Submitted URL: https://airasia.page.link/XkUM6
Effective URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHote...
Submission: On December 12 via api from US — Scanned from CA

Summary

This website contacted 21 IPs in 2 countries across 16 domains to perform 59 HTTP transactions. The main IP is 104.18.37.96, located in and belongs to CLOUDFLARENET, US. The main domain is www.airasia.com. The Cisco Umbrella rank of the primary domain is 110738.
TLS certificate: Issued by WE1 on November 4th 2024. Valid for: 3 months.
This is the only time www.airasia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 173.194.204.132 15169 (GOOGLE)
12 104.18.37.96 13335 (CLOUDFLAR...)
3 209.85.144.154 15169 (GOOGLE)
1 173.194.175.95 15169 (GOOGLE)
4 172.217.222.97 15169 (GOOGLE)
1 74.125.192.104 15169 (GOOGLE)
3 150.171.27.10 8075 (MICROSOFT...)
1 99.84.208.8 16509 (AMAZON-02)
4 209.85.201.139 15169 (GOOGLE)
2 31.13.66.19 32934 (FACEBOOK)
8 23.212.249.200 20940 (AKAMAI-AS...)
1 172.64.149.96 13335 (CLOUDFLAR...)
1 18.160.10.92 16509 (AMAZON-02)
3 13.107.246.40 8075 (MICROSOFT...)
4 52.85.151.21 16509 (AMAZON-02)
1 172.217.197.157 15169 (GOOGLE)
2 31.13.66.35 32934 (FACEBOOK)
2 34.96.77.173 396982 (GOOGLE-CL...)
2 57.151.77.234 8075 (MICROSOFT...)
1 173.223.163.216 20940 (AKAMAI-AS...)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 13.107.21.237 8068 (MICROSOFT...)
59 21
Apex Domain
Subdomains
Transfer
15 airasia.com
www.airasia.com — Cisco Umbrella Rank: 110738
t.airasia.com — Cisco Umbrella Rank: 111428
static.airasia.com — Cisco Umbrella Rank: 116188
1 MB
8 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 799
241 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
d.clarity.ms — Cisco Umbrella Rank: 11618
c.clarity.ms — Cisco Umbrella Rank: 1269
32 KB
4 clevertap-prod.com
sg1.clevertap-prod.com — Cisco Umbrella Rank: 22079
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 359
c.bing.com — Cisco Umbrella Rank: 205
17 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
271 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
210 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
214 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
75 KB
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 8215
996 B
1 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 5968
15 KB
1 cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
41 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
30 KB
1 page.link
airasia.page.link
1 KB
59 16
Domain Requested by
12 www.airasia.com www.airasia.com
8 analytics.tiktok.com www.googletagmanager.com
www.airasia.com
analytics.tiktok.com
4 sg1.clevertap-prod.com d2r1yp2w7bby2u.cloudfront.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.googletagmanager.com www.airasia.com
www.googletagmanager.com
3 www.clarity.ms www.airasia.com
www.clarity.ms
bat.bing.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.airasia.com
3 securepubads.g.doubleclick.net www.airasia.com
securepubads.g.doubleclick.net
2 c.clarity.ms 1 redirects
2 d.clarity.ms www.clarity.ms
2 static.airasia.com www.airasia.com
2 www.facebook.com www.airasia.com
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
1 c.bing.com 1 redirects
1 analytics.pangle-ads.com analytics.tiktok.com
1 stats.g.doubleclick.net www.google-analytics.com
1 websdk.appsflyer.com www.airasia.com
1 t.airasia.com ajax.googleapis.com
1 d2r1yp2w7bby2u.cloudfront.net www.airasia.com
1 www.google.com www.googletagmanager.com
1 ajax.googleapis.com www.airasia.com
1 airasia.page.link 1 redirects
59 22

This site contains no links.

Subject Issuer Validity Valid
airasia.com
WE1
2024-11-04 -
2025-02-02
3 months crt.sh
*.g.doubleclick.net
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
upload.video.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.google-analytics.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03
2024-09-16 -
2025-03-15
6 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-20 -
2024-12-19
3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1
2024-07-15 -
2025-07-15
a year crt.sh
t.airasia.com
WE1
2024-12-03 -
2025-03-03
3 months crt.sh
*.appsflyer.com
Amazon RSA 2048 M03
2024-02-04 -
2025-03-03
a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
sg1.clevertap-prod.com
Amazon RSA 2048 M03
2024-04-20 -
2025-05-19
a year crt.sh
static.airasia.com
E5
2024-11-28 -
2025-02-26
3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh
*.pangle-ads.com
RapidSSL TLS ECC CA G1
2024-08-13 -
2025-09-13
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Frame ID: E5ABDE95358210424A17699AF55363A9
Requests: 58 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fwww.airasia.com
Frame ID: C9040AB4D7713F05CD874B40899801E5
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://airasia.page.link/XkUM6 HTTP 302
    https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

95 %
HTTPS

0 %
IPv6

16
Domains

22
Subdomains

21
IPs

2
Countries

2439 kB
Transfer

10846 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://airasia.page.link/XkUM6 HTTP 302
    https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=081600B650624BD4908D5A4D198FE2FE&RedC=c.clarity.ms&MXFR=0D309258009D6AE21B4E870B049D64FC HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=081600B650624BD4908D5A4D198FE2FE&MUID=04E665B7267E63980D4070E427D462F0

59 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 3c33d5
www.airasia.com/hotel/
Redirect Chain
  • https://airasia.page.link/XkUM6
  • https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
8 KB
4 KB
Document
General
Full URL
https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Removed to hide name and version of potentially vulnerable application servers
Resource Hash
46f469ad62dd02a2a06b94adcecbc7b1d5f77180df1a5a1f557fed1e753c3697
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000
cf-cache-status
DYNAMIC
cf-ray
8f0b88c8cfa3ab69-YYZ
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 12 Dec 2024 06:07:28 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Wed, 11 Dec 2024 02:40:11 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-cdn-geo-city
Toronto
x-cdn-geo-country
CA
x-content-type-options
nosniff
x-envoy-upstream-service-time
53
x-frame-options
deny DENY
x-powered-by
Removed to hide name and version of potentially vulnerable application servers
x-xss-protection
1; mode=block

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
script-src 'report-sample' 'nonce-c0f1OFk7-28EKY4AqK7o4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
content-type
application/binary
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-site
date
Thu, 12 Dec 2024 06:07:27 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/
105 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f154.1e100.net
Software
cafe /
Resource Hash
7748ff868dd95571d40d61110ce3e7e516ecb1733dc8aedd8f82e5b77d62288e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

content-encoding
br
etag
20 / 20069 / m202412050101 / config-hash: 16246998170830224354
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 06:07:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 12 Dec 2024 06:07:28 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33977
x-xss-protection
0
server
cafe
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.7.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.175.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f95.1e100.net
Software
sffe /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

content-encoding
gzip
age
138122
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 15:45:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 15:45:26 GMT
last-modified
Tue, 12 Sep 2023 02:38:22 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
30462
x-xss-protection
0
server
sffe
36.1907ff15.chunk.css
www.airasia.com/hotel-app/static/css/
7 KB
1 KB
Stylesheet
General
Full URL
https://www.airasia.com/hotel-app/static/css/36.1907ff15.chunk.css
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Removed to hide name and version of potentially vulnerable application servers
Resource Hash
ce3ed78c2d9f59db0fc48081c0bcd1d8671c65865143eb7ab0f5985240123b31
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"6758fb8b-1a66"
age
3983
x-cdn-geo-country
CA
x-content-type-options
nosniff
expires
Sun, 10 Dec 2034 06:07:28 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 06:07:28 GMT
content-type
text/css
last-modified
Wed, 11 Dec 2024 02:40:11 GMT
vary
Accept-Encoding
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
cache-control
public, max-age=315360000
x-envoy-upstream-service-time
30
x-cdn-geo-city
Toronto
cf-ray
8f0b88cb7955ab69-YYZ
x-powered-by
Removed to hide name and version of potentially vulnerable application servers
server
cloudflare
main.b9f57820.chunk.css
www.airasia.com/hotel-app/static/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://www.airasia.com/hotel-app/static/css/main.b9f57820.chunk.css
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Removed to hide name and version of potentially vulnerable application servers
Resource Hash
2ad050a2e4a24bf825aedf2e755fe312fba25bd280e75b635d570aa3a643f3c5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"6758fb8b-2024"
age
3983
x-cdn-geo-country
CA
x-content-type-options
nosniff
expires
Sun, 10 Dec 2034 06:07:28 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 06:07:28 GMT
content-type
text/css
last-modified
Wed, 11 Dec 2024 02:40:11 GMT
vary
Accept-Encoding
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
cache-control
public, max-age=315360000
x-envoy-upstream-service-time
53
x-cdn-geo-city
Toronto
cf-ray
8f0b88cb7956ab69-YYZ
x-powered-by
Removed to hide name and version of potentially vulnerable application servers
server
cloudflare
36.7b625ae3.chunk.js
www.airasia.com/hotel-app/static/js/
7 MB
1 MB
Script
General
Full URL
https://www.airasia.com/hotel-app/static/js/36.7b625ae3.chunk.js
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Removed to hide name and version of potentially vulnerable application servers
Resource Hash
5fe2bdf5b0a8048d4c49eda4df8a31c3615a946729ff7e253b265dd277ca589b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"67517d15-6e20be"
age
3983
x-cdn-geo-country
CA
x-content-type-options
nosniff
expires
Sun, 10 Dec 2034 06:07:28 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 06:07:28 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 05 Dec 2024 10:14:45 GMT
vary
Accept-Encoding
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
cache-control
public, max-age=315360000
x-envoy-upstream-service-time
48
x-cdn-geo-city
Toronto
cf-ray
8f0b88cb7957ab69-YYZ
x-powered-by
Removed to hide name and version of potentially vulnerable application servers
server
cloudflare
main.2d7fd038.chunk.js
www.airasia.com/hotel-app/static/js/
14 KB
5 KB
Script
General
Full URL
https://www.airasia.com/hotel-app/static/js/main.2d7fd038.chunk.js
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Removed to hide name and version of potentially vulnerable application servers
Resource Hash
8f6d88c2b7f20165864f96ccbcada8eded14dcfb2a9c9e4b4c30713dbc3bc125
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"6758fb8b-362d"
age
3983
x-cdn-geo-country
CA
x-content-type-options
nosniff
expires
Sun, 10 Dec 2034 06:07:28 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 06:07:28 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 11 Dec 2024 02:40:11 GMT
vary
Accept-Encoding
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
cache-control
public, max-age=315360000
x-envoy-upstream-service-time
76
x-cdn-geo-city
Toronto
cf-ray
8f0b88cb7958ab69-YYZ
x-powered-by
Removed to hide name and version of potentially vulnerable application servers
server
cloudflare
gtm.js
www.googletagmanager.com/
446 KB
134 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W37DJHW&l=gtmDataLayer
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.222.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
2de281c4a5d008ba040b248c7b03543ff975f2be23a2ae60f02dc6c099844f06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 12 Dec 2024 06:07:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 06:07:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
136526
x-xss-protection
0
server
Google Tag Manager
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/
496 KB
154 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f154.1e100.net
Software
cafe /
Resource Hash
3e63ee66b9db436c0738fdcfad9340135b640f2ac85eb04498fdb7ad2067592b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

content-encoding
br
etag
2279107579115022503
age
49448
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 16:23:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 11 Dec 2024 16:23:20 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
157504
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/
63 KB
22 KB
Other
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f154.1e100.net
Software
cafe /
Resource Hash
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4443559573512225521
age
48947
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 16:31:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 11 Dec 2024 16:31:41 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22952
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412050101"
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.airasia.com%2Fhotel%2F3c33d5&scrsrc=www.googletagmanager.com&frm=0&rnd=667093040.1733983649&auid=1262049049.1733983649&npa=0&gtm=45He4cb0v856459843za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&tft=1733983648990&tfd=1654&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W37DJHW&l=gtmDataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

js
www.googletagmanager.com/gtag/
433 KB
136 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BVKREMZ0BK&l=gtmDataLayer&cx=c&gtm=45He4cb0v856459843za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W37DJHW&l=gtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.222.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
764520c1fa6e312f25d57880c06a8d8b3a7fc4fe51fdf7463d8e92de8bf7d942
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 12 Dec 2024 06:07:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 06:07:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
139149
x-xss-protection
0
server
Google Tag Manager
bat.js
bat.bing.com/
50 KB
15 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W37DJHW&l=gtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D4DF1BF7222246AB92DDF144B88EA2C2 Ref B: YTO01EDGE0507 Ref C: 2024-12-12T06:07:29Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Thu, 12 Dec 2024 06:07:29 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
clevertap.min.js
d2r1yp2w7bby2u.cloudfront.net/js/
143 KB
41 KB
Script
General
Full URL
https://d2r1yp2w7bby2u.cloudfront.net/js/clevertap.min.js
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-8.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7109cb0318929f39fa8667caaf50753680964a2425a4c4aa028570151e244e69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

Transfer-Encoding
chunked
Vary
accept-encoding
Content-Encoding
gzip
ETag
W/"130e5fcd6caf6544c687363912635a17"
Age
63398
Connection
keep-alive
Via
1.1 a805f3562e8099c23b78cf69c21f7834.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
7U4uxMMkVYHuYODjoAz_eU5KQCmxVadZijI0DYUZ53Q5kV5XFX5Vrg==
Date
Wed, 11 Dec 2024 12:30:52 GMT
Content-Type
text/javascript
Last-Modified
Wed, 11 Dec 2024 12:30:50 GMT
Server
AmazonS3
X-Amz-Cf-Pop
IAD79-C1
x-amz-server-side-encryption
AES256
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W37DJHW&l=gtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.201.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

content-encoding
gzip
age
5457
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 06:36:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 04:36:32 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W37DJHW&l=gtmDataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-rRuGTwHG' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 06:07:29 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-rRuGTwHG' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=4509, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
fnQ4kE4+50P5mt9cezN81tyWqOq6pDqdbk/9C4ZDcC9tQ+X8KnPmk5WkYpZmRrZESscBDPV4MU+B+2bOOlLgxg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62212
x-xss-protection
0
origin-agent-cluster
?1
sdk.js
analytics.tiktok.com/i18n/pixel/
10 KB
4 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=CCPR5D3C77U2F908E31G
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W37DJHW&l=gtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.249.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-249-200.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
bf12911f3d0419e1b256f9805e5541b2a023afd05ac4d550cd04916e39c53e44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-48-249-156.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires
Thu, 12 Dec 2024 06:07:29 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=27, origin; dur=8, inner; dur=3
x-cache
TCP_MISS from a23-220-105-219.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Thu, 12 Dec 2024 06:07:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
12741b3c.88c766d
x-tt-trace-host
01f5655a88117b400144c82c3b0ac4996add1fb7efa6d45f560bb25f87e06add065a3d4fbeee8ecf3d40a0472b6bf72dac6937ba82c75a8a35a290518e0e92909af8aa6292799c0e1d5f4b9712380859eb737bc7ed01423a24dee12de926c6e02f32365bbb0bf8eb2f132d3d3e03e761bb
x-origin-response-time
9,23.48.249.156
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2412120607294E5E705090D2D48CE4B0-6B169EEC9BFA9E2B-00
content-length
3119
x-parent-response-time
33,23.220.105.219
x-tt-logid
202412120607294E5E705090D2D48CE4B0
server
nginx
user
t.airasia.com/nearestairport/airport/
155 B
404 B
XHR
General
Full URL
https://t.airasia.com/nearestairport/airport/user
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.96 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
778b4e745c483b45fbf16daf8ff15b76f039a13c917eeddb40dd2d3b72b4e1db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Referer
https://www.airasia.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
8f0b88cfcebeac33-YYZ
access-control-allow-origin
https://www.airasia.com
content-length
137
date
Thu, 12 Dec 2024 06:07:29 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
cloudflare
x-cloud-trace-context
6ab64855ce40147a63273a21093c2f47
/
websdk.appsflyer.com/
51 KB
15 KB
Script
General
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-92.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ba6b163f965f258c24888cf11c6dfe0d044de0800284da2e78a3faf7bd12925

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

x-amz-cf-pop
IAD12-P3
content-encoding
gzip
etag
W/"7ee104753099f9f00003724eb0a4c433"
age
884
via
1.1 b9e3ae23b2e5d7b2e1c159467ba23f34.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
z5PyJnysrL-Rg-jKfxoWdiD3E-vQHHxKuX5GJmQLXaUyO-xNCJYuZQ==
date
Thu, 12 Dec 2024 05:52:46 GMT
content-type
application/javascript
vary
accept-encoding
server
AmazonS3
last-modified
Tue, 01 Oct 2024 07:07:49 GMT
x-amz-server-side-encryption
AES256
events.js
analytics.tiktok.com/i18n/pixel/
5 KB
3 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CILRCERC77UB3683AB3G&lib=ttq
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.249.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-249-200.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
82c83a7808ca2c0da036bb2152f992bcb89c7302308797035c12589ed5fafad0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-48-249-152.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires
Thu, 12 Dec 2024 06:07:29 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=6, origin; dur=8, inner; dur=3
x-cache
TCP_MISS from a23-220-105-219.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Thu, 12 Dec 2024 06:07:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
306aeb6.88c766e
x-tt-trace-host
01f5655a88117b400144c82c3b0ac4996add1fb7efa6d45f560bb25f87e06add06babb0d1588b6f7e5cfe395006538517bf9c79ee4dbe5c5ac89b250dbded01abfaeabe60fe0b48e07f5eae851171c46d35bc57ffcc4d690ed2b7173e808386430ac7cedfe22af4b1481b938ed50fdf59e
x-origin-response-time
8,23.48.249.152
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2412120607294386A0CA0A90C272BE6D-62741DE3859ACBEA-00
content-length
1786
x-parent-response-time
14,23.220.105.219
x-tt-logid
202412120607294386A0CA0A90C272BE6D
server
nginx
kqrf2t4nbn
www.clarity.ms/tag/
701 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/kqrf2t4nbn
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9ce651dc1362329cd90c6f22483368cec08256ae79c1c70600bc635ddd1b82d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
701
date
Thu, 12 Dec 2024 06:07:29 GMT
content-type
application/x-javascript
x-azure-ref
20241212T060729Z-164dd7df599zqcvchC1YTOqv3s0000001cag000000005c0q
td
www.googletagmanager.com/
0
341 B
Image
General
Full URL
https://www.googletagmanager.com/td?id=GTM-W37DJHW&v=3&t=t&pid=1535709423&dl=www.airasia.com%2Fhotel%2F3c33d5&tdp=GTM-W37DJHW;56459843;0;0;0&frm=0&rtg=56459843&slo=3&hlo=4&lst=1&z=0
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.222.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f97.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Thu, 12 Dec 2024 06:07:29 GMT
content-type
text/plain
server
Golfe2
Hotel.893455ba.chunk.js
www.airasia.com/hotel-app/static/js/
359 B
815 B
Script
General
Full URL
https://www.airasia.com/hotel-app/static/js/Hotel.893455ba.chunk.js
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.37.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Removed to hide name and version of potentially vulnerable application servers
Resource Hash
9f73c7a09db4dedb3ab232af7271dd94da7c159f9dc4d79817e888a5d4aeb0b6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"67517d15-167"
age
3983
x-cdn-geo-country
CA
x-content-type-options
nosniff
expires
Sun, 10 Dec 2034 06:07:29 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 06:07:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 05 Dec 2024 10:14:45 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
cache-control
public, max-age=315360000
x-envoy-upstream-service-time
64
x-cdn-geo-city
Toronto
cf-ray
8f0b88d1794a3a02-YYZ
x-powered-by
Removed to hide name and version of potentially vulnerable application servers
server
cloudflare
sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame C904
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fwww.airasia.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W37DJHW&l=gtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.222.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f97.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 06:07:29 GMT
expires
Fri, 12 Dec 2025 06:07:29 GMT
last-modified
Tue, 03 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-BVKREMZ0BK&gtm=45je4cb0v9118536502z8856459843za200zb856459843&_p=1733983648541&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=1420636677.1733983650&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1733983649&sct=1&seg=0&dl=https%3A%2F%2Fwww.airasia.com%2Fhotel%2F3c33d5%3Futm_medium%3Demail%26utm_source%3Daa_marketing%26utm_campaign%3DHOTEL_MY_WP%257CTactical%257CHotel%257C01012024%257CNull%257Cmy-en%257CNone%257CInternal&dt=&en=page_view&_fv=1&_nsi=1&_ss=2&ep.lineofbusiness=Hotels%20SA&tfd=2411
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BVKREMZ0BK&l=gtmDataLayer&cx=c&gtm=45He4cb0v856459843za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.201.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.airasia.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 06:07:29 GMT
content-type
text/plain
server
Golfe2
527941356013779
connect.facebook.net/signals/config/
69 KB
14 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/527941356013779?v=2.9.178&r=stable&domain=www.airasia.com&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
49ad197d50d76d8d8012fbd05ac258794316e28c3b12ea52775fe20eea16ea43
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-RE0N5z3S' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 06:07:29 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-RE0N5z3S' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=10, c=69, mss=1232, tbw=82909, tp=77, tpl=10, uplat=5, ullat=-1
pragma
public
x-fb-debug
5AwIHHwf0XeaoSPtNSJjqGr0ob6AoSN6IlSWYbQp4v1ehNVi4MZsk7LJdimRcQVDSBP/i3FeGbQT7IqRr55G0g==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
14151
x-xss-protection
0
origin-agent-cluster
?1
a
sg1.clevertap-prod.com/
263 B
848 B
Script
General
Full URL
https://sg1.clevertap-prod.com/a?t=96&type=push&d=N4IgLgngDgpiBcIoCcD2AzAlgGzgGiTS1wVAGMwB9VKMVAVzAXQENsBnGAXwMwBMEIACwA2IQFoA6gGkJIgBwBWAFogCUAOYIAjARbpSIbJgBGggO4wT49nwDW4gG7aAdNtfaATGsKo6ZVGxBAAswMCh2EC4uIAA&optOut=false&rn=1&i=1733983649&sn=0&tries=1&useIP=false&r=1733983649781
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/clevertap.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-21.iad89.r.cloudfront.net
Software
CloudFront /
Resource Hash
23df8f1d1a1a76b054f64156a6d68f42801f3be63964fcde3f3fc15c3af1d6d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

Content-Encoding
gzip
Expires
0
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
QwD8uCJcbBhye03EY45zepyhduKiWh9LBN7Px_-rSGrC0MpD1YhLww==
Date
Thu, 12 Dec 2024 06:07:30 GMT
Content-Type
text/javascript;charset=utf-8
Vary
Accept-Encoding, User-Agent
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
Cache-Control
no-cache, no-store, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Via
1.1 b471d3775e81a9be536b52b99f39452a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD89-C3
Server
CloudFront
clarity.js
www.clarity.ms/s/0.7.58/
67 KB
28 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.58/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/kqrf2t4nbn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e57f584dc164284e3994776f7ddd7de42d54921a30f096ca971f676b2f5942c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

x-azure-ref
20241212T060729Z-164dd7df599zqcvchC1YTOqv3s0000001cag000000005c18
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD19E020F35B96"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
517315da-601e-0050-65e5-4bec8b000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Thu, 12 Dec 2024 06:07:29 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 11 Dec 2024 12:34:17 GMT
collect
www.google-analytics.com/j/
3 B
306 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=382306011&t=pageview&_s=1&dl=https%3A%2F%2Fwww.airasia.com%2Fhotel%2F3c33d5%3Futm_medium%3Demail%26utm_source%3Daa_marketing%26utm_campaign%3DHOTEL_MY_WP%257CTactical%257CHotel%257C01012024%257CNull%257Cmy-en%257CNone%257CInternal&dp=%2Fhotel%2F3c33d5%3Futm_medium%3Demail%26utm_source%3Daa_marketing%26utm_campaign%3DHOTEL_MY_WP%257CTactical%257CHotel%257C01012024%257CNull%257Cmy-en%257CNone%257CInternal&ul=en-ca&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChAiUABBAAAACAAMAB~&jid=2051532621&gjid=1449540940&cid=1420636677.1733983650&tid=UA-8932346-1&_gid=88244321.1733983650&_slc=1&gtm=45He4cb0n81W37DJHWv856459843za200&cd14=128&cd44=www.airasia.com%2Fhotel%2F3c33d5%3Futm_medium%3Demail%26utm_source%3Daa_marketing%26utm_campaign%3DHOTEL_MY_WP%257CTactical%257CHotel%257C01012024%257CNull%257Cmy-en%257CNone%257CInternal&cd91=2024-12-11T22%3A07%3A29.14-08%3A00&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&z=1262351772
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.201.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.airasia.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 06:07:29 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.airasia.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
stats.g.doubleclick.net/j/
1 B
646 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8932346-1&cid=1420636677.1733983650&jid=2051532621&gjid=1449540940&_gid=88244321.1733983650&_u=YChAiUABBAAAAGAAMAB~&z=1050399781
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.197.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.airasia.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 06:07:29 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin
https://www.airasia.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
main.MWZiM2ZlMGNjMA.js
analytics.tiktok.com/i18n/pixel/static/
345 KB
95 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CILRCERC77UB3683AB3G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.249.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-249-200.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7d60c0cd0647ecb04df42bcfd2acd351c105c2d89e2b401ba03b0845336170e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

x-cache
TCP_MEM_HIT from a23-220-105-219.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15
x-tt-trace-id
00-24121013344437A9978BE53FCCA24A23-36E578767ADEA3B2-00
content-length
96781
date
Thu, 12 Dec 2024 06:07:29 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
2024121013344437A9978BE53FCCA24A23
server
nginx
x-akamai-request-id
88c7c71
x-tt-trace-host
01281b750ad6e312304e9664a827f9f73a4aac03d9daf98b25e22555cef6db861152432da57727b71a8d5f109eb81a50a094cf1b93bec572a84e9c92411626bb5db0c85a8744f615616681ad959c075e65687dcbc21e964d40ea9c7bef53ac298f
main.MWZiM2ZlMGNjMQ.js
analytics.tiktok.com/i18n/pixel/static/
351 KB
97 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=CCPR5D3C77U2F908E31G
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.249.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-249-200.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

x-cache
TCP_MEM_HIT from a23-220-105-219.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-2412101334450CE9F412AF6573A4C51E-3B17A53D7C47AE15-00
content-length
98798
date
Thu, 12 Dec 2024 06:07:29 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202412101334450CE9F412AF6573A4C51E
server
nginx
x-akamai-request-id
88c7c72
x-tt-trace-host
0116727272e6c84cecffd82bace2ffb54513558c911fb48c27e603051d00acb01d16800970f1a835a967d8e895bc0449e44c1ef0d9acc3d065708a62ea3768d53237bddf4d3a526bf2f3d9753163fceda6f64baef909123e8b3e384a5efe369c85
47.19cbd1c9.chunk.js
www.airasia.com/hotel-app/static/js/
29 KB
9 KB
Script
General
Full URL
https://www.airasia.com/hotel-app/static/js/47.19cbd1c9.chunk.js
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.37.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Removed to hide name and version of potentially vulnerable application servers
Resource Hash
cb22d039377551a2803c2689cfd937857d0252ca00ddc8558f7db51c6c18a1ba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"67517d15-7546"
age
3983
x-cdn-geo-country
CA
x-content-type-options
nosniff
expires
Sun, 10 Dec 2034 06:07:29 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 06:07:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 05 Dec 2024 10:14:45 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
cache-control
public, max-age=315360000
x-envoy-upstream-service-time
92
x-cdn-geo-city
Toronto
cf-ray
8f0b88d35a623a02-YYZ
x-powered-by
Removed to hide name and version of potentially vulnerable application servers
server
cloudflare
DMSans-Regular.729b5a9f.ttf
www.airasia.com/hotel-app/static/media/
51 KB
52 KB
Font
General
Full URL
https://www.airasia.com/hotel-app/static/media/DMSans-Regular.729b5a9f.ttf
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel-app/static/css/main.b9f57820.chunk.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.37.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Removed to hide name and version of potentially vulnerable application servers
Resource Hash
89b3a45d5105208c4af4baefa6d83ecf02d64cf50c1877a3a3938aaf8e479320
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.airasia.com
Referer
https://www.airasia.com/hotel-app/static/css/main.b9f57820.chunk.css

Response headers

cf-cache-status
HIT
etag
"673f08eb-ccf4"
age
43635
x-cdn-geo-country
CA
x-content-type-options
nosniff
expires
Sun, 10 Dec 2034 06:07:29 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 06:07:29 GMT
content-type
application/octet-stream
last-modified
Thu, 21 Nov 2024 10:18:19 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
cache-control
public, max-age=315360000
x-envoy-upstream-service-time
64
x-cdn-geo-city
Toronto
cf-ray
8f0b88d3ba893a02-YYZ
accept-ranges
bytes
content-length
52468
x-powered-by
Removed to hide name and version of potentially vulnerable application servers
server
cloudflare
5117145.js
bat.bing.com/p/action/
4 KB
2 KB
Script
General
Full URL
https://bat.bing.com/p/action/5117145.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44af0ffe2c82a6d064ec5d73437022a1d235266e5330d366fc99e3a7aa9e9999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=60
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F1ED1293BCA64CA88D5F419B81062E0F Ref B: YTO01EDGE0507 Ref C: 2024-12-12T06:07:29Z
x-cache
CONFIG_NOCACHE
date
Thu, 12 Dec 2024 06:07:29 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=527941356013779&ev=PageView&dl=https%3A%2F%2Fwww.airasia.com%2Fhotel%2F3c33d5%3Futm_medium%3Demail%26utm_source%3Daa_marketing%26utm_campaign%3DHOTEL_MY_WP%257CTactical%257CHotel%257C01012024%257CNull%257Cmy-en%257CNone%257CInternal&rl=&if=false&ts=1733983649884&sw=1600&sh=1200&v=2.9.178&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1733983649883.690069827434942484&ler=empty&cdl=API_unavailable&it=1733983649771&coo=false&tm=1&rqm=GET
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=4522, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 12 Dec 2024 06:07:29 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
198 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=527941356013779&ev=PageView&dl=https%3A%2F%2Fwww.airasia.com%2Fhotel%2F3c33d5%3Futm_medium%3Demail%26utm_source%3Daa_marketing%26utm_campaign%3DHOTEL_MY_WP%257CTactical%257CHotel%257C01012024%257CNull%257Cmy-en%257CNone%257CInternal&rl=&if=false&ts=1733983649884&sw=1600&sh=1200&v=2.9.178&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1733983649883.690069827434942484&ler=empty&cdl=API_unavailable&it=1733983649771&coo=false&tm=1&rqm=FGET
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447403065985793732"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 06:07:30 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
HrEylkcKKwicJiFB3lr9Js0NXdygd3F9l3lxIzWvM5wFsluK1jYzzUMtn+zMlr5J+xxz3479AYxKfW48LYeUzA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447403065985793732", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=2, c=4, mss=1232, tbw=5130, tp=14, tpl=2, uplat=101, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
file.json
static.airasia.com/hotels/featureflags/configuration/production/
14 KB
4 KB
Fetch
General
Full URL
https://static.airasia.com/hotels/featureflags/configuration/production/file.json?ignoreCache=1?Wed%20Dec%2011%202024%2022:07:29%20GMT-0800%20(Pacific%20Standard%20Time)
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel-app/static/js/36.7b625ae3.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3c98bc7104de9761f51d2cd1e6d634bdd32450b8a6e64c6d08258e55857bf650

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=O/hYqQ==, md5=Fo2ic0lWGFo3fofq/yQImA==
etag
"168da2734956185a377e87eaff240898"
x-goog-stored-content-encoding
gzip
expires
Fri, 13 Dec 2024 06:07:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
3660
date
Thu, 12 Dec 2024 06:07:31 GMT
last-modified
Thu, 05 Dec 2024 08:36:05 GMT
content-type
application/json
x-guploader-uploadid
AFiumC4sYyqJ5HpxMEsol9-bdyxVZU0v62yqb7lyB0SWV2U7jyNEL3mtdrcXbMxBiezQ2jt3NMo
cache-control
max-age=86400,no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733387765359534
content-length
3660
server
UploadServer
file.json
static.airasia.com/snap/lob/translations/en-gb/
87 KB
23 KB
Fetch
General
Full URL
https://static.airasia.com/snap/lob/translations/en-gb/file.json?ignoreCache=1?Wed%20Dec%2011%202024%2022:07:29%20GMT-0800%20(Pacific%20Standard%20Time)
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel-app/static/js/36.7b625ae3.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9d2ad6bcd971b565ee59d01003c4e67da96889a39b5da456da7efd99d74a0eb4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=7Q0+MA==, md5=sKukWuvwt/NP4hIRrv2qmg==
etag
"b0aba45aebf0b7f34fe21211aefdaa9a"
x-goog-stored-content-encoding
gzip
expires
Fri, 13 Dec 2024 06:07:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
22623
date
Thu, 12 Dec 2024 06:07:31 GMT
last-modified
Tue, 26 Nov 2024 10:31:39 GMT
content-type
application/json
x-guploader-uploadid
AFiumC4BOYJyeNIX2fueUqGTBb8-vTILEWfleNHyOaZAd19lAF9VQ5ESbDFqnFS0pc331Upn4yQ
cache-control
max-age=86400,no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1732617099454973
content-length
22623
server
UploadServer
5117145
www.clarity.ms/tag/uet/
866 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/uet/5117145
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/5117145.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1e1863aed6a28a4de3c563d2fb30e3d24c00d11e11edc12e9d1525d500fe449e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
866
date
Thu, 12 Dec 2024 06:07:29 GMT
content-type
application/x-javascript
x-azure-ref
20241212T060729Z-164dd7df599zqcvchC1YTOqv3s0000001cag000000005c19
0
bat.bing.com/action/
0
361 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5117145&tm=gtm002&Ver=2&mid=be683bf8-d4c5-4d15-b231-fcc86cb8ee03&bo=1&sid=5e82f330b84f11efb9494d3c5288eb43&vid=5e8318b0b84f11ef81cc8987c9b49914&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&kw=Hotels%20booking&p=https%3A%2F%2Fwww.airasia.com%2Fhotel%2F3c33d5%3Futm_medium%3Demail%26utm_source%3Daa_marketing%26utm_campaign%3DHOTEL_MY_WP%257CTactical%257CHotel%257C01012024%257CNull%257Cmy-en%257CNone%257CInternal&r=&lt=2464&evt=pageLoad&sv=1&cdb=AQAQ&rn=861832
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BFDFB1F5558A41439A569DFC4E58DC05 Ref B: YTO01EDGE0507 Ref C: 2024-12-12T06:07:29Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Thu, 12 Dec 2024 06:07:29 GMT
collect
d.clarity.ms/
0
279 B
XHR
General
Full URL
https://d.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.58/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
57.151.77.234 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.airasia.com/

Response headers

Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
Access-Control-Allow-Origin
https://www.airasia.com
Date
Thu, 12 Dec 2024 06:07:30 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/
146 KB
39 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.249.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-249-200.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

x-cache
TCP_MEM_HIT from a23-220-105-219.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=14
x-tt-trace-id
00-2411150502353199EAF9B9510C1B2E22-37006D30352CB0E3-00
content-length
39589
date
Thu, 12 Dec 2024 06:07:30 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202411150502353199EAF9B9510C1B2E22
server
nginx
x-akamai-request-id
88c81aa
x-tt-trace-host
0163715cf6fc49994f6fd4fd6ac84dd57ecdb15a982cb599e430cf7c941aa348e4671182284cff2005f593155dd3118f5c0fc8089dae84b0508c2fab08e8a30915fc06bfbcac08025c196bae9a6e4816fb59c72b46967c54f9995b83c78da55ae4
pixel
analytics.tiktok.com/api/v2/
0
879 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.249.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-249-200.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.airasia.com/

Response headers

x-cache-remote
TCP_MISS from a23-48-249-160.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Thu, 12 Dec 2024 06:07:30 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=19, origin; dur=33, inner; dur=28
x-cache
TCP_MISS from a23-220-105-219.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Thu, 12 Dec 2024 06:07:30 GMT
x-akamai-request-id
96acb0c.88c81ab
access-control-allow-headers
Authorization,*
x-tt-trace-host
01f5655a88117b400144c82c3b0ac4996add1fb7efa6d45f560bb25f87e06add06b52bb26f526cdcc0ae6a50827b1994ba1d6d673d9caaecde39a7c4a00d208ff382877d58dd3a4ac86d3651503bd5bbbdaf61c1d75e898a61ebfc5b67aee89639fe5024f15ff414fba352f7cbf4a7d42c
x-origin-response-time
33,23.48.249.160
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2412120607307B506BEAF4F840F09673-67C2E3EE587116B0-00
content-length
0
x-parent-response-time
40,23.220.105.219
x-tt-logid
202412120607307B506BEAF4F840F09673
server
nginx
pangle_pixel
analytics.pangle-ads.com/api/v2/
0
996 B
Ping
General
Full URL
https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.163.216 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a173-223-163-216.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.airasia.com/

Response headers

access-control-max-age
86400
x-cache-remote
TCP_MISS from a23-218-219-52.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-9611f29bef89eba7b18045b10aa2af98) (-)
x-bytefaas-request-id
20241212060731A7B5075BA72350709305
access-control-allow-methods
*
expires
Thu, 12 Dec 2024 06:07:31 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=2, origin; dur=13, inner; dur=5
x-cache
TCP_MISS from a23-202-158-21.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-9611f29bef89eba7b18045b10aa2af98) (-)
date
Thu, 12 Dec 2024 06:07:31 GMT
content-type
text/plain; charset=utf-8
x-akamai-request-id
b6ea651.944128c
x-bytefaas-execution-duration
3.96
access-control-allow-headers
*
x-tt-trace-host
01f5655a88117b400144c82c3b0ac4996a1cbc7a61fec5c9604495fc3c7ee9792ad88213fdabc3dbeb460f895e15e6bfb94423f1e29800f91d2c3386dc41e2d6a355ecc8af608e88bdaaedec42f23b996c3371bdb4450aec4bae9a258b5fc653b71bc63355a748135a326efbbececa67f0
x-origin-response-time
13,23.218.219.52
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-credentials
true
access-control-allow-origin
*
x-tt-trace-id
00-241212060731A7B5075BA72350709305-45E3D06D4BC3CD55-00
content-length
0
x-parent-response-time
15,23.202.158.21
x-tt-logid
20241212060731A7B5075BA72350709305
server
nginx
pixel
analytics.tiktok.com/api/v2/
0
877 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.249.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-249-200.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.airasia.com/

Response headers

x-cache-remote
TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Thu, 12 Dec 2024 06:07:30 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=31, origin; dur=65, inner; dur=60
x-cache
TCP_MISS from a23-220-105-219.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Thu, 12 Dec 2024 06:07:30 GMT
x-akamai-request-id
19f035d0.88c81ad
access-control-allow-headers
Authorization,*
x-tt-trace-host
01f5655a88117b400144c82c3b0ac4996add1fb7efa6d45f560bb25f87e06add06146ed54bb80a075f2ea2ad9165ed3364ebb7c3a0d9e4b347856d2ac789f0548e9a98a7929867c9eeeda58d57bc723655104ce5f9e166e47c15b853467cde729acb9f18cf385f77c243ba55bf8600e210
x-origin-response-time
65,23.220.104.8
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241212060730637D616E6B617B51286F-1B6BC0D245215077-00
content-length
0
x-parent-response-time
75,23.220.105.219
x-tt-logid
20241212060730637D616E6B617B51286F
server
nginx
a
sg1.clevertap-prod.com/
219 B
840 B
Script
General
Full URL
https://sg1.clevertap-prod.com/a?t=96&type=push&d=N4IgLgngDgpiBcIYDcYDswgDROWAcgIYC2cihhA%2BoQDY2UDuMARpVIQOYoCWMTAJtlxgAIoTCEEoAAqcYAAiKkEIBmoB0hbgCdCAZ26F1AYwD2xIbK7swACxUB6W6bAwaDgMzGPH%2FgFYhADEAVzp5KxhZOxVbMDAoPXgHBzUGTR19QxNzJxc3T29fPwB%2BYLBiSlJ%2BbmDiAF4YYi0aADIyir1TYO1jGDqKSsJtAGsYMG40DjbyymMSdm4ONDqACQB5ABUAUQAZSgBZAE1KAHVpAFIAdgBhDcJjcbmaK%2BuVvOebgAYARh%2BAJk%2BfwALC98KEPtdiBAALToUGmNAwF4ASQwMG0aFoQmCenRcgwKn2pgAXtw6IQHH51J95AAKAAa32%2BAG55DsJsEAB7yTkADgAbJR%2BUCAJTyACCUCgNBgJxYAGluGBKR5LuoPPy6fKVht9jssPIaNxRvIAOIwYzDUxi662bTmGAOb4eb7Ut00gDKhAAZkNuCq1RqQABfHDcQSIIHC6EneVA6H83l%2BABaQigHAQ3xwPqkICNzBUTGY0L0%2FGG0OQrqZ6m%2BfzT9rApjMNBicQSIZwJ2TACV5ZRruL9tJcwxiFAEJ8cAxuGOJzgwDRjAgANoAXSnSsXK9XweDQAA%3D&rn=2&i=1733983649&sn=0&gc=51d98b6acb8d4087b3c707537ac5abf1&tries=1&useIP=false&r=1733983650248
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/clevertap.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-21.iad89.r.cloudfront.net
Software
CloudFront /
Resource Hash
3bf14c37ae458d1b9842c27e880e40c1e4b25df70d2e59d929a3b8cb66de3f37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

Content-Encoding
gzip
Expires
0
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
hdBJEs0nxa27lN3b3XCBG74-FJPyMmql64iCu2UmTXbsSarz0KqlJQ==
Date
Thu, 12 Dec 2024 06:07:30 GMT
Content-Type
text/javascript;charset=utf-8
Vary
Accept-Encoding, User-Agent
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
Cache-Control
no-cache, no-store, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Via
1.1 b471d3775e81a9be536b52b99f39452a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD89-C3
Server
CloudFront
a
sg1.clevertap-prod.com/
409 B
977 B
Script
General
Full URL
https://sg1.clevertap-prod.com/a?t=96&type=page&d=N4IgrgziBcIIZwPoFs4CcDWBTALgSwDsBzEAGnGRhC1TwBszwBjKgCwHscs6UBPRAO4AHAD444TfEzh0RHLrIAMARhUAmRWoAsIgmDqzkvALRYCu9gSwjCXNARmM8AEypaAbFuMB1ANJf3AA4AVgAtRiESaGVyOAAzGFA6PAAjKgEsFOMIZwxjADdlADplYuU1CLROdiZ2BlhWHBwhKABfciZItiaW6AB6PoEhorg8NDgIPDgi2uQ%2B%2BW4%2BgGYmJaXnYIB%2BMBxkFCxnPDBkAF4aUboAMh29iHYwNCYsE4QUdGx8YmvdxGlkIVGRAIJwAEgB5AAqAFEADKIACyAE1EN4AAoAUgA7ABhCESKQyLHYkGcbhElTqTRaIkAOX0dCJRlMBFpliwRIAkgQ7A4GORvKEAEq%2BRDYgCC8NRiRAAn%2BMEU5AEeDl0AVIBwdBY0AA2gBdRV4DVavWtVpAA&rn=3&i=1733983649&sn=0&gc=51d98b6acb8d4087b3c707537ac5abf1&tries=1&useIP=false&r=1733983650248
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/clevertap.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-21.iad89.r.cloudfront.net
Software
CloudFront /
Resource Hash
edc315e25bab44fa0268a6348d817c398cf3ed940d9b0517ca865b5814ecbffe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

Content-Encoding
gzip
Expires
0
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
J3QCXskjQ1rLCjLj95cB7-KXi7rJqQfzyT3e31iCQI64WNM1D_4PFQ==
Date
Thu, 12 Dec 2024 06:07:30 GMT
Content-Type
text/javascript;charset=utf-8
Vary
Accept-Encoding, User-Agent
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
Cache-Control
no-cache, no-store, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Via
1.1 b471d3775e81a9be536b52b99f39452a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD89-C3
Server
CloudFront
a
sg1.clevertap-prod.com/
219 B
835 B
Script
General
Full URL
https://sg1.clevertap-prod.com/a?t=96&type=push&d=N4IgLgngDgpiBcIYDcYDswgDROWAcgIYC2ciA7gF4BOA1gPoBmMYAxgBba5gAihYhBKEzwALAF8cASwAmCEKIBsogLQB1ANKrFADgCsALS5QA5ggCMOQoyEgANlIBG88jEcqAzjNork5gHTmAeYATMbUAPZgEawRdvLsYGBQHiCSIGoGAEoa9ADCAIIAsgAKtuTEUAgADDjkUpU1OGB2rAgA2gC6dVItbfBd4uJAAAA%3D&rn=4&i=1733983649&sn=0&gc=51d98b6acb8d4087b3c707537ac5abf1&tries=1&useIP=false&r=1733983650248
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/clevertap.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-21.iad89.r.cloudfront.net
Software
CloudFront /
Resource Hash
9897aeb469255f96d45c90a322033612feee2be7588f8ac72d3cc86a50da0e87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

Content-Encoding
gzip
Expires
0
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
Q-aafMiGmzhn2cvzbCQNeBy0n3CqS6ntINhnJW8mbTSyZ4IuJI_-0w==
Date
Thu, 12 Dec 2024 06:07:30 GMT
Content-Type
text/javascript;charset=utf-8
Vary
Accept-Encoding, User-Agent
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
Cache-Control
no-cache, no-store, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Via
1.1 b471d3775e81a9be536b52b99f39452a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD89-C3
Server
CloudFront
act
analytics.tiktok.com/api/v2/pixel/
0
883 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.249.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-249-200.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.airasia.com/

Response headers

x-cache-remote
TCP_MISS from a23-48-249-152.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Thu, 12 Dec 2024 06:07:30 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=118, origin; dur=80, inner; dur=51
x-cache
TCP_MISS from a23-220-105-219.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Thu, 12 Dec 2024 06:07:30 GMT
x-akamai-request-id
306ba16.88c8474
access-control-allow-headers
Authorization,*
x-tt-trace-host
01f5655a88117b400144c82c3b0ac4996add1fb7efa6d45f560bb25f87e06add06babb0d1588b6f7e5cfe395006538517b6734de3f0a4a993ba407329771b486bfdf37439055d60bc760892613271a973f37a1db74f982dec03626fdacf8043bd7eb973fa344a45d98afb20d3a3a65a0de
x-origin-response-time
81,23.48.249.152
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241212060730B94FBFA9F1CF1E6FF9FC-4CF87AFA9B3F5ECB-00
content-length
0
x-parent-response-time
186,23.220.105.219
x-tt-logid
20241212060730B94FBFA9F1CF1E6FF9FC
server
nginx
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=081600B650624BD4908D5A4D198FE2FE&RedC=c.clarity.ms&MXFR=0D309258009D6AE21B4E870B049D64FC
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=081600B650624BD4908D5A4D198FE2FE&MUID=04E665B7267E63980D4070E427D462F0
42 B
441 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=081600B650624BD4908D5A4D198FE2FE&MUID=04E665B7267E63980D4070E427D462F0
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"9270eb7934bdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Thu, 12 Dec 2024 06:07:31 GMT
content-type
image/gif
last-modified
Tue, 10 Dec 2024 13:00:24 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=081600B650624BD4908D5A4D198FE2FE&MUID=04E665B7267E63980D4070E427D462F0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BBA67D2B71CB4C3DADF012FDBFCCE721 Ref B: YTO01EDGE0513 Ref C: 2024-12-12T06:07:32Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Thu, 12 Dec 2024 06:07:31 GMT
x-powered-by
ASP.NET
HotelDetail.cea31b93.chunk.js
www.airasia.com/hotel-app/static/js/
395 B
801 B
Script
General
Full URL
https://www.airasia.com/hotel-app/static/js/HotelDetail.cea31b93.chunk.js
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.37.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Removed to hide name and version of potentially vulnerable application servers
Resource Hash
4537d6cf801a11d66376b4cc0ff806e81c8824a976c71e6aa08f0960703d329b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"67517d15-18b"
age
3984
x-cdn-geo-country
CA
x-content-type-options
nosniff
expires
Sun, 10 Dec 2034 06:07:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 06:07:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 05 Dec 2024 10:14:45 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
cache-control
public, max-age=315360000
x-envoy-upstream-service-time
39
x-cdn-geo-city
Toronto
cf-ray
8f0b88dbdf063a02-YYZ
x-powered-by
Removed to hide name and version of potentially vulnerable application servers
server
cloudflare
favicon.ico
www.airasia.com/hotel-app/
15 KB
4 KB
Other
General
Full URL
https://www.airasia.com/hotel-app/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.37.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Removed to hide name and version of potentially vulnerable application servers
Resource Hash
ad08524b38e619f2acb9c1d7b6a28784afa341f7056fb0ba6abaf7e4d1928c16
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"6758fb8b-3c2e"
x-cdn-geo-country
CA
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 06:07:31 GMT
content-type
image/x-icon
last-modified
Wed, 11 Dec 2024 02:40:11 GMT
vary
Accept-Encoding
priority
u=1,i
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
cache-control
no-cache
x-envoy-upstream-service-time
53
x-cdn-geo-city
Toronto
cf-ray
8f0b88dc1f2c3a02-YYZ
x-powered-by
Removed to hide name and version of potentially vulnerable application servers
server
cloudflare
4.809f92d7.chunk.js
www.airasia.com/hotel-app/static/js/
385 KB
88 KB
Script
General
Full URL
https://www.airasia.com/hotel-app/static/js/4.809f92d7.chunk.js
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.37.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Removed to hide name and version of potentially vulnerable application servers
Resource Hash
7eb2f99dc6eae18a371e933a3f835e08a5f77ebb7990947be0e9f9fae33c1cb7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"673f08eb-60421"
age
3984
x-cdn-geo-country
CA
x-content-type-options
nosniff
expires
Sun, 10 Dec 2034 06:07:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 06:07:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 21 Nov 2024 10:18:19 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
cache-control
public, max-age=315360000
x-envoy-upstream-service-time
47
x-cdn-geo-city
Toronto
cf-ray
8f0b88dc2f3e3a02-YYZ
x-powered-by
Removed to hide name and version of potentially vulnerable application servers
server
cloudflare
41.4db7ef81.chunk.css
www.airasia.com/hotel-app/static/css/
15 KB
5 KB
Stylesheet
General
Full URL
https://www.airasia.com/hotel-app/static/css/41.4db7ef81.chunk.css
Requested by
Host: www.airasia.com
URL: https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.37.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Removed to hide name and version of potentially vulnerable application servers
Resource Hash
cd9adebb901fa59598c4bd4976d9e93c2dcf3a1403205540a634df05b998a268
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/hotel/3c33d5?utm_medium=email&utm_source=aa_marketing&utm_campaign=HOTEL_MY_WP%7CTactical%7CHotel%7C01012024%7CNull%7Cmy-en%7CNone%7CInternal

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"673f08eb-3b4d"
age
3984
x-cdn-geo-country
CA
x-content-type-options
nosniff
expires
Sun, 10 Dec 2034 06:07:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 06:07:31 GMT
content-type
text/css
last-modified
Thu, 21 Nov 2024 10:18:19 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
cache-control
public, max-age=315360000
x-envoy-upstream-service-time
39
x-cdn-geo-city
Toronto
cf-ray
8f0b88dc2f3f3a02-YYZ
x-powered-by
Removed to hide name and version of potentially vulnerable application servers
server
cloudflare
41.bee0a22e.chunk.js
www.airasia.com/hotel-app/static/js/
0
0

44.210638a8.chunk.js
www.airasia.com/hotel-app/static/js/
0
0

collect
d.clarity.ms/
0
279 B
XHR
General
Full URL
https://d.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.58/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
57.151.77.234 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.airasia.com/

Response headers

Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
Access-Control-Allow-Origin
https://www.airasia.com
Date
Thu, 12 Dec 2024 06:07:32 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-BVKREMZ0BK&gtm=45je4cb0v9118536502za200zb856459843&_p=1733983648541&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=1420636677.1733983650&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&sid=1733983649&sct=1&seg=0&dl=https%3A%2F%2Fwww.airasia.com%2Fhotel%2F3c33d5%3Futm_medium%3Demail%26utm_source%3Daa_marketing%26utm_campaign%3DHOTEL_MY_WP%257CTactical%257CHotel%257C01012024%257CNull%257Cmy-en%257CNone%257CInternal&dt=&en=scroll&ep.lineofbusiness=Hotels%20SA&epn.percent_scrolled=90&_et=64&tfd=7484
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BVKREMZ0BK&l=gtmDataLayer&cx=c&gtm=45He4cb0v856459843za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.airasia.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.airasia.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 06:07:34 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.airasia.com
URL
https://www.airasia.com/hotel-app/static/js/41.bee0a22e.chunk.js
Domain
www.airasia.com
URL
https://www.airasia.com/hotel-app/static/js/44.210638a8.chunk.js

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| gtmDataLayer object| webpackJsonp@airasia-hotels/web object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue function| $ function| jQuery object| google_tag_manager function| postscribe object| google_tag_manager_external object| clevertap string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _fbq_gtm_ids object| props object| message string| AppsFlyerSdkObject function| AF string| TiktokAnalyticsObject object| ttq function| clarity number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime object| IntlPolyfill function| _ object| google_reactive_ads_global_state function| onYouTubeIframeAPIReady object| gaGlobal object| AF_cleanupMethods object| $WZRK_WR object| $CLTP_WR number| oulReqN object| wizrocket object| gaplugins object| gaData object| AF_SDK function| UET function| UET_init function| UET_push object| ueto_e49f7126de object| uetq object| clarityuetq object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks

30 Cookies

Domain/Path Name / Value
.airasia.com/ Name: __cf_bm
Value: DKLh0_FAHcC6Ff2wa_R53UMLKuYF3YyAQKzp.wsLKOk-1733983648-1.0.1.1-9iQbRxd0Ur9i_7LDPDwkzng2jgS8F4VMdjRa83UYkfXVxi9CXAq.2T.Zl5D2vrD32gfVzB4CkXUiAhp.ZvW8zw
.airasia.com/ Name: _cfuvid
Value: tq9tHBWNJWj8IFC0A_G.eUAtSs8eEts5dKiwmtnm2ew-1733983648435-0.0.1.1-604800000
.airasia.com/ Name: _gcl_au
Value: 1.1.1262049049.1733983649
.airasia.com/ Name: attribution
Value: aa_marketing
www.clarity.ms/ Name: CLID
Value: 3b41afc28e474337b8bf265846ad3b7b.20241212.20251212
.tiktok.com/ Name: _ttp
Value: 2q6WkisnpOpozcUurz1inX16Tzh
.airasia.com/ Name: _ga
Value: GA1.1.1420636677.1733983650
.airasia.com/ Name: __airasiaga
Value: GA1.2.1420636677.1733983650
.airasia.com/ Name: __airasiaga_gid
Value: GA1.2.88244321.1733983650
.airasia.com/ Name: _dc_gtm_UA-8932346-1
Value: 1
.airasia.com/ Name: _ga_BVKREMZ0BK
Value: GS1.1.1733983649.1.0.1733983649.0.0.0
.airasia.com/ Name: _fbp
Value: fb.1.1733983649883.690069827434942484
.airasia.com/ Name: _uetsid
Value: 5e82f330b84f11efb9494d3c5288eb43
.airasia.com/ Name: _uetvid
Value: 5e8318b0b84f11ef81cc8987c9b49914
.bing.com/ Name: MUID
Value: 04E665B7267E63980D4070E427D462F0
.bat.bing.com/ Name: MR
Value: 0
.airasia.com/ Name: _clck
Value: zopfrg%7C2%7Cfrn%7C0%7C1807
.airasia.com/ Name: _tt_enable_cookie
Value: 1
.airasia.com/ Name: _ttp
Value: z60kU5T9OvBjVeCXQKrPx_wQOW7.tt.1
.airasia.com/ Name: WZRK_G
Value: 51d98b6acb8d4087b3c707537ac5abf1
.airasia.com/ Name: _clsk
Value: eljyk%7C1733983650305%7C1%7C0%7Cd.clarity.ms%2Fcollect
.airasia.com/ Name: WZRK_S_464-WK4-685Z
Value: %7B%22p%22%3A1%2C%22s%22%3A1733983650%2C%22t%22%3A1733983651%7D
www.airasia.com/ Name: uhfLocale
Value: en-gb
.airasia.com/ Name: __cfseq-0NfTSbTEY
Value: qF1Lq3B9NqGoHE5Z9nIFu_ZGKwdHgGwivHaN7nIHL4p2mmNCzZhxDssFhfcSiSPPNmB3e02TIehp_Ysa
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 04E665B7267E63980D4070E427D462F0
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 04E665B7267E63980D4070E427D462F0
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airasia.page.link
ajax.googleapis.com
analytics.pangle-ads.com
analytics.tiktok.com
bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
d.clarity.ms
d2r1yp2w7bby2u.cloudfront.net
securepubads.g.doubleclick.net
sg1.clevertap-prod.com
static.airasia.com
stats.g.doubleclick.net
t.airasia.com
websdk.appsflyer.com
www.airasia.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.airasia.com
104.18.37.96
13.107.21.237
13.107.246.40
150.171.27.10
172.217.197.157
172.217.222.97
172.64.149.96
173.194.175.95
173.194.204.132
173.223.163.216
18.160.10.92
20.110.205.119
209.85.144.154
209.85.201.139
23.212.249.200
31.13.66.19
31.13.66.35
34.96.77.173
52.85.151.21
57.151.77.234
74.125.192.104
99.84.208.8
0ba6b163f965f258c24888cf11c6dfe0d044de0800284da2e78a3faf7bd12925
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e1863aed6a28a4de3c563d2fb30e3d24c00d11e11edc12e9d1525d500fe449e
23df8f1d1a1a76b054f64156a6d68f42801f3be63964fcde3f3fc15c3af1d6d4
2ad050a2e4a24bf825aedf2e755fe312fba25bd280e75b635d570aa3a643f3c5
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2de281c4a5d008ba040b248c7b03543ff975f2be23a2ae60f02dc6c099844f06
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3bf14c37ae458d1b9842c27e880e40c1e4b25df70d2e59d929a3b8cb66de3f37
3c98bc7104de9761f51d2cd1e6d634bdd32450b8a6e64c6d08258e55857bf650
3e63ee66b9db436c0738fdcfad9340135b640f2ac85eb04498fdb7ad2067592b
44af0ffe2c82a6d064ec5d73437022a1d235266e5330d366fc99e3a7aa9e9999
4537d6cf801a11d66376b4cc0ff806e81c8824a976c71e6aa08f0960703d329b
46f469ad62dd02a2a06b94adcecbc7b1d5f77180df1a5a1f557fed1e753c3697
49ad197d50d76d8d8012fbd05ac258794316e28c3b12ea52775fe20eea16ea43
5fe2bdf5b0a8048d4c49eda4df8a31c3615a946729ff7e253b265dd277ca589b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7109cb0318929f39fa8667caaf50753680964a2425a4c4aa028570151e244e69
764520c1fa6e312f25d57880c06a8d8b3a7fc4fe51fdf7463d8e92de8bf7d942
7748ff868dd95571d40d61110ce3e7e516ecb1733dc8aedd8f82e5b77d62288e
778b4e745c483b45fbf16daf8ff15b76f039a13c917eeddb40dd2d3b72b4e1db
7d60c0cd0647ecb04df42bcfd2acd351c105c2d89e2b401ba03b0845336170e7
7eb2f99dc6eae18a371e933a3f835e08a5f77ebb7990947be0e9f9fae33c1cb7
82c83a7808ca2c0da036bb2152f992bcb89c7302308797035c12589ed5fafad0
89b3a45d5105208c4af4baefa6d83ecf02d64cf50c1877a3a3938aaf8e479320
8f6d88c2b7f20165864f96ccbcada8eded14dcfb2a9c9e4b4c30713dbc3bc125
9897aeb469255f96d45c90a322033612feee2be7588f8ac72d3cc86a50da0e87
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ce651dc1362329cd90c6f22483368cec08256ae79c1c70600bc635ddd1b82d7
9d2ad6bcd971b565ee59d01003c4e67da96889a39b5da456da7efd99d74a0eb4
9f73c7a09db4dedb3ab232af7271dd94da7c159f9dc4d79817e888a5d4aeb0b6
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ad08524b38e619f2acb9c1d7b6a28784afa341f7056fb0ba6abaf7e4d1928c16
bf12911f3d0419e1b256f9805e5541b2a023afd05ac4d550cd04916e39c53e44
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
cb22d039377551a2803c2689cfd937857d0252ca00ddc8558f7db51c6c18a1ba
cd9adebb901fa59598c4bd4976d9e93c2dcf3a1403205540a634df05b998a268
ce3ed78c2d9f59db0fc48081c0bcd1d8671c65865143eb7ab0f5985240123b31
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57f584dc164284e3994776f7ddd7de42d54921a30f096ca971f676b2f5942c7
edc315e25bab44fa0268a6348d817c398cf3ed940d9b0517ca865b5814ecbffe
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a