Submitted URL: https://portal.iata.org/s/manage-service?serviceId=a2w5J000005rvfDQAQ
Effective URL: https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ
Submission: On October 28 via manual from US — Scanned from DE

Summary

This website contacted 12 IPs in 4 countries across 16 domains to perform 52 HTTP transactions. The main IP is 2606:4700::6810:d3e3, located in United States and belongs to CLOUDFLARENET, US. The main domain is portal.iata.org. The Cisco Umbrella rank of the primary domain is 249942.
TLS certificate: Issued by E6 on September 27th 2024. Valid for: 3 months.
This is the only time portal.iata.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 27 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
2 18.66.102.106 16509 (AMAZON-02)
1 52.215.19.194 16509 (AMAZON-02)
1 13.33.187.92 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.40 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
52 12
Apex Domain
Subdomains
Transfer
28 iata.org
portal.iata.org — Cisco Umbrella Rank: 249942
www.iata.org — Cisco Umbrella Rank: 281764
2 MB
6 userguiding.com
static.userguiding.com — Cisco Umbrella Rank: 37820
user.userguiding.com — Cisco Umbrella Rank: 44940
596 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
468 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 877
script.hotjar.com — Cisco Umbrella Rank: 1177
68 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
544 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4401
1 usabilla.com
w.usabilla.com — Cisco Umbrella Rank: 6257
91 B
0 pardot.com Failed
pi.pardot.com Failed
0 google.de Failed
www.google.de Failed
0 linkedin.com Failed
px.ads.linkedin.com Failed
0 bing.com Failed
bat.bing.com Failed
0 clarity.ms Failed
www.clarity.ms Failed
0 facebook.net Failed
connect.facebook.net Failed
0 ads-twitter.com Failed
static.ads-twitter.com Failed
0 licdn.com Failed
snap.licdn.com Failed
52 16
Domain Requested by
27 portal.iata.org 2 redirects portal.iata.org
client
5 www.googletagmanager.com portal.iata.org
www.googletagmanager.com
4 user.userguiding.com static.userguiding.com
2 static.hotjar.com portal.iata.org
www.googletagmanager.com
2 static.userguiding.com portal.iata.org
static.userguiding.com
1 www.iata.org
1 www.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 w.usabilla.com portal.iata.org
0 pi.pardot.com Failed portal.iata.org
0 www.google.de Failed portal.iata.org
0 px.ads.linkedin.com Failed portal.iata.org
0 bat.bing.com Failed portal.iata.org
0 www.clarity.ms Failed portal.iata.org
0 connect.facebook.net Failed portal.iata.org
0 static.ads-twitter.com Failed www.googletagmanager.com
0 snap.licdn.com Failed www.googletagmanager.com
52 19

This site contains no links.

Subject Issuer Validity Valid
iata.org
E6
2024-09-27 -
2024-12-26
3 months crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
static.userguiding.com
WE1
2024-09-21 -
2024-12-20
3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
w.usabilla.com
Amazon RSA 2048 M02
2023-12-12 -
2025-01-09
a year crt.sh
*.g.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
user.userguiding.com
WE1
2024-09-21 -
2024-12-20
3 months crt.sh
www.iata.org
WE1
2024-10-20 -
2025-01-18
3 months crt.sh

This page contains 3 frames:

Primary Page: https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ
Frame ID: 5F97FDEF2CD2838D3D752EDA6FDD5DD2
Requests: 48 HTTP requests in this frame

Frame: https://w.usabilla.com/1a0de5663501.js?lv=1
Frame ID: 1B17BFC247FFEA018F41045F5493E460
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fportal.iata.org
Frame ID: 3183F9EF74F5EED83E538A16C05A95A7
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

IATA │Login

Page URL History Show full URLs

  1. https://portal.iata.org/s/manage-service?serviceId=a2w5J000005rvfDQAQ Page URL
  2. https://portal.iata.org/s/login?ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ HTTP 302
    https://portal.iata.org/s/login/?ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ HTTP 301
    https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3D... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

52
Requests

85 %
HTTPS

64 %
IPv6

16
Domains

19
Subdomains

12
IPs

4
Countries

3247 kB
Transfer

12184 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://portal.iata.org/s/manage-service?serviceId=a2w5J000005rvfDQAQ Page URL
  2. https://portal.iata.org/s/login?ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ HTTP 302
    https://portal.iata.org/s/login/?ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ HTTP 301
    https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
manage-service
portal.iata.org/s/
1 KB
1 KB
Document
General
Full URL
https://portal.iata.org/s/manage-service?serviceId=a2w5J000005rvfDQAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56f53701629ee4bdea9be63735c6cbfb6685fb6e4cb60f65c36256004e9cf540
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
must-revalidate,no-cache,no-store
cf-cache-status
DYNAMIC
cf-ray
8d9b9216babe046e-FRA
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 28 Oct 2024 14:21:09 GMT
referrer-policy
origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
Primary Request /
portal.iata.org/s/login/
Redirect Chain
  • https://portal.iata.org/s/login?ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ
  • https://portal.iata.org/s/login/?ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ
  • https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ
125 KB
36 KB
Document
General
Full URL
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ
Requested by
Host: portal.iata.org
URL: https://portal.iata.org/s/manage-service?serviceId=a2w5J000005rvfDQAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89de4e022d9b1e553f9f9b1e855348ee9b5049082a906d751c50116a066041d8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://portal.iata.org/s/manage-service?serviceId=a2w5J000005rvfDQAQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache,must-revalidate,max-age=0,no-store,private
cf-cache-status
DYNAMIC
cf-ray
8d9b9219dd85046e-FRA
content-encoding
gzip
content-security-policy
upgrade-insecure-requests frame-ancestors 'self'
content-type
text/html;charset=UTF-8
date
Mon, 28 Oct 2024 14:21:10 GMT
expires
Sun, 29 Oct 2023 14:21:10 GMT
last-modified
Sun, 29 Oct 2023 14:21:10 GMT
link
</s/sfsites/auraFW/javascript/ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y/aura_prod.js>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%221098_tQKVlGdULQCUmbU4xaKFpw%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDEwMDBlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/resources.js?pu=1&pv=1730118896000-1344508320&rv=1728688762000>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-9.320.2-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%221098_tQKVlGdULQCUmbU4xaKFpw%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/app.js?3=>;rel=preload;as=script;nopush
referrer-policy
origin-when-cross-origin
server
cloudflare
server-timing
Total;dur=340
strict-transport-security
max-age=63072000; includeSubDomains
timing-allow-origin
*
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

cache-control
no-cache,must-revalidate,max-age=0,no-store,private
cf-cache-status
DYNAMIC
cf-ray
8d9b92196d12046e-FRA
content-security-policy
upgrade-insecure-requests
date
Mon, 28 Oct 2024 14:21:10 GMT
location
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ
referrer-policy
origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
aura_prod.js
portal.iata.org/s/sfsites/auraFW/javascript/ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y/
859 KB
269 KB
Script
General
Full URL
https://portal.iata.org/s/sfsites/auraFW/javascript/ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb4ae9169bdff3cfdf12e499e92089bbdf1779031731c2607f73b621504fe44
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ

Response headers

access-control-expose-headers
Server-Timing
content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
server-timing
Total;dur=34
date
Mon, 28 Oct 2024 14:21:10 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 27 Oct 2024 14:21:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
referrer-policy
origin-when-cross-origin
cf-ray
8d9b921c5862046e-FRA
access-control-allow-origin
*
server
cloudflare
resources.js
portal.iata.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc...
25 KB
8 KB
Script
General
Full URL
https://portal.iata.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%221098_tQKVlGdULQCUmbU4xaKFpw%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDEwMDBlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/resources.js?pu=1&pv=1730118896000-1344508320&rv=1728688762000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bd5a9e182e16e4ac04df736cd2013650b5d4827ea6771d78d8b2386c1cf815b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public,max-age=31536000,immutable
content-encoding
gzip
cf-cache-status
DYNAMIC
referrer-policy
origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8d9b921c5864046e-FRA
access-control-allow-origin
*
date
Mon, 28 Oct 2024 14:21:10 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
last-modified
Sun, 27 Oct 2024 14:21:10 GMT
app.js
portal.iata.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-9.320.2-b%22%2C%22parts%22%3A%22f%22%2C%22...
3 MB
599 KB
Script
General
Full URL
https://portal.iata.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-9.320.2-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%221098_tQKVlGdULQCUmbU4xaKFpw%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/app.js?3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad60f60d86e4ef8e55e00b756be39ce34acb8a6722be4aa02f3905300e09785
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public,max-age=31536000,immutable
content-encoding
gzip
cf-cache-status
DYNAMIC
referrer-policy
origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8d9b921c5867046e-FRA
access-control-allow-origin
*
date
Mon, 28 Oct 2024 14:21:10 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
last-modified
Sun, 27 Oct 2024 14:21:10 GMT
gtm.js
www.googletagmanager.com/
556 KB
146 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T883LZ
Requested by
Host: portal.iata.org
URL: https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
22bff6a72701a579997d712be48ab92cfb4308343d212034f9d73b24581c5157
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/

Response headers

content-encoding
gzip
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 28 Oct 2024 14:21:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 14:21:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 28 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
149163
x-xss-protection
0
server
Google Tag Manager
user-guiding-90459458ID-embedded.js
static.userguiding.com/media/
2 MB
584 KB
Script
General
Full URL
https://static.userguiding.com/media/user-guiding-90459458ID-embedded.js
Requested by
Host: portal.iata.org
URL: https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4693 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5444e24f774ac78d39c6d3e056e8ad24e782b4012ae62f1dcc1e64bf80afa1b5
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/

Response headers

x-robots-tag
noindex,nofollow
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"230ceb-192d350db79"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qI5shsg2VPx0FWCXJqCsJGQO25Abpy%2Bs8fSGxpePbAAG8o7XxUpG%2Fvb%2Fa8u8UP94oSXRgYTrQI4NfReSrxrnhXALFSMlLlj%2FbD0%2FTCvcCUiF2ln0wlOrzidJA%2BJLPI6ytp8wyWEZCwHb8UrFmE4HGgJ7xOU%3D"}],"group":"cf-nel","max_age":604800}
date
Mon, 28 Oct 2024 14:21:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 28 Oct 2024 13:29:04 GMT
x-sent
true
strict-transport-security
max-age=0; includeSubDomains
cache-control
public, max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timestamp
1730122155448
cf-ray
8d9b921cfa3cdbe4-FRA
access-control-allow-origin
*
x-powered-by
Express
server
cloudflare
hotjar-1472678.js
static.hotjar.com/c/
13 KB
6 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1472678.js?sv=6
Requested by
Host: portal.iata.org
URL: https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-106.fra56.r.cloudfront.net
Software
/
Resource Hash
a9e8c44fa475dbcacaea90ba428ae83d1fa591f28ecf52ec81918333b59f5d92
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/

Response headers

content-encoding
br
etag
W/acb8b483fb36332fd260d95ea786983b
age
45
x-content-type-options
nosniff
x-cache-hit
1
x-cache
Hit from cloudfront
x-amz-cf-id
3K8baai1gVd3xWmAZBFhmGaRkzrNJZnSDOljP9KI8QLvSzxG2YzWXA==
date
Mon, 28 Oct 2024 14:20:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P2
fonts.css
portal.iata.org/s/sfsites/runtimedownload/
0
281 B
Stylesheet
General
Full URL
https://portal.iata.org/s/sfsites/runtimedownload/fonts.css?lastMod=1685521714000&brandSet=0bef5b57-3b4d-47b8-b6b9-b2ee0240183e
Requested by
Host: portal.iata.org
URL: https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public,max-age=31536000
content-encoding
gzip
cf-cache-status
DYNAMIC
referrer-policy
origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8d9b921c7887046e-FRA
expires
Tue, 28 Oct 2025 14:21:10 GMT
date
Mon, 28 Oct 2024 14:21:10 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 31 May 2023 08:28:34 GMT
vary
Accept-Encoding
server
cloudflare
CSP_Stylesheet
portal.iata.org/s/sfsites/c/resource/
66 KB
11 KB
Stylesheet
General
Full URL
https://portal.iata.org/s/sfsites/c/resource/CSP_Stylesheet
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
722294591ac08a241333b66067e9aba5bcf88d447cab22627fdaf884d3ac28ce
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
origin-trial
AqlAE64ET63tVSana3qdVkfkPAgyUhY8GwcehUlpqv067CevOpumeNUlx9YouLkBxJ0CT+EwIb8/SiNbF2NGvwYAAABfeyJvcmlnaW4iOiJodHRwczovL3NhbGVzZm9yY2UuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 14:21:10 GMT
p3p
CP="CUR OTR STA"
date
Mon, 28 Oct 2024 14:21:10 GMT
content-type
text/css
last-modified
Wed, 25 Sep 2024 08:16:15 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public,max-age=3888000
referrer-policy
origin-when-cross-origin
cf-ray
8d9b921c7889046e-FRA
server
cloudflare
CSP_Login_CSS
portal.iata.org/s/sfsites/c/resource/
4 KB
1 KB
Stylesheet
General
Full URL
https://portal.iata.org/s/sfsites/c/resource/CSP_Login_CSS
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c0b9fb3dfc989c46fc17bea04096b70487b509ac62f4e9acb7f5b7f2197d7eb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
origin-trial
AqlAE64ET63tVSana3qdVkfkPAgyUhY8GwcehUlpqv067CevOpumeNUlx9YouLkBxJ0CT+EwIb8/SiNbF2NGvwYAAABfeyJvcmlnaW4iOiJodHRwczovL3NhbGVzZm9yY2UuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 14:21:10 GMT
p3p
CP="CUR OTR STA"
date
Mon, 28 Oct 2024 14:21:10 GMT
content-type
text/css
last-modified
Wed, 31 May 2023 07:43:44 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public,max-age=3888000
referrer-policy
origin-when-cross-origin
cf-ray
8d9b921c888b046e-FRA
server
cloudflare
bootstrap.js
portal.iata.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc...
662 KB
148 KB
Script
General
Full URL
https://portal.iata.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%221098_tQKVlGdULQCUmbU4xaKFpw%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDEwMDBlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/bootstrap.js?aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%220bef5b57-3b4d-47b8-b6b9-b2ee0240183e%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%2243cd01cb-d8be-47c7-89c2-43caa1c83a49%22%2C%22publishedChangelistNum%22%3A%22171%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22wn5WlotyCpjGpDiMB6rvoYwH6AcEo6%22%2C%22uds%22%3A%22false%22%2C%22viewType%22%3A%22Published%22%7D
Requested by
Host: portal.iata.org
URL: https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b613159921818a6aacd0dbf6a8bc97eb60bfef646f09b95d437db5a8653f2ae1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
content-encoding
gzip
cf-cache-status
DYNAMIC
referrer-policy
origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8d9b921c8891046e-FRA
expires
Sun, 29 Oct 2023 14:21:10 GMT
access-control-allow-origin
*
date
Mon, 28 Oct 2024 14:21:10 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Sun, 29 Oct 2023 14:21:10 GMT
vary
Accept-Encoding
server
cloudflare
1a0de5663501.js
w.usabilla.com/ Frame 1B17
0
91 B
Script
General
Full URL
https://w.usabilla.com/1a0de5663501.js?lv=1
Requested by
Host: portal.iata.org
URL: https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.19.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-19-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/

Response headers

cache-control
public, max-age=60
date
Mon, 28 Oct 2024 14:21:10 GMT
pragma
no-cache
x-widget-server
2.1
modules.67d7d905831ab88336d0.js
script.hotjar.com/
221 KB
55 KB
Script
General
Full URL
https://script.hotjar.com/modules.67d7d905831ab88336d0.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1472678.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-92.fra60.r.cloudfront.net
Software
/
Resource Hash
e8d7cc2b6e93524746e8e404110e2522af2e36914863a25c68cf059c12e71c77
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/

Response headers

x-robots-tag
none
content-encoding
br
etag
"6e5092134a127e6f8514c54f7a9125c5"
age
344103
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
8UfAg12nhnuS2xg2LeS8GRrN0OkArMl8HAWbCB7XEKBCY0JOmjw5WQ==
date
Thu, 24 Oct 2024 14:46:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 24 Oct 2024 14:45:43 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 2e8126aebd83e92e3cf50c4f9c832912.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56085
x-amz-cf-pop
FRA60-P9
app.css
portal.iata.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3...
1 MB
134 KB
Stylesheet
General
Full URL
https://portal.iata.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%221098_tQKVlGdULQCUmbU4xaKFpw%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%223%22%2C%22SLDS%22%2C%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AnapiliAuraTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AneutralTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%5D%2C%22tuid%22%3A%22LfElQ1LjcoD20YhoJRbMyQ%22%2C%22cuid%22%3A-1360922874%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css?3=&aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%220bef5b57-3b4d-47b8-b6b9-b2ee0240183e%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%2243cd01cb-d8be-47c7-89c2-43caa1c83a49%22%2C%22publishedChangelistNum%22%3A%22171%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22wn5WlotyCpjGpDiMB6rvoYwH6AcEo6%22%2C%22uds%22%3A%22false%22%2C%22viewType%22%3A%22Published%22%7D
Requested by
Host: portal.iata.org
URL: https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cad58a9aad75e7cdd90c086b42e938d9fe4a28b63557bec425f9bed25a2e56d6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public,max-age=31536000,immutable
content-encoding
gzip
cf-cache-status
DYNAMIC
referrer-policy
origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8d9b921d79c5046e-FRA
access-control-allow-origin
*
date
Mon, 28 Oct 2024 14:21:10 GMT
content-type
text/css;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
last-modified
Sun, 27 Oct 2024 14:21:10 GMT
js
www.googletagmanager.com/gtag/
348 KB
112 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PLLG1EY0X0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T883LZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9c08a0d262f031ef15028ea95eda684f9d49d5945c4542900f0e3fb0ed642311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 28 Oct 2024 14:21:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 14:21:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
114811
x-xss-protection
0
server
Google Tag Manager
hotjar-1723475.js
static.hotjar.com/c/
19 KB
7 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1723475.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T883LZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-106.fra56.r.cloudfront.net
Software
/
Resource Hash
df16b43c4fe4b4993a60333617cd993c37199c15832aeccd76460046e1952834
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/

Response headers

content-encoding
br
etag
W/8327fd7f4d6d9b0f939a2e9646ee1f29
age
57
x-content-type-options
nosniff
x-cache-hit
1
x-cache
Hit from cloudfront
x-amz-cf-id
oGT9k14mJyTNvce0LJUizIKkb_9jWjVDcZhPDd0r02NIyv-J0_2c_w==
date
Mon, 28 Oct 2024 14:20:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P2
insight.min.js
snap.licdn.com/li.lms-analytics/
0
0

uwt.js
static.ads-twitter.com/
0
0

fbevents.js
connect.facebook.net/en_US/
0
0

js
www.googletagmanager.com/gtag/
285 KB
97 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1048537815
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T883LZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ff894b080d19bde14334cd529760e7d0cc536c7bda104f900d7da35e1e2eb70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 28 Oct 2024 14:21:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 14:21:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 28 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99652
x-xss-protection
0
server
Google Tag Manager
fnicb5lgf6
www.clarity.ms/tag/
0
0

bat.js
bat.bing.com/
0
0

collect
px.ads.linkedin.com/
0
0

sdk-90459458ID.json
static.userguiding.com/media/
58 KB
10 KB
XHR
General
Full URL
https://static.userguiding.com/media/sdk-90459458ID.json
Requested by
Host: static.userguiding.com
URL: https://static.userguiding.com/media/user-guiding-90459458ID-embedded.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4693 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
60ba66850695bee3e4a09187268e67b506054cfbcb3ca0489d0a830deec89ab9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://portal.iata.org/

Response headers

x-robots-tag
noindex,nofollow
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"e7cf-192d36f4cd6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CeXauuPFzHlV5jIU7JLj7IyVIUZasiGOOJRh9H5JpudkKWZRkOGu%2BmstOxwqf1JFqmgOL2rSJdLFs0EL9SeT5phjxpc%2FkIeY%2BabruENPbFP1bpdknDxxrWux6PIHTHDd%2FvQ1Hm2eT9E4s2eYvpS57Vv6zxQ%3D"}],"group":"cf-nel","max_age":604800}
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
application/json; charset=UTF-8
last-modified
Mon, 28 Oct 2024 14:02:19 GMT
x-sent
true
strict-transport-security
max-age=0; includeSubDomains
cache-control
public, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timestamp
1730125271091
cf-ray
8d9b921ff95c9754-FRA
access-control-allow-origin
*
x-powered-by
Express
server
cloudflare
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 3183
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fportal.iata.org
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1048537815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
578462
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Mon, 21 Oct 2024 21:40:09 GMT
expires
Tue, 21 Oct 2025 21:40:09 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-PLLG1EY0X0&gtm=45je4ao0v890028022za200zb71611487&_p=1730125270472&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848&cid=1689968834.1730125271&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=1&dl=https%3A%2F%2Fportal.iata.org%2Fs%2Flogin%2F%3Flanguage%3Den_US%26ec%3D302%26startURL%3D%252Fs%252Fmanage-service%253FserviceId%253Da2w5J000005rvfDQAQ&sid=1730125271&sct=1&seg=0&dr=https%3A%2F%2Fportal.iata.org%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ&dt=Login%20Template%20Title&en=scroll&_fv=1&_nsi=1&_ss=1&ep.utm_source=&ep.utm_medium=&ep.utm_campaign=&ep.utm_content=&ep.utm_term=&epn.percent_scrolled=90&tfd=1377
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PLLG1EY0X0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://portal.iata.org
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
544 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PLLG1EY0X0&cid=1689968834.1730125271&gtm=45je4ao0v890028022za200zb71611487&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101823848
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PLLG1EY0X0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://portal.iata.org
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/
0
0

analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T883LZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/

Response headers

content-encoding
gzip
age
3062
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 15:30:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 13:30:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
aura
portal.iata.org/s/sfsites/
257 KB
49 KB
XHR
General
Full URL
https://portal.iata.org/s/sfsites/aura?message=%7B%22actions%22%3A%5B%7B%22descriptor%22%3A%22serviceComponent%3A%2F%2Fui.comm.runtime.components.aura.components.siteforce.controller.PubliclyCacheableComponentLoaderController%2FACTION%24getPageComponent%22%2C%22callingDescriptor%22%3A%22UNKNOWN%22%2C%22params%22%3A%7B%22attributes%22%3A%7B%22viewId%22%3A%22c988a7e5-df37-48e3-a9f9-08a825c7f296%22%2C%22routeType%22%3A%22login-home%22%2C%22themeLayoutType%22%3A%22wn5WlotyCpjGpDiMB6rvoYwH6AcEo6%22%2C%22params%22%3A%7B%22language%22%3A%22%22%2C%22ec%22%3A%22%22%2C%22startURL%22%3A%22%22%2C%22viewid%22%3A%220e10c777-45ba-4dfc-b5ee-be701a175063%22%2C%22view_uddid%22%3A%22%22%2C%22entity_name%22%3A%22%22%2C%22audience_name%22%3A%22%22%2C%22picasso_id%22%3A%22%22%2C%22routeId%22%3A%22%22%7D%2C%22hasAttrVaringCmps%22%3Afalse%2C%22pageLoadType%22%3A%22STANDARD_PAGE_CONTENT%22%2C%22includeLayout%22%3Atrue%7D%2C%22publishedChangelistNum%22%3A171%2C%22brandingSetId%22%3A%220bef5b57-3b4d-47b8-b6b9-b2ee0240183e%22%7D%7D%5D%7D&aura.context=%7B%22mode%22%3A%22PROD%22%2C%22fwuid%22%3A%22ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%221098_tQKVlGdULQCUmbU4xaKFpw%22%7D%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDEwMDBlbl9VUw%22%2C%22uad%22%3Afalse%7D&aura.isAction=true
Requested by
Host: portal.iata.org
URL: https://portal.iata.org/s/sfsites/auraFW/javascript/ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94a558d31a49b64f233549db2c4df06497fb4c126b1c0d53e3a402219873559a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-SFDC-Page-Scope-Id
eba32eeb-47de-44ae-947a-2bbfdf22b74f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public,max-age=1800
content-encoding
gzip
cf-cache-status
DYNAMIC
referrer-policy
origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8d9b92219eb7046e-FRA
expires
Sun, 29 Oct 2023 14:21:11 GMT
access-control-allow-origin
*
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
application/json
last-modified
Sun, 27 Oct 2024 14:21:11 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/
348 KB
112 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PLLG1EY0X0
Requested by
Host: portal.iata.org
URL: https://portal.iata.org/components/forceCommunity/analyticsListenerGtag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ac8cbb1be0fec3fbb26d88be10b95b330853bbc756edf32117b9f24c5c1ab173
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 28 Oct 2024 14:21:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
114694
x-xss-protection
0
server
Google Tag Manager
aura
portal.iata.org/s/sfsites/
10 KB
4 KB
XHR
General
Full URL
https://portal.iata.org/s/sfsites/aura?r=1&ui-force-components-controllers-hostConfig.HostConfig.getConfigData=1
Requested by
Host: portal.iata.org
URL: https://portal.iata.org/s/sfsites/auraFW/javascript/ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b130cd909cd6ae09a364cb3f9365f7cf11731e9ea6903f83a82c52740438049
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ
X-SFDC-Page-Scope-Id
eba32eeb-47de-44ae-947a-2bbfdf22b74f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin
*
content-encoding
gzip
cf-cache-status
DYNAMIC
referrer-policy
origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8d9b9221deee046e-FRA
expires
Sun, 29 Oct 2023 14:21:11 GMT
server-timing
Total;dur=80
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
cloudflare
last-modified
Sun, 29 Oct 2023 14:21:11 GMT
identify
user.userguiding.com/sdk/
1001 B
831 B
XHR
General
Full URL
https://user.userguiding.com/sdk/identify
Requested by
Host: static.userguiding.com
URL: https://static.userguiding.com/media/user-guiding-90459458ID-embedded.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4693 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daa587352a666251f73082a5b4b0fe243c0098e51bed629ff6504db2f8db1822
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Referer
https://portal.iata.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

strict-transport-security
max-age=0; includeSubDomains
x-robots-tag
noindex,nofollow
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xz6Stlo%2FnwtAuF9cMW24gwU5%2FVQLTfF%2F3j6FIu9hK4EolydSFAXhuLjZwELWylIKAKRbq22i8m7ufFzQ6HcXMwKhmUaSV6MvK8FeVR2o0bGva3psXhi65g%2FReqedd5iikL3lpuzz4eKGGXJTLaU21vAl"}],"group":"cf-nel","max_age":604800}
cf-ray
8d9b9223eb079742-FRA
access-control-allow-origin
*
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
application/json
server
cloudflare
pd.js
pi.pardot.com/
0
0

identify
user.userguiding.com/sdk/ Frame
0
0
Preflight
General
Full URL
https://user.userguiding.com/sdk/identify
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4693 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://portal.iata.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://portal.iata.org
access-control-max-age
600
cf-cache-status
DYNAMIC
cf-ray
8d9b9222e9da9742-FRA
content-length
2
content-type
text/plain; charset=utf-8
date
Mon, 28 Oct 2024 14:21:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HgtO%2BU4w1L7WHyFsS%2BMz7OS9P0HOI5vQr5y4MvklGJGhJGeV1WLK%2BI5gYvS%2FWzbGZ9PjDGcVQoJgcxwryS41ifqCa8m7mqXuOx9YaV9ViHGxsDukCtnLvR%2BYqVmyZeCueeoCnPzQUt3uVXWe6razeZ1k"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Origin
x-robots-tag
noindex,nofollow
favicon-16x16.png
www.iata.org/
242 B
542 B
Other
General
Full URL
https://www.iata.org/favicon-16x16.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:26e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d91d800a6987b507359d31579d1090acd65c83f6396d6019983c84bdbad709f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/

Response headers

server
cloudflare
cf-bgj
imgq:85,h2pri
etag
"1db24b8cc6f70be"
age
260
cf-cache-status
HIT
request-context
appId=cid-v1:029dd82e-cc82-4beb-b054-c3056845bafd
cf-ray
8d9b92232a509742-FRA
accept-ranges
bytes
cf-polished
origFmt=png, origSize=958
content-length
242
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
image/webp
content-disposition
inline; filename="favicon-16x16.webp"
vary
Accept
last-modified
Tue, 22 Oct 2024 19:30:06 GMT
aura
portal.iata.org/s/sfsites/
2 KB
1 KB
XHR
General
Full URL
https://portal.iata.org/s/sfsites/aura?r=2&aura.ApexAction.execute=3&aura.Component.reportFailedAction=1
Requested by
Host: portal.iata.org
URL: https://portal.iata.org/s/sfsites/auraFW/javascript/ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63865efcb063fb0d9904e3ebf2a54ec7c2958f86085156c75ecb0ffa2475f31
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-SFDC-LDS-Endpoints
ApexActionController.execute:PortalLoginCtrl.getUrlBase, ApexActionController.execute:PortalRegistrationUtils.isSystemAdmin, ApexActionController.execute:CSP_Utils.getCommunityAvailableLanguages
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ
X-SFDC-Page-Scope-Id
eba32eeb-47de-44ae-947a-2bbfdf22b74f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin
*
content-encoding
gzip
cf-cache-status
DYNAMIC
referrer-policy
origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8d9b92231818046e-FRA
expires
Sun, 29 Oct 2023 14:21:11 GMT
server-timing
Total;dur=311
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
cloudflare
last-modified
Sun, 29 Oct 2023 14:21:11 GMT
aura
portal.iata.org/s/sfsites/
2 KB
867 B
XHR
General
Full URL
https://portal.iata.org/s/sfsites/aura?r=3&aura.ApexAction.execute=1&aura.Component.reportFailedAction=1
Requested by
Host: portal.iata.org
URL: https://portal.iata.org/s/sfsites/auraFW/javascript/ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dcf52c6c33aa220844e7f8292fd98eeb537cfabf279b111cdd1ef15e315ac24
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-SFDC-LDS-Endpoints
ApexActionController.execute:PortalLoginCtrl.getInitialConfig
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ
X-SFDC-Page-Scope-Id
eba32eeb-47de-44ae-947a-2bbfdf22b74f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin
*
content-encoding
gzip
cf-cache-status
DYNAMIC
referrer-policy
origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8d9b9223181b046e-FRA
expires
Sun, 29 Oct 2023 14:21:11 GMT
server-timing
Total;dur=142
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
cloudflare
last-modified
Sun, 29 Oct 2023 14:21:11 GMT
iata-logo-header.svg
portal.iata.org/s/CSPortal/Images/Logo/
3 KB
2 KB
Image
General
Full URL
https://portal.iata.org/s/CSPortal/Images/Logo/iata-logo-header.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd325f76167c69385801c439569f3d19d88fa33b992ae6e50cae0d8156be365
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 15:21:11 GMT
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
image/svg+xml
content-disposition
attachment; filename=iata-logo-header.svg
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
content-security-policy
frame-ancestors 'self'
cache-control
public,max-age=3600
referrer-policy
origin-when-cross-origin
cf-ray
8d9b92231820046e-FRA
content-length
1474
server
cloudflare
AktivGrotesk_W_Rg.woff2
portal.iata.org/s/CSPortal/Fonts/WEB-AG/WEB-AG-Regular/
169 KB
169 KB
Font
General
Full URL
https://portal.iata.org/s/CSPortal/Fonts/WEB-AG/WEB-AG-Regular/AktivGrotesk_W_Rg.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2da1d1a73c33dcf371bb3cf4e8e797a794cd90b0fed14957d32263b360810903
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://portal.iata.org
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-security-policy
frame-ancestors 'self'
cache-control
public,max-age=3600
cf-cache-status
DYNAMIC
referrer-policy
origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8d9b92232823046e-FRA
expires
Mon, 28 Oct 2024 15:21:11 GMT
content-length
173116
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
application/octet-stream
content-disposition
attachment; filename=AktivGroteskWRg.woff2
server
cloudflare
x-frame-options
SAMEORIGIN
AktivGrotesk_W_Md.woff2
portal.iata.org/s/CSPortal/Fonts/WEB-AG/WEB-AG-Medium/
182 KB
183 KB
Font
General
Full URL
https://portal.iata.org/s/CSPortal/Fonts/WEB-AG/WEB-AG-Medium/AktivGrotesk_W_Md.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57daf5dedb7b3fde8cf10b877dafa9c333a384c6ac7f92f6dd9550f2c84ef07c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://portal.iata.org
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-security-policy
frame-ancestors 'self'
cache-control
public,max-age=3600
cf-cache-status
DYNAMIC
referrer-policy
origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8d9b9224a9a9046e-FRA
expires
Mon, 28 Oct 2024 15:21:11 GMT
content-length
186696
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
application/octet-stream
content-disposition
attachment; filename=AktivGroteskWMd.woff2
server
cloudflare
x-frame-options
SAMEORIGIN
AktivGrotesk_W_Bd.woff2
portal.iata.org/s/CSPortal/Fonts/WEB-AG/WEB-AG-Bold/
176 KB
176 KB
Font
General
Full URL
https://portal.iata.org/s/CSPortal/Fonts/WEB-AG/WEB-AG-Bold/AktivGrotesk_W_Bd.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90a365ef6c57ff79ef72d8644c530fb104dd27bb97c0c70a952bd8c9dfe56b9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://portal.iata.org
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-security-policy
frame-ancestors 'self'
cache-control
public,max-age=3600
cf-cache-status
DYNAMIC
referrer-policy
origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8d9b9224a9ac046e-FRA
expires
Mon, 28 Oct 2024 15:21:11 GMT
content-length
180280
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
application/octet-stream
content-disposition
attachment; filename=AktivGroteskWBd.woff2
server
cloudflare
x-frame-options
SAMEORIGIN
logo-group-white.svg
portal.iata.org/s/CSPortal/Images/Logo/
3 KB
2 KB
Image
General
Full URL
https://portal.iata.org/s/CSPortal/Images/Logo/logo-group-white.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4647a1c7b000b03463f858703ce20e621514ed7d6977cc3dd629f5217a146291
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 15:21:11 GMT
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
image/svg+xml
content-disposition
attachment; filename=logo-group-white.svg
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
content-security-policy
frame-ancestors 'self'
cache-control
public,max-age=3600
referrer-policy
origin-when-cross-origin
cf-ray
8d9b9224a9ae046e-FRA
content-length
1518
server
cloudflare
service_black.svg
portal.iata.org/s/CSPortal/Images/Icons/
1 KB
574 B
Image
General
Full URL
https://portal.iata.org/s/CSPortal/Images/Icons/service_black.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
189ed460a0e60b292a495d45afa9ff1044251dbb71d19d0bb7ef94ae3ad8eacf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 15:21:11 GMT
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
image/svg+xml
content-disposition
attachment; filename=serviceblack.svg
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
content-security-policy
frame-ancestors 'self'
cache-control
public,max-age=3600
referrer-policy
origin-when-cross-origin
cf-ray
8d9b9224a9af046e-FRA
content-length
403
server
cloudflare
uptodate_black.svg
portal.iata.org/s/CSPortal/Images/Icons/
1 KB
558 B
Image
General
Full URL
https://portal.iata.org/s/CSPortal/Images/Icons/uptodate_black.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97789d90a72c42ad27be43889837155f8a4c18c0c8335a5ebee66127c807d299
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 15:21:11 GMT
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
image/svg+xml
content-disposition
attachment; filename=uptodateblack.svg
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
content-security-policy
frame-ancestors 'self'
cache-control
public,max-age=3600
referrer-policy
origin-when-cross-origin
cf-ray
8d9b9224a9b0046e-FRA
content-length
465
server
cloudflare
offer_black.svg
portal.iata.org/s/CSPortal/Images/Icons/
2 KB
626 B
Image
General
Full URL
https://portal.iata.org/s/CSPortal/Images/Icons/offer_black.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8008db66ec659740ad18534acc7780e252a385e4ca7fb78658856c5f97d807ca
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 15:21:11 GMT
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
image/svg+xml
content-disposition
attachment; filename=offerblack.svg
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
content-security-policy
frame-ancestors 'self'
cache-control
public,max-age=3600
referrer-policy
origin-when-cross-origin
cf-ray
8d9b9224a9b1046e-FRA
content-length
535
server
cloudflare
support_black.svg
portal.iata.org/s/CSPortal/Images/Icons/
1 KB
726 B
Image
General
Full URL
https://portal.iata.org/s/CSPortal/Images/Icons/support_black.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
684a6a6c438d4a8f6c19da96e45f92dbf7d824ba4546df14adfa89b6dd2cfb74
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 15:21:11 GMT
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
image/svg+xml
content-disposition
attachment; filename=supportblack.svg
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
content-security-policy
frame-ancestors 'self'
cache-control
public,max-age=3600
referrer-policy
origin-when-cross-origin
cf-ray
8d9b9224a9b2046e-FRA
content-length
612
server
cloudflare
show_blue_hq.png
portal.iata.org/s/CSPortal/Images/Icons/
2 KB
2 KB
Image
General
Full URL
https://portal.iata.org/s/CSPortal/Images/Icons/show_blue_hq.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36f607a3484c019091ac248a70b03e8f526c89ab75d379294e78c955f1417402
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-security-policy
frame-ancestors 'self'
cache-control
public,max-age=3600
cf-cache-status
DYNAMIC
referrer-policy
origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8d9b9224a9b3046e-FRA
expires
Mon, 28 Oct 2024 15:21:11 GMT
content-length
2246
date
Mon, 28 Oct 2024 14:21:11 GMT
content-type
image/png
server
cloudflare
x-frame-options
SAMEORIGIN
aura
portal.iata.org/s/sfsites/
1 MB
294 KB
XHR
General
Full URL
https://portal.iata.org/s/sfsites/aura?r=4&aura.Component.getComponentDef=1
Requested by
Host: portal.iata.org
URL: https://portal.iata.org/s/sfsites/auraFW/javascript/ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d3e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8130c7062e6fa57789d63ec02ffa5c6fa07e1ff90624c0943d85f93155c30c4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ
X-SFDC-Page-Scope-Id
eba32eeb-47de-44ae-947a-2bbfdf22b74f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
content-encoding
gzip
cf-cache-status
DYNAMIC
referrer-policy
origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8d9b92256a68046e-FRA
expires
Sun, 29 Oct 2023 14:21:12 GMT
date
Mon, 28 Oct 2024 14:21:12 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
cloudflare
last-modified
Sun, 29 Oct 2023 14:21:12 GMT
events
user.userguiding.com/sdk/
1 KB
730 B
XHR
General
Full URL
https://user.userguiding.com/sdk/events
Requested by
Host: static.userguiding.com
URL: https://static.userguiding.com/media/user-guiding-90459458ID-embedded.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4693 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bf36eb8ce065138c78c51c9dd58f5b2f5add4480bd9691f451ad9b3512a4357
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Referer
https://portal.iata.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

strict-transport-security
max-age=0; includeSubDomains
x-robots-tag
noindex,nofollow
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mE4kKGWqAFXB9sz9f46vM6xyUmem5pRh7mo7vl22LjF6jchT%2F83surUdc24nhJiBCf%2BnSA7i1WFGDXrX4M6m90bB0nd58vPtQ1KakuI56l8fRfpXDZFLPnGknaGqIJ8U%2FX6PRRs4Zp%2FBUpMvo7U50TxQ"}],"group":"cf-nel","max_age":604800}
cf-ray
8d9b9229db2e9742-FRA
access-control-allow-origin
*
date
Mon, 28 Oct 2024 14:21:12 GMT
content-type
application/json
server
cloudflare
events
user.userguiding.com/sdk/ Frame
0
0
Preflight
General
Full URL
https://user.userguiding.com/sdk/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4693 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://portal.iata.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://portal.iata.org
access-control-max-age
600
cf-cache-status
DYNAMIC
cf-ray
8d9b9228e9719742-FRA
content-length
2
content-type
text/plain; charset=utf-8
date
Mon, 28 Oct 2024 14:21:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=va6qRMdaW4ZlGXytD4epznUbZSvqI0XAZm7pU2hSZS3TiwUyPaStO4XCoFWYnwYQxr85o94WKio92tGMi4OUGGrSDlD3G2dQBg6UKTE%2BDfrQz8QjwGtSRNnYyFVfc0RSNDMIGxKrYRBM0ZeMPlcJeM10"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Origin
x-robots-tag
noindex,nofollow

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
snap.licdn.com
URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Domain
static.ads-twitter.com
URL
https://static.ads-twitter.com/uwt.js
Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/fbevents.js
Domain
www.clarity.ms
URL
https://www.clarity.ms/tag/fnicb5lgf6?ref=gtm2
Domain
bat.bing.com
URL
https://bat.bing.com/bat.js
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/collect?pid=45991&tm=gtmv2&url=https%3A%2F%2Fportal.iata.org%2Fs%2Flogin%2F%3Flanguage%3Den_US%26ec%3D302%26startURL%3D%252Fs%252Fmanage-service%253FserviceId%253Da2w5J000005rvfDQAQ&v=2&fmt=js&time=1730125270840
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PLLG1EY0X0&cid=1689968834.1730125271&gtm=45je4ao0v890028022za200zb71611487&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101823848&tag_exp=101533422~101823848&z=183250861
Domain
pi.pardot.com
URL
https://pi.pardot.com/pd.js

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| dataLayer object| userGuidingLayer function| hj object| _hjSettings function| lightningjs function| usabilla_live object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| picassoSPA string| comm__attrVariationKey number| pageStartTime object| Aura object| google_tag_manager object| google_tag_data object| _linkedin_data_partner_ids boolean| _already_called_lintrk function| twq string| piAId string| piCId string| piHostname function| fbq function| _fbq function| clarity object| uetq object| AuraLocker object| AuraLockerDisabled object| $A object| aura function| DOMPurify object| regeneratorRuntime function| gtag function| onYouTubeIframeAPIReady object| gaGlobal string| GoogleAnalyticsObject function| ga string| pageURL string| pagePath function| Router function| setImmediate function| clearImmediate function| reRenderUserGuidingApp boolean| _subscribeToAttributeChangesActive object| userGuiding string| userGuidingUserId object| gaplugins object| gaData object| __ugPreviewFunctionContext object| userGuidingUserStorage

12 Cookies

Domain/Path Name / Value
portal.iata.org/s Name: renderCtx
Value: %7B%22pageId%22%3A%2243cd01cb-d8be-47c7-89c2-43caa1c83a49%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%220bef5b57-3b4d-47b8-b6b9-b2ee0240183e%22%2C%22audienceIds%22%3A%226Au5J00000001rz%22%7D
portal.iata.org/ Name: CookieConsentPolicy
Value: 0:1
portal.iata.org/ Name: LSKey-c$CookieConsentPolicy
Value: 0:1
.iata.org/ Name: _cfuvid
Value: 9RdE2uESYRcNdNkevcJbrWCwfE3IWam29G8XyxHQkds-1730125269709-0.0.1.1-604800000
.iata.org/ Name: _gcl_au
Value: 1.1.1349213041.1730125271
.iata.org/ Name: _ga_PLLG1EY0X0
Value: GS1.1.1730125271.1.0.1730125271.60.0.0
.iata.org/ Name: _ga
Value: GA1.1.1689968834.1730125271
.iata.org/ Name: _hjSessionUser_1472678
Value: eyJpZCI6IjgzNDYzYTdjLTc4OWQtNWEzYi1hMDlmLTVmNzdiOWNlOTFjOSIsImNyZWF0ZWQiOjE3MzAxMjUyNzExNzksImV4aXN0aW5nIjpmYWxzZX0=
.iata.org/ Name: _hjSession_1472678
Value: eyJpZCI6IjIxZWViM2ZlLTJlMWYtNDM1YS05ZTM4LWRiMzYxMzdmOTQ0MiIsImMiOjE3MzAxMjUyNzExODAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.iata.org/ Name: _ugeuid
Value: 4e6faae5-2080-442e-adb7-4bdf662a9e36
.portal.iata.org/ Name: _ga
Value: GA1.3.1689968834.1730125271
.portal.iata.org/ Name: _gid
Value: GA1.3.1783038027.1730125271

9 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-T883LZ(Line 179)
Message:
Refused to load the script 'https://snap.licdn.com/li.lms-analytics/insight.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' https://service.force.com/embeddedservice/ https://cdn.content.aws-dev2-uswest2.aws.sfdc.cl/ https://cdn.content.aws-prod1-useast1.aws.sfdc.cl/ https://payments.salesforce.com/ https://js.stripe.com/ https://www.paypal.com/sdk/js https://checkoutshopper-live.adyen.com/ https://checkoutshopper-test.adyen.com/ https://pal-test.adyen.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://pay.google.com import: blob: https://uip.canary.lwc.dev https://static.userguiding.com/media/user-guiding-90459458ID-embedded.js https://media.userguiding.com https://c.la11-core1.sfdc-ei37dk.salesforceliveagent.com https://d.la11-core1.sfdc-ei37dk.salesforceliveagent.com https://fonts.gstatic.com https://*.hotjar.com https://script.hotjar.com https://static.hotjar.com https://vc.hotjar.io https://vars.hotjar.com wss://ws3.hotjar.com https://static.userguiding.com https://www.googletagmanager.com https://www.google-analytics.com https://app.powerbi.com https://w.usabilla.com https://api.usabilla.com https://d6tizftlrpuof.cloudfront.net https://stats.g.doubleclick.net https://tagmanager.google.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://ipinfo.io https://www.gstatic.com https://ssl.gstatic.com https://region1.analytics.google.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-T883LZ(Line 179)
Message:
Refused to load the script 'https://static.ads-twitter.com/uwt.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' https://service.force.com/embeddedservice/ https://cdn.content.aws-dev2-uswest2.aws.sfdc.cl/ https://cdn.content.aws-prod1-useast1.aws.sfdc.cl/ https://payments.salesforce.com/ https://js.stripe.com/ https://www.paypal.com/sdk/js https://checkoutshopper-live.adyen.com/ https://checkoutshopper-test.adyen.com/ https://pal-test.adyen.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://pay.google.com import: blob: https://uip.canary.lwc.dev https://static.userguiding.com/media/user-guiding-90459458ID-embedded.js https://media.userguiding.com https://c.la11-core1.sfdc-ei37dk.salesforceliveagent.com https://d.la11-core1.sfdc-ei37dk.salesforceliveagent.com https://fonts.gstatic.com https://*.hotjar.com https://script.hotjar.com https://static.hotjar.com https://vc.hotjar.io https://vars.hotjar.com wss://ws3.hotjar.com https://static.userguiding.com https://www.googletagmanager.com https://www.google-analytics.com https://app.powerbi.com https://w.usabilla.com https://api.usabilla.com https://d6tizftlrpuof.cloudfront.net https://stats.g.doubleclick.net https://tagmanager.google.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://ipinfo.io https://www.gstatic.com https://ssl.gstatic.com https://region1.analytics.google.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error
Message:
Refused to load the script 'https://connect.facebook.net/en_US/fbevents.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' https://service.force.com/embeddedservice/ https://cdn.content.aws-dev2-uswest2.aws.sfdc.cl/ https://cdn.content.aws-prod1-useast1.aws.sfdc.cl/ https://payments.salesforce.com/ https://js.stripe.com/ https://www.paypal.com/sdk/js https://checkoutshopper-live.adyen.com/ https://checkoutshopper-test.adyen.com/ https://pal-test.adyen.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://pay.google.com import: blob: https://uip.canary.lwc.dev https://static.userguiding.com/media/user-guiding-90459458ID-embedded.js https://media.userguiding.com https://c.la11-core1.sfdc-ei37dk.salesforceliveagent.com https://d.la11-core1.sfdc-ei37dk.salesforceliveagent.com https://fonts.gstatic.com https://*.hotjar.com https://script.hotjar.com https://static.hotjar.com https://vc.hotjar.io https://vars.hotjar.com wss://ws3.hotjar.com https://static.userguiding.com https://www.googletagmanager.com https://www.google-analytics.com https://app.powerbi.com https://w.usabilla.com https://api.usabilla.com https://d6tizftlrpuof.cloudfront.net https://stats.g.doubleclick.net https://tagmanager.google.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://ipinfo.io https://www.gstatic.com https://ssl.gstatic.com https://region1.analytics.google.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error
Message:
Refused to load the script 'https://www.clarity.ms/tag/fnicb5lgf6?ref=gtm2' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' https://service.force.com/embeddedservice/ https://cdn.content.aws-dev2-uswest2.aws.sfdc.cl/ https://cdn.content.aws-prod1-useast1.aws.sfdc.cl/ https://payments.salesforce.com/ https://js.stripe.com/ https://www.paypal.com/sdk/js https://checkoutshopper-live.adyen.com/ https://checkoutshopper-test.adyen.com/ https://pal-test.adyen.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://pay.google.com import: blob: https://uip.canary.lwc.dev https://static.userguiding.com/media/user-guiding-90459458ID-embedded.js https://media.userguiding.com https://c.la11-core1.sfdc-ei37dk.salesforceliveagent.com https://d.la11-core1.sfdc-ei37dk.salesforceliveagent.com https://fonts.gstatic.com https://*.hotjar.com https://script.hotjar.com https://static.hotjar.com https://vc.hotjar.io https://vars.hotjar.com wss://ws3.hotjar.com https://static.userguiding.com https://www.googletagmanager.com https://www.google-analytics.com https://app.powerbi.com https://w.usabilla.com https://api.usabilla.com https://d6tizftlrpuof.cloudfront.net https://stats.g.doubleclick.net https://tagmanager.google.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://ipinfo.io https://www.gstatic.com https://ssl.gstatic.com https://region1.analytics.google.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error
Message:
Refused to load the script 'https://bat.bing.com/bat.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' https://service.force.com/embeddedservice/ https://cdn.content.aws-dev2-uswest2.aws.sfdc.cl/ https://cdn.content.aws-prod1-useast1.aws.sfdc.cl/ https://payments.salesforce.com/ https://js.stripe.com/ https://www.paypal.com/sdk/js https://checkoutshopper-live.adyen.com/ https://checkoutshopper-test.adyen.com/ https://pal-test.adyen.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://pay.google.com import: blob: https://uip.canary.lwc.dev https://static.userguiding.com/media/user-guiding-90459458ID-embedded.js https://media.userguiding.com https://c.la11-core1.sfdc-ei37dk.salesforceliveagent.com https://d.la11-core1.sfdc-ei37dk.salesforceliveagent.com https://fonts.gstatic.com https://*.hotjar.com https://script.hotjar.com https://static.hotjar.com https://vc.hotjar.io https://vars.hotjar.com wss://ws3.hotjar.com https://static.userguiding.com https://www.googletagmanager.com https://www.google-analytics.com https://app.powerbi.com https://w.usabilla.com https://api.usabilla.com https://d6tizftlrpuof.cloudfront.net https://stats.g.doubleclick.net https://tagmanager.google.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://ipinfo.io https://www.gstatic.com https://ssl.gstatic.com https://region1.analytics.google.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ(Line 501)
Message:
Refused to load the image 'https://px.ads.linkedin.com/collect?pid=45991&tm=gtmv2&url=https%3A%2F%2Fportal.iata.org%2Fs%2Flogin%2F%3Flanguage%3Den_US%26ec%3D302%26startURL%3D%252Fs%252Fmanage-service%253FserviceId%253Da2w5J000005rvfDQAQ&v=2&fmt=js&time=1730125270840' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://iata.my.salesforce.com https://iata.file.force.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://payments.salesforce.com/icons/ https://cdn.content.aws-prod1-useast1.aws.sfdc.cl/icons/ https://cdn.content.aws-dev2-uswest2.aws.sfdc.cl/icons/ https://checkoutshopper-live.adyen.com/ https://checkoutshopper-test.adyen.com/ https://www.sandbox.paypal.com https://www.paypal.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://che30.sfdc-ei37dk.salesforce.com/icons/ https://stat.userguiding.com https://fonts.googleapis.com https://static.userguiding.com http://greencyprus.net http://icons.iconarchive.com https://api.ipify.org https://iata--c.eu3.content.force.com https://iata--c.eu12.content.force.com https://c.la2-c2-fra.salesforceliveagent.com https://d.la2-c2-fra.salesforceliveagent.com https://fonts.gstatic.com https://media.userguiding.com https://portal.iata.org https://iata--c.eu12.visual.force.com https://identity.iata.org https://www.iata.org https://s3-eu-west-1.amazonaws.com wss://ws2.hotjar.com http://local.hotjar.com wss://ws10.hotjar.com wss://ws9.hotjar.com https://ws10.hotjar.com https://vc.hotjar.io https://in.hotjar.com https://script.hotjar.com https://vars.hotjar.com *.debounce.io https://nps.userguiding.com https://www.google-analytics.com https://iata--c.eu32.visual.force.com iata--sitestudio.eu32.force.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://storage.pardot.com https://go.updates.iata.org https://iata--c.documentforce.com https://iata-traininghub-files-prod.s3.eu-west-1.amazonaws.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://iata--c.vf.force.com https://iata.my.site.com https://*.congamerge.com https://iata.lightning.force.com *.forceusercontent.com https://pwc-prod-d194ac822886a4e1.s3.eu-west-1.amazonaws.com https://logo-logos.com https://i.imgur.com https://upload.wikimedia.org https://tagmanager.google.com https://www.gstatic.com https://ssl.gstatic.com https://region1.analytics.google.com https://che30.sfdc-ei37dk.salesforce.com".
security error URL: https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ(Line 501)
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PLLG1EY0X0&cid=1689968834.1730125271&gtm=45je4ao0v890028022za200zb71611487&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101823848&tag_exp=101533422~101823848&z=183250861' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://iata.my.salesforce.com https://iata.file.force.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://payments.salesforce.com/icons/ https://cdn.content.aws-prod1-useast1.aws.sfdc.cl/icons/ https://cdn.content.aws-dev2-uswest2.aws.sfdc.cl/icons/ https://checkoutshopper-live.adyen.com/ https://checkoutshopper-test.adyen.com/ https://www.sandbox.paypal.com https://www.paypal.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://che30.sfdc-ei37dk.salesforce.com/icons/ https://stat.userguiding.com https://fonts.googleapis.com https://static.userguiding.com http://greencyprus.net http://icons.iconarchive.com https://api.ipify.org https://iata--c.eu3.content.force.com https://iata--c.eu12.content.force.com https://c.la2-c2-fra.salesforceliveagent.com https://d.la2-c2-fra.salesforceliveagent.com https://fonts.gstatic.com https://media.userguiding.com https://portal.iata.org https://iata--c.eu12.visual.force.com https://identity.iata.org https://www.iata.org https://s3-eu-west-1.amazonaws.com wss://ws2.hotjar.com http://local.hotjar.com wss://ws10.hotjar.com wss://ws9.hotjar.com https://ws10.hotjar.com https://vc.hotjar.io https://in.hotjar.com https://script.hotjar.com https://vars.hotjar.com *.debounce.io https://nps.userguiding.com https://www.google-analytics.com https://iata--c.eu32.visual.force.com iata--sitestudio.eu32.force.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://storage.pardot.com https://go.updates.iata.org https://iata--c.documentforce.com https://iata-traininghub-files-prod.s3.eu-west-1.amazonaws.com https://d6tizftlrpuof.cloudfront.net https://w.usabilla.com https://api.usabilla.com https://iata--c.vf.force.com https://iata.my.site.com https://*.congamerge.com https://iata.lightning.force.com *.forceusercontent.com https://pwc-prod-d194ac822886a4e1.s3.eu-west-1.amazonaws.com https://logo-logos.com https://i.imgur.com https://upload.wikimedia.org https://tagmanager.google.com https://www.gstatic.com https://ssl.gstatic.com https://region1.analytics.google.com https://che30.sfdc-ei37dk.salesforce.com".
security error
Message:
Refused to load the script 'https://pi.pardot.com/pd.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' https://service.force.com/embeddedservice/ https://cdn.content.aws-dev2-uswest2.aws.sfdc.cl/ https://cdn.content.aws-prod1-useast1.aws.sfdc.cl/ https://payments.salesforce.com/ https://js.stripe.com/ https://www.paypal.com/sdk/js https://checkoutshopper-live.adyen.com/ https://checkoutshopper-test.adyen.com/ https://pal-test.adyen.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://pay.google.com import: blob: https://uip.canary.lwc.dev https://static.userguiding.com/media/user-guiding-90459458ID-embedded.js https://media.userguiding.com https://c.la11-core1.sfdc-ei37dk.salesforceliveagent.com https://d.la11-core1.sfdc-ei37dk.salesforceliveagent.com https://fonts.gstatic.com https://*.hotjar.com https://script.hotjar.com https://static.hotjar.com https://vc.hotjar.io https://vars.hotjar.com wss://ws3.hotjar.com https://static.userguiding.com https://www.googletagmanager.com https://www.google-analytics.com https://app.powerbi.com https://w.usabilla.com https://api.usabilla.com https://d6tizftlrpuof.cloudfront.net https://stats.g.doubleclick.net https://tagmanager.google.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://ipinfo.io https://www.gstatic.com https://ssl.gstatic.com https://region1.analytics.google.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
recommendation verbose URL: https://portal.iata.org/s/login/?language=en_US&ec=302&startURL=%2Fs%2Fmanage-service%3FserviceId%3Da2w5J000005rvfDQAQ
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
connect.facebook.net
pi.pardot.com
portal.iata.org
px.ads.linkedin.com
region1.analytics.google.com
script.hotjar.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
static.userguiding.com
stats.g.doubleclick.net
user.userguiding.com
w.usabilla.com
www.clarity.ms
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.iata.org
bat.bing.com
connect.facebook.net
pi.pardot.com
px.ads.linkedin.com
snap.licdn.com
static.ads-twitter.com
www.clarity.ms
www.google.de
13.33.187.92
142.250.186.40
18.66.102.106
2001:4860:4802:32::36
2606:4700:20::ac43:4693
2606:4700:4400::6812:26e9
2606:4700::6810:d3e3
2a00:1450:4001:800::200e
2a00:1450:4001:827::2008
2a00:1450:400c:c06::9a
52.215.19.194
0fb4ae9169bdff3cfdf12e499e92089bbdf1779031731c2607f73b621504fe44
189ed460a0e60b292a495d45afa9ff1044251dbb71d19d0bb7ef94ae3ad8eacf
1bf36eb8ce065138c78c51c9dd58f5b2f5add4480bd9691f451ad9b3512a4357
1ff894b080d19bde14334cd529760e7d0cc536c7bda104f900d7da35e1e2eb70
22bff6a72701a579997d712be48ab92cfb4308343d212034f9d73b24581c5157
2bd5a9e182e16e4ac04df736cd2013650b5d4827ea6771d78d8b2386c1cf815b
2da1d1a73c33dcf371bb3cf4e8e797a794cd90b0fed14957d32263b360810903
36f607a3484c019091ac248a70b03e8f526c89ab75d379294e78c955f1417402
3ad60f60d86e4ef8e55e00b756be39ce34acb8a6722be4aa02f3905300e09785
3b130cd909cd6ae09a364cb3f9365f7cf11731e9ea6903f83a82c52740438049
3d91d800a6987b507359d31579d1090acd65c83f6396d6019983c84bdbad709f
3dd325f76167c69385801c439569f3d19d88fa33b992ae6e50cae0d8156be365
4647a1c7b000b03463f858703ce20e621514ed7d6977cc3dd629f5217a146291
5444e24f774ac78d39c6d3e056e8ad24e782b4012ae62f1dcc1e64bf80afa1b5
56f53701629ee4bdea9be63735c6cbfb6685fb6e4cb60f65c36256004e9cf540
57daf5dedb7b3fde8cf10b877dafa9c333a384c6ac7f92f6dd9550f2c84ef07c
60ba66850695bee3e4a09187268e67b506054cfbcb3ca0489d0a830deec89ab9
684a6a6c438d4a8f6c19da96e45f92dbf7d824ba4546df14adfa89b6dd2cfb74
722294591ac08a241333b66067e9aba5bcf88d447cab22627fdaf884d3ac28ce
7c0b9fb3dfc989c46fc17bea04096b70487b509ac62f4e9acb7f5b7f2197d7eb
7dcf52c6c33aa220844e7f8292fd98eeb537cfabf279b111cdd1ef15e315ac24
8008db66ec659740ad18534acc7780e252a385e4ca7fb78658856c5f97d807ca
8130c7062e6fa57789d63ec02ffa5c6fa07e1ff90624c0943d85f93155c30c4e
89de4e022d9b1e553f9f9b1e855348ee9b5049082a906d751c50116a066041d8
94a558d31a49b64f233549db2c4df06497fb4c126b1c0d53e3a402219873559a
97789d90a72c42ad27be43889837155f8a4c18c0c8335a5ebee66127c807d299
9c08a0d262f031ef15028ea95eda684f9d49d5945c4542900f0e3fb0ed642311
a63865efcb063fb0d9904e3ebf2a54ec7c2958f86085156c75ecb0ffa2475f31
a9e8c44fa475dbcacaea90ba428ae83d1fa591f28ecf52ec81918333b59f5d92
ac8cbb1be0fec3fbb26d88be10b95b330853bbc756edf32117b9f24c5c1ab173
b613159921818a6aacd0dbf6a8bc97eb60bfef646f09b95d437db5a8653f2ae1
cad58a9aad75e7cdd90c086b42e938d9fe4a28b63557bec425f9bed25a2e56d6
daa587352a666251f73082a5b4b0fe243c0098e51bed629ff6504db2f8db1822
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df16b43c4fe4b4993a60333617cd993c37199c15832aeccd76460046e1952834
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d7cc2b6e93524746e8e404110e2522af2e36914863a25c68cf059c12e71c77
f90a365ef6c57ff79ef72d8644c530fb104dd27bb97c0c70a952bd8c9dfe56b9