bd2465a75aa7183532ad5f19b79f%3Flang%3Den%26ahcid%3D25may%26utm_campaign%3Dexpedia%26utm_source%3Dota%26utm_medium%3Demail&charset=utf-8&browser-info=ti%3A10%3Ast%3A1527527777%3Au%3A1527527777775950031%3Ahi%3A
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin
https://app.airhelp.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 28 May 2018 17:16:17 GMT
uia
px.dynamicyield.com/ 		4 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.dynamicyield.com/uia
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Server
50.19.214.5 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-50-19-214-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
545c38b0922de19734fbffde62792c37c2aef6a3216cfa472449173165220f7d

Request headers

Accept
*/*
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Mon, 28 May 2018 17:16:17 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
24
Expires
Mon, 28 May 2018 17:16:16 GMT
report
csp-reports.airhelp.com/ 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2210
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e3ffbb896b2-FRA
content-length
0
advert.gif
ymetrica1.com/metrika/ 		43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ymetrica1.com/metrika/advert.gif
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Server
18.184.128.7 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-184-128-7.eu-central-1.compute.amazonaws.com
Software
nginx/1.8.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 28 May 2018 17:16:17 GMT
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.8.1
Strict-Transport-Security
max-age=31536000
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 20 Apr 2048 17:16:17 GMT
report
csp-reports.airhelp.com/ 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2636
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e400bc096b2-FRA
content-length
0
0
bat.bing.com/action/ 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5949493&Ver=2&mid=b57761bb-7d7a-3b37-9eec-15bd0c58c23c&evt=pageLoad&sid=779cfa1d-1&lt=847&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=AirHelp&r=https%3A%2F%2Fwww.ebookers.com%2Fapi%2Fairhelp%2Fclaim%2F93160c71-abf1-4262-a2f1-470bc934135f&p=https%3A%2F%2Fapp.airhelp.com%2Fota%2Febookers_com%2F4df5bd2465a75aa7183532ad5f19b79f%3Flang%3Den%26ahcid%3D25may%26utm_campaign%3Dexpedia%26utm_source%3Dota%26utm_medium%3Demail&msclkid=N&rn=530703
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
SPDY
Server
204.79.197.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Mon, 28 May 2018 17:16:16 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 46F7C58FECF947FC9E617F9E8A5DD6A3 Ref B: FRAEDGE0218 Ref C: 2018-05-28T17:16:17Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
var
px.dynamicyield.com/ 		0
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.dynamicyield.com/var?_=918071&msn=webserve-ef82ef5.use&uid=1044835566049048928&sec=8768110&t=ri&e=401389&p=1&ve=4242098&va=%5B11443521%5D&ses=3083e68c748d1d9ccd2c2c2c8b41bc74&nses=false&sesst=0&expSes=90540&aud=334081.457222.509995.333563.333568&expVisitId=-27117501655115598&mech=1&smech=null&eri=1&tsrc=Referral&reqts=1527527777283&rri=8227936
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Server
50.16.215.156 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-50-16-215-156.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com

Response headers

Date
Mon, 28 May 2018 17:16:17 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
20
Expires
Mon, 28 May 2018 17:16:16 GMT
var
px.dynamicyield.com/ 		0
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.dynamicyield.com/var?_=705039&msn=webserve-ef82ef5.use&uid=1044835566049048928&sec=8768110&t=ri&e=477116&p=1&ve=4828632&va=%5B13159951%5D&ses=3083e68c748d1d9ccd2c2c2c8b41bc74&nses=false&sesst=0&expSes=90540&aud=334081.457222.509995.333563.333568&expVisitId=-27117502784346980&mech=1&smech=null&eri=1&tsrc=Referral&reqts=1527527777285&rri=644336
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Server
50.16.215.156 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-50-16-215-156.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com

Response headers

Date
Mon, 28 May 2018 17:16:17 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
20
Expires
Mon, 28 May 2018 17:16:16 GMT
report
csp-reports.airhelp.com/ 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2198
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e405bf596b2-FRA
content-length
0
1
mc.yandex.ru/watch/3/ 		77 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=https%3A%2F%2Fapp.airhelp.com%2Fota%2Febookers_com%2F4df5bd2465a75aa7183532ad5f19b79f%3Flang%3Den%26ahcid%3D25may%26utm_campaign%3Dexpedia%26utm_source%3Dota%26utm_medium%3Demail&charset=utf-8&browser-info=ti%3A10%3Ast%3A1527527777%3Au%3A1527527777775950031%3Ahi%3A
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
nginx/1.8.1 /
Resource Hash
c51a5eb51bfc3a85dd6152f458be827b701499d9767d4b0f86dc0f528724bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-DevTools-Emulate-Network-Conditions-Client-Id
71C6C2DCB39B014ECFD5D237F353AE61
Origin
https://app.airhelp.com
Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 28 May 2018 17:16:17 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 May 2018 17:16:17 GMT
Server
nginx/1.8.1
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin
https://app.airhelp.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
77
X-XSS-Protection
1; mode=block
Expires
Mon, 28 May 2018 17:16:17 GMT
/
www.facebook.com/tr/ 		44 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=307133519633829&ev=Microdata&dl=https%3A%2F%2Fapp.airhelp.com%2Fota%2Febookers_com%2F4df5bd2465a75aa7183532ad5f19b79f%3Flang%3Den%26ahcid%3D25may%26utm_campaign%3Dexpedia%26utm_source%3Dota%26utm_medium%3Demail&rl=https%3A%2F%2Fwww.ebookers.com%2Fapi%2Fairhelp%2Fclaim%2F93160c71-abf1-4262-a2f1-470bc934135f%3FEMLCID%3DEBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC%26EMLDTL%3DDATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX&if=false&ts=1527527777358&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Claim%20your%20compensation%20for%20delayed%20or%20canceled%20flight%20using%20AirHelp!%22%2C%22og%3Adescription%22%3A%22Did%20you%20know%20that%20airlines%20are%20legally%20obligated%20to%20pay%20you%20compensation%20of%20up%20to%20%E2%82%AC600%20for%20delayed%20or%20canceled%20flights%3F%20It%E2%80%99s%20the%20airlines%E2%80%99%20best-kept%20secret.%20Go%20to%20www.airhelp.com%20and%20get%20the%20money%20you%20rightfully%20deserve!%5Cn%22%2C%22og%3Asite_name%22%3A%22AirHelp%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fapp.airhelp.com%2Fclaims%2Fnew%3Flang%3Den%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fapp.airhelp.com%2Fah_social_logo.png%22%7D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20AirHelp%5Cn%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&ud[ge]=91ab5bbca993306358db9f3236e5019cb224a01daf8d94cda6b47ddb2c83487a&ud[ct]=91ab5bbca993306358db9f3236e5019cb224a01daf8d94cda6b47ddb2c83487a&ud[zp]=91ab5bbca993306358db9f3236e5019cb224a01daf8d94cda6b47ddb2c83487a&v=2.8.14&r=stable&ec=1&o=60&it=1527527776787&es=automatic
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
SPDY
Server
185.60.216.38 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 28 May 2018 17:16:17 GMT
batch
px.dynamicyield.com/ 		0
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.dynamicyield.com/batch?_=1527527777361_20931
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Server
23.23.152.43 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-23-152-43.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 28 May 2018 17:16:17 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
20
Expires
Mon, 28 May 2018 17:16:16 GMT
9ullrm
airhelp.postaffiliatepro.com/scripts/ 		66 B
338 B 		Script
General
Check archive.org
Download Go to
Full URL
https://airhelp.postaffiliatepro.com/scripts/9ullrm?accountId=default1&url=S_app.airhelp.com%2Fota%2Febookers_com%2F4df5bd2465a75aa7183532ad5f19b79f&referrer=S_www.ebookers.com%2Fapi%2Fairhelp%2Fclaim%2F93160c71-abf1-4262-a2f1-470bc934135f%3FEMLCID%3DEBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC%26EMLDTL%3DDATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX&getParams=%3Flang%3Den%26ahcid%3D25may%26utm_campaign%3Dexpedia%26utm_source%3Dota%26utm_medium%3Demail&anchor=&isInIframe=false&cookies=
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
SPDY
Server
139.162.206.25 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1369-25.members.linode.com
Software
nginx /
Resource Hash
462816d2892984d64977e156d951aa8c296f33fb3c943ebf048245446601ab40

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status
200
date
Mon, 28 May 2018 17:16:17 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
nginx
content-type
application/octet-stream, application/x-javascript
content-length
66
expires
Mon, 26 Jul 1997 05:00:00 GMT
report
csp-reports.airhelp.com/ 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2215
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e409c2096b2-FRA
content-length
0
sync_cookie_image_decide
ymetrica1.com/
Redirect Chain
  • https://ymetrica1.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=ymetrica1.com&token=1801.txjzl2tNuqSHvxqSs65c4T-vbTLYhlWrlsqiOopA0g_I2fe-mrbDu6xfbXktKvFB.unHlEV-yfUDuPV55QUoI1bELK6Q%2C
  • https://ymetrica1.com/sync_cookie_image_decide?token=1801.tyMZEU_Hx8-OHTnMm9WRoPGuGYjCkkJ70thhxoLWSWQhUawSSOE8skKEDUE8fwSQkRsBgmWth4XxR-j2Axs3MXOBY_mlA3si6By3aY7huYI%2C.CRPl0DMT79mHoPAGJGPxMmC3Lk8%2C
43 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ymetrica1.com/sync_cookie_image_decide?token=1801.tyMZEU_Hx8-OHTnMm9WRoPGuGYjCkkJ70thhxoLWSWQhUawSSOE8skKEDUE8fwSQkRsBgmWth4XxR-j2Axs3MXOBY_mlA3si6By3aY7huYI%2C.CRPl0DMT79mHoPAGJGPxMmC3Lk8%2C
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Server
18.184.128.7 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-184-128-7.eu-central-1.compute.amazonaws.com
Software
nginx/1.8.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 May 2018 17:16:17 GMT
Last-Modified
Mon, 28 May 2018 17:16:17 GMT
Server
nginx/1.8.1
Strict-Transport-Security
max-age=31536000
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 28 May 2018 17:16:17 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 May 2018 17:16:17 GMT
Last-Modified
Mon, 28 May 2018 17:16:17 GMT
Server
nginx/1.8.1
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Location
https://ymetrica1.com/sync_cookie_image_decide?token=1801.tyMZEU_Hx8-OHTnMm9WRoPGuGYjCkkJ70thhxoLWSWQhUawSSOE8skKEDUE8fwSQkRsBgmWth4XxR-j2Axs3MXOBY_mlA3si6By3aY7huYI%2C.CRPl0DMT79mHoPAGJGPxMmC3Lk8%2C
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 28 May 2018 17:16:17 GMT
report
csp-reports.airhelp.com/ 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2190
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e413c9096b2-FRA
content-length
0
report
csp-reports.airhelp.com/ 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2191
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e416cd096b2-FRA
content-length
0
report
csp-reports.airhelp.com/ 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
3254
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e41ad0b96b2-FRA
content-length
0
46270659
mc.yandex.ru/watch/ 		152 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/46270659?wmode=7&page-ref=https%3A%2F%2Fwww.ebookers.com%2Fapi%2Fairhelp%2Fclaim%2F93160c71-abf1-4262-a2f1-470bc934135f%3FEMLCID%3DEBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC%26EMLDTL%3DDATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX&page-url=https%3A%2F%2Fapp.airhelp.com%2Fota%2Febookers_com%2F4df5bd2465a75aa7183532ad5f19b79f%3Flang%3Den%26ahcid%3D25may%26utm_campaign%3Dexpedia%26utm_source%3Dota%26utm_medium%3Demail&charset=utf-8&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180528171617%3Aet%3A1527527778%3Aen%3Autf-8%3Av%3A1140%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A918213142%3Ahid%3A847898517%3Ads%3A6%2C21%2C74%2C3%2C1%2C0%2C0%2C739%2C1%2C%2C%2C%2C846%3Ast%3A1527527778%3Au%3A1527527777775950031%3Ahi%3A%3At%3AAirHelp
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
nginx/1.8.1 /
Resource Hash
37d426cc1c278ac09d1dcc846b85093302364e7102a21ba5b4f62dbab09a8633
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 28 May 2018 17:16:17 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 May 2018 17:16:17 GMT
Server
nginx/1.8.1
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin
https://app.airhelp.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Mon, 28 May 2018 17:16:17 GMT
report
csp-reports.airhelp.com/ 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2420
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e41ad0c96b2-FRA
content-length
0
shim.4ae54d20.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/w501ykte
  • https://js.intercomcdn.com/shim.4ae54d20.js
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.4ae54d20.js
Protocol
SPDY
Server
13.32.222.80 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2460e2bbcc49c2639d1bc6284f44bf45ffc7edd723601677305965fef1e40ce9

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 28 May 2018 15:34:03 GMT
content-encoding
gzip
last-modified
Mon, 28 May 2018 15:34:03 GMT
server
AmazonS3
age
6134
etag
"764577ef51c127cad838a374b2669c93"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=604800, s-maxage=7200, public
accept-ranges
bytes
content-length
1084
via
1.1 4212187803e21d93459a7f54ccbb680a.cloudfront.net (CloudFront)
x-amz-cf-id
553xPtFEGDIDQu5Rp8eV3Mbxx1Ddy5Nbz-LtR0FtL5V7a-jY4ppsQQ==

Redirect headers

date
Mon, 28 May 2018 17:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142
x-cache
Hit from cloudfront
status
302, 302 Found
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
b3kuuvg4bt52j9c6r3gg
x-runtime
0.005918
location
https://js.intercomcdn.com/shim.4ae54d20.js
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31557600; includeSubDomains; preload
content-type
text/html; charset=utf-8
via
1.1 3c2476383ec2dd20b3b952b944a0f17d.cloudfront.net (CloudFront)
x-intercom-version
5d68cae8df40e7357caab84bd028495239fd87f9
cache-control
no-cache
x-amz-cf-id
SIhdXjQVH-46uq9d3gVeNwnqcs5-fVIvbgrNS0490P02zSn2FMRSXA==
nr-spa-1071.min.js
js-agent.newrelic.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1071.min.js
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
SPDY
Server
151.101.14.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0f3a0b6bb569a4c29d1bf5e034f9ec975d04b45edfd66ebff73ed5cf4a22447

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
content-encoding
gzip
x-amz-request-id
FC356548B5CDDE42
x-cache
HIT
status
200
content-length
12624
x-amz-id-2
jRoTSqZ53acgwoLvagE4+yY+KBPbW4Thg6m8tLQTHZ6n4Wtn9PPp2aP6hQNl2b/boV4wbPTdNUk=
x-served-by
cache-fra19145-FRA
last-modified
Wed, 28 Feb 2018 23:35:17 GMT
server
AmazonS3
x-timer
S1527527778.581276,VS0,VE0
etag
"c4be07d99198e723860aeee65fd397cf"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
5465
KFOmCnqEu92Fr1Mu7GxP.ttf
fonts.gstatic.com/s/roboto/v18/ 		53 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxP.ttf
Requested by
Host: static.dynamicyield.com
URL: https://static.dynamicyield.com/scripts/12308/dy-coll-min.js
Protocol
SPDY
Server
172.217.23.131 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f3.1e100.net
Software
sffe /
Resource Hash
d3060bf098e706a423719a079df0762543a2400558bb68011d029104c78e29ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700|Roboto:400,900italic,900,700italic,700,500italic,500,400italic,300italic,300&subset=latin-ext
Origin
https://app.airhelp.com

Response headers

date
Wed, 09 May 2018 03:58:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1689485
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
29327
x-xss-protection
1; mode=block
last-modified
Mon, 16 Oct 2017 17:32:50 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 May 2019 03:58:12 GMT
report
csp-reports.airhelp.com/ 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2433
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e41bd1a96b2-FRA
content-length
0
tfa.js
cdn.taboola.com/libtrc/airhelplimited-sc/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/airhelplimited-sc/tfa.js
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
SPDY
Server
151.101.14.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be09e681e2a3a976c3da91b1b65ecb4f0bacc901d9ea17106b623e32eb2a4d9a

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-amz-version-id
.LhExJF65xhCDUPysXGkGDzy9p0Q7kPQ
content-encoding
gzip
etag
"ba20ad023b43ec8b3701ca5a043c2294"
age
10746
x-cache
HIT
status
200
x-amz-replication-status
PENDING
content-length
4747
x-amz-id-2
55gKhH9aojllF9MdtJy9bkczWHKhlfBY6abOxwKMgHr9q9viafGZEnUx7lVk3DgFRCy26oKBc5g=
x-served-by
cache-fra19149-FRA
last-modified
Mon, 28 May 2018 14:17:12 GMT
server
AmazonS3
x-timer
S1527527778.562614,VS0,VE0
date
Mon, 28 May 2018 17:16:17 GMT
vary
Accept-Encoding
x-amz-request-id
F30FF988892467F8
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
19598
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
SPDY
Server
104.244.43.176 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
content-encoding
gzip
age
62263
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-tw-fra1-cr1-14-TWFRA1
last-modified
Tue, 23 Jan 2018 19:05:33 GMT
x-timer
S1527527778.564886,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
report
csp-reports.airhelp.com/ 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2426
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e41bd1c96b2-FRA
content-length
0
mdn-screenshare.js
js.hellomedian.com/v1/ 		120 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hellomedian.com/v1/mdn-screenshare.js
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
SPDY
Server
13.32.222.64 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-64.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d2cebd57fda1b89a82f5b09a024f1e732ae9ca2a9f29bc2e4a511d24f7e2da3

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 09 May 2018 17:13:45 GMT
content-encoding
gzip
last-modified
Wed, 09 May 2018 17:13:41 GMT
server
AmazonS3
age
86360
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
ym_AXJqAovMm__dnwmwPQJIPaUSU.PK9
status
200
content-type
application/javascript
x-amz-cf-id
tzz-yb8apHDqWddR1IEzYswJl5PqAICEWZZCMdGdybMKP7GA2OJ6ug==
via
1.1 c5ad7defce0694621f07129d852e42da.cloudfront.net (CloudFront)
report
csp-reports.airhelp.com/ 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2264
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e41bd1d96b2-FRA
content-length
0
trendkite
sync.sharethis.com/ 		42 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/trendkite?puid=001i000001jWBafAAG&site=airhelp.com&gtmcb=1491453523
Protocol
HTTP/1.1
Server
35.158.155.203 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-158-155-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 28 May 2018 17:16:17 GMT
P3p
policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Connection
keep-alive
Stid
ZGAHAlsMOWEAAAATJ37qAw==
Content-Length
42
Content-Type
image/gif
report
csp-reports.airhelp.com/ 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2202
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e41ed4896b2-FRA
content-length
0
report
csp-reports.airhelp.com/ 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2446
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e41fd5996b2-FRA
content-length
0
mark
trc.taboola.com/airhelplimited-sc/log/3/ 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/airhelplimited-sc/log/3/mark?tim=17%3A16%3A17.593&item-url=https%3A//app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f%3Flang%3Den%26ahcid%3D25may%26utm_campaign%3Dexpedia%26utm_source%3Dota%26utm_medium%3Demail&marking-type=Suppression
Protocol
SPDY
Server
151.101.14.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-cache-hits
0
x-served-by
cache-fra19149-FRA
pragma
no-cache
server
nginx
x-timer
S1527527778.599811,VS0,VE8
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
adsct
analytics.twitter.com/i/ 		31 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nz7ga&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fapp.airhelp.com%2Fota%2Febookers_com%2F4df5bd2465a75aa7183532ad5f19b79f%3Flang%3Den%26ahcid%3D25may%26utm_campaign%3Dexpedia%26utm_source%3Dota%26utm_medium%3Demail
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
SPDY
Server
104.244.42.131 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
57
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
109
pragma
no-cache
last-modified
Mon, 28 May 2018 17:16:17 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
084eeaeae53f774fb91b19c4306daf77
x-transaction
00b70c620013d7f6
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nz7ga&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Protocol
SPDY
Server
104.244.42.5 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
104
pragma
no-cache
last-modified
Mon, 28 May 2018 17:16:17 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
0d0b1e663ab94f3bef67b2359aa71464
x-transaction
00727bb900e4e0f1
expires
Tue, 31 Mar 1981 05:00:00 GMT
437c0ca09d
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/437c0ca09d?a=6161828&v=1071.385e752&to=el1ZFxBfClsBQUxWRFgdXg0GVR4%3D&rst=1299&ref=https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f&ap=19&be=259&fe=1240&dc=846&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1527527776307,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:8,%22c%22:8,%22s%22:14,%22ce%22:29,%22rq%22:29,%22rp%22:103,%22rpe%22:106,%22dl%22:107,%22di%22:846,%22ds%22:846,%22de%22:847,%22dc%22:1239,%22l%22:1239,%22le%22:1246%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Server
162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
report
csp-reports.airhelp.com/ Frame 5F0F 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.4ae54d20.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2079
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e422d8296b2-FRA
content-length
0
frame.333a081f.js
js.intercomcdn.com/ Frame 5F0F 		2 MB
466 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame.333a081f.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.4ae54d20.js
Protocol
SPDY
Server
13.32.222.80 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
381401189ba0bb03da1ccd37c67de8010457fef8d650ea60edac56f38623d9f1

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 28 May 2018 15:34:04 GMT
content-encoding
gzip
last-modified
Mon, 28 May 2018 15:34:03 GMT
server
AmazonS3
age
6134
etag
"ae9370c12586d0358a905ef537864a06"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=604800, s-maxage=7200, public
accept-ranges
bytes
content-length
476183
via
1.1 4212187803e21d93459a7f54ccbb680a.cloudfront.net (CloudFront)
x-amz-cf-id
sjvjzFwmyukX80IIXhdBmh0MS6uz9Vw2ImnTKyn8JNhRYPmtpHdtWg==
report
csp-reports.airhelp.com/ Frame 5F0F 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.333a081f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2087
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e43ced696b2-FRA
content-length
0
ping
api-iam.intercom.io/messenger/web/ Frame 5F0F 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.333a081f.js
Protocol
HTTP/1.1
Server
34.236.183.36 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-236-183-36.compute-1.amazonaws.com
Software
nginx /
Resource Hash
273bbfac73cc884e6016d07e535028638c6df62e8c832725fcc08325caa1ea75
Security Headers
Name Value
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Mon, 28 May 2018 17:16:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Status
200 OK
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1640
X-XSS-Protection
1; mode=block
X-Request-Id
b3kv02fgk0vq6e02det0
X-Runtime
0.159779
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"261b9259aedbc9599a3d67a0cbd1c20d"
X-RateLimit-Remaining
1970
Strict-Transport-Security
max-age=31557600; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://app.airhelp.com
X-Intercom-Version
5d68cae8df40e7357caab84bd028495239fd87f9
Cache-Control
max-age=0, private, must-revalidate
Access-Control-Allow-Credentials
true
X-RateLimit-Reset
1527527820
X-RateLimit-Limit
2000
Access-Control-Allow-Headers
Content-Type
report
csp-reports.airhelp.com/ 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2238
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e43dedd96b2-FRA
content-length
0
report
csp-reports.airhelp.com/ 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2239
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e43dedf96b2-FRA
content-length
0
report
csp-reports.airhelp.com/ 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2245
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e43dee096b2-FRA
content-length
0
report
csp-reports.airhelp.com/ 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2246
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e43dee196b2-FRA
content-length
0
report
csp-reports.airhelp.com/ 		0
58 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2474
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=ddaa63f0cccb49a8ab6b72b9539f575621527527777; expires=Tue, 28-May-19 17:16:17 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e43eef096b2-FRA
content-length
0
376ac2ab-d557-4bac-ad3f-09beed91b8a9
app.hellomedian.com/api/v1/organizations/settings/ 		288 B
830 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.hellomedian.com/api/v1/organizations/settings/376ac2ab-d557-4bac-ad3f-09beed91b8a9
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Server
34.224.230.241 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-224-230-241.compute-1.amazonaws.com
Software
nginx/1.12.2 + Phusion Passenger 5.2.3 / Phusion Passenger 5.2.3
Resource Hash
39d08f9d0c9352ba529bf0e43cd3d47322191f05d512f1e50f25d726b65679bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com

Response headers

Date
Mon, 28 May 2018 17:16:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
X-Powered-By
Phusion Passenger 5.2.3
Transfer-Encoding
chunked
Status
200 OK
Access-Control-Allow-Methods
GET
Connection
keep-alive
X-Request-Id
84988097-b5ac-44d2-bea7-88622fa4c001
X-Runtime
0.056699
Server
nginx/1.12.2 + Phusion Passenger 5.2.3
Etag
W/"39d08f9d0c9352ba529bf0e43cd3d473"
Access-Control-Max-Age
604800
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/json; charset=utf-8
Via
1.1 vegur
Cache-Control
max-age=10, public
437c0ca09d
bam.nr-data.net/resources/1/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/resources/1/437c0ca09d?a=6161828&v=1071.385e752&to=el1ZFxBfClsBQUxWRFgdXg0GVR4%3D&rst=1739&ref=https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f&st=1527527776307
Requested by
Host: app.airhelp.com
URL: https://app.airhelp.com/ota/ebookers_com/4df5bd2465a75aa7183532ad5f19b79f?lang=en&ahcid=25may&utm_campaign=expedia&utm_source=ota&utm_medium=email
Protocol
HTTP/1.1
Server
162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://app.airhelp.com
Access-Control-Allow-Credentials
true
Content-Length
0
Content-Type
text/plain
report
csp-reports.airhelp.com/ 		0
136 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: js.hellomedian.com
URL: https://js.hellomedian.com/v1/mdn-screenshare.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2312
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=d5c13b27e413dcf0dfaa78b751f4bd5ec1527527778; expires=Tue, 28-May-19 17:16:18 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e473aa996b2-FRA
content-length
0
report
csp-reports.airhelp.com/ Frame 5F0F 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.333a081f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2090
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=d5c13b27e413dcf0dfaa78b751f4bd5ec1527527778; expires=Tue, 28-May-19 17:16:18 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e47cb1496b2-FRA
content-length
0
client-test
nexus-websocket-a.intercom.io/ Frame 5F0F 		2 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nexus-websocket-a.intercom.io/client-test
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.333a081f.js
Protocol
SPDY
Server
52.5.37.150 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-5-37-150.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com

Response headers

status
200
date
Mon, 28 May 2018 17:16:18 GMT
access-control-allow-origin
*
content-length
2
content-type
text/plain; charset=utf-8
report
csp-reports.airhelp.com/ Frame 5F0F 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.333a081f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2090
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=d5c13b27e413dcf0dfaa78b751f4bd5ec1527527778; expires=Tue, 28-May-19 17:16:18 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e47cb1596b2-FRA
content-length
0
client-test
nexus-websocket-b.intercom.io/ Frame 5F0F 		2 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nexus-websocket-b.intercom.io/client-test
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.333a081f.js
Protocol
SPDY
Server
52.71.188.242 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-188-242.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com

Response headers

status
200
date
Mon, 28 May 2018 17:16:18 GMT
access-control-allow-origin
*
content-length
2
content-type
text/plain; charset=utf-8
ping
api-iam.intercom.io/messenger/web/ Frame 5F0F 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.333a081f.js
Protocol
HTTP/1.1
Server
34.236.183.36 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-236-183-36.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c95932b968f030f6a3e88222c83429bf2cdc21681d590dca4bcdb6ac102a1459
Security Headers
Name Value
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Mon, 28 May 2018 17:16:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
transfer-encoding
chunked
Status
200 OK
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-Request-Id
b3kv02i3qom3k49ucksg
X-Runtime
0.202979
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"be0d59ee1c935d0a8a4c3886b4d46d22"
X-RateLimit-Remaining
1969
Strict-Transport-Security
max-age=31557600; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://app.airhelp.com
X-Intercom-Version
5d68cae8df40e7357caab84bd028495239fd87f9
Cache-Control
max-age=0, private, must-revalidate
Access-Control-Allow-Credentials
true
X-RateLimit-Reset
1527527820
X-RateLimit-Limit
2000
Access-Control-Allow-Headers
Content-Type
report
csp-reports.airhelp.com/ Frame 1BDD 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2053
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=d5c13b27e413dcf0dfaa78b751f4bd5ec1527527778; expires=Tue, 28-May-19 17:16:18 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e47cb1996b2-FRA
content-length
0
Zrzut_ekranu_2018-01-05_o_19.18.41-1515176347.png
static.intercomassets.com/avatars/1380852/square_128/ Frame 1BDD 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.intercomassets.com/avatars/1380852/square_128/Zrzut_ekranu_2018-01-05_o_19.18.41-1515176347.png?1515176347
Protocol
SPDY
Server
13.32.222.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ab0b1e3881daea3fe9118bfabdc8fe081668fdd53beb3ad4e48b4df3da932bc

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 05 Jan 2018 18:19:10 GMT
via
1.1 6fe90cb7a4852d2683f62e862f7a790c.cloudfront.net (CloudFront)
last-modified
Fri, 05 Jan 2018 18:19:09 GMT
server
AmazonS3
age
7687
etag
"2ed9d242ef5a9d3e85a3de476ebcf2f7"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
33852
x-amz-cf-id
EzBXrxJxfl35XwGGfYrVVKPhhfaxiV5Z70j1FMuDCb7AODCr1gOYaw==
report
csp-reports.airhelp.com/ Frame 1BDD 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2058
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=d5c13b27e413dcf0dfaa78b751f4bd5ec1527527778; expires=Tue, 28-May-19 17:16:18 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e47cb1a96b2-FRA
content-length
0
10966830_10205264012667493_1403970635_n-1514415346.jpg
static.intercomassets.com/avatars/1389516/square_128/ Frame 1BDD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.intercomassets.com/avatars/1389516/square_128/10966830_10205264012667493_1403970635_n-1514415346.jpg?1514415346
Protocol
SPDY
Server
13.32.222.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
093f2bc22ffa46b18ecf84f17e818d05f64102dc511152d22584a6c89777e344

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 02 Jan 2018 07:51:31 GMT
via
1.1 6fe90cb7a4852d2683f62e862f7a790c.cloudfront.net (CloudFront)
last-modified
Wed, 27 Dec 2017 22:55:48 GMT
server
AmazonS3
age
69190
etag
"a4a75b1b982aa260626b7783c84f4e6f"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
2561
x-amz-cf-id
R6VmMoy4bLBew9S-8is2FIrd_P7qkeRt7QZus0XSAlMrR5bz6qMXmQ==
report
csp-reports.airhelp.com/ Frame 1BDD 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2058
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=d5c13b27e413dcf0dfaa78b751f4bd5ec1527527778; expires=Tue, 28-May-19 17:16:18 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e47cb1d96b2-FRA
content-length
0
21360795_10214544012341188_1737844224_n-1504533249.jpg
static.intercomassets.com/avatars/1442834/square_128/ Frame 1BDD 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.intercomassets.com/avatars/1442834/square_128/21360795_10214544012341188_1737844224_n-1504533249.jpg?1504533249
Protocol
SPDY
Server
13.32.222.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
643bd1d23014cb3fdf132ee2e8ca469cd3c401ef7f8c0547e0533edba957baa2

Request headers

Referer
https://app.airhelp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 04 Dec 2017 07:25:11 GMT
via
1.1 6fe90cb7a4852d2683f62e862f7a790c.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2017 13:54:11 GMT
server
AmazonS3
age
37037
etag
"4c5dc42d2bc5daa1155ead7e23272748"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
4271
x-amz-cf-id
-PsKfrXUcpyMR0pIgaeN_p8HRcLhuF2rdqwBsGgpMyT3Sjr6psg_1Q==
expires
Tue, 05 Sep 2017 13:03:03 GMT
proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Protocol
SPDY
Server
13.32.222.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-100.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com

Response headers

date
Fri, 09 Mar 2018 05:29:15 GMT
via
1.1 7e3ec4bce6d89d06369eae9bcbd1cb7e.cloudfront.net (CloudFront)
vary
Origin
age
2770
x-cache
Hit from cloudfront
status
200
content-length
28960
last-modified
Thu, 08 Mar 2018 19:30:58 GMT
server
AmazonS3
etag
"a7942249ca925ef356c0f2b1dab17ef3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=604800, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
CnjBUQRHv368H3KNbj2lcHnN7_VZb0Qt23lDBB5NxUL8V8J1H1Go0Q==
report
csp-reports.airhelp.com/ Frame 6741 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2000
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=d5c13b27e413dcf0dfaa78b751f4bd5ec1527527778; expires=Tue, 28-May-19 17:16:18 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e47cb2296b2-FRA
content-length
0
report
csp-reports.airhelp.com/ Frame 6741 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2001
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=d5c13b27e413dcf0dfaa78b751f4bd5ec1527527778; expires=Tue, 28-May-19 17:16:18 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e47db2596b2-FRA
content-length
0
report
csp-reports.airhelp.com/ Frame 6741 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2007
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=d5c13b27e413dcf0dfaa78b751f4bd5ec1527527778; expires=Tue, 28-May-19 17:16:18 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e47db2896b2-FRA
content-length
0
report
csp-reports.airhelp.com/ Frame 6741 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2008
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=d5c13b27e413dcf0dfaa78b751f4bd5ec1527527778; expires=Tue, 28-May-19 17:16:18 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e47db2996b2-FRA
content-length
0
report
csp-reports.airhelp.com/ Frame 1BDD 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2000
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=d5c13b27e413dcf0dfaa78b751f4bd5ec1527527778; expires=Tue, 28-May-19 17:16:18 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e47db2e96b2-FRA
content-length
0
report
csp-reports.airhelp.com/ Frame 1BDD 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2001
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=d5c13b27e413dcf0dfaa78b751f4bd5ec1527527778; expires=Tue, 28-May-19 17:16:18 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e47db3196b2-FRA
content-length
0
report
csp-reports.airhelp.com/ Frame 1BDD 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2007
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=d5c13b27e413dcf0dfaa78b751f4bd5ec1527527778; expires=Tue, 28-May-19 17:16:18 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e47db3296b2-FRA
content-length
0
report
csp-reports.airhelp.com/ Frame 1BDD 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2008
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=d5c13b27e413dcf0dfaa78b751f4bd5ec1527527778; expires=Tue, 28-May-19 17:16:18 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e47db3396b2-FRA
content-length
0
proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame 1BDD 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Protocol
SPDY
Server
13.32.222.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-100.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com

Response headers

date
Fri, 09 Mar 2018 05:29:15 GMT
via
1.1 7e3ec4bce6d89d06369eae9bcbd1cb7e.cloudfront.net (CloudFront)
vary
Origin
age
2770
x-cache
Hit from cloudfront
status
200
content-length
28960
last-modified
Thu, 08 Mar 2018 19:30:58 GMT
server
AmazonS3
etag
"a7942249ca925ef356c0f2b1dab17ef3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=604800, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
UqaWkXrLVJasQQS7ln3SKxdIMMn2RV9aHdlFkChrM9m0EJNgIS1zXg==
report
csp-reports.airhelp.com/ Frame 5F0F 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.333a081f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2076
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=d5c13b27e413dcf0dfaa78b751f4bd5ec1527527778; expires=Tue, 28-May-19 17:16:18 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e49ad3096b2-FRA
content-length
0
report
csp-reports.airhelp.com/ Frame 5F0F 		0
35 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-reports.airhelp.com/report
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.333a081f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.25.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/report
pragma
no-cache
origin
https://app.airhelp.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
csp-reports.airhelp.com
referer
https://app.airhelp.com/
:scheme
https
content-length
2076
:method
POST
Referer
https://app.airhelp.com/
Origin
https://app.airhelp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 May 2018 17:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
status
202
set-cookie
__cfduid=d5c13b27e413dcf0dfaa78b751f4bd5ec1527527778; expires=Tue, 28-May-19 17:16:18 GMT; path=/; domain=.airhelp.com; HttpOnly; Secure
cf-ray
42225e49bd3b96b2-FRA
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dpm.demdex.net
URL
https://dpm.demdex.net/id?d_visid_ver=1.7.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=C00802BE5330A8350A490D4C%40AdobeOrg&d_nsid=0&ts=1527527776197

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| intercomSettings function| Intercom object| DYExps object| DY object| DYO object| _dy_memStore object| DYJSON object| dy_landing object| dataLayer object| NREUM object| newrelic function| __nr_require object| google_tag_manager function| fbq function| _fbq object| mixpanel object| DYWork function| $dy function| createDeprecatedModule boolean| runningTests object| loader function| define function| requireModule function| require function| requirejs object| _gsScope object| EmberENV function| moment object| core object| __core-js_shared__ object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery object| Ember object| Em object| CryptoJS object| showdown function| Inputmask object| sixpack object| IBAN function| URI function| Cookies function| Dropzone function| Favico object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| CSSPlugin object| uetq object| meta object| Ya object| yaCounter46270659 function| timer object| $dy17107405380196668476 function| UET object| PostAffTracker function| rpap function| setVisitor function| setAffiliate function| trackingFinished function| setAffiliateInfo function| papTrack function| PostAssoc function| PostAffAction function| PostAffAttributeWriter function| PostUrlReplacer function| PostValueReplacer function| PostAffCookieManager function| PostAffParams function| PostAffCookie function| PostAffRequest function| PostAffInfo function| PostAffTrackingRequest object| expired object| parameters object| scriptElement object| _tfa function| twq object| Median object| twttr object| TRC object| TRCImpl function| __trcError function| __trcJSONify object| queue

30 Cookies

Domain/Path Name / Value
.airhelp.com/ Name: _ym_wasSynced
Value: %7B%22time%22%3A1527527777373%2C%22params%22%3A%7B%22webvisor%22%3A%7B%22date%22%3A%222011-10-31%2016%3A20%3A50%22%7D%2C%22eu%22%3A1%7D%2C%22bkParams%22%3A%7B%7D%7D
.airhelp.com/ Name: _uetsid
Value: _uet779cfa1d
.airhelp.com/ Name: _ym_isad
Value: 2
.app.airhelp.com/ Name: _dyprdobj
Value:
.app.airhelp.com/ Name: _dy_cweather_8768110
Value: null
.airhelp.com/ Name: _dy_toffset
Value: -1
.airhelp.com/ Name: _dyfs
Value: true
.app.airhelp.com/ Name: _dy_tsrc
Value: Referral
.airhelp.com/ Name: __cfduid
Value: dd6074510dfce23001a63d551dc47818b1527527776
.app.airhelp.com/ Name: _dy_weather_8768110
Value: %5B%5D
.airhelp.com/ Name: PAPVisitorId
Value: fYkIF6fRCFHl6yd3Ow53I9ksHgmpn2gN
.airhelp.com/ Name: _dy_df_geo
Value: Germany..
.airhelp.com/ Name: _dyuss_8768110
Value: 1
.airhelp.com/ Name: _dyid
Value: 1044835566049048928
.app.airhelp.com/ Name: _dyprd
Value:
.airhelp.com/ Name: sixpack_forced_alternatives
Value: {}
.airhelp.com/ Name: _dyus_8768110
Value: 0%7C0%7C0%7C0%7C0%7C0.0.1527527777253.1527527777253.0.0%7C147%7C22%7C4%7C118%7C1%7C0%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C0
.airhelp.com/ Name: user_country_code
Value: DE
.airhelp.com/ Name: _dyexps
Value: 280967%7C3164131%3A%3A0%3A1527527776556%3A90540%3A90540%3A2%3A3%3A0%7C8556064%3A4561798%7C1%7C90540%3A1527527776556%23%23401389%7C4242098%3A%3A0%3A1527527776540%3A90540%3A90540%3A1%3A0%3A0%7C11443521%3A5929590%7C1%7C90540%3A1527527776541%23%23477116%7C4828632%3A%3A0%3A1527527776553%3A90540%3A90540%3A1%3A0%3A0%7C13159951%3A6749665%7C1%7C90540%3A1527527776554
.airhelp.com/ Name: _dycst
Value: dk.l.c.ws.frv1.frs.
.airhelp.com/ Name: _dy_att_exps
Value: 401389%7C4242098%3A%3A0%3A1527527776540%3A90540%3A90540%3A1%3A0%3A0%7C11443521%3A5929590%7C2%7C90540%3A1527527776542%23%23477116%7C4828632%3A%3A0%3A1527527776553%3A90540%3A90540%3A1%3A0%3A0%7C13159951%3A6749665%7C2%7C90540%3A1527527776554
.airhelp.com/ Name: _dy_ses_load_seq
Value: 90540%3A1527527776531
.airhelp.com/ Name: mp_bed105cde3994ce06dd6e34dd9bdd0f1_mixpanel
Value: %7B%22distinct_id%22%3A%20%22163a7c021d34e0-0d0d8b645e9ceb-3b62127c-1d4c00-163a7c021d46c3%22%2C%22utm_source%22%3A%20%22ota%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22expedia%22%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fwww.ebookers.com%2Fapi%2Fairhelp%2Fclaim%2F93160c71-abf1-4262-a2f1-470bc934135f%3FEMLCID%3DEBOOKERS-UK.PT.EVENTTRIGGEREDMAILING.AIRHELPNOTIFICATIONS.GENERIC%26EMLDTL%3DDATE20180523-ISSUX.SIDX.KEY93350240874.PAIDX.LANGEN_GB.MCIDX.TESTX.VERSX.MIDSX%22%2C%22%24initial_referring_domain%22%3A%20%22www.ebookers.com%22%7D
.airhelp.com/ Name: _dy_c_exps
Value:
.airhelp.com/ Name: _ym_uid
Value: 1527527777775950031
.airhelp.com/ Name: _dy_csc_ses
Value: t
.airhelp.com/ Name: _dy_geo
Value: DE.EU.DE_.DE__
.airhelp.com/ Name: _dy_soct
Value: 256828.389404.1527527776*296126.464212.1527527776*186634.271439.1527527776
.app.airhelp.com/ Name: _dy_device
Value: %7B%22brand%22%3A%22Other%22%2C%22type%22%3A%22desktop%22%7D
.airhelp.com/ Name: user_currency
Value: EUR

7 Console Messages

Source Level URL
Text
console-api log URL: https://www.ebookers.com/static/default/default/scripts/siteAnalytics.js(Line 4724)
Message:
OipFallbackToCookie
console-api log URL: https://www.ebookers.com/static/default/default/scripts/siteAnalytics.js(Line 4725)
Message:
undefined
console-api log URL: https://www.ebookers.com/static/default/default/scripts/siteAnalytics.js(Line 4724)
Message:
OipFallbackToCookie
console-api log URL: https://www.ebookers.com/static/default/default/scripts/siteAnalytics.js(Line 4725)
Message:
undefined
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 25)
Message:
[Facebook Pixel] - An invalid email address was specified for 'em'. This data will not be sent with any events for this Pixel.
console-api error URL: https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js(Line 1)
Message:
TypeError: Cannot read property 'setItem' of null at i.call (https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js:2:1666240) at Object._runCommand (https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js:2:2681991) at https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js:2:2681836 at Array.map (<anonymous>) at Object.initialize (https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js:2:2681811) at https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js:1:525013 at e.each (https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js:1:509763) at e.topsort (https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js:1:509258) at e.topsort (https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js:1:508666) at i._runInitializer (https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js:1:525195)
console-api error URL: https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js(Line 1)
Message:
TypeError: Cannot read property 'setItem' of null at i.call (https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js:2:1666240) at Object._runCommand (https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js:2:2681991) at https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js:2:2681836 at Array.map (<anonymous>) at Object.initialize (https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js:2:2681811) at https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js:1:525013 at e.each (https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js:1:509763) at e.topsort (https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js:1:509258) at e.topsort (https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js:1:508666) at i._runInitializer (https://app.airhelp.com/assets/ember_app-87fb9bcafb16b7ddb9da6c44abefbafc9a6b86e8e2e958409395e9392658ce40.js:1:525195)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://www.suntours.co.il https://www.cruiseshipcenters.com 'self' *.tripadvisor.com *.intentmedia.net https://*.schmetterling-argus.de https://travel.biglobe.ne.jp https://proxy.schmetterling-argus.de *.kayak.com https://www.jal.co.jp https://www.planetto.co.il
Strict-Transport-Security max-age=1200; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airhelp.postaffiliatepro.com
analytics.twitter.com
api-iam.intercom.io
api.mixpanel.com
app.airhelp.com
app.hellomedian.com
bam.nr-data.net
bat.bing.com
cdn.dynamicyield.com
cdn.jsdelivr.net
cdn.mxpnl.com
cdn.taboola.com
connect.facebook.net
csp-reports.airhelp.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
js.hellomedian.com
js.intercomcdn.com
link.mailer.ebookers.com
mc.yandex.ru
nexus-websocket-a.intercom.io
nexus-websocket-b.intercom.io
px.dynamicyield.com
st.dynamicyield.com
static.ads-twitter.com
static.dynamicyield.com
static.intercomassets.com
sync.sharethis.com
t.co
trc.taboola.com
widget.intercom.io
www.ebookers.com
www.facebook.com
www.googletagmanager.com
www.trvl-px.com
ymetrica1.com
dpm.demdex.net
104.108.45.183
104.16.128.227
104.16.88.20
104.20.25.221
104.20.42.87
104.244.42.131
104.244.42.5
104.244.43.176
13.32.159.230
13.32.222.100
13.32.222.110
13.32.222.64
13.32.222.80
130.211.5.208
139.162.206.25
146.185.16.178
151.101.14.110
151.101.14.2
157.240.20.19
159.122.19.158
159.122.19.207
162.247.242.19
172.217.22.8
172.217.23.131
172.217.23.138
18.184.128.7
185.60.216.38
204.79.197.200
23.23.152.43
23.67.133.228
34.195.234.127
34.224.230.241
34.236.183.36
35.158.155.203
50.16.215.156
50.19.214.5
52.212.107.248
52.5.37.150
52.71.188.242
77.88.21.119
093f2bc22ffa46b18ecf84f17e818d05f64102dc511152d22584a6c89777e344
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
112560223d7dcf6f78bd1f4f1271590233b6cd02adf7a10f896b0f628c2c4d24
167a7e91e48039dca8f2eb3b91397837c40fa19018a8831bd6c0e0cb77066e4e
2460e2bbcc49c2639d1bc6284f44bf45ffc7edd723601677305965fef1e40ce9
273bbfac73cc884e6016d07e535028638c6df62e8c832725fcc08325caa1ea75
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
37d426cc1c278ac09d1dcc846b85093302364e7102a21ba5b4f62dbab09a8633
381401189ba0bb03da1ccd37c67de8010457fef8d650ea60edac56f38623d9f1
39d08f9d0c9352ba529bf0e43cd3d47322191f05d512f1e50f25d726b65679bc
3d9d2a1992dc80751afe730cc3e68fbd2fa596264bcc71b0e8dafc7272ef83ad
462816d2892984d64977e156d951aa8c296f33fb3c943ebf048245446601ab40
4a2cc824166231689520718f5c6c1e486f8f202ad634db9b901f2f3e2b2a9210
4ab0b1e3881daea3fe9118bfabdc8fe081668fdd53beb3ad4e48b4df3da932bc
545c38b0922de19734fbffde62792c37c2aef6a3216cfa472449173165220f7d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559f2f82db41480678960b52f24f23bd56bfb0c5a7f1c589c1a05fcd50550e36
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5840d31b7503de1af6719b6aec3e37443d9ee22a1d44a63d4df9abd106cec456
5ed5b72921ddf1f509f86555b96315b4e700612cc8e52bec721e70497898f943
5f67a59ebc331e00970d522945ac136d1955db04a9ddafe190a63d8f8f8fc9c3
5fbe0ebfdbd266610f54bfd01a68a2bdd21c415dc0cd674226ba65d34501a47e
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
643bd1d23014cb3fdf132ee2e8ca469cd3c401ef7f8c0547e0533edba957baa2
6d2cebd57fda1b89a82f5b09a024f1e732ae9ca2a9f29bc2e4a511d24f7e2da3
724f5148769ac64498a753d99cc06bee0a758896ecfbca49f6804d882a6b5118
78a7b789706fd17b84d2e9b08b5f374158d06abeec0ccdfc6a76c99b7349a522
ac28f3941c05aead617596d4b8430a297856a4c1ac9f9db3db2a5f2dd0ed43c3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20
b16aa4872ac68c1c93b346d265c99d6a83aacac1ba43f1e8f180573a3408787c
b279bc6a30e5921436e8d20266c4a00c95fac6e4d1b9630a1324b89f2c135afe
be09e681e2a3a976c3da91b1b65ecb4f0bacc901d9ea17106b623e32eb2a4d9a
c51a5eb51bfc3a85dd6152f458be827b701499d9767d4b0f86dc0f528724bdc3
c95932b968f030f6a3e88222c83429bf2cdc21681d590dca4bcdb6ac102a1459
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d3060bf098e706a423719a079df0762543a2400558bb68011d029104c78e29ad
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0f3a0b6bb569a4c29d1bf5e034f9ec975d04b45edfd66ebff73ed5cf4a22447
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e496d2362d451b3b4f900317addc08ae9ba4e780d2b777228760ee72b850de10
edc211e9b5530cc5dae1b76455d98ab1550e90813d473143eaf8aa04f9c9d9ee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f12b0b037749d02608fd436f505e36531ae9e102e0b76fa53fa5e7af30a164
f9f9b6bad0cb0f2bf21ab2d526a50979fb9e9dc71139749c1f1a0742b5ffa15d
fb752d87efda3c97dc31dcc2e9adbc70730fde612505d1b942cffd6e0b9c818f
ff8829046d797af369ec919737de49ca6684bb8260d20fc9111ece53a8397d30