www.exchangeflightclaim.com Open in urlscan Pro
34.229.9.238  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.exchangeflightclaim.com/	41 KB 15 KB	1020ms 347ms	Document text/html	34.229.9.238 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.exchangeflightclaim.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.229.9.238 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-229-9-238.compute-1.amazonaws.com Software nginx / Resource Hash f15374266ffd0be996f257839c6bd3fd57c32cee6380bd8f32aa5a9ac31a706e Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Cache-Control max-age=0, private, must-revalidate Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Sun, 07 Jul 2024 12:55:07 GMT ETag W/"f15374266ffd0be996f257839c6bd3fd" Keep-Alive timeout=60 Server nginx Strict-Transport-Security max-age=15768000 Transfer-Encoding chunked Vary Accept-Encoding X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Request-Id 924675748B58_0A01004C01BB_668A902B_DCA2C2FFF X-Runtime 0.092440 X-UA-Compatible IE=edge X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	user-home-83a8b843ce66b9814342fe25d0cb7c49721a5532082f6e9878056e81d0a17c4d.css dp0qkd77b9xjk.cloudfront.net/assets/	219 KB 33 KB	185ms 60ms	Stylesheet text/css	108.138.24.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dp0qkd77b9xjk.cloudfront.net/assets/user-home-83a8b843ce66b9814342fe25d0cb7c49721a5532082f6e9878056e81d0a17c4d.css Requested by Host: www.exchangeflightclaim.com URL: https://www.exchangeflightclaim.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.24.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-24-85.fra56.r.cloudfront.net Software nginx / Resource Hash 83a8b843ce66b9814342fe25d0cb7c49721a5532082f6e9878056e81d0a17c4d Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 21 Jul 2023 09:00:35 GMT Content-Encoding gzip Via 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront) Strict-Transport-Security max-age=15768000 X-Amz-Cf-Pop FRA56-P7 Age 30426872 X-Cache Hit from cloudfront Connection keep-alive Content-Length 32945 Last-Modified Wed, 06 Jul 2022 23:47:39 GMT Server nginx ETag "62c61f1b-80b1" Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin https://ws.onehub.com Cache-Control max-age=315360000 X-Amz-Cf-Id 9zkn2f2v3G4fGp7UKjLTwN1nc4FuWlCvx69Cm7OEF1tKBqDFtYVTbA== Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	nltcs-a7f4764c696f5f0366d5d2fbe8176829716b8f9054118fa117651420e662a4f7.js Show response dp0qkd77b9xjk.cloudfront.net/assets/	202 KB 46 KB	242ms 46ms	Script application/x-javascript	108.138.24.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dp0qkd77b9xjk.cloudfront.net/assets/nltcs-a7f4764c696f5f0366d5d2fbe8176829716b8f9054118fa117651420e662a4f7.js Requested by Host: www.exchangeflightclaim.com URL: https://www.exchangeflightclaim.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.24.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-24-85.fra56.r.cloudfront.net Software nginx / Resource Hash a7f4764c696f5f0366d5d2fbe8176829716b8f9054118fa117651420e662a4f7 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 12 Dec 2023 22:25:21 GMT Content-Encoding gzip Via 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront) Strict-Transport-Security max-age=15768000 X-Amz-Cf-Pop FRA56-P7 Age 17936986 X-Cache Hit from cloudfront Connection keep-alive Content-Length 46367 Last-Modified Tue, 26 Nov 2019 00:31:16 GMT Server nginx ETag "5ddc7254-b51f" Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin https://ws.onehub.com Cache-Control max-age=315360000 X-Amz-Cf-Id oGfixxHgTxuWiPAwwXAMZwWhkHfQq6KjYG_W3ZGRSsc4ypaAU3lNpg== Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	core-fa0a8a3f07b452b4be70d364368729d68c84a9afe42374a179d57b4188a7d193.js Show response dp0qkd77b9xjk.cloudfront.net/assets/	1 MB 361 KB	387ms 184ms	Script application/x-javascript	108.138.24.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dp0qkd77b9xjk.cloudfront.net/assets/core-fa0a8a3f07b452b4be70d364368729d68c84a9afe42374a179d57b4188a7d193.js Requested by Host: www.exchangeflightclaim.com URL: https://www.exchangeflightclaim.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.24.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-24-85.fra56.r.cloudfront.net Software nginx / Resource Hash fa0a8a3f07b452b4be70d364368729d68c84a9afe42374a179d57b4188a7d193 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 19 Sep 2023 09:29:59 GMT Content-Encoding gzip Via 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront) Strict-Transport-Security max-age=15768000 X-Amz-Cf-Pop FRA56-P7 Age 25241109 X-Cache Hit from cloudfront Connection keep-alive Content-Length 368812 Last-Modified Tue, 20 Jun 2023 21:35:53 GMT Server nginx ETag "64921bb9-5a0ac" Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin https://ws.onehub.com Cache-Control max-age=315360000 X-Amz-Cf-Id 9i7QZqLg7TH8mj2U73dVrgxGyLnjmPBSm7T71yGfXJtDX2lso-4vIA== Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	309681 www.exchangeflightclaim.com/workspace_logos/	6 KB 7 KB	219ms 219ms	Image image/png	34.229.9.238 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.exchangeflightclaim.com/workspace_logos/309681 Requested by Host: www.exchangeflightclaim.com URL: https://www.exchangeflightclaim.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.229.9.238 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-229-9-238.compute-1.amazonaws.com Software nginx / Resource Hash 8bcd367218ceaea6250f3dd7a28b0f50acff0c83a08485f880a79dd39bf34bea Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 07 Jul 2024 12:55:07 GMT Last-Modified Tue, 30 Apr 2024 17:16:49 GMT Server nginx x-amz-server-side-encryption AES256 Content-Type image/png Cache-Control max-age=946708560, public Content-Disposition attachment Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 6326
GET H3	200	api.js Show response js.hcaptcha.com/1/	380 KB 108 KB	121ms 58ms	Script application/javascript	104.19.230.21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hcaptcha.com/1/api.js Requested by Host: www.exchangeflightclaim.com URL: https://www.exchangeflightclaim.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f84c05df87a44f722de9f23a650abc9b661a22fb80a183235387ae36a988145 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 12:55:08 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 110429 server cloudflare etag "5d4967e41a15a7ddd1c227e81c552df8" vary Origin, Accept-Encoding content-type application/javascript cache-control max-age=300 accept-ranges bytes cf-ray 89f7fcb438f218f3-FRA
GET H/1.1	200 OK	signins-c38b16c9e5d1ff9bec39538018df0b63eb968f0b3f13968e0b1452911e3ec063.js Show response dp0qkd77b9xjk.cloudfront.net/assets/	14 KB 3 KB	327ms 57ms	Script application/x-javascript	108.138.24.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dp0qkd77b9xjk.cloudfront.net/assets/signins-c38b16c9e5d1ff9bec39538018df0b63eb968f0b3f13968e0b1452911e3ec063.js Requested by Host: www.exchangeflightclaim.com URL: https://www.exchangeflightclaim.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.24.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-24-85.fra56.r.cloudfront.net Software nginx / Resource Hash c38b16c9e5d1ff9bec39538018df0b63eb968f0b3f13968e0b1452911e3ec063 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 02 Nov 2023 14:28:26 GMT Content-Encoding gzip Via 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront) Strict-Transport-Security max-age=15768000 X-Amz-Cf-Pop FRA56-P7 Age 21421602 X-Cache Hit from cloudfront Connection keep-alive Content-Length 2726 Last-Modified Wed, 02 Jun 2021 00:10:20 GMT Server nginx ETag "60b6cc6c-aa6" Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin https://ws.onehub.com Cache-Control max-age=315360000 X-Amz-Cf-Id Q82SQjhAlRxkm2cwg34sPheYH9MZ-UiJLOICS-y7-8BP5X0XIn8H3g== Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	autocomplete.css dp0qkd77b9xjk.cloudfront.net/assets/jquery-ui/	18 KB 4 KB	106ms 99ms	Stylesheet text/css	108.138.24.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dp0qkd77b9xjk.cloudfront.net/assets/jquery-ui/autocomplete.css Requested by Host: dp0qkd77b9xjk.cloudfront.net URL: https://dp0qkd77b9xjk.cloudfront.net/assets/user-home-83a8b843ce66b9814342fe25d0cb7c49721a5532082f6e9878056e81d0a17c4d.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.24.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-24-85.fra56.r.cloudfront.net Software nginx / Resource Hash 869927c05d13fe5e214b462c60cb86edb393943090afea78c08567c06ef165f5 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://dp0qkd77b9xjk.cloudfront.net/assets/user-home-83a8b843ce66b9814342fe25d0cb7c49721a5532082f6e9878056e81d0a17c4d.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 19 Oct 2023 12:03:46 GMT Content-Encoding gzip Via 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront) Strict-Transport-Security max-age=15768000 X-Amz-Cf-Pop FRA56-P7 Age 22639880 X-Cache Hit from cloudfront Connection keep-alive Content-Length 3589 Last-Modified Tue, 19 Sep 2017 21:05:23 GMT Server nginx ETag "59c18693-e05" Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin https://ws.onehub.com Cache-Control max-age=315360000 X-Amz-Cf-Id KZbwTtmiHJZ6vmoENyxBKIZBfMuH1dHkfQIZy_6-x3_GNqQOFnFRSA== Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	datepicker.css dp0qkd77b9xjk.cloudfront.net/assets/jquery-ui/	19 KB 4 KB	103ms 97ms	Stylesheet text/css	108.138.24.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dp0qkd77b9xjk.cloudfront.net/assets/jquery-ui/datepicker.css Requested by Host: dp0qkd77b9xjk.cloudfront.net URL: https://dp0qkd77b9xjk.cloudfront.net/assets/user-home-83a8b843ce66b9814342fe25d0cb7c49721a5532082f6e9878056e81d0a17c4d.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.24.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-24-85.fra56.r.cloudfront.net Software nginx / Resource Hash 196e46733d10cb43a32ecd4ee0d30944cc59de1db15396199e217c084d070132 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://dp0qkd77b9xjk.cloudfront.net/assets/user-home-83a8b843ce66b9814342fe25d0cb7c49721a5532082f6e9878056e81d0a17c4d.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 16 Oct 2023 20:22:22 GMT Content-Encoding gzip Via 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront) Strict-Transport-Security max-age=15768000 X-Amz-Cf-Pop FRA56-P7 Age 22869165 X-Cache Hit from cloudfront Connection keep-alive Content-Length 3915 Last-Modified Tue, 19 Sep 2017 21:05:23 GMT Server nginx ETag "59c18693-f4b" Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin https://ws.onehub.com Cache-Control max-age=315360000 X-Amz-Cf-Id zUPbMSRLUWguWmlGZxgoLhQaIVnNP9YElnsmHNWHivZQIB17BYMw1Q== Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	154ms 45ms	Script text/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: dp0qkd77b9xjk.cloudfront.net URL: https://dp0qkd77b9xjk.cloudfront.net/assets/nltcs-a7f4764c696f5f0366d5d2fbe8176829716b8f9054118fa117651420e662a4f7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 07 Jul 2024 12:29:07 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 1561 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sun, 07 Jul 2024 14:29:07 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	311 KB 107 KB	232ms 112ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MHZKVC Requested by Host: www.exchangeflightclaim.com URL: https://www.exchangeflightclaim.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 01bd2de338cfc8140b0d191630167db39a69bba7b71a56a5256be41d907cdcb9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 12:55:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 109326 x-xss-protection 0 last-modified Sun, 07 Jul 2024 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 07 Jul 2024 12:55:08 GMT
GET		nexa-bold-74e29167281fd7b10fa8666e1f6585e239a1d73b85dd02e6316f6448d27f19f4.woff2 dp0qkd77b9xjk.cloudfront.net/assets/	0 0
GET H3	200	hcaptcha.html newassets.hcaptcha.com/captcha/v1/a8cd801/static/ Frame 130F	0 0	157ms 86ms	Document text/html	104.19.230.21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/a8cd801/static/hcaptcha.html Requested by Host: js.hcaptcha.com URL: https://js.hcaptcha.com/1/api.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.exchangeflightclaim.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=1209600 cf-cache-status HIT cf-ray 89f7fcb77d0e2c53-FRA content-encoding br content-security-policy report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1; content-type text/html date Sun, 07 Jul 2024 12:55:08 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding Origin x-content-type-options nosniff
GET H3	200	de.json Show response newassets.hcaptcha.com/captcha/v1/a8cd801/static/i18n/	10 KB 4 KB	431ms 355ms	XHR application/json	104.19.230.21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/a8cd801/static/i18n/de.json Requested by Host: js.hcaptcha.com URL: https://js.hcaptcha.com/1/api.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 65de90c0ebfaeda78d9de2b1b5172525315d69fa97e2a53662a7472447ec11b4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 12:55:09 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400 content-length 3546 server cloudflare etag "fe6b01a2cf945b639975e51ffef7615f" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json access-control-allow-origin * cache-control public, max-age=1209600 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding accept-ranges bytes cf-ray 89f7fcb7bfee2c21-FRA expires Sun, 21 Jul 2024 12:55:09 GMT
GET H3	200	de.json Show response newassets.hcaptcha.com/captcha/v1/a8cd801/static/i18n/	10 KB 0	432ms 432ms	XHR application/json	104.19.230.21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/a8cd801/static/i18n/de.json Requested by Host: js.hcaptcha.com URL: https://js.hcaptcha.com/1/api.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 65de90c0ebfaeda78d9de2b1b5172525315d69fa97e2a53662a7472447ec11b4 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 12:55:09 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS alt-svc h3=":443"; ma=86400 content-length 3546 server cloudflare etag "fe6b01a2cf945b639975e51ffef7615f" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json access-control-allow-origin * cache-control public, max-age=1209600 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding accept-ranges bytes cf-ray 89f7fcb7bfee2c21-FRA expires Sun, 21 Jul 2024 12:55:09 GMT
GET		nexa-bold-b81afa3f0b2c3397ee7c7a01660588f2c3b430954fe44cb39babd69c3c54d3f8.woff dp0qkd77b9xjk.cloudfront.net/assets/	0 0
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 218 B	49ms 49ms	XHR text/plain	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1994512908&t=pageview&_s=1&dl=https%3A%2F%2Fwww.exchangeflightclaim.com%2F&ul=de-de&de=UTF-8&dt=Sign%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEhAAEABAAAAACgCI~&jid=1867538995&gjid=163709725&cid=1307975909.1720356909&tid=UA-6155421-2&_gid=1615140012.1720356909&_r=1&_slc=1&gtm=45He4730n71MHZKVCv6340603za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=1317394529 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 07 Jul 2024 12:55:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.exchangeflightclaim.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 0	0ms 0ms	Script text/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHZKVC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 12:29:07 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 1561 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sun, 07 Jul 2024 14:29:07 GMT
GET H2	200	bat.js Show response bat.bing.com/	47 KB 14 KB	653ms 368ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHZKVC Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 10993d070b23b0ee951ff5014da51af500556a9c5ba4e4cd2d98510e841cf324 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Sun, 07 Jul 2024 12:55:08 GMT last-modified Sat, 06 Jul 2024 02:56:47 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 898E74ED63474245B6CA3370A02E5203 Ref B: FRAEDGE1919 Ref C: 2024-07-07T12:55:09Z etag "80c1c2450cfda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13825
GET H2	200	0879.js Show response script.crazyegg.com/pages/scripts/0078/	7 KB 3 KB	201ms 71ms	Script text/javascript	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/scripts/0078/0879.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHZKVC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c8e242b5f0bd64186ce95062a26ab188c09085305bf7ed200ad9e3b54d1f866 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 12:55:09 GMT content-encoding gzip cf-cache-status HIT age 8195 cf-polished origSize=7384 ce-version 11.5.237 cf-bgj minify last-modified Sun, 07 Jul 2024 10:38:34 GMT server cloudflare vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 timing-allow-origin * cf-ray 89f7fcba4c6118c7-FRA
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	222 KB 59 KB	276ms 83ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.exchangeflightclaim.com URL: https://www.exchangeflightclaim.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 07 Jul 2024 12:55:09 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58293 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=99, rtx=0, c=12, mss=1368, tbw=2781, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug xm9bQZxQ+kLCNR7m4LZEQf1hFot1yDXYx2jjYDJlx9SHFO5M0w8j5/x00YBYrbzieW6lxiNPH2JStkfFXDkJIA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	visitor.js Show response app.leadsrx.com/	16 KB 16 KB	790ms 356ms	Script application/javascript	52.88.171.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.leadsrx.com/visitor.js Requested by Host: www.exchangeflightclaim.com URL: https://www.exchangeflightclaim.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 52.88.171.109 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-171-109.us-west-2.compute.amazonaws.com Software nginx/1.20.1 / Resource Hash 7e8f70f86d34990e70e0b696310775bc5c4327110a78a08cebf21fc072cab1b2 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 12:55:09 GMT last-modified Wed, 03 Jul 2024 18:08:17 GMT server nginx/1.20.1 etag "66859391-40d1" content-type application/javascript; charset=utf-8 access-control-allow-origin * accept-ranges bytes content-length 16593
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 358 B	202ms 64ms	XHR text/plain	2a00:1450:400c:c06::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6155421-2&cid=1307975909.1720356909&jid=1867538995&gjid=163709725&_gid=1615140012.1720356909&npa=1&_u=aEhAAEAAAAAAACgCI~&z=1184512832 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 07 Jul 2024 12:55:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.exchangeflightclaim.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	www.exchangeflightclaim.com.json Show response script.crazyegg.com/pages/data-scripts/0078/0879/site/	6 KB 2 KB	314ms 207ms	XHR application/json	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0078/0879/site/www.exchangeflightclaim.com.json?t=1 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0078/0879.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61fc4c0dcb03bc063f76665fbc8ed444d50f153ec130753834d00554ea2a928b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 12:55:09 GMT content-encoding gzip cf-cache-status MISS last-modified Sun, 07 Jul 2024 12:55:09 GMT server cloudflare vary Accept-Encoding content-type application/json ce-version 11.5.237 access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes timing-allow-origin * cf-ray 89f7fcbb8b705c2c-FRA content-length 1785
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	190ms 65ms	Image image/gif	216.58.206.36 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6155421-2&cid=1307975909.1720356909&jid=1867538995&npa=1&_u=aEhAAEAAAAAAACgCI~&z=359476660 Requested by Host: www.exchangeflightclaim.com URL: https://www.exchangeflightclaim.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 07 Jul 2024 12:55:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	151ms 86ms	Image image/gif	216.58.206.67 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6155421-2&cid=1307975909.1720356909&jid=1867538995&npa=1&_u=aEhAAEAAAAAAACgCI~&z=359476660 Requested by Host: www.exchangeflightclaim.com URL: https://www.exchangeflightclaim.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s08-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 07 Jul 2024 12:55:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	2004294186529575 Show response connect.facebook.net/signals/config/	70 KB 14 KB	315ms 314ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/2004294186529575?v=2.9.160&r=stable&domain=www.exchangeflightclaim.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 234acf2a903676d7f54922b651ba6119c827965eb5f66ee97c0efb224431cebb Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 07 Jul 2024 12:55:09 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=49, rtx=0, c=38, mss=1368, tbw=63806, tp=-1, tpl=-1, uplat=272, ullat=0 pragma public x-fb-debug z8abO1uL9157KCtNrcCdig/cqjnqdWNMuWKV42uJoC/+8TFf3YeGvT84ga5RdHuyl73WGT0GDsSHS+D+T/PrmQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	1cb0fe96622d360e640b6ca18b5ba2ec.js Show response script.crazyegg.com/pages/versioned/common-scripts/	101 KB 34 KB	40ms 39ms	Script text/javascript	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/versioned/common-scripts/1cb0fe96622d360e640b6ca18b5ba2ec.js Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0078/0879.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 747b3bdf8958ba6ea546f95ee4255f40cdb156a5e61cb7c0b4324f77181c7991 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 12:55:09 GMT content-encoding gzip cf-cache-status HIT cf-bgj minify last-modified Sun, 30 Jun 2024 16:56:32 GMT server cloudflare age 16191 cf-polished origSize=103828 vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000 timing-allow-origin * cf-ray 89f7fcbc8f8518c7-FRA
GET H2	200	clock Show response tracking.crazyegg.com/	40 B 147 B	207ms 89ms	XHR text/plain	52.51.27.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tracking.crazyegg.com/clock?t=1720356909579&tk=522581ef0d7c2bf3940ad7f9f18c1793 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/common-scripts/1cb0fe96622d360e640b6ca18b5ba2ec.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.51.27.14 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-51-27-14.eu-west-1.compute.amazonaws.com Software awselb/2.0 / Resource Hash 971bab27be98812fc7f8ff756d9e188277e8b46d60e9bd59408c30f7053d00d4 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Sun, 07 Jul 2024 12:55:09 GMT cache-control no-store server awselb/2.0 content-length 40 content-type text/plain
GET H2	200	healthcheck Show response pagestates-tracking.crazyegg.com/	19 B 461 B	68ms 14ms	XHR application/json	13.35.58.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pagestates-tracking.crazyegg.com/healthcheck Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/common-scripts/1cb0fe96622d360e640b6ca18b5ba2ec.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-40.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 20 Sep 2023 01:43:28 GMT via 1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 age 25182702 x-cache Hit from cloudfront content-length 19 last-modified Fri, 08 Jul 2022 22:25:51 GMT server AmazonS3 etag "d06f04fccf68d0b228a5923187ce1afd" access-control-max-age 31536000 access-control-allow-methods GET, HEAD content-type application/json access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin accept-ranges bytes x-amz-cf-id J1L5U2CYwLJ8mPprzXeIc_iq9HTydE-gW0dmv6yTKm72Lois_P0dAg==
GET H2	200	healthcheck Show response assets-tracking.crazyegg.com/	19 B 462 B	67ms 13ms	XHR application/json	18.66.122.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-tracking.crazyegg.com/healthcheck Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/common-scripts/1cb0fe96622d360e640b6ca18b5ba2ec.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-72.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 20 Dec 2023 01:23:29 GMT via 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P2 age 17321501 x-cache Hit from cloudfront content-length 19 last-modified Fri, 08 Jul 2022 22:25:51 GMT server AmazonS3 etag "d06f04fccf68d0b228a5923187ce1afd" access-control-max-age 31536000 access-control-allow-methods GET, HEAD content-type application/json access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin accept-ranges bytes x-amz-cf-id U1GtDOiM5zrmF0Hj-pz_HTU7nxkHhtpb_ggtFXiSc5b6gbR2SKjLZA==
GET H2	200	www.exchangeflightclaim.com.json Show response script.crazyegg.com/pages/data-scripts/0078/0879/sampling/	296 B 253 B	152ms 151ms	XHR application/json	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0078/0879/sampling/www.exchangeflightclaim.com.json?t=477876 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/common-scripts/1cb0fe96622d360e640b6ca18b5ba2ec.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a9f5cf22828bb88ab7540993026a799e541f66913097e2d2730a8b20f2a106f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 12:55:09 GMT content-encoding gzip cf-cache-status MISS last-modified Sun, 07 Jul 2024 12:55:09 GMT server cloudflare vary Accept-Encoding content-type application/json ce-version 11.5.237 access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes timing-allow-origin * cf-ray 89f7fcbd0cbd5c2c-FRA content-length 189
GET BLOB	200 OK	94eecfb3-7f0f-440c-826c-912433a3351e https://www.exchangeflightclaim.com/	45 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.exchangeflightclaim.com/94eecfb3-7f0f-440c-826c-912433a3351e Requested by Host: www.exchangeflightclaim.com URL: https://www.exchangeflightclaim.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 45 Content-Type text/javascript
GET H2	204	5090935.js Show response bat.bing.com/p/action/	0 116 B	52ms 52ms	Script text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/5090935.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Sun, 07 Jul 2024 12:55:09 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: AB7EC4711B60419B90F8242C43A93E22 Ref B: FRAEDGE1919 Ref C: 2024-07-07T12:55:09Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 285 B	143ms 143ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=5090935&tm=gtm002&Ver=2&mid=501ad16a-2722-4482-901d-8f61d2460c13&sid=245e94a03c6011efaf2c8749c8a916bb&vid=245e74a03c6011ef8504b1e8caebc613&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Sign%20In&p=https%3A%2F%2Fwww.exchangeflightclaim.com%2F&r=&lt=1855&evt=pageLoad&sv=1&cdb=AQAA&rn=203997 Requested by Host: www.exchangeflightclaim.com URL: https://www.exchangeflightclaim.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 07 Jul 2024 12:55:09 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: FBD0B612617348BC8EC32ECA148CA3AC Ref B: FRAEDGE1919 Ref C: 2024-07-07T12:55:09Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	visitor.php Show response app.leadsrx.com/	112 B 554 B	252ms 251ms	XHR text/html	52.88.171.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.leadsrx.com/visitor.php?acctTag=msdhha43737&tz=-120&ref=&u=https%3A%2F%2Fwww.exchangeflightclaim.com%2F&t=Sign%20In&lc=null&anon=0&vin=null Requested by Host: app.leadsrx.com URL: https://app.leadsrx.com/visitor.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 52.88.171.109 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-171-109.us-west-2.compute.amazonaws.com Software nginx/1.20.1 / PHP/5.6.40 Resource Hash 05686dd5e85faa3a6d498606b0ca32ce96adafde2d74d955cd539a3b8516ec79 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Sun, 07 Jul 2024 12:55:09 GMT x-content-type-options nosniff server nginx/1.20.1 x-powered-by PHP/5.6.40 x-frame-options SAMEORIGIN content-type text/html; charset=utf-8 access-control-allow-origin https://www.exchangeflightclaim.com access-control-allow-credentials true
GET H2	200	/ www.facebook.com/tr/	0 274 B	82ms 20ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2004294186529575&ev=PageView&dl=https%3A%2F%2Fwww.exchangeflightclaim.com%2F&rl=&if=false&ts=1720356909804&sw=1600&sh=1200&v=2.9.160&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1720356909802.615410415797708796&cs_est=true&ler=empty&cdl=API_unavailable&it=1720356909458&coo=false&rqm=GET Requested by Host: www.exchangeflightclaim.com URL: https://www.exchangeflightclaim.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1368, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Sun, 07 Jul 2024 12:55:09 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 4 KB	315ms 255ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2004294186529575&ev=PageView&dl=https%3A%2F%2Fwww.exchangeflightclaim.com%2F&rl=&if=false&ts=1720356909804&sw=1600&sh=1200&v=2.9.160&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1720356909802.615410415797708796&cs_est=true&ler=empty&cdl=API_unavailable&it=1720356909458&coo=false&rqm=FGET Requested by Host: www.exchangeflightclaim.com URL: https://www.exchangeflightclaim.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x5be93d7ca6d2db05","source_keys":["1","2"]},{"key_piece":"0x07b1e6d46aff8dac","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Sun, 07 Jul 2024 12:55:10 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7388876663589803775", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1368, tbw=3103, tp=-1, tpl=-1, uplat=234, ullat=0 pragma no-cache x-fb-debug 9zkfVU8JQlCCoDjLMHkqxBuDzV0MCZokchVWQ8hsC2NkBFCJ9X7MmtmEt6dwXLYzbxH/HAa+VAds13LKbh5gHw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7388876663589803775"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	nr-rum-1.261.2.min.js Show response js-agent.newrelic.com/	49 KB 16 KB	254ms 89ms	Script application/javascript	2602:816:5001::39 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-rum-1.261.2.min.js Requested by Host: www.exchangeflightclaim.com URL: https://www.exchangeflightclaim.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2602:816:5001::39 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 6015ddf92ea6817fbb21c99f87ecc4e9ce34a23cc40149dc89499665e5729af7 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Origin https://www.exchangeflightclaim.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id KX74Zp6YrPW8z_RIZHRGWmKepoaITtBQ content-encoding br via 1.1 varnish date Sun, 07 Jul 2024 12:55:10 GMT strict-transport-security max-age=300 x-amz-request-id BS9R9RVA0FFKEHHV x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 15607 x-amz-id-2 11BoPuIAWuigVTuKzYHqaVa7elh+xdmS0RF52fpbTEoMw0gl+d/vKu+0BecD5JpjZK9kMHvmvt0= x-served-by cache-fra-eddf8230066-FRA last-modified Tue, 02 Jul 2024 15:00:16 GMT server AmazonS3 etag "11d9198e7f5de86fc1a22736fdaf1d74" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400 accept-ranges bytes x-cache-hits 84806
GET H/1.1	200 OK	pd.js Show response pi.pardot.com/	5 KB 2 KB	434ms 129ms	Script application/javascript	3.92.120.28 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pi.pardot.com/pd.js Requested by Host: www.exchangeflightclaim.com URL: https://www.exchangeflightclaim.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-92-120-28.compute-1.amazonaws.com Software / Resource Hash 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 07 Jul 2024 12:55:10 GMT content-encoding gzip X-Pardot-Route 16b0ab393667a33fe86adedc3141e88c last-modified Fri, 05 Jul 2024 05:24:06 GMT etag "15f4-gzip" vary Accept-Encoding,User-Agent Content-Type application/javascript cache-control max-age=63072000 Connection keep-alive accept-ranges bytes Content-Length 1988 expires Tue, 07 Jul 2026 12:55:10 GMT
POST H/1.1	200	9c92e3ebfa Show response bam.nr-data.net/1/	146 B 617 B	273ms 145ms	XHR text/plain	162.247.243.29 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/9c92e3ebfa?a=699588&v=1.261.2&to=J15fEhddCloDQBhEARdCWAkLQUlYA0U%3D&rst=3667&ck=0&s=cb3e5d44081240a7&ref=https://www.exchangeflightclaim.com/&ptid=17088a3ed5f3d449&qt=1&ap=90&be=1020&fe=2368&dc=835&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1720356906738,%22n%22:0,%22f%22:0,%22dn%22:316,%22dne%22:316,%22c%22:316,%22s%22:454,%22ce%22:674,%22rq%22:674,%22rp%22:1021,%22rpe%22:1022,%22di%22:1832,%22ds%22:1832,%22de%22:1855,%22dc%22:3386,%22l%22:3387,%22le%22:3388%7D,%22navigation%22:%7B%7D%7D&fp=1835&fcp=1835 Requested by Host: js-agent.newrelic.com URL: https://js-agent.newrelic.com/nr-rum-1.261.2.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.29 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7614b90cc14d53b13983262adc5b33a027c977c41afca021b4395351e28b18b6 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 content-type text/plain Response headers date Sun, 07 Jul 2024 12:55:10 GMT access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS content-type text/plain access-control-allow-origin https://www.exchangeflightclaim.com access-control-expose-headers Date access-control-allow-credentials true cross-origin-resource-policy cross-origin Connection keep-alive timing-allow-origin https://www.exchangeflightclaim.com Content-Length 146 x-served-by cache-fra-eddf8230083-FRA
GET H/1.1	200 OK	analytics Show response pi.pardot.com/	1 KB 2 KB	418ms 418ms	Script text/javascript	3.92.120.28 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1106&account_id=989842&title=Sign%20In&url=https%3A%2F%2Fwww.exchangeflightclaim.com%2F&referrer= Requested by Host: pi.pardot.com URL: https://pi.pardot.com/pd.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-92-120-28.compute-1.amazonaws.com Software / Resource Hash 7a8433e284030a513a28f4eba9e4cafd0be13926c3a5f29c764b5c674337d44f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache Date Sun, 07 Jul 2024 12:55:10 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip X-Pardot-Route 9b06e8e2308c32c7bf9ba8adfb7be2e1 x-pardot-rsp 0/0/1 vary Accept-Encoding,User-Agent Content-Type text/javascript; charset=utf-8 p3p CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml" cache-control no-store, no-cache, must-revalidate Connection keep-alive Content-Length 534 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	analytics Show response info.onehub.com/	50 B 1020 B	492ms 242ms	Script text/javascript	18.208.125.13 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://info.onehub.com/analytics?conly=true&visitor_id=187406115&visitor_id_sign=50b16485147954565f497bd073b077a3650773f369fc4a73c7835797b1ca7009d13158d19b68afe96bead1f325ce6728710cdd47&pi_opt_in=&campaign_id=1106&account_id=989842&title=Sign%20In&url=https://www.exchangeflightclaim.com/&referrer= Requested by Host: pi.pardot.com URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1106&account_id=989842&title=Sign%20In&url=https%3A%2F%2Fwww.exchangeflightclaim.com%2F&referrer= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-208-125-13.compute-1.amazonaws.com Software / Resource Hash dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.exchangeflightclaim.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache Date Sun, 07 Jul 2024 12:55:11 GMT X-Pardot-Route 9b06e8e2308c32c7bf9ba8adfb7be2e1 x-pardot-rsp 0/0/1 vary User-Agent Content-Type text/javascript; charset=utf-8 p3p CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml" cache-control no-store, no-cache, must-revalidate Connection keep-alive Content-Length 50 expires Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

dp0qkd77b9xjk.cloudfront.net

URL

https://dp0qkd77b9xjk.cloudfront.net/assets/nexa-bold-74e29167281fd7b10fa8666e1f6585e239a1d73b85dd02e6316f6448d27f19f4.woff2

Domain

dp0qkd77b9xjk.cloudfront.net

URL

https://dp0qkd77b9xjk.cloudfront.net/assets/nexa-bold-b81afa3f0b2c3397ee7c7a01660588f2c3b430954fe44cb39babd69c3c54d3f8.woff