www.airhelp.com Open in urlscan Pro
104.16.152.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zirhelp.com/
Effective URL:
https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196a...
Submission Tags: @ecarlesi possiblethreat #phishing Search All
Submission: On October 04 via api (October 4th 2023, 11:26:24 am UTC) from AU — Scanned from AU

Summary HTTP 108 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 46 IPs in 9 countries across 36 domains to perform 108 HTTP transactions. The main IP is 104.16.152.15, located in and belongs to CLOUDFLARENET, US. The main domain is www.airhelp.com. The Cisco Umbrella rank of the primary domain is 319729.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 31st 2023. Valid for: a year.

This is the only time www.airhelp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.255.119.253 162.255.119.253	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	192.0.78.27 192.0.78.27	2635 (AUTOMATTIC) (AUTOMATTIC)
20	104.16.152.15 104.16.152.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.66.232 142.250.66.232	15169 (GOOGLE) (GOOGLE)
6	18.67.111.29 18.67.111.29	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
4	23.55.38.153 23.55.38.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	151.101.28.157 151.101.28.157	54113 (FASTLY) (FASTLY)
2	91.201.28.211 91.201.28.211	203480 (QUALITYUNIT) (QUALITYUNIT)
4	104.26.8.57 104.26.8.57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	23.55.242.184 23.55.242.184	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.67.14 142.250.67.14	15169 (GOOGLE) (GOOGLE)
2	142.250.67.2 142.250.67.2	15169 (GOOGLE) (GOOGLE)
2	104.74.39.51 104.74.39.51	16625 (AKAMAI-AS) (AKAMAI-AS)
2	77.75.77.172 77.75.77.172	43037 (SEZNAM-) (SEZNAM-)
1	103.180.114.1 103.180.114.1	200325 (BUNNYCDN) (BUNNYCDN)
2	54.177.5.212 54.177.5.212	16509 (AMAZON-02) (AMAZON-02)
1 4	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	34.117.138.52 34.117.138.52	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
2	66.225.223.31 66.225.223.31	3949 (NTTA-3946) (NTTA-3946)
1	34.120.139.69 34.120.139.69	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.186.201.99 35.186.201.99	15169 (GOOGLE) (GOOGLE)
1	157.240.8.35 157.240.8.35	32934 (FACEBOOK) (FACEBOOK)
3	172.217.24.36 172.217.24.36	15169 (GOOGLE) (GOOGLE)
3	172.217.167.99 172.217.167.99	15169 (GOOGLE) (GOOGLE)
4	142.250.71.78 142.250.71.78	15169 (GOOGLE) (GOOGLE)
1 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.66.226 142.250.66.226	15169 (GOOGLE) (GOOGLE)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1	13.115.74.94 13.115.74.94	16509 (AMAZON-02) (AMAZON-02)
1	35.214.164.29 35.214.164.29	15169 (GOOGLE) (GOOGLE)
1 2	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1	34.94.160.110 34.94.160.110	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.67.111.80 18.67.111.80	16509 (AMAZON-02) (AMAZON-02)
3 4	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.213.31 13.107.213.31	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.192.108.82 23.192.108.82	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	172.67.72.8 172.67.72.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	20.205.115.81 20.205.115.81	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	141.226.229.48 141.226.229.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	20.122.63.128 20.122.63.128	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.251.10.157 142.251.10.157	15169 (GOOGLE) (GOOGLE)
108	46

1 162.255.119.253 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)

zirhelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.27 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

href.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.16.152.15 (None, )

ASN13335 (CLOUDFLARENET, US)

www.airhelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.airhelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.66.232 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.67.111.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-29.syd62.r.cloudfront.net

img.airhelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.55.38.153 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-38-153.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.28.157 (Sydney, Australia)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.201.28.211 (Slovakia)

ASN203480 (QUALITYUNIT, SK)

airhelp.postaffiliatepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.26.8.57 (None, )

ASN13335 (CLOUDFLARENET, US)

airhelp.chat.getzowie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
waw.chat.getzowie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.55.242.184 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-242-184.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.67.14 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f14.1e100.net

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.67.2 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.74.39.51 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-74-39-51.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.75.77.172 (Czech Republic)

ASN43037 (SEZNAM-, CZ)
PTR: c.seznam.cz

c.seznam.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.180.114.1 (Australia)

ASN200325 (BUNNYCDN, SI)

dsp-media.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.177.5.212 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-177-5-212.us-west-1.compute.amazonaws.com

vitolamarketing.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.107.21.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.138.52 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 52.138.117.34.bc.googleusercontent.com

gtm.airhelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.225.223.31 (Sacramento, United States)

ASN3949 (NTTA-3946, US)
PTR: sa.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.139.69 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 69.139.120.34.bc.googleusercontent.com

dsp-trk.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.201.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.201.186.35.bc.googleusercontent.com

dsp-ap.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.24.36 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f36.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.167.99 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f3.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.71.78 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ampcid.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.66.226 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.115.74.94 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-74-94.ap-northeast-1.compute.amazonaws.com

cs.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.164.29 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 29.164.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.12.39 (Tokyo, Japan) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.94.160.110 (Los Angeles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 110.160.94.34.bc.googleusercontent.com

ssp.api.tappx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.67.111.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-80.syd62.r.cloudfront.net

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.213.31 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.192.108.82 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-192-108-82.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.72.8 (United States)

ASN13335 (CLOUDFLARENET, US)

waw.chat.getzowie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.205.115.81 (Hong Kong, Hong Kong) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	airhelp.com www.airhelp.com — Cisco Umbrella Rank: 319729 img.airhelp.com static.airhelp.com gtm.airhelp.com	937 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1290 c.clarity.ms — Cisco Umbrella Rank: 2092 p.clarity.ms — Cisco Umbrella Rank: 11015	23 KB
6	getzowie.com airhelp.chat.getzowie.com waw.chat.getzowie.com — Cisco Umbrella Rank: 151346	98 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 875	140 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	220 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 830 www.linkedin.com — Cisco Umbrella Rank: 951	5 KB
4	google.com.au www.google.com.au — Cisco Umbrella Rank: 17063 ampcid.google.com.au	764 B
4	google.com www.google.com — Cisco Umbrella Rank: 11 ampcid.google.com — Cisco Umbrella Rank: 3173	1 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 691 c.bing.com — Cisco Umbrella Rank: 481	16 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 4075 tr.outbrain.com — Cisco Umbrella Rank: 3583 wave.outbrain.com — Cisco Umbrella Rank: 4002	9 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 329 stats.g.doubleclick.net — Cisco Umbrella Rank: 175	4 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1262 trc.taboola.com — Cisco Umbrella Rank: 907 trc-events.taboola.com — Cisco Umbrella Rank: 2331	22 KB
4	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1593	18 KB
3	eskimi.com dsp-media.eskimi.com — Cisco Umbrella Rank: 30132 dsp-trk.eskimi.com — Cisco Umbrella Rank: 28154 dsp-ap.eskimi.com — Cisco Umbrella Rank: 14710	4 KB
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 2079	713 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 614	1 KB
2	openx.net 1 redirects eu-u.openx.net — Cisco Umbrella Rank: 3562	518 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 460	735 B
2	go2cloud.org vitolamarketing.go2cloud.org	704 B
2	seznam.cz c.seznam.cz — Cisco Umbrella Rank: 54207	56 KB
2	postaffiliatepro.com airhelp.postaffiliatepro.com	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	88 KB
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2902	883 B
1	tappx.com ssp.api.tappx.com — Cisco Umbrella Rank: 6808	444 B
1	loopme.me csync.loopme.me — Cisco Umbrella Rank: 1499	156 B
1	adingo.jp cs.adingo.jp — Cisco Umbrella Rank: 5627	404 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 649	784 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	185 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1065	725 B
1	t.co t.co — Cisco Umbrella Rank: 707	378 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1780	50 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1078	15 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 969	28 KB
1	href.li href.li — Cisco Umbrella Rank: 72851	429 B
1	zirhelp.com 1 redirects zirhelp.com	389 B
108	36

	Domain	Requested by
17	www.airhelp.com	href.li www.airhelp.com
6	img.airhelp.com	www.airhelp.com
5	waw.chat.getzowie.com	www.airhelp.com
5	analytics.tiktok.com	www.airhelp.com analytics.tiktok.com
5	www.googletagmanager.com	www.airhelp.com
4	snap.licdn.com	www.airhelp.com
3	p.clarity.ms	www.airhelp.com
3	px.ads.linkedin.com	2 redirects
3	www.google.com.au
3	www.google.com
3	bat.bing.com	www.airhelp.com
3	static.airhelp.com	www.airhelp.com
2	trc-events.taboola.com	www.airhelp.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	www.airhelp.com
2	cdn.linkedin.oribi.io	www.airhelp.com
2	x.bidswitch.net	1 redirects
2	eu-u.openx.net	1 redirects
2	www.google-analytics.com	www.airhelp.com
2	tr.outbrain.com	amplify.outbrain.com www.airhelp.com
2	bam.nr-data.net	www.airhelp.com
2	vitolamarketing.go2cloud.org
2	c.seznam.cz	www.airhelp.com
2	googleads.g.doubleclick.net	www.airhelp.com
2	airhelp.postaffiliatepro.com	www.airhelp.com
2	connect.facebook.net	www.airhelp.com
1	stats.g.doubleclick.net	www.airhelp.com
1	c.bing.com	1 redirects
1	ampcid.google.com.au	www.airhelp.com
1	ampcid.google.com	www.airhelp.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	www.linkedin.com	1 redirects
1	ssp.api.tappx.com
1	csync.loopme.me
1	cs.adingo.jp
1	pixel.rubiconproject.com
1	cm.g.doubleclick.net
1	trc.taboola.com	www.airhelp.com
1	www.facebook.com
1	dsp-ap.eskimi.com	www.airhelp.com
1	dsp-trk.eskimi.com	www.airhelp.com
1	wave.outbrain.com	www.airhelp.com
1	gtm.airhelp.com	www.airhelp.com
1	analytics.twitter.com
1	t.co
1	dsp-media.eskimi.com	www.airhelp.com
1	amplify.outbrain.com	www.airhelp.com
1	www.googleoptimize.com	www.airhelp.com
1	airhelp.chat.getzowie.com	www.airhelp.com
1	static.ads-twitter.com	www.airhelp.com
1	cdn.taboola.com	www.airhelp.com
1	js-agent.newrelic.com	www.airhelp.com
1	href.li
1	zirhelp.com	1 redirects
108	54

This site contains links to these domains. Also see Links.

Domain
app.airhelp.com
funnel.airhelp.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
careers.airhelp.com

Subject Issuer	Validity	Valid
tls.automattic.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
airhelp.com Cloudflare Inc ECC CA-3	`2023-03-31` - `2024-03-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
ik.imagekit.io R3	`2023-10-02` - `2023-12-31`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-13` - `2023-10-11`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.postaffiliatepro.com R3	`2023-08-17` - `2023-11-15`	3 months	crt.sh
getzowie.com Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-01`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
c.seznam.cz R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
*.eskimi.com GeoTrust TLS RSA CA G1	`2023-03-20` - `2024-04-12`	a year	crt.sh
*.go2cloud.org Amazon RSA 2048 M02	`2023-02-21` - `2024-03-21`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-20` - `2024-08-19`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-08` - `2024-10-08`	a year	crt.sh
gtm.airhelp.com GTS CA 1D4	`2023-08-28` - `2023-11-26`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adingo.jp Amazon RSA 2048 M03	`2023-09-13` - `2024-10-12`	a year	crt.sh
loopme.com R3	`2023-08-23` - `2023-11-21`	3 months	crt.sh
ssp.api.tappx.com R3	`2023-08-20` - `2023-11-18`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Frame ID: 5C4030D26CA930A8DA6E114AFD3FE6FF
Requests: 107 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AirHelp - #1 Air Passenger Rights Experts

Page URL History Show full URLs

http://zirhelp.com/ HTTP 302
https://href.li/?https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaig... Page URL
https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_c... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

108
Requests

96 %
HTTPS

0 %
IPv6

36
Domains

54
Subdomains

46
IPs

9
Countries

1764 kB
Transfer

5427 kB
Size

60
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://app.airhelp.com/claims-and-flights
Title: View Claim Status

Search URL Search Domain Scan URL

URL: https://funnel.airhelp.com/claims/new?lang=en
Title: Check Compensation

Search URL Search Domain Scan URL

URL: https://funnel.airhelp.com/claims/new?lang=en&departureAirportIata=&arrivalAirportIata=
Title: Check Compensation

Search URL Search Domain Scan URL

URL: https://funnel.airhelp.com/claims/barcode/scanner?lang=en
Title: Scan your boarding pass barcode

Search URL Search Domain Scan URL

URL: https://funnel.airhelp.com/claims/barcode/uploader?lang=en
Title: Upload boarding pass

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AirHelp

Search URL Search Domain Scan URL

URL: https://twitter.com/theairhelper

Search URL Search Domain Scan URL

URL: https://www.instagram.com/airhelp/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/airhelp

Search URL Search Domain Scan URL

URL: https://careers.airhelp.com/
Title: Careers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zirhelp.com/ HTTP 302
https://href.li/?https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017 Page URL
https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://zirhelp.com/ HTTP 302
https://href.li/?https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Request Chain 65

https://eu-u.openx.net/w/1.0/sd?id=539901412&val=44f63fad-3c1c-40a3-bb6e-4ce11d022e49&gdpr=0&gdpr_consent=1 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=539901412&val=44f63fad-3c1c-40a3-bb6e-4ce11d022e49&gdpr=0&gdpr_consent=1

Request Chain 70

https://x.bidswitch.net/sync?dsp_id=364&user_id=44f63fad-3c1c-40a3-bb6e-4ce11d022e49&expires=30&gdpr=0&gdpr_consent=1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=44f63fad-3c1c-40a3-bb6e-4ce11d022e49&expires=30&gdpr=0&gdpr_consent=1

Request Chain 79

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4379810&time=1696418776695&url=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4379810&time=1696418776695&url=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4379810%26time%3D1696418776695%26url%3Dhttps%253A%252F%252Fwww.airhelp.com%252Fen%252F%253Futm_medium%253Daffiliate%2526utm_source%253Dpap%2526utm_campaign%253Daff-65196aaf7ade5%2526utm_content%253D%2526a_aid%253D65196aaf7ade5%2526a_bid%253D4ed72bed%2526chan%253Dair1017%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4379810&time=1696418776695&url=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&tm=gtmv2&cookiesTest=true&liSync=true

Request Chain 94

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=67A77FF3EF0943B1A1672301AD60EE44&RedC=c.clarity.ms&MXFR=1AFF3FF9E74D6CB915082C59E34D62CC HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=67A77FF3EF0943B1A1672301AD60EE44&MUID=1F183720519B682D0C07248050A96905

108 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
href.li/
Redirect Chain

http://zirhelp.com/
https://href.li/?https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

1 KB
429 B

165ms
149ms

Document
text/html

192.0.78.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://href.li/?https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.27 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 04 Oct 2023 11:26:13 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-ac: 2.syd _bur MISS

Redirect headers

Connection: keep-alive
Content-Length: 195
Content-Type: text/html; charset=utf-8
Date: Wed, 04 Oct 2023 11:26:13 GMT
Location: https://href.li/?https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Server: namecheap-nginx
X-Served-By: Namecheap URL Forward

GET
H2 200 Primary Request / Show response
www.airhelp.com/en/ 485 KB
93 KB 542ms
526ms Document
text/html 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Requested by

Host: href.li
URL: https://href.li/?https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eaae0d709e1290e676110e861066cdcc702e42499dceeab2c89284edf368c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: public, max-age=86400
cf-cache-status: MISS
cf-ray: 810d11999fa9a82f-SYD
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 04 Oct 2023 11:26:14 GMT
expires: Thu, 05 Oct 2023 11:26:14 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-cache-status: HIT
x-lb: mainlb3-production
x-whom: website-frontend-cbb8c559b-htd8f

GET
H2 200 b39dbd97004bc4b5.css
www.airhelp.com/_next/static/css/ 658 B
465 B 15ms
14ms Stylesheet
text/css 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airhelp.com/_next/static/css/b39dbd97004bc4b5.css

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

340293fa59a9ab1c02c28628ed1be500518e039509b9c488bbff6867d41564a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Thu, 03 Oct 2024 11:26:14 GMT
date: Wed, 04 Oct 2023 11:26:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Mar 2023 10:00:29 GMT
server: cloudflare
age: 5
etag: W/"4b504a5fca17f1a2da54910dbf4dffe4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 810d119ceb01a82f-SYD
x-lb: mainlb1-production

GET
H2 200 353.69b2736734e90b60.js Show response
www.airhelp.com/_next/static/chunks/ 4 KB
2 KB 519ms
519ms Script
application/javascript 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airhelp.com/_next/static/chunks/353.69b2736734e90b60.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f0f48ee2e9bbbbf5a1d12e93056e60e8797f0b930eac64080f4a1f0598eba6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Thu, 03 Oct 2024 11:26:15 GMT
date: Wed, 04 Oct 2023 11:26:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 02 Oct 2023 06:22:11 GMT
server: cloudflare
etag: W/"8e1b5ddf38ea6b2655368d23aebc25b8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 810d119ceb02a82f-SYD
x-lb: mainlb5-production

GET
H2 200 430c5ca2-8f14095f871df272.js Show response
www.airhelp.com/_next/static/chunks/ 278 KB
74 KB 22ms
20ms Script
application/javascript 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airhelp.com/_next/static/chunks/430c5ca2-8f14095f871df272.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61ca29e2a0450041266080e5ba5983f97b52f333291ce0cdf6607f3416ddfd01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-lb: mainlb2-production
date: Wed, 04 Oct 2023 11:26:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 5
cf-polished: origSize=284217
x-amz-server-side-encryption: AES256
cf-bgj: minify
last-modified: Tue, 01 Aug 2023 06:25:17 GMT
server: cloudflare
etag: W/"72a344d24e4cf2b55caba4a9cc4487a4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 810d119d1b27a82f-SYD
expires: Thu, 03 Oct 2024 11:26:14 GMT

GET
H2 200 471.9fc208649ff55bf7.js Show response
www.airhelp.com/_next/static/chunks/ 666 B
533 B 15ms
13ms Script
application/javascript 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airhelp.com/_next/static/chunks/471.9fc208649ff55bf7.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc8385d2b06a2a9859b16ccc6da5b5ef72e310769778694e2d3484bd9e53402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-lb: mainlb2-production
date: Wed, 04 Oct 2023 11:26:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 5
cf-polished: origSize=715
x-amz-server-side-encryption: AES256
cf-bgj: minify
last-modified: Tue, 01 Aug 2023 06:25:17 GMT
server: cloudflare
etag: W/"b151f89c12bc73ef6db7aedf376ad8e6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 810d119d1b29a82f-SYD
expires: Thu, 03 Oct 2024 11:26:14 GMT

GET
H2 200 webpack-f3806066176d29d5.js Show response
www.airhelp.com/_next/static/chunks/ 4 KB
2 KB 15ms
13ms Script
application/javascript 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airhelp.com/_next/static/chunks/webpack-f3806066176d29d5.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a7616a06e4499f7f2d85680536f3aabb2dd9b917309113944c9975c73bc58e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Thu, 03 Oct 2024 11:26:14 GMT
date: Wed, 04 Oct 2023 11:26:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 06:22:12 GMT
server: cloudflare
age: 5
etag: W/"2173b3158773db73d5dda04def74ee8a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 810d119d1b2aa82f-SYD
x-lb: mainlb1-production

GET
H2 200 framework-1f2116cc6e84ff0a.js Show response
www.airhelp.com/_next/static/chunks/ 137 KB
45 KB 18ms
16ms Script
application/javascript 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airhelp.com/_next/static/chunks/framework-1f2116cc6e84ff0a.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec15e490e1460cc573050d60b8a6e682a371948e7adb157b34516f932b5c00c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-lb: mainlb3-production
date: Wed, 04 Oct 2023 11:26:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 5
cf-polished: origSize=141129
x-amz-server-side-encryption: AES256
cf-bgj: minify
last-modified: Tue, 01 Aug 2023 06:25:18 GMT
server: cloudflare
etag: W/"644a28122d6e2c0b1111269f2eb4b4b8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 810d119d1b2ba82f-SYD
expires: Thu, 03 Oct 2024 11:26:14 GMT

GET
H2 200 main-dcccea67d595068e.js Show response
www.airhelp.com/_next/static/chunks/ 88 KB
27 KB 19ms
17ms Script
application/javascript 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airhelp.com/_next/static/chunks/main-dcccea67d595068e.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b60fabaa51a288bc4b04653a2f44f352a4329fa4de4512187a197b36b6d38aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Thu, 03 Oct 2024 11:26:14 GMT
date: Wed, 04 Oct 2023 11:26:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Sep 2023 13:41:25 GMT
server: cloudflare
age: 5
etag: W/"977f8ee083a076b0d1ecd458c9603080"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 810d119d1b2ca82f-SYD
x-lb: mainlb1-production

GET
H2 200 _app-d623aaab8608ea95.js Show response
www.airhelp.com/_next/static/chunks/pages/ 498 KB
154 KB 32ms
30ms Script
application/javascript 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airhelp.com/_next/static/chunks/pages/_app-d623aaab8608ea95.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8333191a3f9fda274ec4fb34d345efa9b6adf653e03c526a3c4a4ec6162abd23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Thu, 03 Oct 2024 11:26:14 GMT
date: Wed, 04 Oct 2023 11:26:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 06:22:12 GMT
server: cloudflare
age: 5
etag: W/"74e8b29db92b7a4f77ed06897bbc8008"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 810d119d1b2da82f-SYD
x-lb: mainlb5-production

GET
H2 200 664-187074f53b3c2770.js Show response
www.airhelp.com/_next/static/chunks/ 5 KB
2 KB 14ms
12ms Script
application/javascript 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airhelp.com/_next/static/chunks/664-187074f53b3c2770.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bbd4bd4290e3d4b7e41ef6d9e610e9f26ff9cd55c785fe05fb5c833466c0ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-lb: mainlb3-production
date: Wed, 04 Oct 2023 11:26:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 5
cf-polished: origSize=5336
x-amz-server-side-encryption: AES256
cf-bgj: minify
last-modified: Tue, 01 Aug 2023 06:25:17 GMT
server: cloudflare
etag: W/"641760b3f2b8eadea239c5cf5b58155f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 810d119d1b2ea82f-SYD
expires: Thu, 03 Oct 2024 11:26:14 GMT

GET
H2 200 30-89ea52a99467ddff.js Show response
www.airhelp.com/_next/static/chunks/ 12 KB
5 KB 15ms
13ms Script
application/javascript 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airhelp.com/_next/static/chunks/30-89ea52a99467ddff.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddffb1d004761932a38a54e7866c5c9abbcb17814d5cd79cf5dc794fda18b8b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Thu, 03 Oct 2024 11:26:14 GMT
date: Wed, 04 Oct 2023 11:26:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Sep 2023 13:41:24 GMT
server: cloudflare
age: 5
etag: W/"d85400d6c1e575a7aca3e1dd72df9bbf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 810d119d1b2fa82f-SYD
x-lb: mainlb1-production

GET
H2 200 704-2d53546f9d4b1337.js Show response
www.airhelp.com/_next/static/chunks/ 521 KB
172 KB 29ms
28ms Script
application/javascript 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airhelp.com/_next/static/chunks/704-2d53546f9d4b1337.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a590bb705d57dbf41f0e3fbe1387aff148eab712c7c38b5d9643634a345e16f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Thu, 03 Oct 2024 11:26:14 GMT
date: Wed, 04 Oct 2023 11:26:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 06:22:11 GMT
server: cloudflare
age: 5
etag: W/"28bbaefe9f388b1c84e9a5680541e43e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 810d119d1b30a82f-SYD
x-lb: mainlb1-production

GET
H2 200 311-c28a7c23b3a06bbf.js Show response
www.airhelp.com/_next/static/chunks/ 268 KB
76 KB 22ms
21ms Script
application/javascript 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airhelp.com/_next/static/chunks/311-c28a7c23b3a06bbf.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d632780253c86147db59575bb756124d2ae012af95fadaa92b4c3cd50628029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Thu, 03 Oct 2024 11:26:14 GMT
date: Wed, 04 Oct 2023 11:26:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 06:22:11 GMT
server: cloudflare
age: 5
etag: W/"50af9f61633b675015f71a8ec4935b1e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 810d119d1b31a82f-SYD
x-lb: mainlb1-production

GET
H2 200 %5B%5B...slug%5D%5D-8551f803421b085a.js Show response
www.airhelp.com/_next/static/chunks/pages/%5Blanguage%5D/ 5 KB
2 KB 17ms
15ms Script
application/javascript 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airhelp.com/_next/static/chunks/pages/%5Blanguage%5D/%5B%5B...slug%5D%5D-8551f803421b085a.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

605785f1343c54b97fb61c47a7259760d80d15bf8691a91e02efd24f67a07b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Thu, 03 Oct 2024 11:26:14 GMT
date: Wed, 04 Oct 2023 11:26:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 06:22:11 GMT
server: cloudflare
age: 5
etag: W/"69940a334eeca733b39ec257ea51d94c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 810d119d1b32a82f-SYD
x-lb: mainlb1-production

GET
H2 200 _buildManifest.js Show response
www.airhelp.com/_next/static/1408f60b31acc73e7b6abe90e12e7f8e3f1cae12/ 2 KB
781 B 15ms
14ms Script
application/javascript 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airhelp.com/_next/static/1408f60b31acc73e7b6abe90e12e7f8e3f1cae12/_buildManifest.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35e89b9ea89bcd2af899f7b553e3cc5156b44ab8cce5946626a1348828e583f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Thu, 03 Oct 2024 11:26:14 GMT
date: Wed, 04 Oct 2023 11:26:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 06:22:11 GMT
server: cloudflare
age: 5
etag: W/"66ff0ab02eae227f931f1ae4c5589412"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 810d119d1b33a82f-SYD
x-lb: mainlb1-production

GET
H2 200 _ssgManifest.js Show response
www.airhelp.com/_next/static/1408f60b31acc73e7b6abe90e12e7f8e3f1cae12/ 91 B
151 B 16ms
15ms Script
application/javascript 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airhelp.com/_next/static/1408f60b31acc73e7b6abe90e12e7f8e3f1cae12/_ssgManifest.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Thu, 03 Oct 2024 11:26:14 GMT
date: Wed, 04 Oct 2023 11:26:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 06:22:11 GMT
server: cloudflare
age: 5
etag: W/"5ce0d2713404bd05c9502cc490488dca"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 810d119d1b34a82f-SYD
x-lb: mainlb1-production

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 539 KB
130 KB 243ms
144ms Script
application/javascript 142.250.66.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KRBL8PV

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.232 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a8a4fa32c3db6e24738193c22ffeb38d077d726285c8e98bca49b85d478f825a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132786
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Oct 2023 11:26:14 GMT

GET
H2 200 airhelp_hero.jpeg
img.airhelp.com/i/homepage/ 26 KB
26 KB 359ms
1ms Image
image/webp 18.67.111.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.airhelp.com/i/homepage/airhelp_hero.jpeg
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.111.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-111-29.syd62.r.cloudfront.net
Software: /
Resource Hash: f4916204254f7eaa9c419fa026dff7443c3947c35aaa591c2618f2150ab4ce0e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 11:07:15 GMT
via: 1.1 0e61cdf08a154ac7d647c2dc742467a6.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
age: 9159539
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 26488
x-request-id: 63f52b24-940f-4998-b705-7aa06d89d965
last-modified: Fri, 21 Apr 2023 14:35:59 GMT
etag: "67eca43f4bcd12966e5721e39d30c6f1"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: JFv3odOzB0i0SLEngryeretgbjEHhgVPZ08gV8a1u-DOLlRXnXtDQg==

GET
H2 200 decoration-img-triangles-2.svg
img.airhelp.com/i/homepage/ 1 KB
1 KB 359ms
5ms Image
image/svg+xml 18.67.111.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.airhelp.com/i/homepage/decoration-img-triangles-2.svg
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.111.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-111-29.syd62.r.cloudfront.net
Software: /
Resource Hash: 0d13c6f690d8a61ae562a371eef4bf1b4a874fe33b2ba0d5f4f31ab7fb38dd83

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 04:14:38 GMT
content-encoding: br
via: 1.1 0e61cdf08a154ac7d647c2dc742467a6.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
age: 10825895
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-request-id: 6aeeb59a-91d5-4408-9003-f2b0cd9c8d15
last-modified: Wed, 12 Apr 2023 17:09:30 GMT
etag: W/"98443ef22d1091fd05e63f76a8286df2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: FsivIHbYP4VZlUm9CqyqpMuP0ZfmRjJZXKy_nknpSEH2tWC1VG6JXw==

GET
H2 200 decoration-img-colored-triangles-phone.svg
img.airhelp.com/i/homepage/ 131 KB
98 KB 359ms
6ms Image
image/svg+xml 18.67.111.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.airhelp.com/i/homepage/decoration-img-colored-triangles-phone.svg
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.111.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-111-29.syd62.r.cloudfront.net
Software: /
Resource Hash: b41bd06e93831dc92b5c81110b0b9ff0f3e36ff1dc3e108eb25cbf52b6e5ce82

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 22:43:55 GMT
content-encoding: br
via: 1.1 0e61cdf08a154ac7d647c2dc742467a6.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
age: 6439338
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-request-id: 0601f7c6-e355-45eb-b3c9-7fd430a1556a
last-modified: Wed, 05 Apr 2023 08:27:12 GMT
etag: W/"ff17902073c97c5d8e49edfbc107b6ef"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: _8tV7z7kWXQR6y_rhwuJxUm3f5Woy8aCZmgN8AeaeHPK9Ce8wNwrpA==

GET
H2 200 LabGrotesque-Bold.woff2
static.airhelp.com/fonts/ 47 KB
47 KB 342ms
12ms Font
binary/octet-stream 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.airhelp.com/fonts/LabGrotesque-Bold.woff2

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c667cdbe90922576bac69bbd0fa8f61d0c410748bf29b5bccea09b21123f1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.airhelp.com/
Origin: https://www.airhelp.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-lb: mainlb1-production
date: Wed, 04 Oct 2023 11:26:14 GMT
x-amz-version-id: hK6uQ6pc5A3OIun25Y23pr8N1JAS.rmJ
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 6654022
x-amz-server-side-encryption: AES256
x-cache-status: HIT, HIT
content-length: 47856
last-modified: Thu, 06 Jul 2023 09:45:34 GMT
server: cloudflare
etag: "181b7a06e7a0586c230d9b6282d73532"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 810d119f5abdaaef-SYD
expires: Thu, 03 Oct 2024 11:26:14 GMT

GET
H2 200 LabGrotesque-Regular.woff2
static.airhelp.com/fonts/ 44 KB
45 KB 347ms
17ms Font
binary/octet-stream 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.airhelp.com/fonts/LabGrotesque-Regular.woff2

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8b4fde7be3fa99a858afd07083567eb8bc37a638eb2ca3ee1b8d67d5dcba395

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.airhelp.com/
Origin: https://www.airhelp.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-lb: mainlb1-production
date: Wed, 04 Oct 2023 11:26:14 GMT
x-amz-version-id: xv9Z71dB_552R2iWHyd6jTi8x2tdZhpL
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 6654022
x-amz-server-side-encryption: AES256
x-cache-status: HIT, HIT
content-length: 45560
last-modified: Thu, 06 Jul 2023 09:45:35 GMT
server: cloudflare
etag: "65f9e9cecfdfe190cb7fe062abedbb1c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 810d119f5abfaaef-SYD
expires: Thu, 03 Oct 2024 11:26:14 GMT

GET
H2 200 LabGrotesque-Medium.woff2
static.airhelp.com/fonts/ 45 KB
46 KB 345ms
16ms Font
binary/octet-stream 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.airhelp.com/fonts/LabGrotesque-Medium.woff2

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8575c83bcd649c28701830bc98d0051adba45ba685776092d2417c9240ee0c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.airhelp.com/
Origin: https://www.airhelp.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-lb: mainlb1-production
date: Wed, 04 Oct 2023 11:26:14 GMT
x-amz-version-id: az2iJ6AluRVnSUWR1qh1pcSpyHsFUk0i
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 6654022
x-amz-server-side-encryption: AES256
x-cache-status: HIT, HIT
content-length: 46416
last-modified: Thu, 06 Jul 2023 09:45:35 GMT
server: cloudflare
etag: "d3df48def87009f6ce71e9e5b82a1281"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 810d119f5ac0aaef-SYD
expires: Thu, 03 Oct 2024 11:26:14 GMT

GET
H2 200 nr-spa-1.242.0.min.js Show response
js-agent.newrelic.com/ 83 KB
28 KB 457ms
152ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.242.0.min.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f3d033242fbeee73edb343e177babbe82aa61b056a9d577c44adc3ca39e87789

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: NIY1F_WlWVS2R9mNr6a1aamY5YcKaOJg
content-encoding: br
via: 1.1 varnish
date: Wed, 04 Oct 2023 11:26:15 GMT
strict-transport-security: max-age=300
x-amz-request-id: 0WG0SR5REDESJTQ6
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 28141
x-amz-id-2: I9CQxCtqsUfi2OFpA0ZIxjcVS2as3WVx5ixRSLsSO1pxPi4K7ObyQ580qvCmKjpIBZhjO9M8Acc=
x-served-by: cache-bfi-krnt7300113-BFI
last-modified: Tue, 26 Sep 2023 03:02:38 GMT
server: AmazonS3
x-timer: S1696418776.823564,VS0,VE0
etag: "5660bf51ffe3ae3573b4457eee221ad0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 411

GET
H2 200 apra-logo.svg
img.airhelp.com/i/airhelp-plus/ 11 KB
4 KB 3ms
3ms Image
image/svg+xml 18.67.111.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.airhelp.com/i/airhelp-plus/apra-logo.svg
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/_next/static/chunks/framework-1f2116cc6e84ff0a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.111.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-111-29.syd62.r.cloudfront.net
Software: /
Resource Hash: c522d8a4e70fb15a100d5b2c4ed2e9398279d6df8377e743dfdf5345bd0016f3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 06:02:58 GMT
content-encoding: br
via: 1.1 0e61cdf08a154ac7d647c2dc742467a6.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
age: 8140997
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-request-id: 9fa95542-aa0c-44b3-b230-454061611916
last-modified: Fri, 21 Apr 2023 00:07:25 GMT
etag: W/"70357d0b9938c4818311937a76489a3c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: QUj1oiChLcUdFX9M6FY3T6TTbSRGC6CixFzKKlXKz7Ldyl8EppuA6A==

GET
H2 200 decoration-img-triangles-2.svg
img.airhelp.com/i/homepage/ 1 KB
1 KB 3ms
3ms Image
image/svg+xml 18.67.111.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.airhelp.com/i/homepage/decoration-img-triangles-2.svg?updatedAt=1627464403168
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.111.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-111-29.syd62.r.cloudfront.net
Software: /
Resource Hash: 0d13c6f690d8a61ae562a371eef4bf1b4a874fe33b2ba0d5f4f31ab7fb38dd83

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 02:06:11 GMT
content-encoding: br
via: 1.1 0e61cdf08a154ac7d647c2dc742467a6.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
age: 8760004
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-request-id: a9af420c-353e-48aa-ba20-ef410f92c959
last-modified: Tue, 25 Apr 2023 13:03:05 GMT
etag: W/"98443ef22d1091fd05e63f76a8286df2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: weODL1Ac48CCSLDfAaN4db6nZcw5u1mpOMMqJ_ulivt0S_aJhOHpTg==

GET
H2 200 No-win-no-fee-formal-desktop.png
img.airhelp.com/i/homepage/ 12 KB
13 KB 4ms
4ms Image
image/webp 18.67.111.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.airhelp.com/i/homepage/No-win-no-fee-formal-desktop.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.111.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-111-29.syd62.r.cloudfront.net
Software: /
Resource Hash: 0d0fa4cb5c3635eef18bf6734e3fc54a18a65164e1a5d9c67cb16c6d3195b97f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:29:18 GMT
via: 1.1 0e61cdf08a154ac7d647c2dc742467a6.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
age: 11941017
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 12536
x-request-id: 9b049e7f-f317-46e8-aeed-afc83dc42cd0
last-modified: Tue, 18 Apr 2023 11:53:27 GMT
etag: "39bc0ece6306b568a61281587fc79965"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: T_YYZEjibP0PY_E3RuWnj76tFpMCR25KTtkAe59b2A_HDac1LGVf7w==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 854ms
176ms Script
application/x-javascript 23.55.38.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.38.153 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-55-38-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=46744
accept-ranges: bytes
content-length: 3822

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 320ms
4ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Oct 2023 11:26:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: qF2elfwryHXUEtxv92P9HjSmH/LKXDfsWLMf8wzUMiPiIh8P7zWUVmOoYd2t/dVl+iJREJ1eiOew/oTRvCU5BQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1569023/ 65 KB
20 KB 583ms
295ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1569023/tfa.js
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e67d60ef9759c3c8fadb52b7f7af1c4b0850a3f71780daaca1438db21cc7f911

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: 9ssq23hVBUvt6_seXtM8JpjAu3gEA9nI
content-encoding: gzip
via: 1.1 varnish
date: Wed, 04 Oct 2023 11:26:16 GMT
x-amz-request-id: T8QQQEK8J313HPTV
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 19992
x-amz-id-2: Tt+oQTORrWsLpDEtUiNsrfqkQghlnrW7+75NVbjfzEu6J2OrGTa1KwaUy9v12t3Hj847kovBFxE=
x-served-by: cache-bfi-kbfi7400051-BFI
last-modified: Sun, 01 Oct 2023 11:13:34 GMT
server: AmazonS3
x-timer: S1696418776.981506,VS0,VE155
etag: "553523158fb54f408ceab5bc93216423"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 54
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 10ms
2ms Script
application/javascript 151.101.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.28.157 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:15 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption: AES256
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100147-IAD, cache-syd10120-SYD

GET
H2 200 9ulljm Show response
airhelp.postaffiliatepro.com/scripts/ 27 KB
6 KB 1565ms
261ms Script
application/javascript 91.201.28.211
QUALITYUNIT

General

Check archive.org

Show headers Download Go to

Full URL

https://airhelp.postaffiliatepro.com/scripts/9ulljm

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.201.28.211 , Slovakia, ASN203480 (QUALITYUNIT, SK),

Reverse DNS

Software

nginx /

Resource Hash

61a370ef1e85081932323b6b07009f20b0db76ef19484b2bb20a14e14235c85f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (1.lb-app.pap.ws-eu)
x-srv: 1
age: 33
content-length: 6044
last-modified: Wed, 31 May 2023 13:39:28 GMT
server: nginx
etag: "6a50-5fcfd72e3a400"
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 320812539 318766445
cache-control: max-age=120
accept-ranges: bytes
expires: Wed, 04 Oct 2023 11:27:44 GMT

GET
H2 200 chatbotize-entrypoint.min.js Show response
airhelp.chat.getzowie.com/web/live-chat/ 12 KB
5 KB 1373ms
1053ms Script
application/javascript 104.26.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airhelp.chat.getzowie.com/web/live-chat/chatbotize-entrypoint.min.js
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89677207bf994c9e1fc46acb95151137fc8839a74a7a66aef8bc76210d486611

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:17 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 03 Oct 2023 11:36:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxN%2FdqCFyTyM7nF4tqLB7QrkKa1ynf21llqCt92%2FIlHTbIjYj3dX%2FFoPBYVaGrSH%2FG%2BgqBrptIJLjeKzLLwQjR49pK3zwBS%2BmZDd%2FD4%2BPIMJljKKb5d73nfYAV47LkbPkzKNTkgcmTimwoU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=900, public
cf-ray: 810d11a5bf3d5735-SYD
expires: Wed, 04 Oct 2023 11:41:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
89 KB 121ms
121ms Script
application/javascript 142.250.66.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V7V3QH8M33&l=dataLayer&cx=c

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.232 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0a724010f47f3dabc8dc6e7913d34a570a6d78964b889473cdf2054f06844003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91367
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 04 Oct 2023 11:26:15 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 1061ms
217ms Script
application/javascript 23.55.242.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCTCK33C77UDPV42D2VG&lib=ttq
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.242.184 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-242-184.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 60c9a9ca3e9498a1097ca4d9b4a688c8b30df2368fa2f90615682c8b12578da0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-akamai-request-id: 6eccd1a.5e609ce
date: Wed, 04 Oct 2023 11:26:16 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-55-242-180.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time: 208,23.55.242.180
server-timing: cdn-cache; desc=MISS, edge; dur=202, origin; dur=6, inner; dur=2
content-length: 1746
pragma: no-cache
server: nginx
x-tt-logid: 20231004112616F629BF7370E12EF903EA
x-cache-remote: TCP_MISS from a23-34-240-165.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.34.240.165
x-tt-trace-host: 01f14cfa21008387fff953467ace407c962e82d767e326959e5da5761b42c5bfcf0711116a20aabf8a1cf09817f2b66536ef748435864f5150538b820f0727f5b4eb3509091e46436fd799c693f17739d5bd8f0e4c73f64553bc68ea825f91004aad580a967b167ea016cd74ea2c613c87
expires: Wed, 04 Oct 2023 11:26:16 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 128 KB
50 KB 516ms
113ms Script
application/javascript 142.250.67.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-MWLVJDZ

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.14 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

2a9f903ad89582f09bbdc08d10544b5e93a7f913aed3d3cc13acb1bfe235e41d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50654
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Oct 2023 11:26:16 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/767323736/ 3 KB
2 KB 507ms
107ms Script
text/javascript 142.250.67.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/767323736/?random=1696418775642&cv=11&fst=1696418775642&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&hn=www.googleadservices.com&frm=0&tiba=AirHelp%20-%20%231%20Air%20Passenger%20Rights%20Experts&auid=299716556.1696418776&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.2 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

a737f2219e9c33975e91fc35e5b9c6ff6b056b085e81fc267865fa23daf688bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 11:26:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1414
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/355049621/ 3 KB
2 KB 506ms
106ms Script
text/javascript 142.250.67.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/355049621/?random=1696418775645&cv=11&fst=1696418775645&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&hn=www.googleadservices.com&frm=0&tiba=AirHelp%20-%20%231%20Air%20Passenger%20Rights%20Experts&auid=299716556.1696418776&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.2 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

403e10f4af7955e096413291a6d685d45a8df66eea730f7f229b80b77dd1ebaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 11:26:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1416
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 24 KB
8 KB 28ms
3ms Script
application/x-javascript 104.74.39.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.74.39.51 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-74-39-51.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 686f29197affcd6367afe1dad0181bf1cdb2e5e37a52883a4161437f64a6a6a2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Wed, 04 Oct 2023 11:26:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 11:33:58 GMT
Server: AkamaiNetStorage
ETag: "8e6a388d65b11283194a1a95f93b1505:1696246610.61818"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: OC
Cache-Control: max-age=1200
X-CC: AU
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7373
Expires: Wed, 04 Oct 2023 11:46:15 GMT

GET
H2 200 rc.js Show response
c.seznam.cz/js/ 211 KB
56 KB 1475ms
530ms Script
application/javascript 77.75.77.172
SEZNAM-

General

Check archive.org

Show headers Download Go to

Full URL

https://c.seznam.cz/js/rc.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

77.75.77.172 , Czech Republic, ASN43037 (SEZNAM-, CZ),

Reverse DNS

c.seznam.cz

Software

envoy /

Resource Hash

42d6d27602275c959296c5516b498ca2cdcb4276a36559b346d47697d408a55c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:17 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
slo-domain: sklik-ap-static
p3p: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
x-envoy-upstream-service-time: 13
slo-app: sklik-ap-static
last-modified: Wed, 20 Sep 2023 12:11:37 GMT
server: envoy
etag: W/"650ae179-34d4f"
slo-class: critical
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600,public
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-openrtb-version,x-sklik-trace
expires: Wed, 04 Oct 2023 12:26:17 GMT

GET
H2 200 gtr.min.js Show response
dsp-media.eskimi.com/assets/js/e/ 5 KB
3 KB 29ms
1ms Script
application/javascript 103.180.114.1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.3

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.180.114.1 , Australia, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SYD1-1151 /

Resource Hash

2c86bcaebf54969da5081c17c6901cbe19ac041b80a3abda6890708eb545cec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Wed, 07 Aug 2024 05:05:40 GMT
date: Wed, 04 Oct 2023 11:26:16 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1151
cdn-cachedat: 08/08/2023 05:05:41
cdn-pullzone: 692289
last-modified: Fri, 04 Aug 2023 14:59:50 GMT
server: BunnyCDN-SYD1-1151
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"64cd1266-1353"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 41e2303d34f0071d2a20830430ba213b
cdn-requestcountrycode: AU
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK aff_l
vitolamarketing.go2cloud.org/ 0
352 B 582ms
145ms Image
text/plain 54.177.5.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vitolamarketing.go2cloud.org/aff_l?offer_id=3082
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.177.5.212 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-5-212.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 04 Oct 2023 11:26:16 GMT
Server: nginx
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Length: 0
X-Request-Id: cdcc31f702318d17fcf6ac7403921f32
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK aff_l
vitolamarketing.go2cloud.org/ 0
352 B 579ms
144ms Image
text/plain 54.177.5.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vitolamarketing.go2cloud.org/aff_l?offer_id=3080
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.177.5.212 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-5-212.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 04 Oct 2023 11:26:16 GMT
Server: nginx
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Length: 0
X-Request-Id: 7507c2b8c97798f6fa05e896a24a8485
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 438ms
120ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 04 Oct 2023 11:26:16 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8AED5CD28D7A4FD2BCD509E8577A5F96 Ref B: SYD03EDGE1318 Ref C: 2023-10-04T11:26:16Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H2 200 a
www.googletagmanager.com/ 0
59 B 183ms
182ms Image
text/html 142.250.66.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=534525641&rv=3a20&u=AAAAAAAIAAAAACCI&h=Ag&cid=8487206&l=8487206.EC1.TC0.HTC0~*~AWCT1086

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.232 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:15 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 374ms
374ms Image
text/html 142.250.66.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1962286581&rv=3a20&u=AAAAAAAIAAAAACCI&h=Ag&cid=GTM-KRBL8PV&l=GTM-KRBL8PV.L564.S4.Y173.B39.E82.EC7.TC84.HTC12~gtm.init.S0.V0.E71~gtm.js.S1.V1.TS1html.TI48.TE0.TS5googtag.TI814.TE3.TS1cvt.TI912.TE1.TS5html.TI940.TE0.TS1cvt.TI966.TE1.TS5gaawe.TI967.TE0.TS5html.TI978.TE0.TS5html.TI979.TE0.TS1cvt.TI1163.TE0.TS1cvt.TI1262.TE1.TS6paused.TI1265.TE0.TS5html.TI1363.TE0.TS5html.TI1382.TE0.TS5lcl.TI1391.TE0.TS5lcl.TI1392.TE0.TS5lcl.TI1393.TE0.TS5lcl.TI1394.TE0.TS5lcl.TI1396.TE0.TS5lcl.TI1397.TE0.TS5evl.TI1398.TE0.TS5evl.TI1399.TE0.TS5evl.TI1400.TE0.TS5sdl.TI1401.TE0.TS5lcl.TI1402.TE0.TS5lcl.TI1403.TE0.TS5lcl.TI1404.TE0.TS5lcl.TI1405.TE0.TS5lcl.TI1406.TE0.TS5lcl.TI1407.TE0.TS5lcl.TI1408.TE0.TS5sdl.TI1409.TE0.TS5sdl.TI1410.TE0.TS5evl.TI1413.TE0.TS5tg.TI1416.TE0.TS5cl.TI1420.TE0.TS5cl.TI1421.TE0.TS5cl.TI1422.TE0.TS5tl.TI1423.TE0.TS5evl.TI1424.TE0.TS5lcl.TI1425.TE0.TS5lcl.TI1426.TE0.TS5evl.TI1427.TE0.TS5evl.TI1428.TE0.TS5evl.TI1429.TE0.TS5evl.TI1430.TE0.TS5evl.TI1431.TE0.TS5evl.TI1432.TE0.TS5evl.TI1433.TE0.TS5evl.TI1434.TE0.TS5cl.TI1435.TE0.TS5cl.TI1436.TE0.TS5cl.TI1437.TE0.TS5cl.TI1438.TE0.TS5cl.TI1439.TE0.TS5cl.TI1440.TE0.TS5cl.TI1441.TE0.TS5cl.TI1442.TE0.TS5cl.TI1443.TE0.TS5cl.TI1445.TE0.TS5cl.TI1447.TE0.TS5cl.TI1448.TE0.TS5lcl.TI1450.TE0.TS5hl.TI1451.TE0.TS5hl.TI1452.TE0.TS5hl.TI1453.TE0~*.S3.V2.TS6paused.TI16.TE0.TS5gclidw.TI34.TE3.TS1opt.TI121.TE0.TS5html.TI125.TE0.TS5html.TI134.TE0.TS5html.TI135.TE0.TS6paused.TI238.TE0.TS5googtag.TI814.TE1.TS6paused.TI849.TE0.TS5html.TI894.TE0.TS1html.TI931.TE0.TS5html.TI958.TE0.TS1sp.TI980.TE3.TS1sp.TI986.TE0.TS1cvt.TI1240.TE0~*.S0.V0.E38~gtm.dom.S0.V0.TS1baut.TI4.TE0.TS5sdl.TI1412.TE0.TS5ytl.TI1414.TE0~gtm.load.S0.V0.E40.TS5sdl.TI1415.TE0~gtm.init_consent.S2.V1.E73

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.232 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:16 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adsct
t.co/1/i/ 43 B
378 B 590ms
292ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=49f35aad-11c9-407a-bbcd-298a1bd2e738&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=bf1a2f0f-51f5-43c3-9411-ab4cc15ad32b&tw_document_href=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&tw_iframe_status=0&txn_id=o7bn2&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_r /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-response-time: 147
date: Wed, 04 Oct 2023 11:26:15 GMT
strict-transport-security: max-age=0
server: tsa_r
content-type: image/gif;charset=utf-8
x-transaction-id: f5352a943cb8dfe0
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 48652d493f9a06be519a34687e7eb4905541c48318ad00a5894c05174f96eccb
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 592ms
290ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=49f35aad-11c9-407a-bbcd-298a1bd2e738&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=bf1a2f0f-51f5-43c3-9411-ab4cc15ad32b&tw_document_href=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&tw_iframe_status=0&txn_id=o7bn2&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_r /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-response-time: 146
date: Wed, 04 Oct 2023 11:26:16 GMT
strict-transport-security: max-age=631138519
server: tsa_r
content-type: image/gif;charset=utf-8
x-transaction-id: e7d9444449c29b7a
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: dcafb6335aca01314f33b204b67059d17ae2c6363aba1d80bd8cda962652c368
content-length: 43

GET
H2 200 b39dbd97004bc4b5.css Show response
www.airhelp.com/_next/static/css/ 658 B
330 B 11ms
10ms Fetch
text/css 104.16.152.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.airhelp.com/_next/static/css/b39dbd97004bc4b5.css

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.152.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

340293fa59a9ab1c02c28628ed1be500518e039509b9c488bbff6867d41564a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
tracestate: 955823@nr=0-1-955823-1120128964-fdf5f3f4a4873241----1696418775704
traceparent: 00-9da60977a4f6b17b65fb8719a3745800-fdf5f3f4a4873241-01
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6Ijk1NTgyMyIsImFwIjoiMTEyMDEyODk2NCIsImlkIjoiZmRmNWYzZjRhNDg3MzI0MSIsInRyIjoiOWRhNjA5NzdhNGY2YjE3YjY1ZmI4NzE5YTM3NDU4MDAiLCJ0aSI6MTY5NjQxODc3NTcwNH19

Response headers

expires: Thu, 03 Oct 2024 11:26:15 GMT
date: Wed, 04 Oct 2023 11:26:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Mar 2023 10:00:29 GMT
server: cloudflare
age: 6
etag: W/"4b504a5fca17f1a2da54910dbf4dffe4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 810d11a429d6a82f-SYD
x-lb: mainlb1-production

GET
H2 200 collect Show response
gtm.airhelp.com/g/ 65 B
569 B 524ms
460ms XHR
text/plain 34.117.138.52
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.airhelp.com/g/collect?v=2&tid=G-V7V3QH8M33&gtm=45je3a20&_p=104528841&cid=718321601.1696418776&ul=en-us&sr=1600x1200&_fplc=0&ir=1&ur=AU-NSW&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&sst.uc=AU&sst.gse=1&sst.etld=google.com.au&sst.tft=1696418774558&_s=1&dr=(undefined)&sid=1696418775&sct=1&seg=0&dl=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&dt=AirHelp%20-%20%231%20Air%20Passenger%20Rights%20Experts&en=page_view&_fv=1&_nsi=1&_ss=1&ep.cancelled_flight_disruption_reason=(undefined)&ep.cancelled_flight_total_delay=(undefined)&ep.claim_id=(undefined)&ep.claim_revenue=(undefined)&ep.claim_type=(undefined)&ep.delayed_flight_disruption_reason=(undefined)&ep.delayed_flight_total_delay=(undefined)&ep.denied_boarding_reservation_surrendered=(undefined)&ep.denied_boarding_total_delay=(undefined)&ep.disrupted_airline=(undefined)&ep.disruption_segment_destination=(undefined)&ep.disruption_segment_source=(undefined)&ep.disruption_type=(undefined)&ep.fellow_passengers=(undefined)&ep.page_type=(undefined)&ep.page_language=(undefined)&ep.page_currency=(undefined)&ep.hashed_email_id=(undefined)&ep.ota_brand=(undefined)&ep.total_compensation=(undefined)&ep.trip_date=(undefined)&ep.trip_departure=(undefined)&ep.trip_destination=(undefined)&ep.eventID=1696418775621.849234.1&up.user_postal_code=(undefined)&up.user_country=(undefined)&up.user_city=(undefined)&up.client_id=function()%7Bfor(var%20u%3DArray.prototype.slice.call(arguments%2C0)%2Cv%3D0%3Bv%3Cu.length%3Bv%2B%2B)u%5Bv%5D%3Dnd(u%5Bv%5D%2Cb%2Cc)%3Bvar%20w%3Dnew%20ya(b%3Fb.X%3A%0Anew%20xa)%3Bb%26%26(w.h%3Db.h)%3Breturn%20f(g.invoke.apply(g%2C%5Bw%5D.concat(u)))%7D&tfd=1994&richsstsse

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.138.52 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

52.138.117.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:16 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://www.airhelp.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering: no

POST
H/1.1 200
OK 437c0ca09d Show response
bam.nr-data.net/1/ 40 B
398 B 455ms
437ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/437c0ca09d?a=1043678849&v=1.242.0&to=bldVNxBRCEQFUBdQX1cdYAYAdhRWCVYUVkJSZ0UKTX4DTxBZEBZ3fGYYTDlcB1kDRgJeVWQdbDhMHkhECEYEZG0%3D&rst=2017&ck=0&s=2ff6dcd9ba3e3afe&ref=https://www.airhelp.com/en/&tt=bfba36844a80958e&af=err,xhr,stn,ins,spa&qt=5&ap=240.757797&be=542&fe=915&dc=660&perf=%7B%22timing%22:%7B%22of%22:1696418773993,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:7,%22c%22:7,%22s%22:10,%22ce%22:17,%22rq%22:17,%22rp%22:543,%22rpe%22:551,%22di%22:627,%22ds%22:1202,%22de%22:1202,%22dc%22:1453,%22l%22:1455,%22le%22:1457%7D,%22navigation%22:%7B%7D%7D&fp=639&fcp=639
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer: https://www.airhelp.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 04 Oct 2023 11:26:16 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.airhelp.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-syd10129-SYD

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 157ms
157ms Ping
image/gif 66.225.223.31
NTTA-3946

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=06695559776525624&referrer=&cht=gtm&marketerId=00fa9260a4727d61dc376bded08b1d3a4d&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.225.223.31 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS: sa.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Wed, 04 Oct 2023 11:26:17 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 5c87405e5ea946b4117e0f56162e3058
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
220 B 636ms
160ms Script
application/javascript 66.225.223.31
NTTA-3946

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00fa9260a4727d61dc376bded08b1d3a4d
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.225.223.31 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS: sa.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Wed, 04 Oct 2023 11:26:17 GMT
content-encoding: br
X-TraceId: 20f46b9382f13b842d5fdf7242c43047
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 00fa9260a4727d61dc376bded08b1d3a4d Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 21ms
5ms Script
text/html 104.74.39.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/00fa9260a4727d61dc376bded08b1d3a4d
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.74.39.51 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-74-39-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Wed, 04 Oct 2023 11:26:16 GMT
Content-Encoding: gzip
ob-sent-time: 1696406449349
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: OC
Cache-Control: max-age=60
X-CC: AU
Connection: keep-alive
X-TraceId: ec1981ea282099c6232d66f3cc0beb97
Content-Length: 22
Expires: Wed, 04 Oct 2023 11:27:16 GMT

GET
H2 200 307133519633829 Show response
connect.facebook.net/signals/config/ 136 KB
35 KB 3ms
2ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/307133519633829?v=2.9.132&r=stable&domain=www.airhelp.com

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

4d16d6dbd52bc08c84ad732ba18443be742d101b3f7f7511043c81d961b01c46

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Oct 2023 11:26:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35967
x-xss-protection: 0
pragma: public
x-fb-debug: IjtWAwKOb6HtQXZAxYf1x/7dalNJ5VyQiBfvbqocYw8hh0QW9v92ci2tJDHAH9wxNdnbbqR9fsQ2WKH1MJ9WCw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cssession Show response
dsp-trk.eskimi.com/tracking/ 2 B
170 B 295ms
285ms XHR
text/plain 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp-trk.eskimi.com/tracking/cssession?tst&id=27854&url=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&t=1696418776030
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: https://www.airhelp.com
date: Wed, 04 Oct 2023 11:26:15 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/plain; charset=UTF-8

GET
H2 200 gtr Show response
dsp-ap.eskimi.com/v2/ 855 B
1 KB 295ms
286ms XHR
application/json 35.186.201.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp-ap.eskimi.com/v2/gtr?id=27854&url=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&t=1696418776030
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.201.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.201.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 1d9d2f3d89c87c0cfaee5ccc4fc43bbd4bf1e946cd184a6c26de75705d26483a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: https://www.airhelp.com
date: Wed, 04 Oct 2023 11:26:15 GMT
cache-control: no-cache
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 315ms
4ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=307133519633829&ev=PageView&dl=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&rl=&if=false&ts=1696418776041&sw=1600&sh=1200&v=2.9.132&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1696418776040.852409907&cs_est=true&ler=empty&it=1696418776025&coo=false&eid=1696418775621.849234.1&tm=1&exp=a0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Oct 2023 11:26:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/355049621/ 42 B
455 B 515ms
104ms Image
image/gif 172.217.24.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/355049621/?random=1696418775645&cv=11&fst=1696417200000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&frm=0&tiba=AirHelp%20-%20%231%20Air%20Passenger%20Rights%20Experts&fmt=3&is_vtc=1&random=1365683214&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f36.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 11:26:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.au/pagead/1p-user-list/355049621/ 42 B
108 B 516ms
108ms Image
image/gif 172.217.167.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/355049621/?random=1696418775645&cv=11&fst=1696417200000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&frm=0&tiba=AirHelp%20-%20%231%20Air%20Passenger%20Rights%20Experts&fmt=3&is_vtc=1&random=1365683214&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 11:26:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/767323736/ 42 B
108 B 392ms
104ms Image
image/gif 172.217.24.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/767323736/?random=1696418775642&cv=11&fst=1696417200000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&frm=0&tiba=AirHelp%20-%20%231%20Air%20Passenger%20Rights%20Experts&fmt=3&is_vtc=1&random=1285774386&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f36.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 11:26:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.au/pagead/1p-user-list/767323736/ 42 B
455 B 439ms
104ms Image
image/gif 172.217.167.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/767323736/?random=1696418775642&cv=11&fst=1696417200000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&frm=0&tiba=AirHelp%20-%20%231%20Air%20Passenger%20Rights%20Experts&fmt=3&is_vtc=1&random=1285774386&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 11:26:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 402ms
2ms Script
text/javascript 142.250.71.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.78 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 04 Oct 2023 10:11:20 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4497
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 04 Oct 2023 12:11:20 GMT

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 129ms
128ms Image
text/html 142.250.66.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-MWLVJDZ&cv=351&t=ol&p=gtmo&l=1655&q=1097&f=545&e=27&i=29&d=1018&c=1581&hc=0&sr=0.050000&ps=0.0030737359019192834&cb=1978266398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.232 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:16 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 json Show response
trc.taboola.com/1569023/trc/3/ 2 KB
2 KB 185ms
184ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1569023/trc/3/json?tim=1696418776252&data=%7B%22id%22%3A963%2C%22ii%22%3A%22%2Fen-int%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1696418776245%2C%22cv%22%3A%2220230928-12-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.airhelp.com%2Fen-int%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-gilbertbaurmckinseycom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1696418776251%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1c46d3fd9c8171a07ae8803389d72c8d672d0f31b75a35b4ccab31d9a0452b8a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-vcl-time-ms: 44
date: Wed, 04 Oct 2023 11:26:17 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.29125
x-fastly-to-nlb-rtt: 32717
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bfi-kbfi7400051-BFI
x-log-content-encoding: gzip
server: nginx
x-timer: S1696418777.984925,VS0,VE44
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=539901412&val=44f63fad-3c1c-40a3-bb6e-4ce11d022e49&gdpr=0&gdpr_consent=1
https://eu-u.openx.net/w/1.0/sd?cc=1&id=539901412&val=44f63fad-3c1c-40a3-bb6e-4ce11d022e49&gdpr=0&gdpr_consent=1

43 B
171 B

103ms
101ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=539901412&val=44f63fad-3c1c-40a3-bb6e-4ce11d022e49&gdpr=0&gdpr_consent=1
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 11:26:17 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=539901412&val=44f63fad-3c1c-40a3-bb6e-4ce11d022e49&gdpr=0&gdpr_consent=1
date: Wed, 04 Oct 2023 11:26:17 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 203ms
98ms Image
image/png 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=eskimi&google_hm=44f63fad-3c1c-40a3-bb6e-4ce11d022e49

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 11:26:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ 42 B
784 B 750ms
98ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=103804&nid=3846&put=44f63fad-3c1c-40a3-bb6e-4ce11d022e49&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 /
cs.adingo.jp/sync/ 43 B
404 B 323ms
104ms Image
image/gif 13.115.74.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=eskimi&id=44f63fad-3c1c-40a3-bb6e-4ce11d022e49
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.74.94 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-74-94.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
date: Wed, 04 Oct 2023 11:26:17 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 204 /
csync.loopme.me/ 0
156 B 774ms
254ms Image
text/plain 35.214.164.29
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.loopme.me/?partner_id=2157&gdpr=0&gdpr_consent=1&uid=44f63fad-3c1c-40a3-bb6e-4ce11d022e49
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.164.29 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 29.164.214.35.bc.googleusercontent.com
Software: _ /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:17 GMT
server: _

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=364&user_id=44f63fad-3c1c-40a3-bb6e-4ce11d022e49&expires=30&gdpr=0&gdpr_consent=1
https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=44f63fad-3c1c-40a3-bb6e-4ce11d022e49&expires=30&gdpr=0&gdpr_consent=1

43 B
510 B

170ms
170ms

Image
image/gif

35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=44f63fad-3c1c-40a3-bb6e-4ce11d022e49&expires=30&gdpr=0&gdpr_consent=1
Protocol: HTTP/1.1
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Wed, 04 Oct 2023 11:26:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=44f63fad-3c1c-40a3-bb6e-4ce11d022e49&expires=30&gdpr=0&gdpr_consent=1
Date: Wed, 04 Oct 2023 11:26:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usync
ssp.api.tappx.com/cs/ 0
444 B 431ms
139ms Image
text/html 34.94.160.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.api.tappx.com/cs/usync?idmn=814&id=44f63fad-3c1c-40a3-bb6e-4ce11d022e49&gdpr=0&gdpr_consent=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.94.160.110 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.160.94.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 04 Oct 2023 11:26:17 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 177ms
176ms Script
application/x-javascript 23.55.38.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.38.153 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-55-38-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=81261
accept-ranges: bytes
content-length: 4862

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 181ms
181ms Script
application/x-javascript 23.55.38.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.38.153 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-55-38-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=46744
accept-ranges: bytes
content-length: 3822

POST
H/1.1 200
OK 437c0ca09d Show response
bam.nr-data.net/events/1/ 24 B
337 B 429ms
429ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/437c0ca09d?a=1043678849&v=1.242.0&to=bldVNxBRCEQFUBdQX1cdYAYAdhRWCVYUVkJSZ0UKTX4DTxBZEBZ3fGYYTDlcB1kDRgJeVWQdbDhMHkhECEYEZG0%3D&rst=2523&ck=0&s=2ff6dcd9ba3e3afe&ref=https://www.airhelp.com/en/
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.airhelp.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 04 Oct 2023 11:26:16 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.airhelp.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-syd10129-SYD

GET
H2 200 5949493.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 123ms
122ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5949493.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ceccd207a2a68e915d9051fdcffb3039ecb5f6565248c2b40c201bf4d547a58c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Wed, 04 Oct 2023 11:26:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2E41A912328E41C283A5ABC499B37CD9 Ref B: SYD03EDGE1318 Ref C: 2023-10-04T11:26:16Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
359 B 121ms
120ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5949493&tm=gtm002&Ver=2&mid=e994fc18-f652-4ad6-9d4c-24924713df82&sid=d536610062a811eeb61bfb24eb658af0&vid=d536ad6062a811eeaf4e016e11d945c4&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=AirHelp%20-%20%231%20Air%20Passenger%20Rights%20Experts&p=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&r=&lt=1457&evt=pageLoad&sv=1&rn=142582

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Oct 2023 11:26:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F2DF26783F4A47F691B6F52BDBCEF249 Ref B: SYD03EDGE1318 Ref C: 2023-10-04T11:26:16Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4379810/domain/airhelp.com/ 36 B
357 B 335ms
2ms XHR
application/json 18.67.111.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4379810/domain/airhelp.com/token
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.111.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-111-80.syd62.r.cloudfront.net
Software: awselb/2.0 /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.airhelp.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 10:55:58 GMT
via: 1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: SYD62-P2
age: 174619
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=86400
content-length: 36
x-amz-cf-id: a3TOEcmuqguKQFPNv3edZsFtm_v55NLRyznUToKqfmncwpKef8vkGQ==

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 177ms
176ms Script
application/x-javascript 23.55.38.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.38.153 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-55-38-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=81261
accept-ranges: bytes
content-length: 4862

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4379810&time=1696418776695&url=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4379810&time=1696418776695&url=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4379810%26time%3D1696418776695%26url%3Dhttps%253A%252F%252Fwww.airhelp.com%252Fen...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4379810&time=1696418776695&url=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade...

0
397 B

265ms
265ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4379810&time=1696418776695&url=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&tm=gtmv2&cookiesTest=true&liSync=true
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:18 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 7380F6D8452441B1AFB5E2291778CB13 Ref B: SYD03EDGE1606 Ref C: 2023-10-04T11:26:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYG4kasHybaR3RCCNxgoQ==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-content-type-options: nosniff
date: Wed, 04 Oct 2023 11:26:18 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYG4kan4s78erKWZDGFNw==
pragma: no-cache
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: C46502B043324E53B11F3C9DBE7B5EB1 Ref B: SYD03EDGE1606 Ref C: 2023-10-04T11:26:17Z
x-frame-options: sameorigin
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4379810&time=1696418776695&url=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&tm=gtmv2&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 main.MWQ0NWRkZTlhMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 389 KB
101 KB 9ms
8ms Script
application/javascript 23.55.242.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.242.184 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-242-184.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-akamai-request-id: 5e60bee
date: Wed, 04 Oct 2023 11:26:16 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230921123832D3C94E71850C3137896C
vary: Accept-Encoding
x-cache: TCP_HIT from a23-55-242-180.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0165dfd7e36f162f10e581cee82e683fa6cd5e3524ae6e67928a174fa8a3673b709f8dab41a6f6d3bfc15d16786036fe05cb8665881f105f99f2354dd3fd2048f7d0da8b8d659b5c64758d436f9feaebb600f9b18700709d9431936b073b62bdde
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
content-length: 102761

GET
H2 200 5949493 Show response
www.clarity.ms/tag/uet/ 1020 B
1 KB 543ms
204ms Script
application/x-javascript 13.107.213.31
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5949493
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0334128b0ff16f3220040f3d98e65cdcf418da4ae70395a180417b364e36f964

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
date: Wed, 04 Oct 2023 11:26:16 GMT
x-azure-ref: 02UsdZQAAAAAen+g7PC/fSIJg3yl5nyVJU1lEMDNFREdFMTIxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 1020
expires: -1

GET
H2 200 identify_7dd78.js Show response
analytics.tiktok.com/i18n/pixel/static/ 134 KB
35 KB 7ms
7ms Script
application/javascript 23.55.242.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.242.184 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-242-184.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-akamai-request-id: 5e60c85
date: Wed, 04 Oct 2023 11:26:16 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202309071107163A27EA34496DD07E85A9
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-55-242-180.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 016165ddfcbe3f1f8fb49d10c125c9d0a3c859bd4c0fddb8bd33fa139e797cf9f41a6fb5dfdcd638b70ff6640fe0bfc60e76fc0d918023bf4eba4dc8b1322ca34dd5c378335952ed4d8f028677579d83cdcb907be9b06fdb8203372d6529a5966142ca4fcef7a0322a0c4b13c4579091df
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 35756

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
883 B 314ms
215ms Ping
text/plain 23.192.108.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.108.82 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-192-108-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.airhelp.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2bed22a1.89d7f40
date: Wed, 04 Oct 2023 11:26:17 GMT
x-bytefaas-request-id: 202310041126175981EC7F5969BAFF1561
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-192-108-78.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
x-parent-response-time: 211,23.192.108.78
server-timing: cdn-cache; desc=MISS, edge; dur=201, origin; dur=10, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202310041126175981EC7F5969BAFF1561
x-cache-remote: TCP_MISS from a23-218-219-15.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 4.63
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 10,23.218.219.15
x-tt-trace-host: 01f14cfa21008387fff953467ace407c96a348133480161d3fc0adbbbf99d2609d2f6a152c30e2996294b3cf2ece23e6933ed83befbcdc56e3518944c1b2d41757149c93e8d27f6722f448c163035322982c0837a6d0b2cf8ce07516033916a383a867101e489645db39195f0957dad4e3
access-control-allow-headers: *
expires: Wed, 04 Oct 2023 11:26:17 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
795 B 317ms
317ms Ping
text/plain 23.55.242.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.242.184 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-242-184.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.airhelp.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 19ffde78.5e60ccd
date: Wed, 04 Oct 2023 11:26:17 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-55-242-180.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time: 298,23.55.242.180
server-timing: cdn-cache; desc=MISS, edge; dur=228, origin; dur=79, inner; dur=52
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231004112616EE009C93BCED6CDA511A
x-cache-remote: TCP_MISS from a23-220-107-13.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 79,23.220.107.13
x-tt-trace-host: 01f14cfa21008387fff953467ace407c962e82d767e326959e5da5761b42c5bfcf0199479cfdd51e0e2f583b5124536a89c86c38aafba7d864c48d6284d41d56fef2dbc40471d2c8b81becd93a83d7487dc8423b6f62113893da42dfbbe67feec9fdacaf87eecd59578c2153a5a880b0c7
access-control-allow-headers: Authorization,*
expires: Wed, 04 Oct 2023 11:26:17 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4379810/domain/airhelp.com/ 36 B
356 B 151ms
3ms XHR
application/json 18.67.111.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4379810/domain/airhelp.com/token
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.111.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-111-80.syd62.r.cloudfront.net
Software: awselb/2.0 /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.airhelp.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 10:55:58 GMT
via: 1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: SYD62-P2
age: 174619
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=86400
content-length: 36
x-amz-cf-id: SYAviM5ClIX3UyHMrJFWGuRbiRRc9TLcs0_od6bQadi-CClrnZ7Adw==

GET
H2 200 livechat Show response
waw.chat.getzowie.com/api/v1/herochat-plugin/instances/cca86d346c4c4d5f868b3bdba3f2e6e6/multilingual/ 22 KB
5 KB 713ms
712ms Fetch
application/json 172.67.72.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waw.chat.getzowie.com/api/v1/herochat-plugin/instances/cca86d346c4c4d5f868b3bdba3f2e6e6/multilingual/livechat
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab6716b6510b5a0c90438772eb8e6e1ab89e7a5f943ac930a3a61ddd1b1e210d

Request headers

Accept: application/json
Referer: https://www.airhelp.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 04 Oct 2023 11:26:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efXZGVKjULUdvgTckv9eA4cmgCxYO7D%2BsVbq5LgT4%2FOBs7UKJG2ZZcBn5s9hFwk0XLH8v6XNFCSwQWPnVu3lkGXVmFx%2FQVunIsaHFU6MHfgiXoaTigaD42buWvyVB6hFfeBoBXcOww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.airhelp.com
access-control-allow-credentials: true
cf-ray: 810d11b50f395d36-SYD

OPTIONS
H2 200 livechat
waw.chat.getzowie.com/api/v1/herochat-plugin/instances/cca86d346c4c4d5f868b3bdba3f2e6e6/multilingual/ 0
0 1387ms
1065ms Preflight 172.67.72.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waw.chat.getzowie.com/api/v1/herochat-plugin/instances/cca86d346c4c4d5f868b3bdba3f2e6e6/multilingual/livechat
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.airhelp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.airhelp.com
access-control-max-age: 1800
cf-cache-status: DYNAMIC
cf-ray: 810d11ae5fdf5d36-SYD
content-length: 0
date: Wed, 04 Oct 2023 11:26:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2Fbcbng4czGeXSUfmDVp3Fxvmatv3KOb55EBYUoafrchuJ%2Fm4FjQXMcd2ZGcZSFI%2FH5vuQL8vUF1Ueq4XD2CLB5mdn%2FYUVCm26b0zX0cPEvakr52BLcOzjJ%2FwUpkQWJkLpYKqVo%2FsA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
793 B 279ms
278ms Ping
text/plain 23.55.242.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.242.184 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-242-184.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.airhelp.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: f8e8471.5e60e92
date: Wed, 04 Oct 2023 11:26:17 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-55-242-180.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time: 262,23.55.242.180
server-timing: cdn-cache; desc=MISS, edge; dur=225, origin; dur=47, inner; dur=31
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231004112617F21590C1B86B49E8F350
x-cache-remote: TCP_MISS from a23-220-107-18.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 47,23.220.107.18
x-tt-trace-host: 01f14cfa21008387fff953467ace407c962e82d767e326959e5da5761b42c5bfcf9c269d082d2f36d05d074223cf7ca16d8f955ca2e2b0fb8f541c7e60d8df4718fc1d39b98d6962a79c23960a9450e65aaf4f02f2ef6511571c8c7bd5ed5259dd1314550a9a9fef6486e0ac1074b4c246
access-control-allow-headers: Authorization,*
expires: Wed, 04 Oct 2023 11:26:17 GMT

GET
H2 200 9ullrm Show response
airhelp.postaffiliatepro.com/scripts/ 66 B
436 B 261ms
260ms Script
application/x-javascript 91.201.28.211
QUALITYUNIT

General

Check archive.org

Show headers Download Go to

Full URL: https://airhelp.postaffiliatepro.com/scripts/9ullrm?accountId=default1&userId=65196aaf7ade5&url=S_www.airhelp.com%2Fen%2F&referrer=&isInIframe=false&getParams=%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&anchor=
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.201.28.211 , Slovakia, ASN203480 (QUALITYUNIT, SK),
Reverse DNS
Software: nginx /
Resource Hash: 8bb0f4bda4181633eaa34d3d068fbeabe2f8334f61ad4e39e8a31e84f6a29425

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: application/octet-stream, application/x-javascript
date: Wed, 04 Oct 2023 11:26:17 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx
content-length: 66
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 78 B
443 B 508ms
97ms XHR
application/json 142.250.71.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.78 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f14.1e100.net

Software

ESF /

Resource Hash

19c592819d340656421a0ca296e9564cbfbcb69228f56cef708c529fc16217ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.airhelp.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Oct 2023 11:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.airhelp.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98
x-xss-protection: 0

GET
H2 200 retargeting
c.seznam.cz/ 43 B
346 B 269ms
269ms Image
image/gif 77.75.77.172
SEZNAM-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.seznam.cz/retargeting?id=1345995&url=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&consent=-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

77.75.77.172 , Czech Republic, ASN43037 (SEZNAM-, CZ),

Reverse DNS

c.seznam.cz

Software

envoy /

Resource Hash

3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:17 GMT
content-encoding: deflate
strict-transport-security: max-age=63072000
p3p: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
x-envoy-upstream-service-time: 3
content-length: 38
x-request-id: 38d97f05-fd94-426e-9307-53b74b84897f
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-openrtb-version,x-sklik-trace
x-szn-hostname: rtghitserver-54544dbbc-gcnkt

POST
H2 200 publisher:getClientId Show response
ampcid.google.com.au/v1/ 3 B
94 B 462ms
457ms XHR
application/json 142.250.71.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com.au/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.78 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f14.1e100.net

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.airhelp.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Oct 2023 11:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.airhelp.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.10/ 57 KB
20 KB 5ms
4ms Script
application/javascript 13.107.213.31
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.10/clarity.js
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:16 GMT
content-encoding: br
last-modified: Tue, 03 Oct 2023 13:37:19 GMT
etag: "0x8DBC415DDE8C4F1"
x-azure-ref: 02UsdZQAAAAD8W7dxm0m1Rr0kmTY3DRgPU1lEMDNFREdFMTIxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 309b455b-a01e-004f-7d8e-f65f8f000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=67A77FF3EF0943B1A1672301AD60EE44&RedC=c.clarity.ms&MXFR=1AFF3FF9E74D6CB915082C59E34D62CC
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=67A77FF3EF0943B1A1672301AD60EE44&MUID=1F183720519B682D0C07248050A96905

42 B
440 B

118ms
117ms

Image
image/gif

20.205.115.81
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=67A77FF3EF0943B1A1672301AD60EE44&MUID=1F183720519B682D0C07248050A96905
Protocol: H2
Server: 20.205.115.81 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 11:26:17 GMT
last-modified: Wed, 30 Aug 2023 15:12:21 GMT
server: Microsoft-IIS/10.0
etag: "4b119d5f54dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 11:26:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9A9E9C842660470AA20095E9FB58A174 Ref B: SYD03EDGE1318 Ref C: 2023-10-04T11:26:18Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=67A77FF3EF0943B1A1672301AD60EE44&MUID=1F183720519B682D0C07248050A96905
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1569023/log/3/ 0
247 B 291ms
94ms XHR
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1569023/log/3/unip?en=pre_d_eng_tb&tos=1562&scd=0&ssd=1&est=1696418776249&ver=36&isls=true&src=i&invt=1500&msa=4239&rv=1&tim=1696418777812&vi=1696418776245&ri=030d5d6bab78c9c52f648e1f833f0b04&ref=null&cv=20230928-12-RELEASE&item-url=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&ler=other
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: https://www.airhelp.com
pragma: no-cache
date: Wed, 04 Oct 2023 11:26:18 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
295 B 1096ms
681ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.airhelp.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.airhelp.com
Date: Wed, 04 Oct 2023 11:26:18 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
208 B 100ms
98ms XHR
text/plain 142.250.71.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=104528841&t=pageview&_s=1&dl=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&ul=en-us&de=UTF-8&dt=AirHelp%20-%20%231%20Air%20Passenger%20Rights%20Experts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YDDAgEABQAQCACAGK~&jid=670689621&gjid=1534429709&cid=718321601.1696418776&tid=UA-37442388-12&_gid=760767084.1696418778&_slc=1&gtm=45He3a20n81KRBL8PV&cd1=&cd2=(undefined)&cd3=(undefined)&cd4=(undefined)&cd6=(undefined)&cd7=(undefined)&cd8=(undefined)&cd9=(undefined)&cd10=EUR&cd11=en&cd12=(undefined)&cd13=(undefined)&cd14=(undefined)&cd15=(undefined)&cd16=718321601.1696418776&cd17=(undefined)&cd18=(undefined)&cd19=(undefined)&cd20=(undefined)&cd21=(undefined)&cd22=(undefined)&cd23=(undefined)&cd24=(undefined)&cd25=(undefined)&cd26=(undefined)&cd27=(undefined)&cd28=(undefined)&cd29=(undefined)&cd30=(undefined)&cd31=0&cd41=2023-10-04T19%3A26%3A16.231%2B08%3A00&cd42=1696418776231.tovnig8&z=106032040

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.78 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.airhelp.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 11:26:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.airhelp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
353 B 594ms
95ms XHR
text/plain 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-37442388-12&cid=718321601.1696418776&jid=670689621&gjid=1534429709&_gid=760767084.1696418778&_u=YDDAgEABQAQCAGAGKAC~&z=1329980263

Requested by

Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.airhelp.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 04 Oct 2023 11:26:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.airhelp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 113ms
109ms Image
image/gif 172.217.24.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-37442388-12&cid=718321601.1696418776&jid=670689621&_u=YDDAgEABQAQCAGAGKAC~&z=1935759310

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f36.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 11:26:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
107 B 102ms
100ms Image
image/gif 172.217.167.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-37442388-12&cid=718321601.1696418776&jid=670689621&_u=YDDAgEABQAQCAGAGKAC~&z=1935759310

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 11:26:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11.chatbotize-entrypoint.min.js Show response
waw.chat.getzowie.com/web/live-chat/ 197 KB
65 KB 1069ms
1066ms Script
application/javascript 104.26.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waw.chat.getzowie.com/web/live-chat/11.chatbotize-entrypoint.min.js
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f04cf85771671446a0c86b624e482847c7a6165f7554b4abae409e687511dd3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:20 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 03 Oct 2023 11:36:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWlny96XD99oi12sixKLhQCJ%2FIoN7WdnwRqRKpOD8rk3jnud4ejpKWQOx35PwNwldw8EICSWO7tCmknI1ENqVV9FvM%2FQiRm1Gk0Q%2F35ruGXm4wAYGkKD7o0tj933akDKrdULbAjW4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=900, public
cf-ray: 810d11b9883a5735-SYD
expires: Wed, 04 Oct 2023 11:41:19 GMT

GET
H2 200 8.chatbotize-entrypoint.min.js Show response
waw.chat.getzowie.com/web/live-chat/ 76 KB
20 KB 1180ms
1178ms Script
application/javascript 104.26.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waw.chat.getzowie.com/web/live-chat/8.chatbotize-entrypoint.min.js
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32eded2588ffd09ccd87947fba1b281b3740397d044f1ef718625641da666dde

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:20 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 03 Oct 2023 11:36:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9QCW0vJBCm8y2gnl2U1cxpOd6V457fF7CBH9mMHndPuytOky98NXIN61HKr0qhe75h7Oyx36gyPvTyhBtfElmqTZ%2BwIw4kMNsBIqNRSE4P7dLScFOhf7BUtE%2FrMrXXZdfbdqttf%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=900, public
cf-ray: 810d11b9883b5735-SYD
expires: Wed, 04 Oct 2023 11:41:20 GMT

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
295 B 208ms
207ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.airhelp.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.airhelp.com
Date: Wed, 04 Oct 2023 11:26:19 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 6.chatbotize-entrypoint.min.js Show response
waw.chat.getzowie.com/web/live-chat/ 9 KB
3 KB 1054ms
1054ms Script
application/javascript 104.26.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waw.chat.getzowie.com/web/live-chat/6.chatbotize-entrypoint.min.js
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eee5e58ec5c3ae21613a9e738f3cc3bafc2bf934f46d3adcaf3e7639bb80245c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:26:21 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 29 Sep 2023 12:59:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2wgfNbHXLo%2FuIP5kHQ%2BCRTSR6EJvx5B9U%2BkvmGcHFaYD0Ml6g1SZx6xmR2ocSNZsq0uAnMkMEJRfYExyGwPP2OkTD24iVeDQfVXXWxTs%2BWGhrk2Wx9SYa%2FAu5aOxqqzDlXJk3YsrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=900, public
cf-ray: 810d11c16ede5735-SYD
expires: Wed, 04 Oct 2023 11:41:21 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1569023/log/3/ 0
246 B 95ms
94ms XHR
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1569023/log/3/unip?en=pre_d_eng_tb&tos=4564&scd=0&ssd=1&est=1696418776249&ver=36&isls=true&src=i&invt=3000&msa=4239&rv=1&tim=1696418780814&vi=1696418776245&ri=030d5d6bab78c9c52f648e1f833f0b04&ref=null&cv=20230928-12-RELEASE&item-url=https%3A%2F%2Fwww.airhelp.com%2Fen%2F%3Futm_medium%3Daffiliate%26utm_source%3Dpap%26utm_campaign%3Daff-65196aaf7ade5%26utm_content%3D%26a_aid%3D65196aaf7ade5%26a_bid%3D4ed72bed%26chan%3Dair1017&ler=other
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.airhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: https://www.airhelp.com
pragma: no-cache
date: Wed, 04 Oct 2023 11:26:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
295 B 218ms
218ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.airhelp.com
URL: https://www.airhelp.com/en/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-65196aaf7ade5&utm_content=&a_aid=65196aaf7ade5&a_bid=4ed72bed&chan=air1017
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.airhelp.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.airhelp.com
Date: Wed, 04 Oct 2023 11:26:22 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.airhelp.com/	1970-01-20 15:15:05	Name: tracking_params Value: eyJzb3VyY2UiOiJwYXAiLCJtZWRpdW0iOiJhZmZpbGlhdGUifQ%3D%3D
.airhelp.com/	1970-01-20 17:23:14	Name: _gcl_au Value: 1.1.299716556.1696418776
.airhelp.com/	1970-01-20 15:56:50	Name: deduplication_cookie Value: pap
.airhelp.com/	1970-01-20 15:56:50	Name: cookieSwitch Value: affiliate_pap_65196aaf7ade5
.airhelp.com/	1970-01-20 15:56:50	Name: cookieAffiliation Value: pap_65196aaf7ade5
.airhelp.com/	1970-01-21 00:49:38	Name: _ga_V7V3QH8M33 Value: GS1.1.1696418775.1.0.1696418775.0.0.0
.airhelp.com/	1970-01-20 17:23:14	Name: _fbp Value: fb.1.1696418776040.852409907
.doubleclick.net/	1970-01-20 15:13:39	Name: test_cookie Value: CheckForPermission
.eskimi.com/	1970-01-20 15:56:50	Name: __eConsent Value: 1
.eskimi.com/	1970-01-20 15:56:50	Name: __eDId Value: 44f63fad-3c1c-40a3-bb6e-4ce11d022e49
.eskimi.com/	1970-01-20 15:33:48	Name: __eP Value: 1
.airhelp.com/	1970-01-20 15:14:50	Name: FPLC Value: T9qxQPNCC%2BRi%2F4bUdEP%2FuXcO71wKnPCSy6ljZnZLCkMehJhPPdkf9PiDGYH2f2nNvXk%2FTTV%2BTYZKhB%2BEO2jf3QYYdUFXjvyOT0usqq5o%2FH2fmMMRb%2BbgoFJzuzgeUw%3D%3D
.airhelp.com/	1970-01-21 00:49:38	Name: FPID Value: FPID2.2.khuW9%2BZbD4zD%2Bj7m0a0L2eKR%2B4o4tqasCo4TMeLZHFo%3D.1696418776
.airhelp.com/	1970-01-20 15:15:05	Name: _uetsid Value: d536610062a811eeb61bfb24eb658af0
.airhelp.com/	1970-01-21 00:35:14	Name: _uetvid Value: d536ad6062a811eeaf4e016e11d945c4
.tiktok.com/	1970-01-21 00:35:14	Name: _ttp Value: 2WISoXy44Wy1Shpx14RdJd6voBK
.bing.com/	1970-01-21 00:35:14	Name: MUID Value: 1F183720519B682D0C07248050A96905
.bat.bing.com/	1970-01-20 15:23:43	Name: MR Value: 0
.t.co/	1970-01-21 00:49:38	Name: muc_ads Value: bcd2a6f3-4a0c-41d4-a0bf-1219d80a3eaa
.airhelp.com/	1970-01-21 00:35:14	Name: _tt_enable_cookie Value: 1
.airhelp.com/	1970-01-21 00:35:14	Name: _ttp Value: ltsew_vkSUabZlphm4xBaa5W-HA
.twitter.com/	1970-01-21 00:49:38	Name: guest_id_marketing Value: v1%3A169641877660113329
.twitter.com/	1970-01-21 00:49:38	Name: guest_id_ads Value: v1%3A169641877660113329
.twitter.com/	1970-01-21 00:49:38	Name: personalization_id Value: "v1_YUNqdjJEqj17TE4exlqrzw=="
.twitter.com/	1970-01-21 00:49:38	Name: guest_id Value: v1%3A169641877660113329
www.airhelp.com/	1970-01-20 15:15:05	Name: ln_or Value: eyI0Mzc5ODEwIjoiZCJ9
www.airhelp.com/	1970-01-20 15:13:39	Name: outbrain_cid_fetch Value: true
.openx.net/	1970-01-20 23:59:14	Name: i Value: b27b139b-3e47-470c-95d2-226824c5a68e\|1696418777
.adingo.jp/	1970-01-20 15:56:50	Name: eskimi Value: 44f63fad-3c1c-40a3-bb6e-4ce11d022e49
.postaffiliatepro.com/	1970-01-20 15:13:39	Name: PAPAffiliateId Value: 65196aaf7ade5
.postaffiliatepro.com/	1970-01-20 23:59:35	Name: PAPVisitorId Value: LG7p2P09HaNYZNfG0PPiWFQbbdbOHaqx
.airhelp.com/	1970-01-20 23:59:14	Name: PAPVisitorId Value: LG7p2P09HaNYZNfG0PPiWFQbbdbOHaqx
.tappx.com/	1970-01-20 15:56:50	Name: TXCSDMN_814 Value: 44f63fad-3c1c-40a3-bb6e-4ce11d022e49
.linkedin.com/	1970-01-20 17:23:14	Name: li_sugr Value: 6e60486f-5a26-447c-8781-a13fe244ffa4
.linkedin.com/	1970-01-20 23:59:14	Name: bcookie Value: "v=2&d144ed09-7ed3-4964-8574-211277d785a9"
.linkedin.com/	1970-01-20 15:15:05	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=3017:u=1:x=1:i=1696418777:t=1696505177:v=2:sig=AQF1YSBTn_tqn-PaL1UIWNuW6FV_WgF6"
.bidswitch.net/	1970-01-20 23:59:14	Name: tuuid Value: 3ce73b55-1d11-42f4-8ce2-6b46a9f17206
.bidswitch.net/	1970-01-20 23:59:14	Name: c Value: 1696418777
.bidswitch.net/	1970-01-20 23:59:14	Name: tuuid_lu Value: 1696418777
www.clarity.ms/	1970-01-20 23:59:14	Name: CLID Value: 10a976a38e5549f7b6c769a408c2ccb9.20231004.20241003
.airhelp.com/	1970-01-20 23:59:14	Name: _clck Value: 1qiunv4\|2\|ffk\|0\|1372
.rubiconproject.com/	1970-01-20 23:59:14	Name: khaos Value: LNBNXUCB-6-4XJK
.rubiconproject.com/	1970-01-20 23:59:14	Name: audit Value: 1\|VxBFsYoFtcNtl10FID/Ilb6rZrutT4JNB9xLZXowTDr6DZ3dTM5nwc7nAos0GozdTbW1TaQJHHeM1KxoLazIt4cp5TmoRJxlXjuCfDKLtObVDS/QcURwwFcMGvpeGzc+k/KUCpmoR9BPy1YazULx+jlkGQcRgOkuzXVY0VJOv3UU7IH79Z7dsuNTlH4j7/Pj0A+VO7RH1E0=
.csync.loopme.me/	1970-01-20 17:26:07	Name: viewer_token Value: d4d40478-d3f5-4fa9-b836-47709afefa5c
.linkedin.com/	1970-01-20 15:56:50	Name: UserMatchHistory Value: AQI5OGMk7mYYMQAAAYr6cEsGSzlWXD_5qFSzW9ddFe_QehG98WxK1EeX5nFAmj6UQCU_5ngwkz7ODQ
.linkedin.com/	1970-01-20 15:56:50	Name: AnalyticsSyncHistory Value: AQJNnU6LXWO7GwAAAYr6cEsGtcd_lu_-IVr1kFjBJ2kpV4-NEHwLqAORp60i3N3zjyx2aopR-JP5ytYINtvVqQ
.seznam.cz/	1970-01-20 15:56:50	Name: sid Value: id=6744667841049205625\|t=1696418777.898\|te=1696418777.898\|c=563C78FC88A3618FCD5762FAD2518B96
.www.linkedin.com/	1970-01-20 23:59:14	Name: bscookie Value: "v=1&202310041126187e09bd54-e98c-42ed-8fb7-aff387c06d28AQEHJ2znJDqiPMw075CC00pkpTYD2DeB"
.airhelp.com/	1970-01-20 15:13:42	Name: AMP_TOKEN Value: %24NOT_FOUND
.airhelp.com/	1970-01-21 00:49:38	Name: _ga Value: GA1.2.718321601.1696418776
.airhelp.com/	1970-01-20 15:15:05	Name: _gid Value: GA1.2.760767084.1696418778
.c.bing.com/	1970-01-20 15:23:43	Name: MR Value: 0
.c.bing.com/	1970-01-21 00:35:14	Name: SRM_B Value: 1F183720519B682D0C07248050A96905
.airhelp.com/	1970-01-20 15:13:38	Name: _dc_gtm_UA-37442388-12 Value: 1
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 00:35:14	Name: MUID Value: 1F183720519B682D0C07248050A96905
.c.clarity.ms/	1970-01-20 15:23:43	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 15:13:39	Name: ANONCHK Value: 0
.airhelp.com/	1970-01-20 15:15:05	Name: _clsk Value: dyhys6\|1696418779050\|1\|1\|p.clarity.ms/collect
www.airhelp.com/	1970-01-20 15:13:39	Name: _dd_s Value: logs=1&id=3c3411eb-2954-46fb-8a0b-b8392f521f9a&created=1696418780366&expire=1696419680367

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airhelp.chat.getzowie.com
airhelp.postaffiliatepro.com
ampcid.google.com
ampcid.google.com.au
amplify.outbrain.com
analytics.pangle-ads.com
analytics.tiktok.com
analytics.twitter.com
bam.nr-data.net
bat.bing.com
c.bing.com
c.clarity.ms
c.seznam.cz
cdn.linkedin.oribi.io
cdn.taboola.com
cm.g.doubleclick.net
connect.facebook.net
cs.adingo.jp
csync.loopme.me
dsp-ap.eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com
eu-u.openx.net
googleads.g.doubleclick.net
gtm.airhelp.com
href.li
img.airhelp.com
js-agent.newrelic.com
p.clarity.ms
pixel.rubiconproject.com
px.ads.linkedin.com
snap.licdn.com
ssp.api.tappx.com
static.ads-twitter.com
static.airhelp.com
stats.g.doubleclick.net
t.co
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
vitolamarketing.go2cloud.org
wave.outbrain.com
waw.chat.getzowie.com
www.airhelp.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googleoptimize.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
zirhelp.com
103.180.114.1
104.16.152.15
104.244.42.131
104.244.42.133
104.26.8.57
104.74.39.51
13.107.21.200
13.107.213.31
13.107.42.14
13.115.74.94
141.226.229.48
142.250.66.226
142.250.66.232
142.250.67.14
142.250.67.2
142.250.71.78
142.251.10.157
151.101.1.44
151.101.2.137
151.101.28.157
157.240.8.23
157.240.8.35
162.247.243.29
162.255.119.253
172.217.167.99
172.217.24.36
172.67.72.8
18.67.111.29
18.67.111.80
192.0.78.27
20.122.63.128
20.205.115.81
23.192.108.82
23.55.242.184
23.55.38.153
34.117.138.52
34.120.139.69
34.94.160.110
34.98.64.218
35.186.201.99
35.213.12.39
35.214.164.29
54.177.5.212
66.225.223.31
69.173.158.64
77.75.77.172
91.201.28.211
0334128b0ff16f3220040f3d98e65cdcf418da4ae70395a180417b364e36f964
0a724010f47f3dabc8dc6e7913d34a570a6d78964b889473cdf2054f06844003
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d0fa4cb5c3635eef18bf6734e3fc54a18a65164e1a5d9c67cb16c6d3195b97f
0d13c6f690d8a61ae562a371eef4bf1b4a874fe33b2ba0d5f4f31ab7fb38dd83
19c592819d340656421a0ca296e9564cbfbcb69228f56cef708c529fc16217ad
1c46d3fd9c8171a07ae8803389d72c8d672d0f31b75a35b4ccab31d9a0452b8a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d9d2f3d89c87c0cfaee5ccc4fc43bbd4bf1e946cd184a6c26de75705d26483a
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
2a9f903ad89582f09bbdc08d10544b5e93a7f913aed3d3cc13acb1bfe235e41d
2bbd4bd4290e3d4b7e41ef6d9e610e9f26ff9cd55c785fe05fb5c833466c0ac4
2c667cdbe90922576bac69bbd0fa8f61d0c410748bf29b5bccea09b21123f1a0
2c86bcaebf54969da5081c17c6901cbe19ac041b80a3abda6890708eb545cec3
32eded2588ffd09ccd87947fba1b281b3740397d044f1ef718625641da666dde
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
340293fa59a9ab1c02c28628ed1be500518e039509b9c488bbff6867d41564a4
35e89b9ea89bcd2af899f7b553e3cc5156b44ab8cce5946626a1348828e583f4
403e10f4af7955e096413291a6d685d45a8df66eea730f7f229b80b77dd1ebaf
42d6d27602275c959296c5516b498ca2cdcb4276a36559b346d47697d408a55c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4d16d6dbd52bc08c84ad732ba18443be742d101b3f7f7511043c81d961b01c46
4d632780253c86147db59575bb756124d2ae012af95fadaa92b4c3cd50628029
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
605785f1343c54b97fb61c47a7259760d80d15bf8691a91e02efd24f67a07b0d
60c9a9ca3e9498a1097ca4d9b4a688c8b30df2368fa2f90615682c8b12578da0
61a370ef1e85081932323b6b07009f20b0db76ef19484b2bb20a14e14235c85f
61ca29e2a0450041266080e5ba5983f97b52f333291ce0cdf6607f3416ddfd01
686f29197affcd6367afe1dad0181bf1cdb2e5e37a52883a4161437f64a6a6a2
6f0f48ee2e9bbbbf5a1d12e93056e60e8797f0b930eac64080f4a1f0598eba6c
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b60fabaa51a288bc4b04653a2f44f352a4329fa4de4512187a197b36b6d38aa
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
8333191a3f9fda274ec4fb34d345efa9b6adf653e03c526a3c4a4ec6162abd23
8575c83bcd649c28701830bc98d0051adba45ba685776092d2417c9240ee0c67
89677207bf994c9e1fc46acb95151137fc8839a74a7a66aef8bc76210d486611
8a7616a06e4499f7f2d85680536f3aabb2dd9b917309113944c9975c73bc58e9
8bb0f4bda4181633eaa34d3d068fbeabe2f8334f61ad4e39e8a31e84f6a29425
8eaae0d709e1290e676110e861066cdcc702e42499dceeab2c89284edf368c4f
986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f04cf85771671446a0c86b624e482847c7a6165f7554b4abae409e687511dd3
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a590bb705d57dbf41f0e3fbe1387aff148eab712c7c38b5d9643634a345e16f8
a737f2219e9c33975e91fc35e5b9c6ff6b056b085e81fc267865fa23daf688bd
a8a4fa32c3db6e24738193c22ffeb38d077d726285c8e98bca49b85d478f825a
ab6716b6510b5a0c90438772eb8e6e1ab89e7a5f943ac930a3a61ddd1b1e210d
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41bd06e93831dc92b5c81110b0b9ff0f3e36ff1dc3e108eb25cbf52b6e5ce82
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
c522d8a4e70fb15a100d5b2c4ed2e9398279d6df8377e743dfdf5345bd0016f3
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ceccd207a2a68e915d9051fdcffb3039ecb5f6565248c2b40c201bf4d547a58c
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
ddffb1d004761932a38a54e7866c5c9abbcb17814d5cd79cf5dc794fda18b8b7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e67d60ef9759c3c8fadb52b7f7af1c4b0850a3f71780daaca1438db21cc7f911
ec15e490e1460cc573050d60b8a6e682a371948e7adb157b34516f932b5c00c9
eee5e58ec5c3ae21613a9e738f3cc3bafc2bf934f46d3adcaf3e7639bb80245c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d033242fbeee73edb343e177babbe82aa61b056a9d577c44adc3ca39e87789
f4916204254f7eaa9c419fa026dff7443c3947c35aaa591c2618f2150ab4ce0e
f8b4fde7be3fa99a858afd07083567eb8bc37a638eb2ca3ee1b8d67d5dcba395
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fc8385d2b06a2a9859b16ccc6da5b5ef72e310769778694e2d3484bd9e53402a

www.airhelp.com Open in urlscan Pro 104.16.152.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

108 Requests

96 %HTTPS

0 %IPv6

36 Domains

54 Subdomains

46 IPs

9 Countries

1764 kBTransfer

5427 kBSize

60 Cookies

10 Outgoing links

Page URL History

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.airhelp.com Open in urlscan Pro
104.16.152.15 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

96 %
HTTPS

0 %
IPv6

36
Domains

54
Subdomains

46
IPs

9
Countries

1764 kB
Transfer

5427 kB
Size

60
Cookies

108 HTTP transactions
0 data transactions