urlscan.io logo urlscan.io
SecurityTrails logo

airasia.ada.support Open in urlscan Pro
18.66.147.88  Public Scan

Go To Rescan Add Verdict Report
URL: https://airasia.ada.support/chat/?language=id&intent=AA_Flight_Resc_Refund
Submission Tags: falconsandbox
Submission: On January 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 3 domains to perform 20 HTTP transactions. The main IP is 18.66.147.88, located in United States and belongs to AMAZON-02, US. The main domain is airasia.ada.support. The Cisco Umbrella rank of the primary domain is 675647.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 18th 2024. Valid for: a year.
This is the only time airasia.ada.support was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 18.66.147.88 16509 (AMAZON-02)
7 18.66.147.60 16509 (AMAZON-02)
1 35.186.247.156 15169 (GOOGLE)
2 13.33.187.87 16509 (AMAZON-02)
1 34.96.77.173 396982 (GOOGLE-CL...)
20 5
9    18.66.147.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-88.fra60.r.cloudfront.net
airasia.ada.support
7    18.66.147.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-60.fra60.r.cloudfront.net
static.ada.support
1    35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com
sentry.io
2    13.33.187.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-87.fra60.r.cloudfront.net
rollout.ada.support
1    34.96.77.173 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 173.77.96.34.bc.googleusercontent.com
static.airasia.com
Apex Domain
Subdomains		 Transfer
18 ada.support
airasia.ada.support — Cisco Umbrella Rank: 675647
static.ada.support — Cisco Umbrella Rank: 8403
rollout.ada.support — Cisco Umbrella Rank: 8124
687 KB
1 airasia.com
static.airasia.com — Cisco Umbrella Rank: 126442
160 KB
1 sentry.io
sentry.io — Cisco Umbrella Rank: 122
325 B
20 3
Domain Requested by
9 airasia.ada.support airasia.ada.support
static.ada.support
7 static.ada.support airasia.ada.support
static.ada.support
2 rollout.ada.support static.ada.support
1 static.airasia.com
1 sentry.io airasia.ada.support
20 5

This site contains links to these domains. Also see Links.

Domain
www.airasia.com
Subject Issuer Validity Valid
*.ada.support
Amazon RSA 2048 M02		 2024-06-18 -
2025-07-18		 a year crt.sh
sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-03 -
2025-07-22		 a year crt.sh
static.airasia.com
E5		 2024-11-28 -
2025-02-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://airasia.ada.support/chat/?language=id&intent=AA_Flight_Resc_Refund
Frame ID: CFB450A6432344976C662DD55AAAD096
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Chat

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

5
IPs

1
Countries

846 kB
Transfer

2203 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
airasia.ada.support/chat/ 		2 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://airasia.ada.support/chat/?language=id&intent=AA_Flight_Resc_Refund
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-88.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
82f19604ade9dddbe5259241bc6d9ea5259d4cede586d37bec2973f26d9444ec
Security Headers
Name Value
Content-Security-Policy child-src *;connect-src 'self' https://*.smooch.io/ https://vimeo.com/ https://*.ada.support/ https://*.logs.datadoghq.com/ https://*.browser-intake-datadoghq.com https://sentry.io/ wss://*.pusher.com/ https://*.pusher.com wss://*.zopim.com https://*.zopim.com wss://api.smooch.io https://*.zendesk.com wss://*.zendesk.com https://*.launchdarkly.com;default-src 'self' https://*.launchdarkly.com;frame-ancestors 'self' https://*.airasia.com/ https://*.apiairasia.com https://api.date-calculator.org https://translation.googleapis.com https://sro-services-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-entrypoint-refund-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-navitaire-dot-airasia-ava-prod.df.r.appspot.com/ https://refund-service-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-dropbox-sub-dot-airasia-ava-prod.df.r.appspot.com/ https://gae-ava-api-dot-airasia-ava-prod.df.r.appspot.com/ https://teleport-service-dot-airasia-ava-prod.df.r.appspot.com/ https://common-services-dot-airasia-ava-prod.df.r.appspot.com/ https://simplifiedapis-sso-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-logging-api-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-hotel-refund-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-support-sub-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-itinerary-service-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-manifest-grab-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-flight-status-dot-airasia-ava-prod.df.r.appspot.com/ https://name-amendment-srv-dot-airasia-ava-prod.df.r.appspot.com/ https://bq-ava-service-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-entrypoint-flight-booking-dot-airasia-ava-prod.df.r.appspot.com/ https://simplifiedapis-dot-airasia-ava-prod.df.r.appspot.com/ https://conditional-upsell-dot-airasia-ava-prod.df.r.appspot.com/ https://gae-ava-api-preprd-dot-airasia-ava-prod.df.r.appspot.com/ https://airasia-ava-nordlight-dot-airasia-ava-prod.df.r.appspot.com https://refund-service-flight-booking-dot-airasia-ava-prod.df.r.appspot.com/ https://seat-info-api-dot-airasia-ava-prod.df.r.appspot.com/ https://airasia-flight-status-bot-dot-airasia-ava-prod.df.r.appspot.com/ http://34.87.44.25/ http://34.87.145.102/ http://34.126.161.89/ http://34.87.136.12/ https://asia-southeast1-airasia-ava-prod.cloudfunctions.net https://aauat-airasia.cs73.force.com https://aacsm--sitepreview.ap13.force.com https://www.airasia.cn https://airasia.ada.support file://* filesystem:;frame-src *;img-src * data:;manifest-src 'self' https://*.ada.support/;media-src *;report-uri https://o38990.ingest.sentry.io/api/131249/security/?sentry_key=32e4861491de4e0cb13244c120832580;script-src 'self' 'unsafe-inline' https://*.smooch.io/ https://*.ada.support/ https://*.pusher.com https://fullstory.com https://edge.fullstory.com https://widget-mediator.zopim.com/ https://www.youtube.com https://player.vimeo.com https://*.zendesk.com wss://*.zendesk.com https://*.launchdarkly.com;script-src-elem 'self' 'unsafe-inline' https://*.smooch.io/ https://*.ada.support/ https://*.pusher.com https://fullstory.com https://edge.fullstory.com https://widget-mediator.zopim.com/ https://www.youtube.com https://player.vimeo.com https://*.zendesk.com wss://*.zendesk.com https://*.launchdarkly.com;worker-src blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
20
cache-control
max-age=60, stale-if-error=86400
content-length
2170
content-security-policy
child-src *;connect-src 'self' https://*.smooch.io/ https://vimeo.com/ https://*.ada.support/ https://*.logs.datadoghq.com/ https://*.browser-intake-datadoghq.com https://sentry.io/ wss://*.pusher.com/ https://*.pusher.com wss://*.zopim.com https://*.zopim.com wss://api.smooch.io https://*.zendesk.com wss://*.zendesk.com https://*.launchdarkly.com;default-src 'self' https://*.launchdarkly.com;frame-ancestors 'self' https://*.airasia.com/ https://*.apiairasia.com https://api.date-calculator.org https://translation.googleapis.com https://sro-services-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-entrypoint-refund-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-navitaire-dot-airasia-ava-prod.df.r.appspot.com/ https://refund-service-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-dropbox-sub-dot-airasia-ava-prod.df.r.appspot.com/ https://gae-ava-api-dot-airasia-ava-prod.df.r.appspot.com/ https://teleport-service-dot-airasia-ava-prod.df.r.appspot.com/ https://common-services-dot-airasia-ava-prod.df.r.appspot.com/ https://simplifiedapis-sso-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-logging-api-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-hotel-refund-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-support-sub-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-itinerary-service-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-manifest-grab-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-flight-status-dot-airasia-ava-prod.df.r.appspot.com/ https://name-amendment-srv-dot-airasia-ava-prod.df.r.appspot.com/ https://bq-ava-service-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-entrypoint-flight-booking-dot-airasia-ava-prod.df.r.appspot.com/ https://simplifiedapis-dot-airasia-ava-prod.df.r.appspot.com/ https://conditional-upsell-dot-airasia-ava-prod.df.r.appspot.com/ https://gae-ava-api-preprd-dot-airasia-ava-prod.df.r.appspot.com/ https://airasia-ava-nordlight-dot-airasia-ava-prod.df.r.appspot.com https://refund-service-flight-booking-dot-airasia-ava-prod.df.r.appspot.com/ https://seat-info-api-dot-airasia-ava-prod.df.r.appspot.com/ https://airasia-flight-status-bot-dot-airasia-ava-prod.df.r.appspot.com/ http://34.87.44.25/ http://34.87.145.102/ http://34.126.161.89/ http://34.87.136.12/ https://asia-southeast1-airasia-ava-prod.cloudfunctions.net https://aauat-airasia.cs73.force.com https://aacsm--sitepreview.ap13.force.com https://www.airasia.cn https://airasia.ada.support file://* filesystem:;frame-src *;img-src * data:;manifest-src 'self' https://*.ada.support/;media-src *;report-uri https://o38990.ingest.sentry.io/api/131249/security/?sentry_key=32e4861491de4e0cb13244c120832580;script-src 'self' 'unsafe-inline' https://*.smooch.io/ https://*.ada.support/ https://*.pusher.com https://fullstory.com https://edge.fullstory.com https://widget-mediator.zopim.com/ https://www.youtube.com https://player.vimeo.com https://*.zendesk.com wss://*.zendesk.com https://*.launchdarkly.com;script-src-elem 'self' 'unsafe-inline' https://*.smooch.io/ https://*.ada.support/ https://*.pusher.com https://fullstory.com https://edge.fullstory.com https://widget-mediator.zopim.com/ https://www.youtube.com https://player.vimeo.com https://*.zendesk.com wss://*.zendesk.com https://*.launchdarkly.com;worker-src blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
date
Mon, 20 Jan 2025 14:12:35 GMT
etag
W/"87a-vfpYSz/4B2SBxW6ZW92HPDYTtTQ"
referrer-policy
origin
server
CloudFront
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-cf-id
JwuMSjFesma9eRUZZht5x2vx1oMinuwYfc7pO-E_JggXFx_Erd2cCw==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-download-options
noopen
config.js
airasia.ada.support/chat/ 		377 B
887 B 		Script
General
Check archive.org
Download Go to
Full URL
https://airasia.ada.support/chat/config.js
Requested by
Host: airasia.ada.support
URL: https://airasia.ada.support/chat/?language=id&intent=AA_Flight_Resc_Refund
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-88.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
b59dcd3e769fe4d46ee8f7d31be411350b75a6397ef6c689a46910f834ecfe15
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://airasia.ada.support/

Response headers

etag
W/"179-19476452f66"
age
19
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
dccepyB0X3eobECbCGW0eYb3XQFG8dfiVSmoxfQnrc17K8o50qKW-Q==
date
Mon, 20 Jan 2025 14:12:36 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 17 Jan 2025 21:57:13 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
max-age=60, stale-if-error=86400
cross-origin-resource-policy
cross-origin
referrer-policy
origin
x-download-options
noopen
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
377
x-amz-cf-pop
FRA60-P4
server
CloudFront
chat.162f708f3b7a8c7c27df.min.js
static.ada.support/chat-assets/ 		13 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/chat-assets/chat.162f708f3b7a8c7c27df.min.js
Requested by
Host: airasia.ada.support
URL: https://airasia.ada.support/chat/?language=id&intent=AA_Flight_Resc_Refund
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4c3e5565d579ef786f925f07e28f898b0a555a424082e93a41b09deae88269a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://airasia.ada.support
Referer
https://airasia.ada.support/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
gzip
x-amz-version-id
.gdWMBGzYquemeNJd2jxozTPF.yQUWfP
etag
W/"ccdbeba296ad9a529c9034e5fefe783f"
age
19533
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
t-9q7Dwxiole-sdLYvIZ60f_bvaPERS7kvuWfUWR3-jYNtBpSyRlxQ==
date
Mon, 20 Jan 2025 08:47:23 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Fri, 17 Jan 2025 21:42:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
172800
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
chat.886d71f0d635f3777c7c.min.js
static.ada.support/chat-assets/ 		1 MB
415 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/chat-assets/chat.886d71f0d635f3777c7c.min.js
Requested by
Host: airasia.ada.support
URL: https://airasia.ada.support/chat/?language=id&intent=AA_Flight_Resc_Refund
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a3092c96085c1f3ee14b4e7471da8b06c59a4438c33fd380ec727cb29d6c443
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://airasia.ada.support
Referer
https://airasia.ada.support/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
gzip
x-amz-version-id
ln9LET36g3bejwpg_gWGAfCcmxy.rGxq
etag
W/"2942ebcd9456bd823b41e4230b484833"
age
46315
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
yDjZY2maIhV25VzShthmILKmAL7f5Ln5B0GK6nHwxhUdbOAEOyeN2w==
date
Mon, 20 Jan 2025 01:21:01 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Fri, 10 Jan 2025 23:06:53 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
172800
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
chat.8109237acd4c07c8bed0.min.js
static.ada.support/chat-assets/ 		541 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/chat-assets/chat.8109237acd4c07c8bed0.min.js
Requested by
Host: airasia.ada.support
URL: https://airasia.ada.support/chat/?language=id&intent=AA_Flight_Resc_Refund
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46dfca54a46c286627c665073d74875f94edcf29e5494966c18c1896aa948650
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://airasia.ada.support
Referer
https://airasia.ada.support/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
gzip
x-amz-version-id
rppVexYuvaJO14TnpNlYsFdXVTZKKbdj
etag
W/"8a21eae0126fda7bf133eec9f8301dcf"
age
59378
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
IXPF5X-j99MgI3g5cPfIUc3ijGoCzhxvhXXsOvPX7UGQ3MxqZFDR8Q==
date
Sun, 19 Jan 2025 21:43:18 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Fri, 17 Jan 2025 21:42:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
172800
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
chat.ae51a6ca4a8df500dc8d.min.css
static.ada.support/chat-assets/ 		59 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/chat-assets/chat.ae51a6ca4a8df500dc8d.min.css
Requested by
Host: airasia.ada.support
URL: https://airasia.ada.support/chat/?language=id&intent=AA_Flight_Resc_Refund
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52974210e0735e4c3f2dd56eda297d455cc62e5f7716cb97c21c8dfb3af37581
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://airasia.ada.support
Referer
https://airasia.ada.support/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
gzip
x-amz-version-id
dLkBqBdjXpcJoKovvoWVvPEgnt0oW5ZE
etag
W/"d47614598b7f519497c1e7c58ff33d53"
age
22194
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
yHcEFtzOD2s9AJylPGIlVcwhkWx_9-lres7SWY5xudz2Drt5fPM2Nw==
date
Mon, 20 Jan 2025 08:03:04 GMT
content-type
text/css
vary
accept-encoding
last-modified
Fri, 17 Jan 2025 21:42:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
172800
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
/
sentry.io/api/131249/envelope/ 		2 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/131249/envelope/?sentry_key=32e4861491de4e0cb13244c120832580&sentry_version=7&sentry_client=sentry.javascript.react%2F8.35.0
Requested by
Host: airasia.ada.support
URL: https://airasia.ada.support/chat/?language=id&intent=AA_Flight_Resc_Refund
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://airasia.ada.support/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Mon, 20 Jan 2025 14:12:55 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
nginx
client.json
rollout.ada.support/airasia/ 		43 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rollout.ada.support/airasia/client.json
Requested by
Host: static.ada.support
URL: https://static.ada.support/chat-assets/chat.886d71f0d635f3777c7c.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-87.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4bf439b6cbd98be2ed5fa34278e3f7362cf20efabcc872979fe0e2d1e83dd3c

Request headers

Referer
https://airasia.ada.support/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Pragma
no-cache
X-Ada-Request-Origin
chat
X-Client-GMT-Offset
+01:00

Response headers

access-control-max-age
300
access-control-expose-headers
ETag
etag
"c68e342a6ad77c09e4e660b01406d215"
age
17
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
zMEqbY13yE5IjkzlUc0Zy1zTvbfkhuzBOoSpmsvR_r0yuy0f6lXCwA==
date
Mon, 20 Jan 2025 14:12:55 GMT
content-type
application/json
vary
Origin
last-modified
Thu, 09 Jan 2025 15:19:57 GMT
cache-control
no-cache
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
44500
x-amz-cf-pop
FRA60-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
client.json
rollout.ada.support/airasia/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rollout.ada.support/airasia/client.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-87.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
pragma,x-ada-request-origin,x-client-gmt-offset
Access-Control-Request-Method
GET
Origin
https://airasia.ada.support
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
pragma, x-ada-request-origin, x-client-gmt-offset
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
access-control-expose-headers
ETag
access-control-max-age
300
content-length
0
date
Mon, 20 Jan 2025 14:12:56 GMT
server
AmazonS3
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-id
6PmXmGKXdYXUymJ5Zx-jBYXiWVqLhKJBaY9dPeqdd9CeivK0jiRWJA==
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
e1053afba4cc194f7ff7.mp3
static.ada.support/chat-assets/ 		7 KB
8 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/chat-assets/e1053afba4cc194f7ff7.mp3
Requested by
Host: airasia.ada.support
URL: https://airasia.ada.support/chat/?language=id&intent=AA_Flight_Resc_Refund
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc2a9a716f9b9530dcafd47ed0db506319860f3c36b2778ce392833ec34c6ab2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://airasia.ada.support/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
x-amz-version-id
E9jnS0PVx3hVQBVbukr7Efx1b2lvhWI5
etag
"aee0ce91be0607cd8b104ca4158134af"
age
46201
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
rx2TKiouoYJ6_JqJ2Ja0_4bLH2z1LC5jhCWBVW4ZqSTu2tIAAgH-Kw==
date
Mon, 20 Jan 2025 01:22:55 GMT
content-type
audio/mpeg
last-modified
Fri, 10 Jan 2025 23:06:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
172800
Content-Range
bytes 0-7137/7138
via
1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
7138
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
favicon.ico
airasia.ada.support/ 		1 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://airasia.ada.support/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-88.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
9ff3a0c99a95a7e2614bbdafdf8904df108633b0ad324aefc9c330305a29fbaa
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.launchdarkly.com *.ada.support *.ada-dev.support *.ada-dev2.support *.ada-stage.support headway-widget.net browser-intake-datadoghq.com *.browser-intake-datadoghq.com *.ada.cx https://*.chameleon.io; connect-src 'unsafe-inline' *.posthog.com *.launchdarkly.com *.ada.support *.ada-dev.support *.ada-dev2.support *.ada-stage.support *.datadoghq.com datadog.com browser-intake-datadoghq.com *.browser-intake-datadoghq.com *.pusher.com wss://*.pusher.com sentry.io *.sentry.io *.okta.com *.vidyard.com *.ada.cx *.hubapi.com *.hscollectedforms.net *.hubspot.com https://*.chameleon.io; frame-src 'self' ada.cx *.ada.cx *.ada.support *.ada-dev.support *.ada-dev2.support *.ada-stage.support *.okta.com *.vidyard.com *.wistia.com https://fast.wistia.net https://headway-widget.net https://form.typeform.com https://app.svix.com https://*.chameleon.io https://www.youtube.com; base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' *.ada.support; img-src 'self' https: data: https://*.chameleon.io blob:; media-src 'self' https: blob:; script-src 'unsafe-inline' *.launchdarkly.com *.ada.support *.ada-dev.support *.ada-dev2.support *.ada-stage.support blob: *.posthog.com *.headwayapp.co https://*.chameleon.io; script-src-attr 'none'; script-src-elem 'unsafe-inline' *.ada.cx *.ada.support *.ada-dev.support *.ada-dev2.support *.ada-stage.support *.posthog.com *.headwayapp.co *.storage.googleapis.com *.hs-scripts.com *.hs-banner.com *.hscollectedforms.net *.hs-analytics.net *.hscollectedforms.net *.hsadspixel.net *.hsleadflows.net *.hubspot.com https://*.chameleon.io; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; report-uri https://o38990.ingest.sentry.io/api/97224/security/?sentry_key=4e7b13b67aea4b12ada7bf728e8b3a7a;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://airasia.ada.support/

Response headers

etag
"678aab0f-4e2"
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
_aHbvATtDLtc_LdJfivgh79W-I5crIdZIanqcgGYGx55rBLhPuZ_Fw==
date
Mon, 20 Jan 2025 14:12:55 GMT
content-type
text/html; charset=utf-8
last-modified
Fri, 17 Jan 2025 19:10:07 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
default-src 'self' *.launchdarkly.com *.ada.support *.ada-dev.support *.ada-dev2.support *.ada-stage.support headway-widget.net browser-intake-datadoghq.com *.browser-intake-datadoghq.com *.ada.cx https://*.chameleon.io; connect-src 'unsafe-inline' *.posthog.com *.launchdarkly.com *.ada.support *.ada-dev.support *.ada-dev2.support *.ada-stage.support *.datadoghq.com datadog.com browser-intake-datadoghq.com *.browser-intake-datadoghq.com *.pusher.com wss://*.pusher.com sentry.io *.sentry.io *.okta.com *.vidyard.com *.ada.cx *.hubapi.com *.hscollectedforms.net *.hubspot.com https://*.chameleon.io; frame-src 'self' ada.cx *.ada.cx *.ada.support *.ada-dev.support *.ada-dev2.support *.ada-stage.support *.okta.com *.vidyard.com *.wistia.com https://fast.wistia.net https://headway-widget.net https://form.typeform.com https://app.svix.com https://*.chameleon.io https://www.youtube.com; base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' *.ada.support; img-src 'self' https: data: https://*.chameleon.io blob:; media-src 'self' https: blob:; script-src 'unsafe-inline' *.launchdarkly.com *.ada.support *.ada-dev.support *.ada-dev2.support *.ada-stage.support blob: *.posthog.com *.headwayapp.co https://*.chameleon.io; script-src-attr 'none'; script-src-elem 'unsafe-inline' *.ada.cx *.ada.support *.ada-dev.support *.ada-dev2.support *.ada-stage.support *.posthog.com *.headwayapp.co *.storage.googleapis.com *.hs-scripts.com *.hs-banner.com *.hscollectedforms.net *.hs-analytics.net *.hscollectedforms.net *.hsadspixel.net *.hsleadflows.net *.hubspot.com https://*.chameleon.io; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; report-uri https://o38990.ingest.sentry.io/api/97224/security/?sentry_key=4e7b13b67aea4b12ada7bf728e8b3a7a;
cache-control
no-cache, max-age=0, no-store
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1250
x-amz-cf-pop
FRA60-P4
server
CloudFront
/
airasia.ada.support/api/client-config/ 		73 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://airasia.ada.support/api/client-config/
Requested by
Host: static.ada.support
URL: https://static.ada.support/chat-assets/chat.886d71f0d635f3777c7c.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-88.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
79889616761dc3627a062540295a54a09b8d91d6e1972cdfbfa37745c88bc879
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://airasia.ada.support/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Pragma
no-cache
X-Ada-Request-Origin
chat
X-Client-GMT-Offset
+01:00

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
max-age=30
age
16
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
73
x-amz-cf-id
noRtXFnf9J-spiM3g8hzX-eMSi8p9r7lrgHQsAQeTnshifp4GXOjVQ==
date
Mon, 20 Jan 2025 14:12:39 GMT
content-type
application/json; charset=utf-8
x-amz-cf-pop
FRA60-P4
server
CloudFront
/
airasia.ada.support/api/languages/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://airasia.ada.support/api/languages/
Requested by
Host: static.ada.support
URL: https://static.ada.support/chat-assets/chat.886d71f0d635f3777c7c.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-88.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
10c053f5ebcadb9e792b3f43167934ba5661fed6d6eb922ce144e837b04ea92b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://airasia.ada.support/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Pragma
no-cache
X-Ada-Request-Origin
chat
X-Client-GMT-Offset
+01:00

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
6073
x-amz-cf-id
LcYqAVqhuWei-VG_--gVEGiTL1xaKoUXjeiYNkyJP9bVqW-HCs7Wrg==
date
Mon, 20 Jan 2025 14:12:56 GMT
content-type
application/json; charset=utf-8
x-amz-cf-pop
FRA60-P4
server
CloudFront
/
airasia.ada.support/api/chatters/ 		285 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://airasia.ada.support/api/chatters/
Requested by
Host: static.ada.support
URL: https://static.ada.support/chat-assets/chat.886d71f0d635f3777c7c.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-88.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
b058b1a6d6f63f276211eade401af0a55fc98e1de561ac52e36567462480d1f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://airasia.ada.support/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Pragma
no-cache
Content-Type
application/json
X-Ada-Request-Origin
chat
X-Client-GMT-Offset
+01:00

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
285
x-amz-cf-id
D3KXuEPcsJ7ezngsSk13sNVR4oa75p8uCmXU-MY4gh8mb_KV8QjE1A==
date
Mon, 20 Jan 2025 14:12:56 GMT
content-type
application/json; charset=utf-8
x-amz-cf-pop
FRA60-P4
server
CloudFront
chat.language-en.f10e0a57af518c0f6594.chunk.js
static.ada.support/chat-assets/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/chat-assets/chat.language-en.f10e0a57af518c0f6594.chunk.js
Requested by
Host: static.ada.support
URL: https://static.ada.support/chat-assets/chat.162f708f3b7a8c7c27df.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c73c31579cccdf9a3a220d9317a9677e0a8e1b3405deaf8a75c23b294368af55
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://airasia.ada.support
Referer
https://airasia.ada.support/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
gzip
x-amz-version-id
oA0wcMLs4Lbf79X8qrQNu28AT5meaMVL
etag
W/"f8eea634327471e4676eea3c1f71ae3b"
age
46335
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
D6gdEaUBQ3hYMqTidPqZiIOcsJ61ArE9eQjc3yJsBCdrCuQ6LAOY-w==
date
Mon, 20 Jan 2025 01:20:42 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Fri, 10 Jan 2025 23:06:53 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
172800
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
chat.language-id.94afe456d6503cbf3fe3.chunk.js
static.ada.support/chat-assets/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/chat-assets/chat.language-id.94afe456d6503cbf3fe3.chunk.js
Requested by
Host: static.ada.support
URL: https://static.ada.support/chat-assets/chat.162f708f3b7a8c7c27df.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c58e42ac068fab5b73549a65bf202b659c59ac7022e017c93fbf55aad09c473
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://airasia.ada.support
Referer
https://airasia.ada.support/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
gzip
x-amz-version-id
0IYTuqkMl3jLk44Q0PeVugqR0Wv3guVg
etag
W/"e82033ca93377f9e3e83fd78710e5717"
access-control-allow-methods
GET, HEAD
x-cache
RefreshHit from cloudfront
x-amz-cf-id
kQSU1ZmN41PrCoz5CUw2YpEWESJYDjMlmJ54UjDio_p3ZlR1SYnwUQ==
date
Mon, 20 Jan 2025 14:12:57 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Fri, 17 Jan 2025 21:42:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
172800
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
askbo-chat.svg
static.airasia.com/design/images/ 		159 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.airasia.com/design/images/askbo-chat.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f7c932e0e26954428d5b50c20cbf851df01f8255b1be00f9efd3f12e876a0673

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://airasia.ada.support/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=wUre4g==, md5=Ofas4dD7SgTouTAzojVxfQ==
etag
"39f6ace1d0fb4a04e8b93033a235717d"
age
1317
x-goog-stored-content-encoding
identity
expires
Mon, 20 Jan 2025 14:50:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
162781
date
Mon, 20 Jan 2025 13:50:59 GMT
last-modified
Sat, 21 Jan 2023 08:48:52 GMT
content-type
image/svg+xml
x-guploader-uploadid
AFIdbgRIU1NWeCTvqMjg4bmwS3j1jK0IESVymPcxQ1DMq4xrItNZOjZ1mNiWdf4HZ9tQCKJ8lgr2snQ
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1674290932909299
content-length
162781
server
UploadServer
/
airasia.ada.support/api/auth/pusher/chatter/multi/ 		554 B
969 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://airasia.ada.support/api/auth/pusher/chatter/multi/
Requested by
Host: static.ada.support
URL: https://static.ada.support/chat-assets/chat.886d71f0d635f3777c7c.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-88.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
5252d6e72a066b192de87908299299309291634cc8d67c699adce114b0d658fb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://airasia.ada.support/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
pragma
no-cache
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
expires
-1
x-cache
Miss from cloudfront
content-length
554
x-amz-cf-id
OnuXteKh7aTu-HeV-qPbT_xy8nx1YoPS3FNZGLByZIgAB3tYdSAyzw==
date
Mon, 20 Jan 2025 14:12:57 GMT
content-type
text/html; charset=utf-8
last-modified
2025-01-20 14:12:57.059493
server
CloudFront
x-amz-cf-pop
FRA60-P4
/
airasia.ada.support/api/message/chat/ 		28 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://airasia.ada.support/api/message/chat/
Requested by
Host: static.ada.support
URL: https://static.ada.support/chat-assets/chat.886d71f0d635f3777c7c.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-88.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
d26334de77414cb10dcb4c6fd2682da6ab65ff90ff967def55e27f2a40704e4a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Session-Auth
6aa3c4e9-0f19-496c-8978-deee23b72bf9
Referer
https://airasia.ada.support/
Pragma
no-cache
Chatter-Token
abe0965a-88e3-404d-b05a-26f4ab8342ff
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-Ada-Request-Origin
chat
Content-Type
application/json
X-Client-GMT-Offset
+01:00

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
28
x-amz-cf-id
uzLcwhHr2BBE9wWYRnb_T_Se8Kkj7e_DgouptPbUa87-TLau73m-_A==
date
Mon, 20 Jan 2025 14:12:57 GMT
content-type
application/json; charset=utf-8
x-amz-cf-pop
FRA60-P4
server
CloudFront
/
airasia.ada.support/api/conversations/recent/chat/abe0965a-88e3-404d-b05a-26f4ab8342ff/ 		903 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://airasia.ada.support/api/conversations/recent/chat/abe0965a-88e3-404d-b05a-26f4ab8342ff/
Requested by
Host: static.ada.support
URL: https://static.ada.support/chat-assets/chat.886d71f0d635f3777c7c.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-88.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
b37d6ae1474dc03c9613f0754a34381bf64b8ef2a625a053511200b28383d6be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Session-Auth
6aa3c4e9-0f19-496c-8978-deee23b72bf9
Referer
https://airasia.ada.support/
Pragma
no-cache
Chatter-Token
abe0965a-88e3-404d-b05a-26f4ab8342ff
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-Ada-Request-Origin
chat
X-Client-GMT-Offset
+01:00

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
903
x-amz-cf-id
3ZBwIlJp3ZiioN3LFsoYVDBB65r7GCbkQdBkZzIV-hU_uO6v0wxL-w==
date
Mon, 20 Jan 2025 14:12:58 GMT
content-type
application/json; charset=utf-8
x-amz-cf-pop
FRA60-P4
server
CloudFront

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __env object| webpackChunkchat function| clearImmediate function| setImmediate function| applyFocusVisiblePolyfill object| __SENTRY__ object| DD_LOGS object| DD_RUM function| __onWebMessengerFrameReady__ function| Pusher object| __sentry_instrumentation_handlers__ string| PUSHER_CLUSTER string| PUSHER_KEY

1 Cookies

Domain/Path Name / Value
airasia.ada.support/ Name: _dd_s
Value: logs=1&id=4deff469-2561-4d54-8717-03fdca81f2ec&created=1737382375423&expire=1737383275457&rum=0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy child-src *;connect-src 'self' https://*.smooch.io/ https://vimeo.com/ https://*.ada.support/ https://*.logs.datadoghq.com/ https://*.browser-intake-datadoghq.com https://sentry.io/ wss://*.pusher.com/ https://*.pusher.com wss://*.zopim.com https://*.zopim.com wss://api.smooch.io https://*.zendesk.com wss://*.zendesk.com https://*.launchdarkly.com;default-src 'self' https://*.launchdarkly.com;frame-ancestors 'self' https://*.airasia.com/ https://*.apiairasia.com https://api.date-calculator.org https://translation.googleapis.com https://sro-services-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-entrypoint-refund-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-navitaire-dot-airasia-ava-prod.df.r.appspot.com/ https://refund-service-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-dropbox-sub-dot-airasia-ava-prod.df.r.appspot.com/ https://gae-ava-api-dot-airasia-ava-prod.df.r.appspot.com/ https://teleport-service-dot-airasia-ava-prod.df.r.appspot.com/ https://common-services-dot-airasia-ava-prod.df.r.appspot.com/ https://simplifiedapis-sso-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-logging-api-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-hotel-refund-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-support-sub-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-itinerary-service-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-manifest-grab-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-flight-status-dot-airasia-ava-prod.df.r.appspot.com/ https://name-amendment-srv-dot-airasia-ava-prod.df.r.appspot.com/ https://bq-ava-service-dot-airasia-ava-prod.df.r.appspot.com/ https://ava-entrypoint-flight-booking-dot-airasia-ava-prod.df.r.appspot.com/ https://simplifiedapis-dot-airasia-ava-prod.df.r.appspot.com/ https://conditional-upsell-dot-airasia-ava-prod.df.r.appspot.com/ https://gae-ava-api-preprd-dot-airasia-ava-prod.df.r.appspot.com/ https://airasia-ava-nordlight-dot-airasia-ava-prod.df.r.appspot.com https://refund-service-flight-booking-dot-airasia-ava-prod.df.r.appspot.com/ https://seat-info-api-dot-airasia-ava-prod.df.r.appspot.com/ https://airasia-flight-status-bot-dot-airasia-ava-prod.df.r.appspot.com/ http://34.87.44.25/ http://34.87.145.102/ http://34.126.161.89/ http://34.87.136.12/ https://asia-southeast1-airasia-ava-prod.cloudfunctions.net https://aauat-airasia.cs73.force.com https://aacsm--sitepreview.ap13.force.com https://www.airasia.cn https://airasia.ada.support file://* filesystem:;frame-src *;img-src * data:;manifest-src 'self' https://*.ada.support/;media-src *;report-uri https://o38990.ingest.sentry.io/api/131249/security/?sentry_key=32e4861491de4e0cb13244c120832580;script-src 'self' 'unsafe-inline' https://*.smooch.io/ https://*.ada.support/ https://*.pusher.com https://fullstory.com https://edge.fullstory.com https://widget-mediator.zopim.com/ https://www.youtube.com https://player.vimeo.com https://*.zendesk.com wss://*.zendesk.com https://*.launchdarkly.com;script-src-elem 'self' 'unsafe-inline' https://*.smooch.io/ https://*.ada.support/ https://*.pusher.com https://fullstory.com https://edge.fullstory.com https://widget-mediator.zopim.com/ https://www.youtube.com https://player.vimeo.com https://*.zendesk.com wss://*.zendesk.com https://*.launchdarkly.com;worker-src blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airasia.ada.support
rollout.ada.support
sentry.io
static.ada.support
static.airasia.com
13.33.187.87
18.66.147.60
18.66.147.88
34.96.77.173
35.186.247.156
0c58e42ac068fab5b73549a65bf202b659c59ac7022e017c93fbf55aad09c473
10c053f5ebcadb9e792b3f43167934ba5661fed6d6eb922ce144e837b04ea92b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46dfca54a46c286627c665073d74875f94edcf29e5494966c18c1896aa948650
5252d6e72a066b192de87908299299309291634cc8d67c699adce114b0d658fb
52974210e0735e4c3f2dd56eda297d455cc62e5f7716cb97c21c8dfb3af37581
79889616761dc3627a062540295a54a09b8d91d6e1972cdfbfa37745c88bc879
82f19604ade9dddbe5259241bc6d9ea5259d4cede586d37bec2973f26d9444ec
9a3092c96085c1f3ee14b4e7471da8b06c59a4438c33fd380ec727cb29d6c443
9ff3a0c99a95a7e2614bbdafdf8904df108633b0ad324aefc9c330305a29fbaa
a4bf439b6cbd98be2ed5fa34278e3f7362cf20efabcc872979fe0e2d1e83dd3c
b058b1a6d6f63f276211eade401af0a55fc98e1de561ac52e36567462480d1f2
b37d6ae1474dc03c9613f0754a34381bf64b8ef2a625a053511200b28383d6be
b59dcd3e769fe4d46ee8f7d31be411350b75a6397ef6c689a46910f834ecfe15
bc2a9a716f9b9530dcafd47ed0db506319860f3c36b2778ce392833ec34c6ab2
c73c31579cccdf9a3a220d9317a9677e0a8e1b3405deaf8a75c23b294368af55
d26334de77414cb10dcb4c6fd2682da6ab65ff90ff967def55e27f2a40704e4a
e4c3e5565d579ef786f925f07e28f898b0a555a424082e93a41b09deae88269a
f7c932e0e26954428d5b50c20cbf851df01f8255b1be00f9efd3f12e876a0673