urlscan.io logo urlscan.io
SecurityTrails logo

portal-fr.airrefund.com Open in urlscan Pro
54.171.83.16  Public Scan

Go To Rescan Add Verdict Report
URL: https://portal-fr.airrefund.com/
Submission: On February 15 via automatic, source certstream-suspicious — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 4 countries across 24 domains to perform 93 HTTP transactions. The main IP is 54.171.83.16, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is portal-fr.airrefund.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 15th 2024. Valid for: a year.
This is the only time portal-fr.airrefund.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 54.171.83.16 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 172.65.208.22 13335 (CLOUDFLAR...)
20 2600:9000:212... 16509 (AMAZON-02)
9 2a02:26f0:350... 20940 (AKAMAI-ASN1)
10 52.222.236.94 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f08... 32934 (FACEBOOK)
2 2606:2800:234... 15133 (EDGECAST)
1 104.244.42.136 ()
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2620:1ec:c11:... 8068 (MICROSOFT...)
8 23.36.162.216 ()
3 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 172.65.192.122 13335 (CLOUDFLAR...)
1 172.65.238.60 13335 (CLOUDFLAR...)
1 172.65.202.201 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 172.65.240.166 13335 (CLOUDFLAR...)
93 28
5    54.171.83.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-83-16.eu-west-1.compute.amazonaws.com
portal-fr.airrefund.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700::6810:bb59 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-scripts.com
20    2600:9000:2127:4e00:18:427:27c0:21 (United States)

ASN16509 (AMAZON-02, US)
d2htwrs017c1b3.cloudfront.net
9    2a02:26f0:3500:16::215:1484 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
10    52.222.236.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-94.fra56.r.cloudfront.net
widget.trustpilot.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
5    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    104.244.42.136 (United States)

ASN- ()
syndication.twitter.com
1    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
8    23.36.162.216 (Frankfurt am Main, Germany)

ASN- ()
PTR: a23-36-162-216.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:38::35 (United States)

ASN15169 (GOOGLE, US)
server-side-tagging-6dborax6xa-uc.a.run.app
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hscollectedforms.net
forms-eu1.hscollectedforms.net
1    172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-analytics.net
1    172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-banner.com
2    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)
track-eu1.hubspot.com
Apex Domain
Subdomains		 Transfer
20 cloudfront.net
d2htwrs017c1b3.cloudfront.net
584 KB
10 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 5440
66 KB
10 typekit.net
use.typekit.net — Cisco Umbrella Rank: 548
p.typekit.net — Cisco Umbrella Rank: 694
259 KB
8 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 708
250 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
484 KB
5 airrefund.com
portal-fr.airrefund.com
98 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
region1.google-analytics.com — Cisco Umbrella Rank: 2000
21 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 409
14 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 191
158 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1221
syndication.twitter.com — Cisco Umbrella Rank: 1517
132 KB
3 google.com
apis.google.com — Cisco Umbrella Rank: 128
www.google.com — Cisco Umbrella Rank: 2
22 KB
2 google.fr
www.google.fr — Cisco Umbrella Rank: 17455
515 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 113
424 B
2 hscollectedforms.net
js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 28046
forms-eu1.hscollectedforms.net — Cisco Umbrella Rank: 29204
26 KB
2 run.app
server-side-tagging-6dborax6xa-uc.a.run.app
970 B
2 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2825
js-eu1.hs-scripts.com — Cisco Umbrella Rank: 15137
2 KB
1 hubspot.com
track-eu1.hubspot.com — Cisco Umbrella Rank: 16947
1 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
185 B
1 hs-banner.com
js-eu1.hs-banner.com — Cisco Umbrella Rank: 16124
23 KB
1 hs-analytics.net
js-eu1.hs-analytics.net — Cisco Umbrella Rank: 16468
21 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 353
4 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1217
8 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 434
29 KB
0 vol-retarde.fr Failed
www.vol-retarde.fr Failed
93 24
Domain Requested by
20 d2htwrs017c1b3.cloudfront.net portal-fr.airrefund.com
d2htwrs017c1b3.cloudfront.net
10 widget.trustpilot.com portal-fr.airrefund.com
widget.trustpilot.com
9 use.typekit.net portal-fr.airrefund.com
8 analytics.tiktok.com portal-fr.airrefund.com
analytics.tiktok.com
5 www.googletagmanager.com portal-fr.airrefund.com
www.googletagmanager.com
5 portal-fr.airrefund.com portal-fr.airrefund.com
4 bat.bing.com www.googletagmanager.com
bat.bing.com
portal-fr.airrefund.com
4 connect.facebook.net portal-fr.airrefund.com
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.fr portal-fr.airrefund.com
2 www.google.com portal-fr.airrefund.com
2 stats.g.doubleclick.net www.google-analytics.com
2 server-side-tagging-6dborax6xa-uc.a.run.app www.googletagmanager.com
2 platform.twitter.com portal-fr.airrefund.com
platform.twitter.com
1 track-eu1.hubspot.com
1 www.facebook.com portal-fr.airrefund.com
1 forms-eu1.hscollectedforms.net js-eu1.hscollectedforms.net
1 js-eu1.hs-banner.com js.hs-scripts.com
1 js-eu1.hs-analytics.net js.hs-scripts.com
1 js-eu1.hscollectedforms.net js.hs-scripts.com
1 region1.google-analytics.com www.googletagmanager.com
1 p.typekit.net portal-fr.airrefund.com
1 syndication.twitter.com platform.twitter.com
1 apis.google.com portal-fr.airrefund.com
1 js-eu1.hs-scripts.com portal-fr.airrefund.com
1 js.hs-scripts.com 1 redirects
1 cdn.jsdelivr.net portal-fr.airrefund.com
1 maxcdn.bootstrapcdn.com portal-fr.airrefund.com
1 ajax.googleapis.com portal-fr.airrefund.com
0 www.vol-retarde.fr Failed www.googletagmanager.com
93 30

This site contains links to these domains. Also see Links.

Domain
reclamation.airrefund.com
Subject Issuer Validity Valid
portal-en.airrefund.com
Amazon RSA 2048 M02		 2024-02-15 -
2025-03-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-01-28 -
2024-04-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
*.trustpilot.com
Amazon RSA 2048 M03		 2024-01-03 -
2025-01-31		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
syndication.twitter.com
R3		 2023-12-06 -
2024-03-05		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-01-21 -
2024-06-27		 5 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.a.run.app
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2024-01-06 -
2024-12-31		 a year crt.sh

This page contains 4 frames:

Primary Page: https://portal-fr.airrefund.com/
Frame ID: F665DC6E7088DA8416F54847B98BBD9D
Requests: 82 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fportal-fr.airrefund.com
Frame ID: 2DD5A3D2E547B21C2C3812F6178BBB0C
Requests: 2 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=62160cfa10aed4d5536d375f
Frame ID: 5ABD89840F2A3C07FE0EAFD489B2B452
Requests: 5 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=62160cfa10aed4d5536d375f
Frame ID: 8C3FF1624BD2D6155BB27C266A644900
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vol retardé ou annulé ? Indemnisation des passagers aériens.

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

93
Requests

98 %
HTTPS

68 %
IPv6

24
Domains

30
Subdomains

28
IPs

4
Countries

2204 kB
Transfer

5580 kB
Size

23
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://js.hs-scripts.com/26198936.js HTTP 307
  • https://js-eu1.hs-scripts.com/26198936.js

93 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
portal-fr.airrefund.com/ 		120 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.83.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-83-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5c879d7c634220260b79202d208d2b81b3823850eedc6eb532c531415d4e2836
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Feb 2024 11:16:37 GMT
gc-cache
Thu, 15 Feb 2024 11:16:36 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.0.0/ 		81 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.0.0/jquery.min.js
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal-fr.airrefund.com/
Origin
https://portal-fr.airrefund.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 13:05:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79871
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29195
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 13:05:27 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.1.1/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://portal-fr.airrefund.com/
Origin
https://portal-fr.airrefund.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
cdn-edgestorageid
1187
cdn-cachedat
11/26/2023 18:54:56
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:57 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"ba847811448ef90d98d272aeccef2a95"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
1edd0f50602645595a163bb17c61bfeb
timing-allow-origin
*
cdn-requestcountrycode
FR
cdn-status
200
cf-ray
855d23ca1f1b01c5-CDG
cdn-requestpullsuccess
True
signature_pad.min.js
cdn.jsdelivr.net/npm/signature_pad@2.3.2/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/signature_pad@2.3.2/dist/signature_pad.min.js
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be8af36f5639905fa153945d12f9208332302e4d534acc7d7afa442f4567138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://portal-fr.airrefund.com/
Origin
https://portal-fr.airrefund.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8576137
x-jsd-version
2.3.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220116-FRA, cache-mad2200120-MAD
x-jsd-version-type
version
server
cloudflare
etag
W/"24a3-Hz6UHjN3nLm4eqRzZSIFQAOXWvk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVMuEFtC3fCinNveOdYVCj3yzWL0aapVs5zUqQKgYWxNprwMpmlKPKMcqhb8ixBFrAVS3Q1029OmjC0aslonSPC0FHiv8246gZdlO6ofRgf9pO6udjhD4mWrxN%2BeUUpLZrIBuxe2t97a7gjStaI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
855d23ca1a00d5f1-CDG
26198936.js
js-eu1.hs-scripts.com/
Redirect Chain
  • https://js.hs-scripts.com/26198936.js
  • https://js-eu1.hs-scripts.com/26198936.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-scripts.com/26198936.js
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Server
172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23222551c0d9b489a47bca1869b276dc9267e0d0053d90ef200a135d9063a885
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-hubspot-correlation-id
68bbef74-ff16-4098-b291-2257e35ae6ac
x-evy-trace-route-service-name
envoyset-translator
cf-polished
origSize=1533
age
1330
x-envoy-upstream-service-time
32
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
68bbef74-ff16-4098-b291-2257e35ae6ac
cf-bgj
minify
last-modified
Thu, 15 Feb 2024 10:54:28 GMT
server
cloudflare
x-trace
2BC8B197F11D11B4DCABB332D3A09B8AB50CE9E4F5000000000000000000
access-control-max-age
3600
vary
origin, Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://reclamation.vol-retarde.fr
x-evy-trace-served-by-pod
fra04/hubapi-td/envoy-proxy-7686598bc7-dpxgg
x-evy-trace-virtual-host
all
access-control-allow-credentials
true
cf-ray
855d23cdaad96f3a-CDG

Redirect headers

date
Thu, 15 Feb 2024 11:16:38 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
fa6a0f1f-9a73-4a66-9764-e9b798b2b098
x-envoy-upstream-service-time
6
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
fa6a0f1f-9a73-4a66-9764-e9b798b2b098
server
cloudflare
x-trace
2BD055B98CC8290F3836335154DDB4DF457F208704000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
location
https://js-eu1.hs-scripts.com/26198936.js
access-control-allow-origin
https://portal-fr.airrefund.com
x-evy-trace-virtual-host
all
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-f7f4ffb8f-c7v6d
cache-control
public, max-age=90
cf-ray
855d23cb7d136fff-CDG
expires
Thu, 15 Feb 2024 11:18:08 GMT
fonts.css
portal-fr.airrefund.com/storage/fonts/0204e449fd/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal-fr.airrefund.com/storage/fonts/0204e449fd/fonts.css
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.83.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-83-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1c244d59b88cac0a44f3997f91ac36973a28212d10ec53fd7a919f68ee8146f0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 15 Feb 2024 10:54:06 GMT
server
nginx
content-encoding
gzip
etag
W/"65cded4e-388c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
all.css
d2htwrs017c1b3.cloudfront.net/css/ 		318 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2htwrs017c1b3.cloudfront.net/css/all.css?id=e9acb30a26aa9ad74e59
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bc5fdb2f4abcfdbd6c8a924d5e0adf32563d79765c51f9df8a6d855a902215e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 05:00:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
PRG50-C1
age
22564
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Fri, 09 Feb 2024 14:16:19 GMT
server
nginx
etag
W/"65c633b3-4f980"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
x-amz-cf-id
uWVmbkHCpJqKimYwbOlb8MCAIkOO0Hd7heh3-blC3BzPQuoSVu1sgQ==
all.js
d2htwrs017c1b3.cloudfront.net/js/ 		205 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2htwrs017c1b3.cloudfront.net/js/all.js?id=6798e85e988207385db2
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
814a64e8a0ef87d455832983c7c5375b21e90f225e9f5195565dacc199c89dec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 08:02:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
PRG50-C1
age
11638
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Fri, 09 Feb 2024 14:16:16 GMT
server
nginx
etag
W/"65c633b0-33247"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-amz-cf-id
v3f_g6bBdUUriI_PZhfxeafsl7Pr4DDZ5yFQeh1l8l8bUpFXFEyNcg==
two7reg.js
use.typekit.net/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/two7reg.js
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
75dbd8d0d1a066f4693db9363683716d3c691ed0fe0012231ac18a3fbc139c71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 15 Feb 2024 11:16:38 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6853
logo-airrefund.svg
d2htwrs017c1b3.cloudfront.net/img/logos/ 		103 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/logos/logo-airrefund.svg
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
601920d6dbd057e18a986cef8af6b3e7187eed60505034bc63f53f36b456927c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
PRG50-C1
age
12
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 15 Feb 2024 10:58:07 GMT
server
nginx
etag
W/"65cdee3f-19cc9"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
x-amz-cf-id
2OGh4UsHAS-5k6kWXPb9j0qk5hgBeYNLEd_55LKMXiOzvT0394u_jg==
logo-airrefund-mobile.svg
d2htwrs017c1b3.cloudfront.net/img/logos/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/logos/logo-airrefund-mobile.svg
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 03:14:37 GMT
via
1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
28922
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6759
x-xss-protection
1; mode=block
last-modified
Thu, 26 Oct 2023 12:27:20 GMT
server
AmazonS3
etag
"15864ce88fa79a3e954417d0c3396798"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
ey_8Y7ZnykbxMk111fZtvrFAjcXDNzCnjQYPXybooRQVDeK6hjqeJw==
get-compensated-flight-delayed.png
d2htwrs017c1b3.cloudfront.net/img/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/get-compensated-flight-delayed.png
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f6a6f6a0be7cacec536339a955740b0f57dd43305abdee71c99f275601498f0e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 08:43:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
9174
x-cache
Hit from cloudfront
content-length
184540
x-xss-protection
1; mode=block
last-modified
Fri, 09 Feb 2024 14:16:16 GMT
server
nginx
etag
"65c633b0-2d0dc"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
O2rG1SDu02wlcPqfOMytTt-_hv2C8CfP5Q9Pg3P8Wj9OHhhBSBTfuw==
huffingtonpost.jpg
d2htwrs017c1b3.cloudfront.net/img/press/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/press/huffingtonpost.jpg
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3b1857132860557543b42be54a06599bfc30917915b058b3637daa9d9bdc667b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 10:48:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
1685
x-cache
Hit from cloudfront
content-length
2224
x-xss-protection
1; mode=block
last-modified
Thu, 15 Feb 2024 09:36:46 GMT
server
nginx
etag
"65cddb2e-8b0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
LYTbEKqUvv2ZKB0la7YosyqN5wvyPPG6F5yiGu31ByoDbuZ-Yy_Qag==
economist.jpg
d2htwrs017c1b3.cloudfront.net/img/press/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/press/economist.jpg
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
19f644cb5d42e505c6b145736b4f6be941e1b1407e03bb5f4f4ed73ca425b22b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 10:48:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
1685
x-cache
Hit from cloudfront
content-length
1885
x-xss-protection
1; mode=block
last-modified
Thu, 15 Feb 2024 09:36:46 GMT
server
nginx
etag
"65cddb2e-75d"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
h_MXrO7u1yKEhnORZ40trqa4-P9hkIByFdwTm9k5l1mKVFDUU8B41A==
ft.jpg
d2htwrs017c1b3.cloudfront.net/img/press/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/press/ft.jpg
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
31f4c26d2d445d99c877cf07635cce27cf2e9274194c106f38aec6ecd5b4b288
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:04:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
18755
x-cache
Hit from cloudfront
content-length
2041
x-xss-protection
1; mode=block
last-modified
Fri, 09 Feb 2024 14:16:17 GMT
server
nginx
etag
"65c633b1-7f9"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
MI_oajAfkvF0Oxd3BTKcF2giCaUhIFpHVy5t-UIbaachraPOj2hGOA==
reuters.jpg
d2htwrs017c1b3.cloudfront.net/img/press/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/press/reuters.jpg
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2e1034b695060b088bc180aa9106ccbfb911814db7f0c8095bfccdb7a060b082
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 10:48:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
1685
x-cache
Hit from cloudfront
content-length
2003
x-xss-protection
1; mode=block
last-modified
Thu, 15 Feb 2024 09:36:46 GMT
server
nginx
etag
"65cddb2e-7d3"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
JqhvfIHAbJLlszdoDBqAolj3ZH_IkbtTIq-Oo9e2-VHE6eSAlYzZBw==
lesechos.jpg
d2htwrs017c1b3.cloudfront.net/img/press/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/press/lesechos.jpg
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cf66af0d3442ecd7670998f7a241d48fd34c0da64d2038b3a67e54532598d8ae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 15 Feb 2024 10:58:07 GMT
server
nginx
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
"65cdee3f-6d5"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
1749
x-xss-protection
1; mode=block
x-amz-cf-id
91hAkh33hG9Ghq1ipU3yvlT4s3zkAK4YdjzB9c7aK3_wXu0iVALMlw==
fact-1.png
d2htwrs017c1b3.cloudfront.net/img/ 		724 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/fact-1.png
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ccdf3fff09f5e67eb9e200c9c063b7813db8275aa46b1b9835be90282a03f9dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 07:24:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
13942
x-cache
Hit from cloudfront
content-length
724
x-xss-protection
1; mode=block
last-modified
Fri, 09 Feb 2024 14:16:16 GMT
server
nginx
etag
"65c633b0-2d4"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
Qy2fJLVIOav9jkgxfMl4HAY51WGCihPxzHlXGeywB_IA-2cjR-3Uag==
fact-2.png
d2htwrs017c1b3.cloudfront.net/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/fact-2.png
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8db0f4d01c40cce819272845d1cb25e79596a76f11ca6b9dce4e04dd5966fe8c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 07:42:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
12824
x-cache
Hit from cloudfront
content-length
1272
x-xss-protection
1; mode=block
last-modified
Fri, 09 Feb 2024 14:16:16 GMT
server
nginx
etag
"65c633b0-4f8"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
ThKmfMPPGUdcUJrciBSENbcD9NhkAExtCtzs6d0JCGyWHK2enFY-uA==
fact-3.png
d2htwrs017c1b3.cloudfront.net/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/fact-3.png
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3f21519701b5517a0d1ca8174b485d286b1ed7ebb20024fac4301e991d954ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 08:04:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
11525
x-cache
Hit from cloudfront
content-length
1372
x-xss-protection
1; mode=block
last-modified
Fri, 09 Feb 2024 14:16:16 GMT
server
nginx
etag
"65c633b0-55c"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
G-rbXT3s3SvjIpyusrVbwungQIUxPN9vMzeimgscSDdmXWaVwBPUCg==
fact-4.png
d2htwrs017c1b3.cloudfront.net/img/ 		127 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/fact-4.png
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
facbcbfac98f44023bfc36de1aced2c59912a7d41b6438b4ee36b8df0c706aba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
date
Thu, 15 Feb 2024 08:10:54 GMT
x-content-type-options
nosniff
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
11144
x-cache
Hit from cloudfront
content-length
127
x-xss-protection
1; mode=block
last-modified
Fri, 09 Feb 2024 14:16:16 GMT
server
nginx
etag
"65c633b0-7f"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
zGi2nuJpP4Wes0RN-2p1KDfYY3oYXMjhDopnr9Q4LzJTeaVv15o_Vw==
fact-5.png
d2htwrs017c1b3.cloudfront.net/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/fact-5.png
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7070f513436793896069440a44a566311b25ae4ecafe8a61b214bb658c6b8f5a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 07:42:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
12823
x-cache
Hit from cloudfront
content-length
2403
x-xss-protection
1; mode=block
last-modified
Fri, 09 Feb 2024 14:16:16 GMT
server
nginx
etag
"65c633b0-963"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
ZFllGKNhft4My1_ZxI41ZnIefXWXPGGE0UGWL3q8Tc7JJqMxXDBCYQ==
fact-6.png
d2htwrs017c1b3.cloudfront.net/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/fact-6.png
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
57969acc126ee42784fe0670b9627bba9772f33c2df93f7f60d68cbbd69cb4c2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 07:42:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
12823
x-cache
Hit from cloudfront
content-length
1994
x-xss-protection
1; mode=block
last-modified
Fri, 09 Feb 2024 14:16:16 GMT
server
nginx
etag
"65c633b0-7ca"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
rmYi_ZUcJGYSMeldxqA8UXDpTItjrxaSu3poPRzPnC-z0s14c9xMEA==
quote-image.png
d2htwrs017c1b3.cloudfront.net/img/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/quote-image.png
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
45b751705b75f18b965bc83dd16fc7901b277df08cbd8dbe9ca9f07e1c4a4cbc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 08:12:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
11023
x-cache
Hit from cloudfront
content-length
91448
x-xss-protection
1; mode=block
last-modified
Fri, 09 Feb 2024 14:16:17 GMT
server
nginx
etag
"65c633b1-16538"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
t7W9glDaM4FipdHqVnldieN4VtKeVjMTzmobKBnFQMsv_xheyEQoVQ==
platform.js
apis.google.com/js/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
416600ade848b9c04f1f6709a5a4e8c5cf2f2443bba22994f9cc72ea79cf024c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 11:16:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"f32b80b03446a041"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Feb 2024 11:16:38 GMT
gtm.js
www.googletagmanager.com/ 		365 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P5LQ4SR
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e9ed63cb829fef9bd01dede3908fb4259147281cfc2bf6c0b705219da4cab9c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115025
x-xss-protection
0
last-modified
Thu, 15 Feb 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Feb 2024 11:16:38 GMT
gtm.js
www.googletagmanager.com/ 		263 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WBVHR929
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8f264dd70bf28b6833e8f962e52a39e66422986635cd58229b6def28e79cea34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93041
x-xss-protection
0
last-modified
Thu, 15 Feb 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Feb 2024 11:16:38 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
08e3a7443f4bba0c04df4c1a3aa6e681fb880e677460b8c6d3a4bb98ef466e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 11:16:38 GMT
content-md5
n+hZi7SW15T6Ve9W96mtRg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug
sxzIi0Z7LYNig77vqSS4gAzAUswN1/9c+C4C4ZodjpziLW99WP451zo8y6bcumEXQz8sAQn9x2KG9mQ//nbCZQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
b7459b73bb8655c427df4ab785ee27af
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"cecd8208d3499db892f2f55c8ba1679d"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 15 Feb 2024 11:30:30 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F9A) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 11:16:38 GMT
Content-Encoding
gzip
Age
731
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (pab/6F9A)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
icon-legal-team.png
d2htwrs017c1b3.cloudfront.net/img/ 		811 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/icon-legal-team.png
Requested by
Host: d2htwrs017c1b3.cloudfront.net
URL: https://d2htwrs017c1b3.cloudfront.net/css/all.css?id=e9acb30a26aa9ad74e59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b3d38ab96d961ed61ca6bc927725cbdd8bd8d4e6d1bf7e5975ac29c018e4e1a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://d2htwrs017c1b3.cloudfront.net/css/all.css?id=e9acb30a26aa9ad74e59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 10:48:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
1685
x-cache
Hit from cloudfront
content-length
811
x-xss-protection
1; mode=block
last-modified
Thu, 15 Feb 2024 09:36:46 GMT
server
nginx
etag
"65cddb2e-32b"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
ZLIa7D_P0F3I06ZOLTdxm4QYzq2pD6YI-WpbmR4kCaqIbVxaa-O8kA==
background-image-cta.jpg
d2htwrs017c1b3.cloudfront.net/img/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2htwrs017c1b3.cloudfront.net/img/background-image-cta.jpg
Requested by
Host: d2htwrs017c1b3.cloudfront.net
URL: https://d2htwrs017c1b3.cloudfront.net/css/all.css?id=e9acb30a26aa9ad74e59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
440605a994696b606abc5203a26d567023b62900867a9966be56338e15b15ffd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://d2htwrs017c1b3.cloudfront.net/css/all.css?id=e9acb30a26aa9ad74e59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:54:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
15709
x-cache
Hit from cloudfront
content-length
35173
x-xss-protection
1; mode=block
last-modified
Fri, 09 Feb 2024 14:16:16 GMT
server
nginx
etag
"65c633b0-8965"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
bPVIeDbKmURNx-7siKc8XOodw16BqudroanFeNmUJMJ6iDyTdzSGXg==
sopensansv34memvyags126mizpba-uvwbx2vvnxbbobj2ovts-mu0sc55i.woff2
portal-fr.airrefund.com/storage/fonts/0204e449fd/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portal-fr.airrefund.com/storage/fonts/0204e449fd/sopensansv34memvyags126mizpba-uvwbx2vvnxbbobj2ovts-mu0sc55i.woff2
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/storage/fonts/0204e449fd/fonts.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.83.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-83-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675

Request headers

Referer
https://portal-fr.airrefund.com/storage/fonts/0204e449fd/fonts.css
Origin
https://portal-fr.airrefund.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
last-modified
Thu, 15 Feb 2024 10:54:06 GMT
server
nginx
etag
"65cded4e-99cc"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
39372
sptsansv17jizfrexuito99u79b-mh0o6tlr8a8zi.woff2
portal-fr.airrefund.com/storage/fonts/0204e449fd/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portal-fr.airrefund.com/storage/fonts/0204e449fd/sptsansv17jizfrexuito99u79b-mh0o6tlr8a8zi.woff2
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/storage/fonts/0204e449fd/fonts.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.83.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-83-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a6e8aec7ccc3eb5c11b1b26ddb6d10bffafd6c57f9841e8c8d2a7a869ff696d5

Request headers

Referer
https://portal-fr.airrefund.com/storage/fonts/0204e449fd/fonts.css
Origin
https://portal-fr.airrefund.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
last-modified
Thu, 15 Feb 2024 10:54:06 GMT
server
nginx
etag
"65cded4e-2d14"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
11540
sptsansv17jizarexuito99u79d0kexcopidu.woff2
portal-fr.airrefund.com/storage/fonts/0204e449fd/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portal-fr.airrefund.com/storage/fonts/0204e449fd/sptsansv17jizarexuito99u79d0kexcopidu.woff2
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/storage/fonts/0204e449fd/fonts.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.83.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-83-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ce74486e1edf5e3a7f3d0235aff5fd17b7fa0c7832648ab170a516bb1b804a8

Request headers

Referer
https://portal-fr.airrefund.com/storage/fonts/0204e449fd/fonts.css
Origin
https://portal-fr.airrefund.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
last-modified
Thu, 15 Feb 2024 10:54:06 GMT
server
nginx
etag
"65cded4e-2c4c"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
11340
fontawesome-webfont.woff2
d2htwrs017c1b3.cloudfront.net/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2htwrs017c1b3.cloudfront.net/assets/fonts/fontawesome-webfont.woff2?v=4.2.0
Requested by
Host: d2htwrs017c1b3.cloudfront.net
URL: https://d2htwrs017c1b3.cloudfront.net/css/all.css?id=e9acb30a26aa9ad74e59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4e00:18:427:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://d2htwrs017c1b3.cloudfront.net/css/all.css?id=e9acb30a26aa9ad74e59
Origin
https://portal-fr.airrefund.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 08:51:40 GMT
via
1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
last-modified
Fri, 09 Feb 2024 14:16:16 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
8698
etag
"65c633b0-12d68"
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
77160
x-amz-cf-id
FXlHVoCPgnfr2HwAYtSSH6N8tmN9ghafXGUK8HsJmp3DNmFqZjJL2Q==
l
use.typekit.net/af/7d485b/00000000000000003b9ad1b1/27/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/7d485b/00000000000000003b9ad1b1/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3a453a3255a5cbed5aa510e48798c1cd46ba908e8a3de0158677e5bf8ffb592

Request headers

Referer
https://portal-fr.airrefund.com/
Origin
https://portal-fr.airrefund.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
server
nginx
etag
"18c8de5bb0482bc1b90ecbc58bf6bf12dce37a2f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32584
l
use.typekit.net/af/347aea/00000000000000003b9ad1b2/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/347aea/00000000000000003b9ad1b2/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b85f89fe644de9f75f441744137e34d9461bb7b0c608ea4d2052f4e9c990882a

Request headers

Referer
https://portal-fr.airrefund.com/
Origin
https://portal-fr.airrefund.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
server
nginx
etag
"c96a25a1e572b13388d161285382c4cd15d805dd"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33768
l
use.typekit.net/af/135857/00000000000000003b9ad1b3/27/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/135857/00000000000000003b9ad1b3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d44804f25de670667189941b7aa237b80c35f26f0e35f2dd253e6958850cdc6e

Request headers

Referer
https://portal-fr.airrefund.com/
Origin
https://portal-fr.airrefund.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
server
nginx
etag
"4bbe7a4fc3ffd41da78bd8b3e4db89aad7aab046"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32520
l
use.typekit.net/af/f6bc94/00000000000000003b9ad1bd/27/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/f6bc94/00000000000000003b9ad1bd/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n1&v=3
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
259a7c0d6b6635b7ddc2adf58201d42460680fec83c5609bf8231db6af9315c6

Request headers

Referer
https://portal-fr.airrefund.com/
Origin
https://portal-fr.airrefund.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
server
nginx
etag
"f7024088617dd1bdc0b36eaaacaf5f88158aa768"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
29836
l
use.typekit.net/af/04b81b/00000000000000003b9ad1bb/27/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/04b81b/00000000000000003b9ad1bb/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e6901488882baa614251a3a04ea31e3481c6f0091b0da62adb15c9c01480ca9d

Request headers

Referer
https://portal-fr.airrefund.com/
Origin
https://portal-fr.airrefund.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
server
nginx
etag
"ae00e0e44044cab58904e57071f824cc6784237f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31360
l
use.typekit.net/af/c9cde8/00000000000000003b9ad1b9/27/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/c9cde8/00000000000000003b9ad1b9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c4dbc6d49dcff4af9d8ae010d1722bbeaa6816aaa036f42fe6b8520a6979175e

Request headers

Referer
https://portal-fr.airrefund.com/
Origin
https://portal-fr.airrefund.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
server
nginx
etag
"5d8697d9159fab69ddf2fe5290aa149707f73e8f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31612
l
use.typekit.net/af/4ba64f/00000000000000003b9ad1ba/27/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4ba64f/00000000000000003b9ad1ba/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a87d55dbc66d113e6e54c957f8ecd092e654915c118cb8c027848aa67dbf5710

Request headers

Referer
https://portal-fr.airrefund.com/
Origin
https://portal-fr.airrefund.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
server
nginx
etag
"2583dd1881adf30fd1b1c021d6e5ff326c299521"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32560
l
use.typekit.net/af/3333ef/00000000000000003b9ad1b5/27/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3333ef/00000000000000003b9ad1b5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b2c9631a363f15753e3227b24954f3c8e6a3b6439bad6822f7e6dabf446ba2a

Request headers

Referer
https://portal-fr.airrefund.com/
Origin
https://portal-fr.airrefund.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
server
nginx
etag
"7401ad74ce618ae1c227995bfa5cd6890a9bd930"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31640
sdk.js
connect.facebook.net/en_US/ 		298 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=98cd0774385c4f7a7e6a14b2c75cc504
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3cc29d1822e0ffa5ea453edac886f0963bd05d19766ed4f8a20acc03aa693645
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://portal-fr.airrefund.com/
Origin
https://portal-fr.airrefund.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 11:16:38 GMT
content-md5
ft9oHsPaO20BGYZ/HTeSkw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87208
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug
kMvGkYOIN9JlDVw+DVkHKu3U+R92mwbn3k8xIH4fHivtIJQ4QI4rdru2Q4oA95maKhVq/G3zelms0Sz1aHZ1rg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
f4facb016f0fb7a5267ffd47a63626f5
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"36f930c6e69ee2c8e87078790902fe2f"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Fri, 14 Feb 2025 11:06:41 GMT
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 2DD5 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fportal-fr.airrefund.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6FA5) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://portal-fr.airrefund.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
5680489
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Feb 2024 11:16:38 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (pab/6FA5)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
index.html
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/ Frame 5ABD 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=62160cfa10aed4d5536d375f
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7eed928596fc3d1c1180c26f81e1847c6aac858cca19c4a69fd9f1220ef5ff3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal-fr.airrefund.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
19937
cache-control
max-age=86400
content-encoding
gzip
content-length
2144
content-type
text/html
date
Thu, 15 Feb 2024 05:44:22 GMT
etag
"1307e3fd5846bacc989c2fd05996f010"
last-modified
Mon, 08 May 2023 11:44:09 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
via
1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-id
cVPetjGB1iSZb8HaF2EHxhw9OGMHNJmDwc192MsptERbBC2c3rmWcQ==
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
index.html
widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/ Frame 8C3F 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=62160cfa10aed4d5536d375f
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
697a05ef8add91e2dc9f442698df4a66dad2696fc084b832c82ee0dfda5c8b44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal-fr.airrefund.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
25972
cache-control
max-age=86400
content-encoding
gzip
content-length
3454
content-type
text/html
date
Thu, 15 Feb 2024 04:03:47 GMT
etag
"40ade50b0e774e77aa724c8056b1e82f"
last-modified
Thu, 13 Jul 2023 07:02:09 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
via
1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-id
DZhotIB9ul8THsowzBpJdA45N_YFDJXW6skRwbCG2YHJEZ4cLB04tw==
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
settings
syndication.twitter.com/ Frame 2DD5 		869 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=aaac8171a2bbd88b37759a8bbdbca093ef5c31e4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fportal-fr.airrefund.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN (),
Reverse DNS
Software
tsa_f /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time
113
date
Thu, 15 Feb 2024 11:16:37 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Thu, 15 Feb 2024 11:16:38 GMT
server
tsa_f
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
6bd7016110cf70c2
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7469935968
x-connection-hash
53329b11173dd7a3de85191ba31b12ec1bcd67282e4c40a59add2b5cfd45a405
content-length
337
main.js
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/ Frame 5ABD 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=62160cfa10aed4d5536d375f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
000cf4f67c9474f0eb6361bd3ab9f493e17f1873e4a36ef95c11bd685c89683d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=62160cfa10aed4d5536d375f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 01:45:30 GMT
via
1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
34269
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17136
x-xss-protection
1; mode=block
last-modified
Mon, 08 May 2023 11:44:11 GMT
server
AmazonS3
etag
"dc592904280a455012599b68215eae0f"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
falOHotBWZBCQFzyXfYqnPfAOZ2krAoo4yx1tmJlxaZyat0ZnZ20Dw==
main.js
widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/ Frame 8C3F 		112 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/main.js
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=62160cfa10aed4d5536d375f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d383d0479d70cb104e59f8a8abde7e8fd33c52d9555fbac25276c56417244f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=62160cfa10aed4d5536d375f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 02:35:10 GMT
via
1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
31289
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31063
x-xss-protection
1; mode=block
last-modified
Thu, 13 Jul 2023 07:02:11 GMT
server
AmazonS3
etag
"1a13db5176936d0e7afbdc985cc7bdf3"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
cowkuKt5Ahm1LgzUou7GEm90p_JfIBCSJ7QASOnvGkpGCvLybgUjZA==
p.gif
p.typekit.net/ 		35 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=two7reg&ht=tk&h=portal-fr.airrefund.com&f=139.140.169.171.173.175.176.5474&a=2791092&js=1.21.0&app=typekit&e=js&_=1707995798550
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
last-modified
Fri, 28 Jul 2023 12:40:18 GMT
server
nginx
etag
"64c3b732-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
js
www.googletagmanager.com/gtag/ 		283 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E67Z6H5GZ6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBVHR929
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dca828471d833bbd1a7f8277be12e67b2505fdd295527ea3352f9b1b674ab634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95644
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 11:16:38 GMT
fbevents.js
connect.facebook.net/en_US/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 15 Feb 2024 11:16:38 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
wvFkgKdszUYbK5x9B2cBV7OysrKNLjaQdNQIpRiHGYvPiuTQsh7T/6cW7fJNP+D2vLJP7CQAd4f3Sfx9n++jXQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		283 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RY04BTXR24&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBVHR929
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0c58d0d8853980a18f4f2fbe4fe2cc2af11570316851729bb3566f1471f12390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95690
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 11:16:38 GMT
js
www.googletagmanager.com/gtag/ 		291 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PGSLCCT81X&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5LQ4SR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e9390f8899a6b26e5c987d5c49c6a5dcbdc29e15c4ff5435671fc67719010af2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95431
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 11:16:38 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5LQ4SR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 15 Feb 2024 11:16:38 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0F53E1BD0A9E4EE1AC2416C1FC81C668 Ref B: PAR02EDGE1022 Ref C: 2024-02-15T11:16:38Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CMG00PBC77U58IR17KOG&lib=ttq
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.216 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a23-36-162-216.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7008d431f1d25160bec8ae628a4009f17906081e1c687bbffa6bdfe4920b665d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-akamai-request-id
1e481321
date
Thu, 15 Feb 2024 11:16:38 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240215111638853A88CD26A5C17D20ED-1052FDEAB4F3B681-00
x-cache
TCP_MISS from a23-206-213-216.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=9, origin; dur=119
content-length
1330
pragma
no-cache
server
nginx
x-tt-logid
20240215111638853A88CD26A5C17D20ED
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
120,23.206.213.216
x-tt-trace-host
015f587c6f519c953866e0424f04ed419e2843bbed9da890a707be7c45ef3e14336950eb3a6d64005ba3d65ef2673ac7a0deee2768300fa059198fe404d8e332f014161256a1d2184595f09e38223e530d63be7f2b000c99f6caa1e5ebfbd445de
expires
Thu, 15 Feb 2024 11:16:38 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CMG04VBC77U66B411340&lib=ttq
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.216 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a23-36-162-216.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f922b64df08469bef038840f818753e3d0700e8d64ea8f67af56781126f5ea61

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-akamai-request-id
f3368e1e.1e481322
date
Thu, 15 Feb 2024 11:16:38 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24021511163809C8494D6CDF52B2D67C-7062224555EBA75B-00
x-cache
TCP_MISS from a23-206-213-216.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time
105,23.206.213.216
server-timing
cdn-cache; desc=MISS, edge; dur=99, origin; dur=7, inner; dur=4
content-length
1731
pragma
no-cache
server
nginx
x-tt-logid
2024021511163809C8494D6CDF52B2D67C
x-cache-remote
TCP_MISS from a23-48-200-168.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,23.48.200.168
x-tt-trace-host
015f587c6f519c953866e0424f04ed419e15c892379848f492da90353e24ffcbb4b0bfe4535e27f8bfdd24028a28cd5bd4ea996e0c31fc65ff71a136b90028c2e7636fe7cf45647bc5053823a6ac8c55034001b9a9e7b4192b4372c703c92940b6d68857406807641ec2815c45e5552e07
expires
Thu, 15 Feb 2024 11:16:38 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5LQ4SR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 09:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5309
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 15 Feb 2024 11:48:09 GMT
5419b6ffb0d04a076446a9af
widget.trustpilot.com/trustbox-data/ Frame 5ABD 		917 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=62160cfa10aed4d5536d375f&locale=fr-FR
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-94.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
08739e9d7d662da0e8b317134c72e3c97877722903e23bc8d3e141be05cba5c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=62160cfa10aed4d5536d375f
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 15 Feb 2024 11:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA56-P4
etag
"e6730c53c27591bc4b31efb0207701f8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
cache-control
public,max-age=1800
content-length
438
x-xss-protection
1; mode=block
x-amz-cf-id
Nwu2y69IZ6fbf5B0ANa7G5Rhpsfjrtoebo3ugmBvWl6aXHT2lMJ0bg==
TrustboxImpression
widget.trustpilot.com/stats/ Frame 5ABD 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/stats/TrustboxImpression?locale=fr-FR&styleHeight=40px&reviewLanguages=fr&styleWidth=100%25&theme=light&stars=4%2C%205&url=https%3A%2F%2Fportal-fr.airrefund.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.184%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=62160cfa10aed4d5536d375f&widgetId=5419b6ffb0d04a076446a9af
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-94.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=62160cfa10aed4d5536d375f
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 11:16:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
cache-control
no-store,no-cache
x-amz-cf-id
rT36uQdC27IuNuivp-6fgffvPPix3ugFhR3500c9GBbDiE-d86Y-nw==
x-xss-protection
1; mode=block
TrustboxView
widget.trustpilot.com/stats/ Frame 5ABD 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/stats/TrustboxView?locale=fr-FR&styleHeight=40px&reviewLanguages=fr&styleWidth=100%25&theme=light&stars=4%2C%205&url=https%3A%2F%2Fportal-fr.airrefund.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.184%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=62160cfa10aed4d5536d375f&widgetId=5419b6ffb0d04a076446a9af
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-94.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=62160cfa10aed4d5536d375f
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 11:16:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
cache-control
no-store,no-cache
x-amz-cf-id
AgqkuHFEJMNVos32CrGSvDciyoH44-ZYIWgVkOR5JzJIb4AM84mnyA==
x-xss-protection
1; mode=block
54ad5defc6454f065c28af8b
widget.trustpilot.com/trustbox-data/ Frame 8C3F 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustbox-data/54ad5defc6454f065c28af8b?businessUnitId=62160cfa10aed4d5536d375f&locale=fr-FR&reviewLanguages=fr&reviewStars=4%2C%205&reviewsPerPage=15
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-94.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
d894294324aa378a2b93725849db97b4064105043f2aacf2d11fed19ed447995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=62160cfa10aed4d5536d375f
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 15 Feb 2024 11:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA56-P4
etag
"6cd7ce1272fc4d3102a2a18857beccd7"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
cache-control
public,max-age=1800
x-amz-cf-id
baxiiaeOLEN9K7azLT6zOPj76IBqvEzkqX4Xi-QYCvPl-6d4H7ujlQ==
x-xss-protection
1; mode=block
TrustboxImpression
widget.trustpilot.com/stats/ Frame 8C3F 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/stats/TrustboxImpression?locale=fr-FR&styleHeight=240px&reviewLanguages=fr&styleWidth=100%25&theme=light&stars=4%2C%205&url=https%3A%2F%2Fportal-fr.airrefund.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.184%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=62160cfa10aed4d5536d375f&widgetId=54ad5defc6454f065c28af8b
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-94.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=62160cfa10aed4d5536d375f
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 11:16:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
cache-control
no-store,no-cache
x-amz-cf-id
knB5AQCFgtp9LbHQX0aZZvILTTZkK9gcLG_KTxS1hMjxQyuFonLD8g==
x-xss-protection
1; mode=block
collect
server-side-tagging-6dborax6xa-uc.a.run.app/g/ 		0
446 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://server-side-tagging-6dborax6xa-uc.a.run.app/g/collect?v=2&tid=G-RY04BTXR24&gtm=45je42c0v9169613922z89172235916za200&_p=1707995798253&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=538538789.1707995799&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707995798&sct=1&seg=0&dl=https%3A%2F%2Fportal-fr.airrefund.com%2F&dt=Vol%20retard%C3%A9%20ou%20annul%C3%A9%20%3F%20Indemnisation%20des%20passagers%20a%C3%A9riens.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=922
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RY04BTXR24&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
server
Google Frontend
content-type
text/html
x-cloud-trace-context
5f83ef9cc525e2846b662cbc016d8a1d
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 15 Feb 2024 11:16:38 GMT
collect
www.vol-retarde.fr/g/ 		0
0
1706236556066392
connect.facebook.net/signals/config/ 		61 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1706236556066392?v=2.9.147&r=stable&domain=portal-fr.airrefund.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
77ed6ec943f09c944fe04ff4b4b7824daef8747ea111ca4e5bf1f8aca9a7039a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 15 Feb 2024 11:16:38 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
nfXhgxOvadU9PKFZ/YMrMimQ3d0tHFnzOpXLXifhmL91EpR2mGkxSYXhmg2PD1k3K1QjWIckRZVxNVbI81f//g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PGSLCCT81X&gtm=45je42c0v890928670z877272557za200&_p=1707995798253&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=538538789.1707995799&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&uid=009791d9-c0d0-4ac0-a984-b1ae978b3da4&sid=1707995798&sct=1&seg=0&dl=https%3A%2F%2Fportal-fr.airrefund.com%2F&dt=Vol%20retard%C3%A9%20ou%20annul%C3%A9%20%3F%20Indemnisation%20des%20passagers%20a%C3%A9riens.&en=page_view&_fv=1&_ss=1&tfd=1020
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PGSLCCT81X&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 11:16:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portal-fr.airrefund.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
undefined.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/undefined.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 15 Feb 2024 11:16:38 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 08F2535F3B2846C29D2738C71E19878A Ref B: PAR02EDGE1022 Ref C: 2024-02-15T11:16:38Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=undefined&Ver=2&mid=7e56b7c9-e359-4b27-8139-df1fd38813a0&sid=b02239f0cbf311ee972d7947383220eb&vid=b0223250cbf311eea3f5211b5c684e02&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Vol%20retard%C3%A9%20ou%20annul%C3%A9%20%3F%20Indemnisation%20des%20passagers%20a%C3%A9riens.&kw=Vol%20retard%C3%A9&p=https%3A%2F%2Fportal-fr.airrefund.com%2F&r=&lt=564&evt=pageLoad&sv=1&rn=192427
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 15 Feb 2024 11:16:38 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0756AF03661B4E149679EE381F29B907 Ref B: PAR02EDGE1022 Ref C: 2024-02-15T11:16:38Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collectedforms.js
js-eu1.hscollectedforms.net/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/26198936.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c326f96b9af470b51c887a189b1f81d241d6beef4844b37c8add5144fa6f55d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portal-fr.airrefund.com/
Origin
https://portal-fr.airrefund.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
x-amz-version-id
JAkD5shSwdxe4gNEROP8R.wQbdFvcCSE
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-cf-pop
FRA56-P2
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
de85c84b-c37a-4e95-8c6b-c1b8d098d28b
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.451/bundles/project.js&cfRay=855d23cebe13049a-CDG
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
6
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
de85c84b-c37a-4e95-8c6b-c1b8d098d28b
last-modified
Wed, 03 Jan 2024 09:59:35 UTC
server
cloudflare
etag
W/"dc52d8d37d1323196ca91b50795df6c4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-7684d9bdfc-zjhnq
cf-ray
855d23cebe13049a-CDG
x-amz-cf-id
2qBMMK0Tv_GbePMD-RAaeEThJNv5KM8fvTzruGH-FQ43RAbLis7-Zg==
x-hs-target-asset
collected-forms-embed-js/static-1.451/bundles/project.js
26198936.js
js-eu1.hs-analytics.net/analytics/1707994200000/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-analytics.net/analytics/1707994200000/26198936.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/26198936.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
581da1cda106fd699abfc4628367fb74a65bf09bbba83db838bdaeb943fcfe7f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
5GP62MHVFSGPE79V
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
ce5267fe-1f44-4c75-bf68-939b3a85e174
x-envoy-upstream-service-time
19
x-amz-id-2
/tBT7sx1qcbe4mgy6zf8aW1AXsa6P/ib8uzK3JY6ZvAe+Y9YK94JYUg/It4vap5zcPGX5CtjK+0=
x-evy-trace-listener
listener_https
x-request-id
ce5267fe-1f44-4c75-bf68-939b3a85e174
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 03 Jan 2024 16:36:36 GMT
server
cloudflare
etag
W/"3cf2769e050e26c721cd06ffc1e71bbb"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-85f6b97865-52v8g
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
855d23cebdbcf1a4-CDG
expires
Thu, 15 Feb 2024 11:21:38 GMT
banner.js
js-eu1.hs-banner.com/v2/26198936/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-banner.com/v2/26198936/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/26198936.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
480a4b295ec7794d199818df2357c7fb1209532693cea4b9e9af8bbc7e586ebe

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
x-amz-version-id
whMsS4Uw3qQkOK0dDXhRcmWFBOKubAQK
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
1Y7Y8BQ0ZMP06DP7
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
de334f9d-7484-4cbb-83ce-3401687eb2ff
x-envoy-upstream-service-time
20
x-amz-id-2
RMV1Y1xMePtz4WECRlNxLQl25R3/6zvg5H8b7b9byaX+FNL1QEN1le5NmgN0qTCz19xxO/z1JI4=
x-evy-trace-listener
listener_https
x-request-id
de334f9d-7484-4cbb-83ce-3401687eb2ff
x-evy-trace-route-configuration
listener_https/all
last-modified
Tue, 13 Feb 2024 16:39:20 GMT
server
cloudflare
etag
W/"978af29b307f6a99bf290a5f4372e46c"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.vlucht-vertraagd.nl
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-85f6b97865-52v8g
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
855d23cebdf1d2cd-CDG
expires
Thu, 15 Feb 2024 11:21:38 GMT
collect
www.google-analytics.com/j/ 		4 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1697149997&t=pageview&_s=1&dl=https%3A%2F%2Fportal-fr.airrefund.com%2F&ul=en-us&de=UTF-8&dt=Vol%20retard%C3%A9%20ou%20annul%C3%A9%20%3F%20Indemnisation%20des%20passagers%20a%C3%A9riens.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=414659886&gjid=473740483&cid=538538789.1707995799&uid=009791d9-c0d0-4ac0-a984-b1ae978b3da4&tid=UA-63937490-3&_gid=1873608278.1707995799&_r=1&_slc=1&gtm=45He42c0n81P5LQ4SRv77272557za200&cg1=home&cd1=009791d9-c0d0-4ac0-a984-b1ae978b3da4&cd3=fr-FR&cd4=No&cd5=production&cd7=home.index&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=1328392747
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portal-fr.airrefund.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 11:16:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portal-fr.airrefund.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1697149997&t=pageview&_s=1&dl=https%3A%2F%2Fportal-fr.airrefund.com%2F&ul=en-us&de=UTF-8&dt=Vol%20retard%C3%A9%20ou%20annul%C3%A9%20%3F%20Indemnisation%20des%20passagers%20a%C3%A9riens.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1605050509&gjid=1759147572&cid=538538789.1707995799&tid=UA-63937490-1&_gid=1873608278.1707995799&_r=1&_slc=1&gtm=45He42c0n81P5LQ4SRv77272557za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=115142989
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portal-fr.airrefund.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 11:16:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portal-fr.airrefund.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=undefined&Ver=2&mid=7e56b7c9-e359-4b27-8139-df1fd38813a0&sid=b02239f0cbf311ee972d7947383220eb&vid=b0223250cbf311eea3f5211b5c684e02&vids=0&msclkid=N&gtm_tag_source=ua_e&gc=EUR&tpp=1&ea=gtm.dom&en=Y&p=https%3A%2F%2Fportal-fr.airrefund.com%2F&sw=1600&sh=1200&sc=24&evt=custom&rn=570275
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 15 Feb 2024 11:16:38 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 74C642F9507A43F1BB200BEBB6AC832D Ref B: PAR02EDGE1022 Ref C: 2024-02-15T11:16:38Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-63937490-3&cid=538538789.1707995799&jid=414659886&uid=009791d9-c0d0-4ac0-a984-b1ae978b3da4&gjid=473740483&_gid=1873608278.1707995799&_u=YADAAUAAAAAAACAAI~&z=884136800
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://portal-fr.airrefund.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 15 Feb 2024 11:16:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portal-fr.airrefund.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-63937490-1&cid=538538789.1707995799&jid=1605050509&gjid=1759147572&_gid=1873608278.1707995799&_u=YADAAUABAAAAACAAI~&z=1940798857
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://portal-fr.airrefund.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 15 Feb 2024 11:16:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portal-fr.airrefund.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.MTU3YmJkODI0MQ.js
analytics.tiktok.com/i18n/pixel/static/ 		399 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CMG04VBC77U66B411340&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.216 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a23-36-162-216.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4d3337c243fd2997450eada372bc50705c72d3bb2fe80bcb3c074be6e39b1ffe

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-akamai-request-id
1e481503
date
Thu, 15 Feb 2024 11:16:38 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202401252008470E76A69AFE1529AD6FE5
x-tt-trace-id
00-2401252008470E76A69AFE1529AD6FE5-310B87FDA764BEDD-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-206-213-216.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01fc1f39f1ad4e7a80fbd33d68a8d633ce180dc1a11477749e99ef43a6539a58650e3299057def8389189ae66d81c32db6b1e49e1992ef7c12dec235ef0bddb20def81b0d6c44b2f6b10ab7583d7b40aa61e90afdd5f50e37b4d0fba36de241b28
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=14
content-length
106017
main.MTU3YmJkODI0MA.js
analytics.tiktok.com/i18n/pixel/static/ 		379 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CMG00PBC77U58IR17KOG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.216 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a23-36-162-216.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3fb856882cd87a671903d75d594f2fb840abbb70a196395fa2197cbadb03149e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-akamai-request-id
1e4815c0
date
Thu, 15 Feb 2024 11:16:38 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240125200846863433A9E0143B6A98A0
x-tt-trace-id
00-240125200846863433A9E0143B6A98A0-096A4C0DFC51FA1E-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-206-213-216.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01336d9453f16808a124e6aafc48b9b63a9cc53458a4378279b3732a54afaa044b7fe852dee546d10b76403b790585df9555cb2822a2a44815c92e0e75cb1bc1488d68b717d4e2004296733786c81e7e8fd859860c0029855236507aeaee38ede9
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=20
content-length
104089
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-63937490-3&cid=538538789.1707995799&jid=414659886&_u=YADAAUAAAAAAACAAI~&z=771434763
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 11:16:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-63937490-3&cid=538538789.1707995799&jid=414659886&_u=YADAAUAAAAAAACAAI~&z=771434763
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 11:16:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-63937490-1&cid=538538789.1707995799&jid=1605050509&_u=YADAAUABAAAAACAAI~&z=228094254
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 11:16:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-63937490-1&cid=538538789.1707995799&jid=1605050509&_u=YADAAUABAAAAACAAI~&z=228094254
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 11:16:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
forms-eu1.hscollectedforms.net/collected-forms/v1/config/ 		116 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=26198936&utk=
Requested by
Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d2a81839ec88997fb57fe72169e71c11e72d496dbd0534c7cec26c16a9975a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://portal-fr.airrefund.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
64a3331b-fe3d-43e1-95b9-29bbd2ced02e
x-envoy-upstream-service-time
6
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
64a3331b-fe3d-43e1-95b9-29bbd2ced02e
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://portal-fr.airrefund.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-7684d9bdfc-zjhnq
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
855d23cf5eb8049a-CDG
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1706236556066392&ev=PageView&dl=https%3A%2F%2Fportal-fr.airrefund.com%2F&rl=&if=false&ts=1707995798919&sw=1600&sh=1200&v=2.9.147&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1707995798918.674390078&cs_est=true&ler=empty&cdl=API_unavailable&it=1707995798710&coo=false&exp=e1&rqm=GET
Requested by
Host: portal-fr.airrefund.com
URL: https://portal-fr.airrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 15 Feb 2024 11:16:38 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
identify_0a875.js
analytics.tiktok.com/i18n/pixel/static/ 		137 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_0a875.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.216 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a23-36-162-216.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-akamai-request-id
1e481645
date
Thu, 15 Feb 2024 11:16:38 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240123151538729DA4B1C47DB0BDFF8F
x-tt-trace-id
00-240123151538729DA4B1C47DB0BDFF8F-132CC1C3B970F843-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-206-213-216.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01d20dcec83214709db4d30e1a223b297becc8e55e7399f61bf6bb6473e99893713aff867ac5fca36b6f1d7cc3a4194585c60c3ca321440c6c8b6a2f157c4bd58cfc638a0e64bd859185eb0455704c3f8169f0f33bcb6bf1e1d290f26a14bf5188
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=11
content-length
36982
pixel
analytics.tiktok.com/api/v2/ 		0
846 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.216 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a23-36-162-216.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal-fr.airrefund.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
4c2fc3b.1e481673
date
Thu, 15 Feb 2024 11:16:39 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2402151116393C4C2B84DCF7F0701CB8-546BDFB63D14AB44-00
x-cache
TCP_MISS from a23-206-213-216.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time
130,23.206.213.216
server-timing
cdn-cache; desc=MISS, edge; dur=94, origin; dur=45, inner; dur=39
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202402151116393C4C2B84DCF7F0701CB8
x-cache-remote
TCP_MISS from a23-220-104-202.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
45,23.220.104.202
x-tt-trace-host
015f587c6f519c953866e0424f04ed419e15c892379848f492da90353e24ffcbb40f847ba2b6a245e9965d26d5909d93f870870be7f921d44b4cb85e0a33a81cbcf9564585515c6a33e2d013b563878b698c4eef98aa204b57684a6152373c81a0a479692a6224ee7cb7b5ca48e5daf610
access-control-allow-headers
Authorization,*
expires
Thu, 15 Feb 2024 11:16:39 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
844 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.216 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a23-36-162-216.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal-fr.airrefund.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
e8e3664a.1e48167b
date
Thu, 15 Feb 2024 11:16:39 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240215111639F37055CC26E55667A1C0-5A768508C700930C-00
x-cache
TCP_MISS from a23-206-213-216.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time
139,23.206.213.216
server-timing
cdn-cache; desc=MISS, edge; dur=101, origin; dur=49, inner; dur=46
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240215111639F37055CC26E55667A1C0
x-cache-remote
TCP_MISS from a104-78-78-93.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
49,104.78.78.93
x-tt-trace-host
015f587c6f519c953866e0424f04ed419e2843bbed9da890a707be7c45ef3e1433de7fd935d1038b4fa3f62574be8fc25a8c6d69dd887e355555213636116d08a9e41f75b8981928abb98647b90a4a9d4e65071e6e76070e0368ff3dcc651011f488e9ebbeddd3271dc5779ba773c80011
access-control-allow-headers
Authorization,*
expires
Thu, 15 Feb 2024 11:16:39 GMT
__ptq.gif
track-eu1.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4158071004&v=1.1&a=26198936&rcu=https%3A%2F%2Fportal-fr.airrefund.com%2F&pu=https%3A%2F%2Fportal-fr.airrefund.com%2F&t=Vol+retard%C3%A9+ou+annul%C3%A9+%3F+Indemnisation+des+passagers+a%C3%A9riens.&cts=1707995799058&vi=c5bbfc983060c1cfefddfd220c43aced&nc=true&u=149450473.c5bbfc983060c1cfefddfd220c43aced.1707995799057.1707995799057.1707995799057.1&b=149450473.1.1707995799057&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
3662672e-6a64-4891-a189-450998c19981
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
3
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
3662672e-6a64-4891-a189-450998c19981
last-modified
Thu, 15 Feb 2024 11:16:39 GMT
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gazd%2FHvEQqfVkGLZXjTLURtYxoW%2BlevgHu6kjm7HNl0H72gWaB5N6iBcKUDWQGzKRrjobDJg8zMjKlNNC2BKaObXqKk9RG89xWO66H9LYGQSaAk9CB%2FGgr3aRL15wJEEmQDF1lD%2BMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-5b44f44cd9-m87tm
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
855d23d08dd701ef-CDG
x-robots-tag
none
collect
server-side-tagging-6dborax6xa-uc.a.run.app/g/ 		65 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://server-side-tagging-6dborax6xa-uc.a.run.app/g/collect?v=2&tid=G-RY04BTXR24&gtm=45je42c0v9169613922z89172235916za200&_p=1707995798253&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=538538789.1707995799&ul=en-us&sr=1600x1200&_fplc=0&ur=FR-HDF&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sst.uc=FR&sst.etld=google.fr&sst.gcsub=region1&sst.gcd=13l3l3l3l1&sst.tft=1707995798253&_s=2&sid=1707995798&sct=1&seg=0&dl=https%3A%2F%2Fportal-fr.airrefund.com%2F&dt=Vol%20retard%C3%A9%20ou%20annul%C3%A9%20%3F%20Indemnisation%20des%20passagers%20a%C3%A9riens.&en=gtm.dom&ep.event_id=fa25fea1-5b67-420d-8db0-bc9181eaee6c_1707995798254.3&ep.event_name=PageView&_et=2&tfd=1426&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RY04BTXR24&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://portal-fr.airrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 11:16:39 GMT
x-content-type-options
nosniff
server
Google Frontend
content-type
text/plain
access-control-allow-origin
https://portal-fr.airrefund.com
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering
no
expires
Thu, 15 Feb 2024 11:16:39 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
847 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.216 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a23-36-162-216.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal-fr.airrefund.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
f336bf07.1e481883
date
Thu, 15 Feb 2024 11:16:39 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24021511163955AA77F66BD7A96FAF5E-288661F955E8A981-00
x-cache
TCP_MISS from a23-206-213-216.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time
118,23.206.213.216
server-timing
cdn-cache; desc=MISS, edge; dur=99, origin; dur=31, inner; dur=27
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024021511163955AA77F66BD7A96FAF5E
x-cache-remote
TCP_MISS from a23-48-200-168.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
31,23.48.200.168
x-tt-trace-host
015f587c6f519c953866e0424f04ed419e15c892379848f492da90353e24ffcbb4b0bfe4535e27f8bfdd24028a28cd5bd4711598eacbc4ff13496bb3d44a1ccf92a8e85aa1b8be8b631051c7a3a5d1949acc0d21ae4586894c5e2545d4e9a2ebf1671cc4f83bd17d080a64803d8043bdd7
access-control-allow-headers
Authorization,*
expires
Thu, 15 Feb 2024 11:16:39 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.vol-retarde.fr
URL
https://www.vol-retarde.fr/g/collect?v=2&tid=G-E67Z6H5GZ6&gtm=45je42c0v9172258573z89172235916za200&_p=1707995798253&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=538538789.1707995799&ul=en-us&sr=1600x1200&_fplc=0&ur=FR-HDF&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sst.uc=FR&sst.etld=google.fr&sst.gcsub=region1&sst.gcd=13l3l3l3l1&sst.tft=1707995798253&_s=1&uid=009791d9-c0d0-4ac0-a984-b1ae978b3da4&sid=1707995798&sct=1&seg=0&dl=https%3A%2F%2Fportal-fr.airrefund.com%2F&dt=Vol%20retard%C3%A9%20ou%20annul%C3%A9%20%3F%20Indemnisation%20des%20passagers%20a%C3%A9riens.&en=page_view&_fv=1&_ss=1&tfd=957&richsstsse

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| $ function| jQuery function| SignaturePad function| Swiper function| autosize object| Typekit object| dataLayer function| gaEvent object| translations function| getParameterByName function| timelineOption function| cleanAutoLinker function| trans object| FB object| __twttrll object| twttr object| __twttr object| Trustpilot object| gapi object| ___jsl object| __buffer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| fbq function| _fbq object| VWO function| uet_report_conversion object| uetq string| TiktokAnalyticsObject object| ttq string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal function| UET function| UET_init function| UET_push object| ueto_2dcfdc8fc9 object| _hsp object| gaplugins object| gaData object| __hsCollectedFormsDebug object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime

23 Cookies

Domain/Path Name / Value
.airrefund.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IkFmdTRRWjJxU1hVcDh1eEFnK2drOVE9PSIsInZhbHVlIjoiNXlxNUlUL3Ridy9nU1RqV0VZV2tkcVIwSW92NTlrK1pLRmhqaU5uK29XMFd4T2dDMWJ6U1J6eC9XK0Q0ODZrUFRQU2NJU2t4d0lOTVdveUhNd1ZhWUZzU3RKU2FkRUg2eWlHVUhKMHdRQ05TdUM5a2hGMjBPb3RwUGxBREdFZ20iLCJtYWMiOiI0OGZiNjU1ZGIwYTY3ODgyZDk3YWE1Mzc2YzUxMzQ3YzFlZGU4YWQzNjgwZTdmZTVhMDk3ZDE1Mzk0MzQ1YWJhIiwidGFnIjoiIn0%3D
.airrefund.com/ Name: gc_session
Value: eyJpdiI6Ilk2Q0x3OVVuUGs5Um85ci9Qc3VrdXc9PSIsInZhbHVlIjoiQ2RTS2tQaDlwenlxVHRTU2dGdW1QMjFFV1hVeWdIeXZZOWgzRHd5M0xiQjdhSXZxeFdmYkhvVXl2WmZCZzkzQkRickh1Y0VFNkRRL0NOckQxSlp2d085TXc1VU9XbDFEWjV0TCtnZWV1eXZaeVZmVThFVlZPdnJMMTNGNVYxclMiLCJtYWMiOiJmZjE1MDI2YWRlY2ZhNWEyNmY5MTkzYTJlMzM1MzU3MzVlMTFkYjhjZmY0ZmQ4NmVjODVjMDA3ZGJjYTE2NGFkIiwidGFnIjoiIn0%3D
.airrefund.com/ Name: _gcl_au
Value: 1.1.1656299636.1707995799
.airrefund.com/ Name: _ga_RY04BTXR24
Value: GS1.1.1707995798.1.0.1707995798.0.0.0
.airrefund.com/ Name: _ga_E67Z6H5GZ6
Value: GS1.1.1707995798.1.0.1707995798.0.0.0
.airrefund.com/ Name: _ga_PGSLCCT81X
Value: GS1.1.1707995798.1.0.1707995798.0.0.0
.airrefund.com/ Name: _ga
Value: GA1.2.538538789.1707995799
.airrefund.com/ Name: _gid
Value: GA1.2.1873608278.1707995799
.airrefund.com/ Name: _gat_UA-63937490-3
Value: 1
.airrefund.com/ Name: _gat_UA-63937490-1
Value: 1
.airrefund.com/ Name: _uetsid
Value: b02239f0cbf311ee972d7947383220eb
.airrefund.com/ Name: _uetvid
Value: b0223250cbf311eea3f5211b5c684e02
.tiktok.com/ Name: _ttp
Value: 2cOwBhVpaFz5vgHuzrPzofNbO38
.bing.com/ Name: MUID
Value: 187584EE4ECD67B5128590C84F8A6606
.airrefund.com/ Name: _fbp
Value: fb.1.1707995798918.674390078
.airrefund.com/ Name: _tt_enable_cookie
Value: 1
.airrefund.com/ Name: _ttp
Value: DGxPL-1BKOdUBcrNnuuxfcK6Cyb
portal-fr.airrefund.com/ Name: __hstc
Value: 149450473.c5bbfc983060c1cfefddfd220c43aced.1707995799057.1707995799057.1707995799057.1
portal-fr.airrefund.com/ Name: hubspotutk
Value: c5bbfc983060c1cfefddfd220c43aced
portal-fr.airrefund.com/ Name: __hssrc
Value: 1
portal-fr.airrefund.com/ Name: __hssc
Value: 149450473.1.1707995799057
.hubspot.com/ Name: __cf_bm
Value: bpzTzsAZ94He6h.pa9V9zk41mP7s.J30EGwpHapKivs-1707995799-1.0-AU2TKvplzeaN4dWOMEyWzpqbTdhFrA9cuwKWLLPSeEmEA43kBvqy7tw0lowfT8ZT1HcXd26OkSDMMFOf4uQn+PE=
.hubspot.com/ Name: _cfuvid
Value: 7.ViNRRm82XSlz3d8X9o3VP6IdSEU1zxdwkhouCdtaY-1707995799168-0.0-604800000

16 Console Messages

Source Level URL
Text
network error URL: https://d2htwrs017c1b3.cloudfront.net/img/logos/logo-airrefund-mobile.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://portal-fr.airrefund.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portal-fr.airrefund.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portal-fr.airrefund.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portal-fr.airrefund.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/1706236556066392?v=2.9.147&r=stable&domain=portal-fr.airrefund.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://portal-fr.airrefund.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portal-fr.airrefund.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portal-fr.airrefund.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portal-fr.airrefund.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://portal-fr.airrefund.com/
Message:
Access to XMLHttpRequest at 'https://www.vol-retarde.fr/g/collect?v=2&tid=G-E67Z6H5GZ6&gtm=45je42c0v9172258573z89172235916za200&_p=1707995798253&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=538538789.1707995799&ul=en-us&sr=1600x1200&_fplc=0&ur=FR-HDF&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sst.uc=FR&sst.etld=google.fr&sst.gcsub=region1&sst.gcd=13l3l3l3l1&sst.tft=1707995798253&_s=1&uid=009791d9-c0d0-4ac0-a984-b1ae978b3da4&sid=1707995798&sct=1&seg=0&dl=https%3A%2F%2Fportal-fr.airrefund.com%2F&dt=Vol%20retard%C3%A9%20ou%20annul%C3%A9%20%3F%20Indemnisation%20des%20passagers%20a%C3%A9riens.&en=page_view&_fv=1&_ss=1&tfd=957&richsstsse' from origin 'https://portal-fr.airrefund.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.vol-retarde.fr/g/collect?v=2&tid=G-E67Z6H5GZ6&gtm=45je42c0v9172258573z89172235916za200&_p=1707995798253&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=538538789.1707995799&ul=en-us&sr=1600x1200&_fplc=0&ur=FR-HDF&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sst.uc=FR&sst.etld=google.fr&sst.gcsub=region1&sst.gcd=13l3l3l3l1&sst.tft=1707995798253&_s=1&uid=009791d9-c0d0-4ac0-a984-b1ae978b3da4&sid=1707995798&sct=1&seg=0&dl=https%3A%2F%2Fportal-fr.airrefund.com%2F&dt=Vol%20retard%C3%A9%20ou%20annul%C3%A9%20%3F%20Indemnisation%20des%20passagers%20a%C3%A9riens.&en=page_view&_fv=1&_ss=1&tfd=957&richsstsse
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://portal-fr.airrefund.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portal-fr.airrefund.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portal-fr.airrefund.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portal-fr.airrefund.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.tiktok.com
apis.google.com
bat.bing.com
cdn.jsdelivr.net
connect.facebook.net
d2htwrs017c1b3.cloudfront.net
forms-eu1.hscollectedforms.net
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hscollectedforms.net
js.hs-scripts.com
maxcdn.bootstrapcdn.com
p.typekit.net
platform.twitter.com
portal-fr.airrefund.com
region1.google-analytics.com
server-side-tagging-6dborax6xa-uc.a.run.app
stats.g.doubleclick.net
syndication.twitter.com
track-eu1.hubspot.com
use.typekit.net
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
www.vol-retarde.fr
www.vol-retarde.fr
104.244.42.136
172.65.192.122
172.65.202.201
172.65.208.22
172.65.238.60
172.65.240.166
2001:4860:4802:34::36
2001:4860:4802:38::35
23.36.162.216
2600:9000:2127:4e00:18:427:27c0:21
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:5914
2606:4700::6810:bb59
2606:4700::6812:acf
2620:1ec:c11::200
2a00:1450:4001:806::2008
2a00:1450:4001:806::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:828::200e
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9a
2a02:26f0:3500:16::215:1484
2a02:26f0:3500:16::215:1495
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
52.222.236.94
54.171.83.16
000cf4f67c9474f0eb6361bd3ab9f493e17f1873e4a36ef95c11bd685c89683d
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
08739e9d7d662da0e8b317134c72e3c97877722903e23bc8d3e141be05cba5c6
08e3a7443f4bba0c04df4c1a3aa6e681fb880e677460b8c6d3a4bb98ef466e91
0c58d0d8853980a18f4f2fbe4fe2cc2af11570316851729bb3566f1471f12390
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
19f644cb5d42e505c6b145736b4f6be941e1b1407e03bb5f4f4ed73ca425b22b
1c244d59b88cac0a44f3997f91ac36973a28212d10ec53fd7a919f68ee8146f0
1ce74486e1edf5e3a7f3d0235aff5fd17b7fa0c7832648ab170a516bb1b804a8
23222551c0d9b489a47bca1869b276dc9267e0d0053d90ef200a135d9063a885
259a7c0d6b6635b7ddc2adf58201d42460680fec83c5609bf8231db6af9315c6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e1034b695060b088bc180aa9106ccbfb911814db7f0c8095bfccdb7a060b082
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
31f4c26d2d445d99c877cf07635cce27cf2e9274194c106f38aec6ecd5b4b288
3b1857132860557543b42be54a06599bfc30917915b058b3637daa9d9bdc667b
3cc29d1822e0ffa5ea453edac886f0963bd05d19766ed4f8a20acc03aa693645
3fb856882cd87a671903d75d594f2fb840abbb70a196395fa2197cbadb03149e
416600ade848b9c04f1f6709a5a4e8c5cf2f2443bba22994f9cc72ea79cf024c
440605a994696b606abc5203a26d567023b62900867a9966be56338e15b15ffd
45b751705b75f18b965bc83dd16fc7901b277df08cbd8dbe9ca9f07e1c4a4cbc
480a4b295ec7794d199818df2357c7fb1209532693cea4b9e9af8bbc7e586ebe
4d3337c243fd2997450eada372bc50705c72d3bb2fe80bcb3c074be6e39b1ffe
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
55d2a81839ec88997fb57fe72169e71c11e72d496dbd0534c7cec26c16a9975a
57969acc126ee42784fe0670b9627bba9772f33c2df93f7f60d68cbbd69cb4c2
581da1cda106fd699abfc4628367fb74a65bf09bbba83db838bdaeb943fcfe7f
5be8af36f5639905fa153945d12f9208332302e4d534acc7d7afa442f4567138
5c879d7c634220260b79202d208d2b81b3823850eedc6eb532c531415d4e2836
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
601920d6dbd057e18a986cef8af6b3e7187eed60505034bc63f53f36b456927c
697a05ef8add91e2dc9f442698df4a66dad2696fc084b832c82ee0dfda5c8b44
7008d431f1d25160bec8ae628a4009f17906081e1c687bbffa6bdfe4920b665d
7070f513436793896069440a44a566311b25ae4ecafe8a61b214bb658c6b8f5a
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
75dbd8d0d1a066f4693db9363683716d3c691ed0fe0012231ac18a3fbc139c71
77ed6ec943f09c944fe04ff4b4b7824daef8747ea111ca4e5bf1f8aca9a7039a
7c326f96b9af470b51c887a189b1f81d241d6beef4844b37c8add5144fa6f55d
814a64e8a0ef87d455832983c7c5375b21e90f225e9f5195565dacc199c89dec
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
8db0f4d01c40cce819272845d1cb25e79596a76f11ca6b9dce4e04dd5966fe8c
8f264dd70bf28b6833e8f962e52a39e66422986635cd58229b6def28e79cea34
9b2c9631a363f15753e3227b24954f3c8e6a3b6439bad6822f7e6dabf446ba2a
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a6e8aec7ccc3eb5c11b1b26ddb6d10bffafd6c57f9841e8c8d2a7a869ff696d5
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a87d55dbc66d113e6e54c957f8ecd092e654915c118cb8c027848aa67dbf5710
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b3d38ab96d961ed61ca6bc927725cbdd8bd8d4e6d1bf7e5975ac29c018e4e1a3
b85f89fe644de9f75f441744137e34d9461bb7b0c608ea4d2052f4e9c990882a
bc5fdb2f4abcfdbd6c8a924d5e0adf32563d79765c51f9df8a6d855a902215e3
c4dbc6d49dcff4af9d8ae010d1722bbeaa6816aaa036f42fe6b8520a6979175e
ccdf3fff09f5e67eb9e200c9c063b7813db8275aa46b1b9835be90282a03f9dc
cf66af0d3442ecd7670998f7a241d48fd34c0da64d2038b3a67e54532598d8ae
d383d0479d70cb104e59f8a8abde7e8fd33c52d9555fbac25276c56417244f8e
d44804f25de670667189941b7aa237b80c35f26f0e35f2dd253e6958850cdc6e
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
d894294324aa378a2b93725849db97b4064105043f2aacf2d11fed19ed447995
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dca828471d833bbd1a7f8277be12e67b2505fdd295527ea3352f9b1b674ab634
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3a453a3255a5cbed5aa510e48798c1cd46ba908e8a3de0158677e5bf8ffb592
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f21519701b5517a0d1ca8174b485d286b1ed7ebb20024fac4301e991d954ff
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e6901488882baa614251a3a04ea31e3481c6f0091b0da62adb15c9c01480ca9d
e7eed928596fc3d1c1180c26f81e1847c6aac858cca19c4a69fd9f1220ef5ff3
e9390f8899a6b26e5c987d5c49c6a5dcbdc29e15c4ff5435671fc67719010af2
e9ed63cb829fef9bd01dede3908fb4259147281cfc2bf6c0b705219da4cab9c2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6a6f6a0be7cacec536339a955740b0f57dd43305abdee71c99f275601498f0e
f922b64df08469bef038840f818753e3d0700e8d64ea8f67af56781126f5ea61
facbcbfac98f44023bfc36de1aced2c59912a7d41b6438b4ee36b8df0c706aba
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675