simpleflying.com Open in urlscan Pro
34.233.113.241  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://app.getresponse.com/click.html?x=a62b&lc=hMxY1B&mc=Iw&s=BEC42xl&u=ybXJD&z=EwelFHv& HTTP 302
   https://simpleflying.com/ita-airways-bidding-closes/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

• https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
• https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js

Request Chain 46

• https://ssum.casalemedia.com/usermatchredir?s=184550&cb= HTTP 302
• https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1

Request Chain 56

• https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmbid.marfeelrev.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526f%253Di%2526uid%253D%2524UID HTTP 302
• https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6850842669882705040

Request Chain 64

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?CtsSyncId=457F9EFC43ED4B7DBBC82855628F791A&RedC=c.clarity.ms&MXFR=084398826A1463AD36848A8A6E146D89 HTTP 302
• https://c.clarity.ms/c.gif?CtsSyncId=457F9EFC43ED4B7DBBC82855628F791A&MUID=34BFE356C23463DB1DD3F15EC3BB627B

Request Chain 70

• https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
• https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
• https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=b17cb4db-008c-4b70-9e29-9b97d9f2723d

Request Chain 83

• https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=7d976ca2-220e-11ed-b131-18b2794d0406 HTTP 302
• https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=&advId=94&advUuid=7d976c42-220e-11ed-b131-18b2794d0406

Request Chain 89

• https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
• https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=&advId=93&advUuid=0036d72b-8f6d-4227-8b87-95d0228468a2

Request Chain 90

• https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
• https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=&advId=99&advUuid=YwNp8MwIrK22xk33B7wnngAAEOgAAAIB

Request Chain 93

• https://ups.analytics.yahoo.com/ups/58627/occ HTTP 302
• https://ups.analytics.yahoo.com/ups/58627/occ?verify=true HTTP 302
• https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-b1A3289E2uE0dLWCnRvIc9CjhykIJRmW40MyDw8-~A&advUuid=y-b1A3289E2uE0dLWCnRvIc9CjhykIJRmW40MyDw8-~A

Request Chain 94

• https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 302
• https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=&advId=105&advUuid=6850842669882705040

Request Chain 95

• https://mb9eo.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
• https://mb9eo.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D

Request Chain 96

• https://cs.media.net/cksync?cs=34&type=pri&ovsid=630369f2558b7&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D1723987475%2526pcid%253D%3Cvsid%3E%26advId%3D127%26advUuid%3D%3Cvsid%3E HTTP 302
• https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D0000EEA&advId=127&advUuid=0000EEA

Request Chain 98

• https://ads.stickyadstv.com/user-matching?id=3586&gdpr=1&gdpr_consent= HTTP 302
• https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%263rdpcid%3Da91d6fd3412b21d774341166776b818b&advId=134&advUuid=a91d6fd3412b21d774341166776b818b

Request Chain 103

• https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 302
• https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6850842669882705040

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response simpleflying.com/ita-airways-bidding-closes/ Redirect Chain https://app.getresponse.com/click.html?x=a62b&lc=hMxY1B&mc=Iw&s=BEC42xl&u=ybXJD&z=EwelFHv& https://simpleflying.com/ita-airways-bidding-closes/?	651 KB 118 KB	911ms 612ms	Document text/html	34.233.113.241 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-113-241.compute-1.amazonaws.com Software nginx / Resource Hash 4f3e15d841f910718da883350924f3003b4c1c7d4ef7b3916d551f9ffd72f067 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers cache-control no-cache, private content-encoding br content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: content-type text/html; charset=UTF-8 date Mon, 22 Aug 2022 11:35:11 GMT referrer-policy no-referrer-when-downgrade server nginx strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block Redirect headers content-security-policy-report-only default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; frame-src https:; font-src https: data:; report-uri https://index-log.getresponse.com/index/marketing_csp?source=app-gr content-type text/html; charset=UTF-8 date Mon, 22 Aug 2022 11:35:10 GMT feature-policy accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr * location https://simpleflying.com/ita-airways-bidding-closes/? referrer-policy strict-origin-when-cross-origin server nginx strict-transport-security max-age=31536000 x-content-type-options nosniff x-frame-options sameorigin x-xss-protection 1; mode=block
GET H2	200	ITA-Airways-Airbus-A330-200-EI-EJO-(2).jpg static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/08/	55 KB 56 KB	163ms 55ms	Image image/avif	2606:4700:10::ac43:cde CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/08/ITA-Airways-Airbus-A330-200-EI-EJO-(2).jpg?q=50&fit=contain&w=1500&h=&dpr=1.5 Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:cde , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f78bee40318da80e30bdbd868517da4cdb5965169e643c706698a8fde5c31151 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT cf-cache-status HIT age 5286 content-disposition inline; filename="ITA-Airways-Airbus-A330-200-EI-EJO-(2).avif" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 56417 x-request-id Xq20p5kKTCP0pb7oCSRMT server cloudflare etag "KAcKWb6z_qKkooxOY8caG3so1uqJzqqGTzGJoiouUVQ/RIkFqSEwzTWFTMVZoNTdFQTYzTEdGbUEi" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding access-control-allow-methods GET, OPTIONS content-type image/avif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 73eb4db8487d1600-ARN expires Tue, 22 Aug 2023 10:02:05 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	203 KB 73 KB	235ms 86ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-6HWFJ4EQLT Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 26f460477e26f5c403cd30dfabfc3f850adac1df34f263d4a637076458e7fee5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 74093 x-xss-protection 0 expires Mon, 22 Aug 2022 11:35:11 GMT
GET H2	200	a-article.ffb95c32.css simpleflying.com/public/build/	239 KB 33 KB	284ms 284ms	Stylesheet text/css	34.233.113.241 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://simpleflying.com/public/build/a-article.ffb95c32.css Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-113-241.compute-1.amazonaws.com Software nginx / Resource Hash 40d960d2f34acea6636b72c111f60d6db68e31ce1f98bfece9d6a776df371768 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT content-encoding br x-content-type-options nosniff vary Accept-Encoding x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 19 Aug 2022 20:14:32 GMT server nginx x-frame-options SAMEORIGIN etag W/"62ffef28-3bdee" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css cache-control max-age=31536000, max-age=31536000, public content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: expires Tue, 22 Aug 2023 11:35:11 GMT
GET H2	200	dfp.js Show response simpleflying.com/public/build/	36 B 509 B	143ms 143ms	Script application/javascript	34.233.113.241 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://simpleflying.com/public/build/dfp.js Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-113-241.compute-1.amazonaws.com Software nginx / Resource Hash ffc4b44e1b7402c08e5f2f702ca535e7e7083a684cda203dfdcb734cd5761aa6 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT content-encoding br x-content-type-options nosniff vary Accept-Encoding x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 19 Aug 2022 20:14:32 GMT server nginx x-frame-options SAMEORIGIN etag W/"62ffef28-24" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cache-control max-age=31536000, max-age=31536000, public content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: expires Tue, 22 Aug 2023 11:35:11 GMT
GET H2	200	valnet-header-ads.f984de39.js Show response simpleflying.com/public/build/	3 KB 2 KB	148ms 143ms	Script application/javascript	34.233.113.241 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://simpleflying.com/public/build/valnet-header-ads.f984de39.js Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-113-241.compute-1.amazonaws.com Software nginx / Resource Hash 7f7f9215366a526576e0e91f1e79b1e2c817921dbd9dd96f2cdf51bfe98706f5 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT content-encoding br x-content-type-options nosniff vary Accept-Encoding x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 19 Aug 2022 20:14:32 GMT server nginx x-frame-options SAMEORIGIN etag W/"62ffef28-ba3" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cache-control max-age=31536000, max-age=31536000, public content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: expires Tue, 22 Aug 2023 11:35:11 GMT
GET H2	200	adsninja_client.js Show response adsninja.ca/	53 KB 13 KB	585ms 285ms	Script application/javascript	54.144.151.126 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://adsninja.ca/adsninja_client.js?v=1659544401 Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.144.151.126 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-144-151-126.compute-1.amazonaws.com Software nginx / Resource Hash 1ead244357de11688c2818ae28b86304e740d6581027ebced63febc0ffd19ec3 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT content-encoding br x-content-type-options nosniff vary Accept-Encoding x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Tue, 16 Aug 2022 18:26:35 GMT server nginx x-frame-options SAMEORIGIN etag W/"62fbe15b-d2d8" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cache-control max-age=31536000, max-age=31536000, public content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: expires Tue, 22 Aug 2023 11:35:11 GMT
GET H2	200	op.js Show response tagan.adlightning.com/valnet/	48 KB 19 KB	223ms 76ms	Script application/javascript	65.9.66.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/valnet/op.js Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-85.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash a84269dca33a997a8b241adf1b768390a33d12f1943627d71097c91a2a4c4cde Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-amz-version-id T5MA03vnD5pb5IhQGp6BXXtIN1heaPoG content-encoding gzip etag "3fedbe89822aab4eae6624c953a83c04" age 1721 x-cache Hit from cloudfront content-length 19325 x-amz-meta-git_commit 39123b0 last-modified Sat, 20 Aug 2022 01:06:22 GMT server AmazonS3 date Mon, 22 Aug 2022 11:06:41 GMT vary Accept-Encoding content-type application/javascript via 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-cf-pop FRA56-C1 accept-ranges bytes x-amz-cf-id f9y6MeMYKnyiV-OMLcbCLxABrHjFSA5O_UDpdRmof5xvP6Z9XdlvTw==
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	166 KB 56 KB	297ms 132ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bc6f6e99280a2845b728c6be30eb85f364018a6a4539e023cded9be1041b2005 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 57255 x-xss-protection 0 server cafe etag 12149444604784748583 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Mon, 22 Aug 2022 11:35:11 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	165 KB 56 KB	294ms 129ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8382598503519971 Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f582f35273a2b0a2de70e941764214419df9ffd99f29930e02fdc387129506af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? Origin https://simpleflying.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 57174 x-xss-protection 0 server cafe etag 738124739403670957 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Mon, 22 Aug 2022 11:35:11 GMT
GET H2	200	valnet-footer.144b5218.js Show response simpleflying.com/public/build/	49 KB 14 KB	150ms 145ms	Script application/javascript	34.233.113.241 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://simpleflying.com/public/build/valnet-footer.144b5218.js Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-113-241.compute-1.amazonaws.com Software nginx / Resource Hash 5745cbcab491dfc7594b475d20aa80a5fd43b7f09d5d97533b028a9194e94713 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT content-encoding br x-content-type-options nosniff vary Accept-Encoding x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 19 Aug 2022 20:14:32 GMT server nginx x-frame-options SAMEORIGIN etag W/"62ffef28-c514" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cache-control max-age=31536000, max-age=31536000, public content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: expires Tue, 22 Aug 2023 11:35:11 GMT
GET H2	200	valnet-footer-article.d048a54a.js Show response simpleflying.com/public/build/	9 KB 3 KB	148ms 144ms	Script application/javascript	34.233.113.241 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://simpleflying.com/public/build/valnet-footer-article.d048a54a.js Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-113-241.compute-1.amazonaws.com Software nginx / Resource Hash ec267c0ec001f1dede649a96c38a3ae036a7a8b129d02025b35cc99c0427eec3 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT content-encoding br x-content-type-options nosniff vary Accept-Encoding x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 19 Aug 2022 20:14:32 GMT server nginx x-frame-options SAMEORIGIN etag W/"62ffef28-24d2" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cache-control max-age=31536000, max-age=31536000, public content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: expires Tue, 22 Aug 2023 11:35:11 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	228ms 69ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 1991 date Mon, 22 Aug 2022 11:02:00 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Mon, 22 Aug 2022 13:02:00 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	171 KB 61 KB	90ms 86ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-53CFZHZ Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e73d12286ce169db233e632624e57aa9100406fe146bab7696324ff46357067d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61942 x-xss-protection 0 last-modified Mon, 22 Aug 2022 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 22 Aug 2022 11:35:11 GMT
GET H2	200	v2gcfx2ERU5kb_dukxapx69c4smqW9IVElpgfkmu-yZOmRRB_0U1OY4lV Show response childlikeform.com/	594 KB 101 KB	475ms 347ms	Script text/javascript	2600:1901:0:f8d1::1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://childlikeform.com/v2gcfx2ERU5kb_dukxapx69c4smqW9IVElpgfkmu-yZOmRRB_0U1OY4lV Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash a97a0cc5c61b2c1f45856231362cce60a331939bce9ed45d3cc8a3dcf295f901 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=15724800; preload content-encoding br x-datacenter gce-europe-west1 etag "dd4e61ded1a489790ab450d75af11bf865b02a3b053069aac5aea54db2167199" x-buildname hoothoot vary Accept-Encoding, Accept-Language x-hostname fen-hoothoot-europe-west1-hhc0 content-type text/javascript; charset=utf-8 via 1.1 google cache-control private, must-revalidate, max-age=21600 date Mon, 22 Aug 2022 11:35:12 GMT x-buildnumber 609294353 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	v2dki52CM8TZyMJTTCco7op_-FkeiOsiId7bVJUIEZY3xETNc8rNdPQk5x_Lf8shx056eUhCyYw Show response childlikeform.com/	16 KB 6 KB	455ms 327ms	Script text/javascript	2600:1901:0:f8d1::1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://childlikeform.com/v2dki52CM8TZyMJTTCco7op_-FkeiOsiId7bVJUIEZY3xETNc8rNdPQk5x_Lf8shx056eUhCyYw Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 403d9912aaf8b8aa888bbaf4d7374bfa4ae047d4ff37f765d15210ba4cdc8ac8 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=15724800; preload content-encoding gzip x-datacenter gce-europe-west1 etag "5785fb1c2ec7fe236515a8ad939a95fbbd732cfb368702e74555735e9c7ad8e9" x-buildname hoothoot vary Accept-Encoding, Accept-Language x-hostname fen-hoothoot-europe-west1-hhc0 content-type text/javascript; charset=utf-8 via 1.1 google cache-control private, must-revalidate, max-age=21600 date Mon, 22 Aug 2022 11:35:12 GMT x-buildnumber 609294353 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	269 Show response a.ad.gt/api/v1/u/matches/	10 KB 4 KB	601ms 200ms	Script application/javascript	35.84.93.102 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a.ad.gt/api/v1/u/matches/269?url=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F%3F&ref= Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.84.93.102 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-84-93-102.us-west-2.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash b992a44fc99be3af5a16a45665fafb44cb3222a719bf233eab7f50370191eac9 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-origin * date Mon, 22 Aug 2022 11:35:12 GMT content-encoding gzip cross-origin-resource-policy cross-origin server nginx/1.20.0 content-type application/javascript
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	83 KB 28 KB	261ms 80ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c325c91f95c3751c7733c5a46bcd9c3ea003814fcbb4e72bcca2f31633be5943 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28511 x-xss-protection 0 server sffe etag "1310 / 795 of 1000 / last-modified: 1661166540" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Mon, 22 Aug 2022 11:35:11 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	159 KB 41 KB	1659ms 1005ms	Script application/javascript	13.32.52.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.52.59 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-52-59.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash 925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 22 Aug 2022 11:35:14 GMT via 1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront), 1.1 a2447ed6669558ff303af177568ddb72.cloudfront.net (CloudFront) last-modified Mon, 15 Aug 2022 16:12:00 GMT server AmazonS3 x-amz-cf-pop NRT57-P2, NRT57-C1 etag W/"52a6bc60961c702869c58b9d159c8e37" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript cache-control public, max-age=3600 content-encoding gzip x-amz-cf-id Le3KK80KeMDztOZIa51pbWijYY7wcUh0Vyo0sq6qBCyNONAAMF9dsw==
GET H2	200	sf-logo-full-colored-dark.e4f86e30.svg simpleflying.com/public/build/images/	4 KB 2 KB	144ms 143ms	Image image/svg+xml	34.233.113.241 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://simpleflying.com/public/build/images/sf-logo-full-colored-dark.e4f86e30.svg Requested by Host: simpleflying.com URL: https://simpleflying.com/public/build/a-article.ffb95c32.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-113-241.compute-1.amazonaws.com Software nginx / Resource Hash 83503f4c964c073a8f31f45073af0a649ffabdcb01b30afa073ca69b0df90045 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/public/build/a-article.ffb95c32.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT content-encoding br x-content-type-options nosniff vary Accept-Encoding x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 19 Aug 2022 20:14:32 GMT server nginx x-frame-options SAMEORIGIN etag W/"62ffef28-116d" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, max-age=31536000, public content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: expires Tue, 22 Aug 2023 11:35:11 GMT
GET H2	200	WorkSans-Bold.b1961502.woff2 simpleflying.com/public/build/fonts/	68 KB 69 KB	144ms 144ms	Font font/woff2	34.233.113.241 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://simpleflying.com/public/build/fonts/WorkSans-Bold.b1961502.woff2 Requested by Host: simpleflying.com URL: https://simpleflying.com/public/build/a-article.ffb95c32.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-113-241.compute-1.amazonaws.com Software nginx / Resource Hash 09efd3dd55adb96a7b40b6a4b2400d356ae9d78a17f5e1ad689232b6df4e62fc Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://simpleflying.com/public/build/a-article.ffb95c32.css Origin https://simpleflying.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT x-content-type-options nosniff content-length 70096 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 19 Aug 2022 20:14:32 GMT server nginx x-frame-options SAMEORIGIN etag "62ffef28-111d0" strict-transport-security max-age=31536000; includeSubDomains; preload content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000, max-age=31536000, public content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: accept-ranges bytes expires Tue, 22 Aug 2023 11:35:11 GMT
GET H2	200	icomoon.5dc39019.woff simpleflying.com/public/build/fonts/	20 KB 21 KB	145ms 145ms	Font font/woff	34.233.113.241 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://simpleflying.com/public/build/fonts/icomoon.5dc39019.woff Requested by Host: simpleflying.com URL: https://simpleflying.com/public/build/a-article.ffb95c32.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-113-241.compute-1.amazonaws.com Software nginx / Resource Hash 67a3bd65ea989336425908f6b29aa33fb4d180a4cc4ae768971fd8c3008c75b1 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://simpleflying.com/public/build/a-article.ffb95c32.css Origin https://simpleflying.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT x-content-type-options nosniff content-length 20552 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 19 Aug 2022 20:14:32 GMT server nginx x-frame-options SAMEORIGIN etag "62ffef28-5048" strict-transport-security max-age=31536000; includeSubDomains; preload content-type font/woff access-control-allow-origin * cache-control max-age=31536000, max-age=31536000, public content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: accept-ranges bytes expires Tue, 22 Aug 2023 11:35:11 GMT
GET H2	200	WorkSans-Regular.a4c77ad7.woff2 simpleflying.com/public/build/fonts/	64 KB 64 KB	145ms 145ms	Font font/woff2	34.233.113.241 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://simpleflying.com/public/build/fonts/WorkSans-Regular.a4c77ad7.woff2 Requested by Host: simpleflying.com URL: https://simpleflying.com/public/build/a-article.ffb95c32.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-113-241.compute-1.amazonaws.com Software nginx / Resource Hash ff35b06ac7e5d6c94018d6cd356e3d9d74bdd768a05042144ca390209add0131 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://simpleflying.com/public/build/a-article.ffb95c32.css Origin https://simpleflying.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT x-content-type-options nosniff content-length 65452 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 19 Aug 2022 20:14:32 GMT server nginx x-frame-options SAMEORIGIN etag "62ffef28-ffac" strict-transport-security max-age=31536000; includeSubDomains; preload content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000, max-age=31536000, public content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: accept-ranges bytes expires Tue, 22 Aug 2023 11:35:11 GMT
GET H2	200	Montserrat-Bold.3255356e.woff2 simpleflying.com/public/build/fonts/	65 KB 66 KB	258ms 258ms	Font font/woff2	34.233.113.241 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://simpleflying.com/public/build/fonts/Montserrat-Bold.3255356e.woff2 Requested by Host: simpleflying.com URL: https://simpleflying.com/public/build/a-article.ffb95c32.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-113-241.compute-1.amazonaws.com Software nginx / Resource Hash 85c38352712041c50428f57fde76da934384f91015e46878072115f04b00f531 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://simpleflying.com/public/build/a-article.ffb95c32.css Origin https://simpleflying.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT x-content-type-options nosniff content-length 66856 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 19 Aug 2022 20:14:32 GMT server nginx x-frame-options SAMEORIGIN etag "62ffef28-10528" strict-transport-security max-age=31536000; includeSubDomains; preload content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000, max-age=31536000, public content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: accept-ranges bytes expires Tue, 22 Aug 2023 11:35:11 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 348 B	128ms 43ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-6HWFJ4EQLT&gtm=2oe8h0&_p=1531909293&cid=2099220973.1661168112&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661168111&sct=1&seg=0&dl=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&dt=The%20Final%20Countdown%3A%20Bids%20For%20ITA%20Airways%20Close%20At%20Midnight&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.post_id=2005177&ep.author=jake&ep.jr_editor=&ep.sr_editor=michael-doran&ep.primary_category=Airline%20News&ep.tags=%7CAirline%20News%7CEurope%7CITA%20Airways%7Citaly%7CEurope%7Cbidding%7CLufthansa%7C&ep.payment_category=news&ep.content_type=News&ep.intent=Short-Term&ep.network_category=airlines&ep.is_amp_traffic=false&ep.template=content-all&ep.is_ad_block=false&ep.classification=Standard&ep.is_subscribed_premium=false&ep.subscription_plan=free&ep.ip_address=194.34.134.148&ep.date_published=20220822&ep.date_republished=20220822 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-6HWFJ4EQLT Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:12 GMT server Golfe2 content-type text/plain access-control-allow-origin https://simpleflying.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	segments.js Show response seg.ad.gt/api/v1/	0 52 B	604ms 200ms	Script text/plain	52.25.0.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://seg.ad.gt/api/v1/segments.js?partner_id=269&url=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F%3F Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.25.0.70 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-25-0-70.us-west-2.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:12 GMT server nginx/1.20.0
GET H/1.1	200 OK	cookie-sync.html Show response mbid.marfeelrev.com/static/ Frame 3AF5	6 KB 3 KB	259ms 82ms	Document text/html	5.9.40.209 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://mbid.marfeelrev.com/static/cookie-sync.html Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 5.9.40.209 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS haproxy04.cl01.k8s.mrf.io Software istio-envoy / Resource Hash c97fc82429a0a8c24a88c64213782da0c325bebc3fc3293235c5c5bd79cb0aa0 Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers accept-ranges bytes cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type text/html;charset=UTF-8 date Mon, 22 Aug 2022 08:35:11 ART expires 0 last-modified Fri, 15 Jul 2022 06:21:22 ART pragma no-cache server istio-envoy transfer-encoding chunked vary accept-encoding x-envoy-upstream-service-time 0
GET H2	200	sf-logo-full-colored-light.d0a5ff5a.svg simpleflying.com/public/build/images/	4 KB 2 KB	172ms 171ms	Image image/svg+xml	34.233.113.241 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://simpleflying.com/public/build/images/sf-logo-full-colored-light.d0a5ff5a.svg Requested by Host: simpleflying.com URL: https://simpleflying.com/public/build/a-article.ffb95c32.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-113-241.compute-1.amazonaws.com Software nginx / Resource Hash 96ca8d5aa2560ca4e68889153eb20bd38a031b4f8ca5c19b90c35df6ff0e6b0b Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/public/build/a-article.ffb95c32.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT content-encoding br x-content-type-options nosniff vary Accept-Encoding x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 19 Aug 2022 20:14:32 GMT server nginx x-frame-options SAMEORIGIN etag W/"62ffef28-1149" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, max-age=31536000, public content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: expires Tue, 22 Aug 2023 11:35:11 GMT
GET H2	200	web-vitals.iife.js Show response unpkg.com/web-vitals@2.1.4/dist/ Redirect Chain https://unpkg.com/web-vitals/dist/web-vitals.iife.js https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js	4 KB 2 KB	64ms 64ms	Script application/javascript	2606:4700::6810:7eaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Server 2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:12 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 18436770 fly-request-id 01FSX6P2BR4Q6A18MTKY3QNRZR content-encoding br vary Accept-Encoding last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"114c-NCNEyA/dMQ5L7XGqd2v2QNXHero" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 73eb4dbdd9d495ee-ARN Redirect headers date Mon, 22 Aug 2022 11:35:11 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT fly-request-id 01GB2N5B8PB2CZQFANVXP1E950-fra server cloudflare age 205 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 location /web-vitals@2.1.4/dist/web-vitals.iife.js cache-control public, s-maxage=600, max-age=60 strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 73eb4dbbdeb395ee-ARN access-control-allow-origin *
GET H2	200	8w3iven4f0 Show response www.clarity.ms/tag/	1 KB 2 KB	331ms 171ms	Script application/x-javascript	2620:1ec:27::cafe:1761 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/8w3iven4f0?ref=gtm2 Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:27::cafe:1761 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash f974ba14306dafc6c1a78bd873772cd168499d7ab4b2c26b6f5b99b4fa1f48b1 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:12 GMT x-powered-by ASP.NET x-azure-ref 08GkDYwAAAAAathlpPaDrS4BBakElo1XXR1ZBMzBFREdFMDIwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE= x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store request-context appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78 content-length 1364 expires -1
GET H3	200	ITA-Airways-Airbus-A330-202-EI-EJO-(4).jpg static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/04/	676 B 1 KB	106ms 53ms	Image image/avif	2606:4700:10::ac43:cde CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/04/ITA-Airways-Airbus-A330-202-EI-EJO-(4).jpg?q=50&fit=crop&w=50&dpr=1.5 Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:cde , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fdd268765b0443e01166abb141c5a5934f149c21ea6cd5bc8fe1f2757edfb53f Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT cf-cache-status HIT age 62705 content-disposition inline; filename="ITA-Airways-Airbus-A330-202-EI-EJO-(4).avif" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 676 x-request-id 5Jx4No3rleiehRdV_Wjnq server cloudflare etag "kUr-Z98hzplYQWjYJlQp6XL1NpwgNa9SvG4JVBBtxUk/RInh3UzIxR010NF9JSGlPMWZBRl9TMlEi" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding access-control-allow-methods GET, OPTIONS content-type image/avif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 73eb4dbb2f90168d-ARN expires Mon, 21 Aug 2023 18:08:50 GMT
GET H3	200	HS-BBY.jpeg static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/08/	30 KB 31 KB	198ms 146ms	Image image/avif	2606:4700:10::ac43:cde CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/08/HS-BBY.jpeg?q=50&fit=crop&w=660&h=340&dpr=1.5 Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:cde , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd78a2fe4db0afda9d16c59ddfa1b54a47c812fff846e1118b4195b7ab92f7c2 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT cf-cache-status HIT age 28781 content-disposition inline; filename="HS-BBY.avif" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 31117 x-request-id P4hY_6Cj6e_nm-qV_RxMA server cloudflare etag "rMarXIqUjRDZw1ktk-T5DgEmVRKXzGE3yb-Ovdb78-w/RImZybk5FSVUzSGpOOGlHSGdIR2JvLWci" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding access-control-allow-methods GET, OPTIONS content-type image/avif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 73eb4dbb2f92168d-ARN expires Tue, 22 Aug 2023 02:30:05 GMT
GET H3	200	K65608-02-(1)-1.jpg static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/07/	38 KB 38 KB	106ms 55ms	Image image/avif	2606:4700:10::ac43:cde CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/07/K65608-02-(1)-1.jpg?q=50&fit=crop&w=660&h=340&dpr=1.5 Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:cde , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21e57b0a6187ec4abfc5dde383ba85d165ef758b1b886c97fed5cc0766a2db95 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT cf-cache-status HIT age 448728 content-disposition inline; filename="K65608-02-(1)-1.avif" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 38507 x-request-id apYYSKggC_lJy-ruzKmmW server cloudflare etag "rMarXIqUjRDZw1ktk-T5DgEmVRKXzGE3yb-Ovdb78-w/RIlRFLUY2MXpERzFDNDhkSTJ5akxtOWci" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding access-control-allow-methods GET, OPTIONS content-type image/avif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 73eb4dbb2f8f168d-ARN expires Thu, 17 Aug 2023 05:24:32 GMT
GET H3	200	A350-1000-Cathay-Pacific-MSN118---Details.jpg static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/08/	12 KB 12 KB	243ms 191ms	Image image/avif	2606:4700:10::ac43:cde CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/08/A350-1000-Cathay-Pacific-MSN118---Details.jpg?q=50&fit=crop&w=660&h=340&dpr=1.5 Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:cde , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ccc9d2bda6f103fc454e94b8e04a49af63de10bc63dc9024d6b45fb854407b1 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:11 GMT cf-cache-status HIT age 443044 content-disposition inline; filename="A350-1000-Cathay-Pacific-MSN118---Details.avif" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 12017 x-request-id _zuE8TOciSeqW8Q2tUHac server cloudflare etag "rMarXIqUjRDZw1ktk-T5DgEmVRKXzGE3yb-Ovdb78-w/RIkZWYzlnb1FXUnNZZ3dGcWpXZHZmM3ci" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding access-control-allow-methods GET, OPTIONS content-type image/avif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 73eb4dbb2f95168d-ARN expires Thu, 17 Aug 2023 07:24:46 GMT
GET H2	200	b-39123b0-fa09635e.js Show response tagan.adlightning.com/valnet/	80 KB 30 KB	101ms 100ms	Script application/javascript	65.9.66.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/valnet/b-39123b0-fa09635e.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/valnet/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-85.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash a385633f1e2fe45e65c2bc3b322d776c9bab1c9687998f764c0c83f79e2963e2 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 20 Aug 2022 02:24:44 GMT content-encoding gzip age 205828 x-cache Hit from cloudfront content-length 30715 x-amz-meta-git_commit 39123b0 last-modified Wed, 20 Apr 2022 17:41:08 GMT server AmazonS3 etag "23c27c2577b9feea80aa6027bc91763c" x-amz-version-id JSEd0qRkBL1UzV0q0sd2GocBv7cTMBwJ via 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA56-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id EAcHk7wppbqyECbc0x-tD9CA72VV1iEVUW0NwPDhHU05uuDlL7MzZQ==
GET H2	200	bl-c6d1176-f9a0e351.js Show response tagan.adlightning.com/valnet/	122 KB 37 KB	76ms 76ms	Script application/javascript	65.9.66.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/valnet/bl-c6d1176-f9a0e351.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/valnet/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-85.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 1597fe03a36ee79347c803bfb8045a83ec3f371a77ec320ef4fd8f91baac6f13 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 20 Aug 2022 01:06:27 GMT content-encoding gzip age 210525 x-cache Hit from cloudfront content-length 37880 x-amz-meta-git_commit c6d1176 last-modified Sat, 20 Aug 2022 01:06:02 GMT server AmazonS3 etag "71c9345dca4dc594377ded1e112a137c" x-amz-version-id z7XZcUE70e_WxBPTczkLRdPYW9o8qcph via 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA56-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id ctspLaOS6xQVMpQQhvk_xGIz3Mp5XAgVVJWtTRTclSfgDjJiQDX9_g==
POST H2	200	publisher:getClientId Show response ampcid.google.com/v1/	74 B 533 B	253ms 77ms	XHR application/json	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f5c4b08e25c86c8e2155f7fb34c0213ba67d57226ddd803a486fa69f8d32ec38 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers date Mon, 22 Aug 2022 11:35:12 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://simpleflying.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 94 x-xss-protection 0
GET H2	200	pubads_impl_2022081501.js Show response securepubads.g.doubleclick.net/gpt/	384 KB 131 KB	228ms 73ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/valnet/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software sffe / Resource Hash 6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 05:47:22 GMT content-encoding gzip x-content-type-options nosniff age 20870 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 133600 x-xss-protection 0 last-modified Mon, 15 Aug 2022 08:36:18 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 22 Aug 2023 05:47:22 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	302 B 784 B	264ms 108ms	XHR application/json	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=simpleflying.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 0c97ac7b27e315180271371922482ee106e8ef302b7ffb1f7f30ecaeec249c70 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * date Mon, 22 Aug 2022 11:35:12 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 147 x-xss-protection 0 expires Mon, 22 Aug 2022 11:35:12 GMT
POST H2	200	publisher:getClientId Show response ampcid.google.ru/v1/	3 B 462 B	242ms 79ms	XHR application/json	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ampcid.google.ru/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers date Mon, 22 Aug 2022 11:35:12 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://simpleflying.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 23 x-xss-protection 0
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/	341 KB 120 KB	271ms 127ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8382598503519971&plah=simpleflying.com&bust=31068990 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8382598503519971 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7b35024e4b20e540cffcdad94fa37551724ab58fc5a1c37b82c3fbf5cbaf832a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:12 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 122626 x-xss-protection 0 server cafe etag 18285716387687720443 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 22 Aug 2022 11:35:12 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20220817/r20190131/ Frame 67A0	10 KB 5 KB	224ms 76ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20220817/r20190131/zrt_lookup.html Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/valnet/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers age 49229 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding gzip content-length 4412 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 21 Aug 2022 21:54:43 GMT etag 8616628553774171045 expires Sun, 04 Sep 2022 21:54:43 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H/1.1	200 OK	cookie_sync Show response mbid.marfeelrev.com/ Frame 3AF5	1 KB 803 B	83ms 82ms	XHR application/json	5.9.40.209 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://mbid.marfeelrev.com/cookie_sync Requested by Host: mbid.marfeelrev.com URL: https://mbid.marfeelrev.com/static/cookie-sync.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 5.9.40.209 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS haproxy04.cl01.k8s.mrf.io Software istio-envoy / Resource Hash 369b6a06cf0598a92b22182eb79ecc4387aff4c5507cdf798d5febccb1f5656d Request headers Referer https://mbid.marfeelrev.com/static/cookie-sync.html accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:12 GMT content-encoding gzip server istio-envoy content-type application/json access-control-allow-origin https://mbid.marfeelrev.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 0 content-length 435 expires 0
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	220ms 78ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1531909293&t=pageview&_s=1&dl=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&ul=en-us&de=UTF-8&dt=The%20Final%20Countdown%3A%20Bids%20For%20ITA%20Airways%20Close%20At%20Midnight&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAQCAC~&jid=793326524&gjid=617734534&cid=2099220973.1661168112&tid=UA-121433877-1&_gid=1209931355.1661168113&_r=1&_slc=1&cd1=2005177&cd2=jake&cd3=&cd4=Airline%20News&cd5=Airline%20News&cd6=regular&cd7=0&cd8=all&cd9=&cd10=&cd11=false&cd12=native&cd13=article&cd14=2005177&cd15=jake&cd16=&cd17=michael-doran&cd18=regular&cd19=all&cd20=false&cd21=0&cd22=false&cd23=native&cd24=desktop&cd25=194.34.134.148&cd26=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.101%20Safari%2F537.36&cd27=20-24&cd28=20220822&cd29=&cd30=news&cd31=Airline%20News&cd32=%7CAirline%20News%7CEurope%7CITA%20Airways%7Citaly%7CEurope%7Cbidding%7CLufthansa%7C&cd33=N&cd34=showAds&cd35=false&cd36=content-all&cd38=airlines&cd39=News&cd40=Short-Term&cd41=20220822&cd43=not-logged&cd44=Standard&cd45=free&z=1427674260 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://simpleflying.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	acv.json Show response childlikeform.com/	210 KB 46 KB	264ms 180ms	Fetch application/json	2600:1901:0:f8d1::1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://childlikeform.com/acv.json Requested by Host: childlikeform.com URL: https://childlikeform.com/v2gcfx2ERU5kb_dukxapx69c4smqW9IVElpgfkmu-yZOmRRB_0U1OY4lV Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=15724800; preload content-encoding br access-control-allow-origin https://simpleflying.com x-buildnumber 609294353 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 accept-ranges bytes last-modified Thu, 18 Aug 2022 17:15:37 GMT x-datacenter gce-europe-west1 date Mon, 22 Aug 2022 11:35:12 GMT x-buildname hoothoot vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json via 1.1 google access-control-allow-credentials true x-hostname fen-hoothoot-europe-west1-hhc0 timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
GET H2	200	skeleton.js Show response static.adsafeprotected.com/	17 B 465 B	233ms 65ms	Script application/javascript	2600:9000:214f:7c00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/skeleton.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/valnet/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:7c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 01 Jul 2022 02:01:00 GMT via 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront) age 4527253 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 17 last-modified Mon, 17 Aug 2020 23:54:35 GMT server AmazonS3 etag "53fab767ecbd3bf07990b10246befbd4" x-amz-version-id nylqTweorRThFHMBJSrf_fHcWx3KVKN3 cache-control max-age=315360000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id IFY5qra7noKD1CnIRz4jbDhZFK6jvvux7Fz6SxIsRL6JmhXdO9i0nw==
GET H2	200	clarity.js Show response www.clarity.ms/eus-b/s/0.6.39/	53 KB 23 KB	167ms 166ms	Script application/javascript	2620:1ec:27::cafe:1761 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/eus-b/s/0.6.39/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/8w3iven4f0?ref=gtm2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:27::cafe:1761 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:12 GMT content-encoding br etag "1d8b099e3740ca1" last-modified Wed, 01 Jun 2022 12:22:22 GMT x-powered-by ASP.NET vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript;charset=utf-8 cache-control public,max-age=86400 x-azure-ref 08GkDYwAAAAAdYqIwDUW6SaeyLTolnW7YR1ZBMzBFREdFMDIwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE= accept-ranges bytes request-context appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
GET H3	200	usermatchredir ssum.casalemedia.com/ Frame 3AF5 Redirect Chain https://ssum.casalemedia.com/usermatchredir?s=184550&cb= https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1	43 B 932 B	146ms 95ms	Image image/gif	104.18.19.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1 Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H3 Server 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language fi-FI,fi;q=0.9 Referer https://mbid.marfeelrev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers cf-ray 73eb4dc1af171669-ARN pragma no-cache date Mon, 22 Aug 2022 11:35:12 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3iBwVBl9t3Uc6cpuzALT%2BM8rUFGfTK64sw16YZa23f6CBS4SxWycpBGDGzCSwKuulxmviI2f80LFkGVcyuZT7BjCOoY2nMcIm%2Fd2VAdsaZm5POrfK1E5PGMHgflh66oZbzID699"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" cache-control no-cache content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 22 Aug 2022 11:35:12 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vy%2Fp9DKf24My83ccHvdMPKQ19rh8TsW2Bl58ZCJNtkemipH0VakYSPw3C3XTGPfiC%2Fr7kBnfjcwgsTtqwA5Ta7AcmUjZSmq6reEL77TbAImJ7ijvl0%2FC8NuniLU3zQT%2Frt9KleH3"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /usermatchredir?s=184550&cb=&C=1 cache-control no-cache cf-ray 73eb4dc0bcf79936-ARN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 expires 0
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 443 B	227ms 75ms	XHR text/plain	2a00:1450:400c:c0d::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-121433877-1&cid=2099220973.1661168112&jid=793326524&gjid=617734534&_gid=1209931355.1661168113&_u=IADAAEAAAAQCAC~&z=1548900015 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 22 Aug 2022 11:35:12 GMT content-type text/plain access-control-allow-origin https://simpleflying.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect Show response f.clarity.ms/	0 177 B	592ms 291ms	XHR text/plain	20.84.22.197 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://f.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/eus-b/s/0.6.39/clarity.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://simpleflying.com/ita-airways-bidding-closes/? accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-origin https://simpleflying.com date Mon, 22 Aug 2022 11:35:13 GMT access-control-allow-credentials true server Microsoft-IIS/10.0 x-powered-by ASP.NET request-context appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
POST H3	200	v2rfkhjsdfaXh6G6SYE-_6U7NABid_cReDYb9unK0Pt_1zwmqaEX0O95Ui-UQwMRY0pNFbkCgCQ Show response childlikeform.com/	209 B 236 B	202ms 202ms	Fetch application/json	2600:1901:0:f8d1::1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://childlikeform.com/v2rfkhjsdfaXh6G6SYE-_6U7NABid_cReDYb9unK0Pt_1zwmqaEX0O95Ui-UQwMRY0pNFbkCgCQ Requested by Host: childlikeform.com URL: https://childlikeform.com/v2gcfx2ERU5kb_dukxapx69c4smqW9IVElpgfkmu-yZOmRRB_0U1OY4lV Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 2a94f90c39b7fad521cede019364084e1e8808586b095a9c5b38c4e0aa9b9e17 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=15724800; preload via 1.1 google x-buildnumber 609294353 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 209 x-datacenter gce-europe-west1 date Mon, 22 Aug 2022 11:35:13 GMT x-buildname hoothoot vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://simpleflying.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-hostname fen-hoothoot-europe-west1-hhc0 timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie expires Mon, 22 Aug 2022 11:35:12 GMT
GET H2	200	prebid rtb.openx.net/sync/ Frame 3AF5	43 B 350 B	177ms 82ms	Image image/gif	35.186.253.211 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24%7BUID%7D Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 211.253.186.35.bc.googleusercontent.com Software Cowboy / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language fi-FI,fi;q=0.9 Referer https://mbid.marfeelrev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:12 GMT via 1.1 google server Cowboy vary Origin p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin null access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-request-id 1nndctc4kg3cf5r8e5nh40oadrofliag
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	296ms 141ms	Image image/gif	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-121433877-1&cid=2099220973.1661168112&jid=793326524&_u=IADAAEAAAAQCAC~&z=685866400 Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:13 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.fi/ads/	42 B 501 B	328ms 173ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-121433877-1&cid=2099220973.1661168112&jid=793326524&_u=IADAAEAAAAQCAC~&z=685866400 Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:13 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	v2fvgxmNcYHuH16CFsHccX_MBRdSLX_BodWwNtSJ0WSjhUvSzP26NJXZZ4ABh-V9q3nTZ0gFm7g Show response childlikeform.com/	1 KB 1 KB	180ms 179ms	Fetch application/json	2600:1901:0:f8d1::1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://childlikeform.com/v2fvgxmNcYHuH16CFsHccX_MBRdSLX_BodWwNtSJ0WSjhUvSzP26NJXZZ4ABh-V9q3nTZ0gFm7g Requested by Host: childlikeform.com URL: https://childlikeform.com/v2gcfx2ERU5kb_dukxapx69c4smqW9IVElpgfkmu-yZOmRRB_0U1OY4lV Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 2d3b69e5c41a219053144cfca1d051d5f8b3c1381bb0cfdef512f80d4b8f0842 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=15724800; preload via 1.1 google x-buildnumber 609294353 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1294 x-datacenter gce-europe-west1 date Mon, 22 Aug 2022 11:35:13 GMT x-buildname hoothoot vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://simpleflying.com access-control-allow-credentials true x-hostname fen-hoothoot-europe-west1-hhc0 timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
GET H/1.1	204 No Content	sync.php pixel.rubiconproject.com/exchange/ Frame 3AF5	0 239 B	548ms 76ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-marfeel&gdpr=&gdpr_consent=&us_privacy= Requested by Host: simpleflying.com URL: https://simpleflying.com/ita-airways-bidding-closes/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://mbid.marfeelrev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost de8527bfa1ccfd6c1590da0d3b6cff52 Content-Type image/gif
GET H3	200	ConsentManager,Sticky2 Show response childlikeform.com/v2tmcHk95J0gTzsjgszBnys6b0GYl9uOEslYqOM23UPRaCudE6MRu7lFhz4y01v9Ss3_jzLbT/	272 KB 78 KB	185ms 185ms	Script text/javascript	2600:1901:0:f8d1::1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://childlikeform.com/v2tmcHk95J0gTzsjgszBnys6b0GYl9uOEslYqOM23UPRaCudE6MRu7lFhz4y01v9Ss3_jzLbT/ConsentManager,Sticky2 Requested by Host: childlikeform.com URL: https://childlikeform.com/v2gcfx2ERU5kb_dukxapx69c4smqW9IVElpgfkmu-yZOmRRB_0U1OY4lV Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 3a86ec649835e87a04088647151992564d9e59b047f15c3dc4fd17dcd3bbc856 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? Origin https://simpleflying.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=15724800; preload content-encoding br etag "fd32fc02f0d0c68cdb29e7b089a0524b15e8f3111a2171ef9a3ae4ac266d9164" access-control-allow-origin https://simpleflying.com x-buildnumber 609294353 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-datacenter gce-europe-west1 date Mon, 22 Aug 2022 11:35:13 GMT x-buildname hoothoot vary Accept-Encoding, Accept-Language, Origin access-control-allow-methods POST, OPTIONS content-type text/javascript; charset=utf-8 via 1.1 google cache-control private, must-revalidate, max-age=21600 access-control-allow-credentials true x-hostname fen-hoothoot-europe-west1-hhc0 timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
GET H/1.1	200 OK	setuid mbid.marfeelrev.com/ Frame 3AF5 Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmbid.marfeelrev.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526f%253Di%2526uid%253D%2524UID https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6850842669882705040	86 B 693 B	83ms 83ms	Image image/png	5.9.40.209 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6850842669882705040 Protocol HTTP/1.1 Server 5.9.40.209 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS haproxy04.cl01.k8s.mrf.io Software istio-envoy / Resource Hash c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf Request headers accept-language fi-FI,fi;q=0.9 Referer https://mbid.marfeelrev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:13 GMT content-encoding gzip server istio-envoy transfer-encoding chunked content-type image/png cache-control no-cache, no-store, must-revalidate x-envoy-upstream-service-time 0 expires 0 Redirect headers Pragma no-cache Date Mon, 22 Aug 2022 11:35:14 GMT X-Proxy-Origin 194.34.134.148; 194.34.134.148; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com AN-X-Request-Uuid 6fdd767f-650b-46b0-8e11-617c8ba26bde Server nginx/1.21.3 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6850842669882705040 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	css2 fonts.googleapis.com/	7 KB 1 KB	229ms 80ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/valnet/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a9800bdcfee680a224931e132e95552d4e5d70f9f147ced4af8a9c8bc52c80c9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 22 Aug 2022 11:34:45 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 22 Aug 2022 11:35:13 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 22 Aug 2022 11:35:13 GMT
GET H2	200	config Show response c.amazon-adsystem.com/cdn/prod/	2 KB 2 KB	453ms 452ms	XHR application/json	13.32.52.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=3741&u=https%3A%2F%2Fsimpleflying.com Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.52.59 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-52-59.nrt57.r.cloudfront.net Software Server / Resource Hash 8b51fff4ef0d655c6f08650b81a835b8521a4179b08118d34c2938f2a1fb6c00 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:13 GMT via 1.1 a2447ed6669558ff303af177568ddb72.cloudfront.net (CloudFront) server Server x-amz-cf-pop NRT57-C1 x-cache Miss from cloudfront content-type application/json;charset=UTF-8 access-control-allow-origin https://simpleflying.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true content-length 1975 x-amz-cf-id oaTLImcDazfVxSlYInhazReGu8pNUw-OwwUMY2KRJOM0an_tA3Ywkg==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	893ms 298ms	XHR application/javascript	13.32.52.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.52.59 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-52-59.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-amz-version-id JXufo2ctue2uysHllG2MRpKE8F0E4.a0 content-encoding gzip etag W/"a4d296427fc806b21335359e398c025c" age 60462 x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-origin * last-modified Wed, 03 Aug 2022 22:19:11 GMT server AmazonS3 date Sun, 21 Aug 2022 18:47:33 GMT vary Accept-Encoding,Origin access-control-allow-methods GET content-type application/javascript via 1.1 b392241fa800576d1bfcc2a54be3e252.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop NRT57-C1 x-amz-cf-id JLMb3De5gmJ_P4YSObAwNVR8_eFeGZBPhVlggTVzQYWs800PRHh8oQ==
POST H3	200	v2rfkhjsdfaXh6G6SYE-_6U7NABid_cReDYb9unK0Pt_1zwmqaEX0O95Ui-UQwMRY0pNFbkCgCQ Show response childlikeform.com/	196 B 223 B	115ms 115ms	Fetch application/json	2600:1901:0:f8d1::1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://childlikeform.com/v2rfkhjsdfaXh6G6SYE-_6U7NABid_cReDYb9unK0Pt_1zwmqaEX0O95Ui-UQwMRY0pNFbkCgCQ Requested by Host: childlikeform.com URL: https://childlikeform.com/v2gcfx2ERU5kb_dukxapx69c4smqW9IVElpgfkmu-yZOmRRB_0U1OY4lV Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 3a3d86676eb98226129d7dd6dbb4c6b0b8dd9c5956f3f471b67e5cddea49836a Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=15724800; preload via 1.1 google x-buildnumber 609294353 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 196 x-datacenter gce-europe-west1 date Mon, 22 Aug 2022 11:35:14 GMT x-buildname hoothoot vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://simpleflying.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-hostname fen-hoothoot-europe-west1-hhc0 timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie expires Mon, 22 Aug 2022 11:35:12 GMT
GET H2	200	UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 fonts.gstatic.com/s/inter/v12/	37 KB 38 KB	222ms 71ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://simpleflying.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 15 Aug 2022 16:54:37 GMT x-content-type-options nosniff age 585637 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37924 x-xss-protection 0 last-modified Mon, 11 Jul 2022 20:54:46 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 15 Aug 2023 16:54:37 GMT
GET H2	200	liveView.php Show response live.primis.tech/live/	45 KB 17 KB	231ms 84ms	Script text/javascript	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://live.primis.tech/live/liveView.php?s=109906&subId=[SF-Reg-Org] Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/valnet/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash cf8715bf9b4530ede9314e5e83f701c1b8dc206dbee5a34203dcc358ac45a334 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip server nginx age 0 vary Accept-Encoding x-cache Miss from cloudfront p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin * cache-control no-store x-amz-cf-pop FRA6-C1 content-type text/javascript; charset=utf-8 x-amz-cf-id luO8Dl23gF9ZUN_uBqbqR1XPlmDQSFXmY9YezK8d3ERnUQq5E2SAvw== via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
GET H2	200	pixel.png Show response simpleflying.com/	103 B 441 B	143ms 143ms	XHR image/png	34.233.113.241 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://simpleflying.com/pixel.png?params=---{%22group%22:%22browseclip_imp%22,%22device%22:%22desktop%22,%22ids%22:[{%22id%22:%222005126%22,%22position%22:%22sentinel-article-sidebarTop-1%22},{%22id%22:%222005013%22,%22position%22:%22sentinel-article-sidebarTop-2%22},{%22id%22:%222005014%22,%22position%22:%22sentinel-article-sidebarTop-3%22},{%22id%22:%222005097%22,%22position%22:%22sentinel-article-sidebarTop-4%22},{%22id%22:%222004685%22,%22position%22:%22sentinel-article-sidebarTop-5%22},{%22id%22:%222004999%22,%22position%22:%22sentinel-article-sidebarTop-6+%22},{%22id%22:%222005146%22,%22position%22:%22sentinel-article-sidebarSticky-1%22},{%22id%22:%222005099%22,%22position%22:%22sentinel-article-sidebarSticky-2%22},{%22id%22:%222004973%22,%22position%22:%22sentinel-article-sidebarSticky-3%22},{%22id%22:%222005147%22,%22position%22:%22sentinel-article-relatedContent-1%22},{%22id%22:%222005135%22,%22position%22:%22sentinel-article-relatedContent-2%22},{%22id%22:%222004974%22,%22position%22:%22sentinel-article-relatedContent-3%22},{%22id%22:%222004760%22,%22position%22:%22sentinel-article-relatedContent-4%22},{%22id%22:%222004609%22,%22position%22:%22sentinel-article-relatedContent-5%22},{%22id%22:%222004763%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%2212170%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%222004588%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%222004736%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%222005160%22,%22position%22:%22sentinel-article-nextArticle%22}],%22eventType%22:%22impression%22}---&rdm=0.7462770775610335 Requested by Host: simpleflying.com URL: https://simpleflying.com/public/build/valnet-footer.144b5218.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-113-241.compute-1.amazonaws.com Software nginx / Resource Hash d4ed5bd20c3036042165e91001bd91497551164b0e34c76cb8a6eb15c33f3c15 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:14 GMT referrer-policy no-referrer-when-downgrade last-modified Fri, 25 Oct 2019 05:53:00 GMT server nginx etag "5db28dbc-67" x-frame-options SAMEORIGIN content-type image/png x-xss-protection 1; mode=block content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob: strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-length 103 x-content-type-options nosniff
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?CtsSyncId=457F9EFC43ED4B7DBBC82855628F791A&RedC=c.clarity.ms&MXFR=084398826A1463AD36848A8A6E146D89 https://c.clarity.ms/c.gif?CtsSyncId=457F9EFC43ED4B7DBBC82855628F791A&MUID=34BFE356C23463DB1DD3F15EC3BB627B	42 B 369 B	80ms 80ms	Image image/gif	20.234.93.27 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?CtsSyncId=457F9EFC43ED4B7DBBC82855628F791A&MUID=34BFE356C23463DB1DD3F15EC3BB627B Protocol H2 Server 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:13 GMT last-modified Wed, 17 Aug 2022 23:56:46 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "de363c295b2d81:0" p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-type image/gif content-length 42 Redirect headers pragma no-cache date Mon, 22 Aug 2022 11:35:13 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 9CA7D597492343B9875E43071795FD18 Ref B: STOEDGE1119 Ref C: 2022-08-22T11:35:14Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?CtsSyncId=457F9EFC43ED4B7DBBC82855628F791A&MUID=34BFE356C23463DB1DD3F15EC3BB627B cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H2	200	ats.js Show response ats.rlcdn.com/	109 KB 37 KB	228ms 75ms	Script application/x-javascript	99.86.4.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ats.rlcdn.com/ats.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/valnet/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.110 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-110.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-amz-version-id qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl content-encoding gzip etag W/"148e21f812b555a13b2a9c6b616141f4" age 42390 x-amz-server-side-encryption AES256 x-amz-meta-codebuild-buildarn arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce x-cache Hit from cloudfront x-amz-meta-codebuild-content-md5 58acf9e97c03c481f490be71338f7f57 last-modified Tue, 17 May 2022 11:35:33 GMT server AmazonS3 date Sun, 21 Aug 2022 23:48:44 GMT vary Accept-Encoding x-amz-meta-codebuild-content-sha256 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc via 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront) cache-control must-revalidate,public,max-age=86400 x-amz-cf-pop FRA6-C1 content-type application/x-javascript x-amz-cf-id XjlZYHuzs626lNOQdCtOdpVYwwiqrpN-EaJgCffAeraL_6_o54rwmg==
GET H2	200	pubcid.min.js Show response secure.cdn.fastclick.net/js/pubcid/latest/	53 KB 17 KB	217ms 68ms	Script application/javascript	23.206.210.112 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/valnet/op.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-210-112.deploy.static.akamaitechnologies.com Software Apache / Resource Hash a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers unused62 8096267 date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip last-modified Tue, 01 Jun 2021 17:06:57 GMT server Apache etag "d398-5c3b75e9ebb41-gzip" vary Accept-Encoding content-type application/javascript cache-control max-age=900 accept-ranges bytes content-length 17087 expires Mon, 22 Aug 2022 11:50:14 GMT
GET H2	200	269 Show response id.halo.ad.gt/api/v1/partner/	52 KB 8 KB	599ms 201ms	Script text/javascript	35.155.225.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://id.halo.ad.gt/api/v1/partner/269?url=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F%3F&ref=&_it=amazon Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/valnet/op.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.155.225.120 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-155-225-120.us-west-2.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash b869ba707523b441249606161d0830e5fb203732f80e61ac65ec283ee6a934af Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip origin-trial server nginx/1.20.0 content-type text/javascript; charset=UTF-8
GET H2	200	id5-api.js Show response cdn.id5-sync.com/api/1.0/	42 KB 12 KB	160ms 56ms	Script text/javascript	2606:4700:10::ac43:266a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/id5-api.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/valnet/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af44d280920264564147250d0841eebf33288a04c932c182c06ec21600a228c2 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT age 2533 x-amz-server-side-encryption AES256 x-amz-request-id TVF3351JAWVH7CEV x-amz-id-2 XVs02iGaM10RG2UUujVvh4nX2pqEGBOBwdJx8k01nqm5WnmPsMIIsqgkpd/9kyHfcU6SObOxLRI= last-modified Wed, 27 Jul 2022 15:06:46 GMT server cloudflare etag W/"a49d5e2684c7e5d488d526ca41c2f3e3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 73eb4dcb2e9e95fa-ARN
GET H2	200	liveView.php Show response live.primis.tech/live/ Frame B304	5 KB 2 KB	79ms 79ms	Script text/javascript	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://live.primis.tech/live/liveView.php?s=109906&subId=[SF-Reg-Org]&cbuster=1661168114&pubUrlAuto=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F%3F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition= Requested by Host: live.primis.tech URL: https://live.primis.tech/live/liveView.php?s=109906&subId=[SF-Reg-Org] Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b90779f451133756f88cb79be28eca82a86cd455f0aa9a030aaaf3c628368a40 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip server nginx age 0 vary Accept-Encoding x-cache Miss from cloudfront p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin * cache-control no-store x-amz-cf-pop FRA6-C1 content-type text/javascript; charset=utf-8 x-amz-cf-id BsqsAk5Olq-u83OOeTy1dliEVRt3MQV6_cJAM3fndFpKhCx6ubtPBA== via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
GET H/1.1	200 OK	setuid mbid.marfeelrev.com/ Frame 3AF5 Redirect Chain https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid... https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di... https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=b17cb4db-008c-4b70-9e29-9b97d9f2723d	86 B 825 B	80ms 80ms	Image image/png	5.9.40.209 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=b17cb4db-008c-4b70-9e29-9b97d9f2723d Protocol HTTP/1.1 Server 5.9.40.209 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS haproxy04.cl01.k8s.mrf.io Software istio-envoy / Resource Hash c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf Request headers accept-language fi-FI,fi;q=0.9 Referer https://mbid.marfeelrev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip server istio-envoy transfer-encoding chunked content-type image/png cache-control no-cache, no-store, must-revalidate x-envoy-upstream-service-time 1 expires 0 Redirect headers location https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=b17cb4db-008c-4b70-9e29-9b97d9f2723d date Mon, 22 Aug 2022 11:35:14 GMT access-control-allow-origin * content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
POST H2	204	collect Show response f.clarity.ms/	0 48 B	145ms 145ms	XHR text/plain	20.84.22.197 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://f.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/eus-b/s/0.6.39/clarity.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://simpleflying.com/ita-airways-bidding-closes/? accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-origin https://simpleflying.com date Mon, 22 Aug 2022 11:35:14 GMT access-control-allow-credentials true server Microsoft-IIS/10.0 x-powered-by ASP.NET request-context appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
GET H2	200	iab_consent_sdk.v1.0.js Show response live.primis.tech/content/ClientDetections/ Frame B304	19 KB 9 KB	78ms 77ms	Script application/javascript	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js Requested by Host: live.primis.tech URL: https://live.primis.tech/live/liveView.php?s=109906&subId=[SF-Reg-Org]&cbuster=1661168114&pubUrlAuto=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F%3F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip last-modified Wed, 12 Feb 2020 15:01:36 GMT server nginx x-amz-cf-pop FRA6-C1 etag W/"5e441350-4be0" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) cache-control max-age=31536000, public accept-ranges bytes x-amz-cf-id CSo285ipilT8ch4RJib5D7PDj5ZQd59GtF7evWZpYNjsxY-gYZUtqg== expires Tue, 22 Aug 2023 11:35:14 GMT
GET H2	200	DetectGDPR2.v1.1.js Show response live.primis.tech/content/ClientDetections/ Frame B304	9 KB 4 KB	85ms 84ms	Script application/javascript	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js Requested by Host: live.primis.tech URL: https://live.primis.tech/live/liveView.php?s=109906&subId=[SF-Reg-Org]&cbuster=1661168114&pubUrlAuto=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F%3F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:13 GMT content-encoding gzip last-modified Thu, 11 Feb 2021 09:45:48 GMT server nginx x-amz-cf-pop FRA6-C1 etag W/"6024fccc-228f" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) cache-control max-age=31536000, public accept-ranges bytes x-amz-cf-id BFXwByUa7aA4rCngw7l8F6w4NT_gClsRBvBylQtoM-SyaGs3t2wvAQ== expires Tue, 22 Aug 2023 11:35:13 GMT
GET H2	200	DetectGDPR.v1.1.js Show response live.primis.tech/content/ClientDetections/ Frame B304	8 KB 3 KB	88ms 87ms	Script application/javascript	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js Requested by Host: live.primis.tech URL: https://live.primis.tech/live/liveView.php?s=109906&subId=[SF-Reg-Org]&cbuster=1661168114&pubUrlAuto=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F%3F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip last-modified Thu, 11 Feb 2021 09:45:48 GMT server nginx x-amz-cf-pop FRA6-C1 etag W/"6024fccc-1ef8" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) cache-control max-age=31536000, public accept-ranges bytes x-amz-cf-id lIaKC4YBGbkzmZbkmI4oEs0HEJXtI1vnO3z8Zkwix0yGjIKtaCaKgg== expires Tue, 22 Aug 2023 11:35:14 GMT
GET H2	200	hls.0.12.4_3.min.js Show response live.primis.tech/content/video/hls/ Frame B304	258 KB 117 KB	93ms 91ms	Script application/javascript	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js Requested by Host: live.primis.tech URL: https://live.primis.tech/live/liveView.php?s=109906&subId=[SF-Reg-Org]&cbuster=1661168114&pubUrlAuto=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F%3F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip last-modified Wed, 23 Mar 2022 12:48:36 GMT server nginx x-amz-cf-pop FRA6-C1 etag W/"623b1724-409bc" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) cache-control max-age=31536000, public accept-ranges bytes x-amz-cf-id sGJBjFgaIuyi7544epLjxOc4Xq1spfpWgNfWFfZnjNY7u9BTSQ8Lzg== expires Tue, 22 Aug 2023 11:35:14 GMT
GET H2	200	prebidVid.6.18.0_14.min.js Show response live.primis.tech/content/prebid/ Frame B304	512 KB 258 KB	98ms 97ms	Script application/javascript	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://live.primis.tech/content/prebid/prebidVid.6.18.0_14.min.js Requested by Host: live.primis.tech URL: https://live.primis.tech/live/liveView.php?s=109906&subId=[SF-Reg-Org]&cbuster=1661168114&pubUrlAuto=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F%3F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 96f409862c915903476f19726d492c9016f836ef0a1139a895c9834c1a4a3e7c Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip last-modified Mon, 22 Aug 2022 06:59:50 GMT server nginx x-amz-cf-pop FRA6-C1 etag W/"63032966-7fe6b" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) cache-control max-age=31536000, public accept-ranges bytes x-amz-cf-id w0d3gCOrvOOCBMAdLrAO_OrCL4knQVEy63TSSkkVp5FFMKWzXr3kLQ== expires Tue, 22 Aug 2023 11:35:14 GMT
GET H2	200	liveVideo.php Show response live.primis.tech/live/ Frame B304	538 KB 218 KB	297ms 296ms	Script text/html	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30382D32325F31347D7B7331373130363034347D7B433133347D7B5363325974636D566E4C5739795A31397A615731776247566D62486C70626D6375593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B7251554A554943386759335679636D567559336C546458427762334A30494338674D7941764947356C64773D3D7D7B4C31323738317DFEFE&userIpAddr=2a0c%3Af040%3A0%3A4356%3A1011%3A333f%3A4916%3Ac4a1&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&debugInformation=ABT+%2F+currencySupport+%2F+3+%2F+new&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=630369f2558b7&debugInfo=17106044_ABT+%2F+currencySupport+%2F+3+%2F+new&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17106044&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cfakrzxqspu&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F%3F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=60.2188&geoLong=24.8708&vpTemplate=12781&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sf-reg-org_simpleflying.com Requested by Host: live.primis.tech URL: https://live.primis.tech/live/liveView.php?s=109906&subId=[SF-Reg-Org]&cbuster=1661168114&pubUrlAuto=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F%3F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 662d6037b30c6aba238e34e53aca05f10740a86ccfae93d0473828677efab0ee Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:14 GMT via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) server nginx x-amz-cf-pop FRA6-C1 vary Accept-Encoding x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-encoding gzip x-amz-cf-id 8Gokcb4eiJTl-ohc_J5r0S9kcVdkBmgk9e4ndtCoYp-phdZGS31eAQ==
GET H2	200	/ Show response geo.privacymanager.io/	30 B 593 B	211ms 67ms	Fetch application/json	143.204.215.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://geo.privacymanager.io/ Requested by Host: ats.rlcdn.com URL: https://ats.rlcdn.com/ats.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-111.fra53.r.cloudfront.net Software / Resource Hash b419d6f37255da8dba74a37d4593757e065accbd7c21e9f82bb2b5f63c9ec098 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 01:54:47 GMT via 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront), 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront) age 34827 x-amzn-requestid 6dc8ea53-cc3a-465c-abe8-98919bf31966 access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT content-type application/json access-control-allow-origin * x-amzn-trace-id Root=1-6302e1e7-2dd782686b4ef26950f55251;Sampled=0 x-cache Hit from cloudfront x-amz-cf-pop FRA6-C1, FRA53-C1 x-amz-apigw-id XPg8JEgHDoEFb_g= content-length 30 x-amz-cf-id YFD3QcUwFCz1B17KFGGgwoA7kQy39oDIR-ZYhLvdH8ClheueEJAA_A== access-control-allow-headers Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
GET H2	200	primisslate.css live.primis.tech/content/video/css/	18 KB 7 KB	78ms 78ms	Stylesheet text/css	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://live.primis.tech/content/video/css/primisslate.css Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/valnet/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip last-modified Wed, 09 Feb 2022 07:06:30 GMT server nginx x-amz-cf-pop FRA6-C1 etag W/"620367f6-465a" vary Accept-Encoding x-cache Miss from cloudfront content-type text/css via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) accept-ranges bytes x-amz-cf-id OQQWtlUyy6Q0rtDhXXP3QtPoXNxYxQi9BzsTBMcuFWfvRihoqi2YLA==
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/ Frame B304	159 KB 41 KB	353ms 353ms	Script application/javascript	13.32.52.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: live.primis.tech URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30382D32325F31347D7B7331373130363034347D7B433133347D7B5363325974636D566E4C5739795A31397A615731776247566D62486C70626D6375593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B7251554A554943386759335679636D567559336C546458427762334A30494338674D7941764947356C64773D3D7D7B4C31323738317DFEFE&userIpAddr=2a0c%3Af040%3A0%3A4356%3A1011%3A333f%3A4916%3Ac4a1&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&debugInformation=ABT+%2F+currencySupport+%2F+3+%2F+new&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=630369f2558b7&debugInfo=17106044_ABT+%2F+currencySupport+%2F+3+%2F+new&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17106044&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cfakrzxqspu&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F%3F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=60.2188&geoLong=24.8708&vpTemplate=12781&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sf-reg-org_simpleflying.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.52.59 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-52-59.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash 925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 22 Aug 2022 11:35:14 GMT via 1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront), 1.1 a2447ed6669558ff303af177568ddb72.cloudfront.net (CloudFront) last-modified Mon, 15 Aug 2022 16:12:00 GMT server AmazonS3 age 1 etag W/"52a6bc60961c702869c58b9d159c8e37" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-pop NRT57-P2, NRT57-C1 content-encoding gzip x-amz-cf-id LO87kKycIqBVEoQrkHdLzPvvY-KlxNfDt--8qkGGElIEIS6_GZdgdA==
GET H3	200	css fonts.googleapis.com/	1 KB 432 B	227ms 81ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Poppins&display=swap Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/valnet/op.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 22 Aug 2022 11:10:53 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 22 Aug 2022 11:35:14 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 22 Aug 2022 11:35:14 GMT
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame CDDD	15 KB 6 KB	212ms 66ms	Document text/html	23.35.228.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/valnet/op.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-228-201.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152 Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers accept-ranges bytes cache-control max-age=35276 content-encoding gzip content-length 5549 content-type text/html; charset=UTF-8 date Mon, 22 Aug 2022 11:35:14 GMT etag "1300708-3de4-5d6ef246ef4cf" expires Mon, 22 Aug 2022 21:23:10 GMT last-modified Tue, 01 Feb 2022 06:38:00 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache/2.2.15 (CentOS) unused62 8096267 vary Accept-Encoding
GET H2	200	liveCS.php Show response live.primis.tech/live/ Frame F4ED Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3D%26advId%3D94%26advUuid%3D%24... https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3D%26advId%3D94%26advUuid%3D%24... https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=&advId=94&advUuid=7d976c42-220e-11ed-b131-18b2794d0406	0 396 B	81ms 80ms	Document text/html	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=&advId=94&advUuid=7d976c42-220e-11ed-b131-18b2794d0406 Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/valnet/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers age 0 cache-control no-store content-encoding gzip content-type text/html; charset=utf-8 date Mon, 22 Aug 2022 11:35:15 GMT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" pragma no-cache server nginx vary Accept-Encoding via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) x-amz-cf-id 6F9q-ryZMNM93HkcA_btxBwwEHqOBuFwBdfdEu5x0bp89rfihaOzkw== x-amz-cf-pop FRA6-C1 x-cache Miss from cloudfront Redirect headers Access-Control-Allow-Credentials false Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Connection keep-alive Content-Length 0 Content-Type text/plain Date Mon, 22 Aug 2022 11:35:15 GMT Location https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=&advId=94&advUuid=7d976c42-220e-11ed-b131-18b2794d0406 Server nginx X-fe 73
GET H2	200	cm Show response u.openx.net/w/1.0/ Frame 1F0F	43 B 304 B	185ms 82ms	Document text/html	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3D%26advId%3D98%26advUuid%3D Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/valnet/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0, no-cache content-encoding gzip content-length 56 content-type text/html date Mon, 22 Aug 2022 11:35:14 GMT expires Mon, 26 Jul 1997 05:00:00 GMT p3p CP="CUR ADM OUR NOR STA NID" pragma no-cache server OXGW/0.0.0 vary Accept, Accept-Encoding via 1.1 google
GET H2	200	liveView.php Show response live.primis.tech/live/ Frame B304	46 KB 7 KB	104ms 104ms	XHR application/json	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMvUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMDt3NSUlRaZcZGViXmYkZwI5NTM5OGYjYWY3NDM0NTAlNDtyMxZ2nWQ2MzZyOGYkMmE5NwIkMwMkNmImMmE5Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxy2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXqPRGMkTDNnpFcHVaZYryy4WzcJNU5UTTVPR1y3WVqZM05ETTBOVEF5TxRaqzRgoGgOnxcgWyRboU1UTXuPVFy5TVRJrx1UY3yNrx14T1M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx5dRXuNVFUlTURBp0NcQWqJQ0FcWyubq0ydo2qNVFxlTVRJrU5UVTRNQXA5LxkzqE54RzRXp2VcUmVcYaA2Tz5En01zZzRlV012UG1bUzUjnDVRTEkkZxxzqzyxX2NioaRyoaRsnWQ9MwQmODpkNSZ2nWRsY29hqGVhqF9xZXNwPUFgZXJcY2FhK0FcpzkcozVmK0JyqHMeT24eU3VjZXJmo25cYlgXnXRbK09lZGVlK0ZipvflMCgCo29gK092ZXJ0qXJyplZ2nWRsY29hqGVhqF90nXRfZT1BoWVlnWNuovgBnXJfnW5yplgCZXRmK09hK1N1pGVlp29hnWMeV2y0nCgPpzRypvgGo3IeMwAeQz9ioSgPqzVlqHVlZXMzqzyxX2NioaRyoaRsZHVlYXRco249MwQ4JzRyYaVaSW5zo3JgYXRco249QUJUKlUlRvgwqXJlZW5wrVN1pHBipaQeJTJGKmMeJTJGK25yqlZ4PTYjMCZ5PTMmOCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZmnW1joGVzoHycozphY29gJTJGnXRuLWFcpaqurXMgYzyxZGyhZl1woG9mZXMyMxYyM0Yzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmODJEMmImMwVGMmEmNDqEN0I3MmMkMmpmMTMjMmYmMDM0MmQ3RDqCNDMmMTMmMmQ3RDqCNTM2MmMlNTx3NDYmNxQ1NwZFNEM1NmM5Nmx1QTMkMmx3QTYkNTpmMTp3NwI0NmU2NxQ2MwQ4NxM3MDYlNxQ2Mmp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmMDMjN0Q3QwU5MmMmMmM4N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NTxmMmU2Nmx2MmZENTY3NTU5MmM2QmU0NwQ1ODQlNmp2MwMmNEEmMDQ5NDMmODY3NEQ3OTQkNmY0OTQ3MmU2QmY0NmpmRDNEN0Q3QwRDMmEmMwM3MmtmMTqERxVGRSZcp0FjpD0jJaNxn3Y9Jzqyo0kuqGx9NwAhMwE4OCZaZW9Mo25aPTI0Lwt3MDtzqXNypxyjQWRxpw0lYTBwJTNBZwA0MCUmQTAyM0E0MmU2JTNBMTAkMSUmQTMmM2YyM0E0OTE2JTNBYmRuMSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTA0LwAhNTEkMv4kMDEeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwMjMmY5ZwI1NTuvNlZwYaVmqGVlPTE2NwEkNwtkMTQ3ODIzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA== Requested by Host: live.primis.tech URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30382D32325F31347D7B7331373130363034347D7B433133347D7B5363325974636D566E4C5739795A31397A615731776247566D62486C70626D6375593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B7251554A554943386759335679636D567559336C546458427762334A30494338674D7941764947356C64773D3D7D7B4C31323738317DFEFE&userIpAddr=2a0c%3Af040%3A0%3A4356%3A1011%3A333f%3A4916%3Ac4a1&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&debugInformation=ABT+%2F+currencySupport+%2F+3+%2F+new&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=630369f2558b7&debugInfo=17106044_ABT+%2F+currencySupport+%2F+3+%2F+new&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17106044&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cfakrzxqspu&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F%3F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=60.2188&geoLong=24.8708&vpTemplate=12781&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sf-reg-org_simpleflying.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash dd406b3d824aa280b598e67e4164079c2a9ba48a343640eabf58d2e143aa55ce Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip server nginx age 0 x-cache Miss from cloudfront p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin https://simpleflying.com cache-control no-store access-control-allow-credentials true x-amz-cf-pop FRA6-C1 content-type application/json; charset=utf-8 content-length 6639 via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) x-amz-cf-id SdxIyGLasXilpIHlcpc8325ZOeCwdyCT56EdroGMzEch5UUjYqJ3Eg==
GET H2	200	logo_12781.png video.primis.tech/uploads/video/users/logo/30875/	12 KB 12 KB	228ms 71ms	Image image/png	185.167.96.211 CLOUDWEBMANAGE-EU
General Check archive.org Show headers Download Go to Show image Full URL https://video.primis.tech/uploads/video/users/logo/30875/logo_12781.png?cbuster=1643106178 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US), Reverse DNS Software Tengine / Resource Hash f6082bce2b2c7c1bb6a58e06a17aa69b25882a2dbdbe38f3238f6b8aa30a25d7 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:15 GMT via 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront) last-modified Tue, 25 Jan 2022 10:22:59 GMT server Tengine x-amz-cf-pop FRA60-P4 etag "9f73d4e23ad3d9bf6ce6512fe416d525" vary Accept-Encoding content-type image/png access-control-allow-origin * expires Tue, 23 Aug 2022 11:35:15 GMT cache-control max-age=86400 accept-ranges bytes content-length 12291 x-amz-cf-id hQehlFG2mu6-EoJOlvJsx8QV3GYMRd80aA-fDzSBlc-ll6sI5d1Aig== x-proxy-cache HIT
GET H2	200	liveView.php live.primis.tech/live/	0 420 B	107ms 103ms	Image text/html	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY2MTE2ODEkNCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA5OTA2JaN0YT0jJat9NwAjJax9MmM4JaZcZF9jYXNmRG9gYWyhPXNcoXBfZWZfrWyhZl5wo20zp3VvSWQ9p2YgpzVaLW9lZ19mnW1joGVzoHycozphY29gJzRyYaVaSW5zo3JgYXRco249QUJUJTIjJTJGJTIjY3VlpzVhY3yTqXBjo3J0JTIjJTJGJTIjMlUlMCUlRvUlMG5yqlZcp0FjpD0jJaNxn3Y9JaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmtlRDMlMmI1RwMkMmQ3RDqCNmMmMTM3MmEmMDM2MmAmNDM0N0Q3QwQmMmEmMmM0N0Q3QwUmNwMmMwU5NmQ2MmZENTY2RTRDNTpmOTp5NUEmMTM5N0E2MTU3MmE3NmYlNDp1NwZENwI0ODZDNmA2MwZENwM3NTU5MmImOTp0N0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTMmMmMmODqEN0I2NwMkN0Q3QwplNTE1NTRBNTU0OTQmMmt2NmU5MmM1Nwp5NwM2RDU2NmU1OTMmNxM1NDY0NTt0Mwp3NwImMmRBMmA0OTQmMmt2NmRENmx0MTp2NDx0NmM1NxM2NDp3M0QmRDqEN0I0QmMkMmImNmM4MmE3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9MzEjYlUmQWYjNDAyM0EjJTNBNDM1NvUmQTEjMTEyM0EmMmNzJTNBNDxkNvUmQWM0YTEzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTA0LwAhNTEkMv4kMDEyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYmMDM2OWYlNTU4YwpzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY2MTE2ODEkNDp2NlZ1nWQ9U2VenW5xo1NQoGF5ZXI2MmAmNwyzMwp0MwY2JaB1YyVloD1bqHRjplUmQSUlRvUlRaNcoXBfZWZfrWyhZl5wo20yMxZcqGEgYWylq2F5pl1vnWRxnW5aLWNfo3NyplUlRvUmRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip server nginx age 0 vary Accept-Encoding x-cache Miss from cloudfront p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin * cache-control no-store x-amz-cf-pop FRA6-C1 content-type text/html; charset=UTF-8 x-amz-cf-id 8HjIHq_-aOxHvLV-2qyjvr0TMSuW6QwV38gzLioHSvRjCkJHfbobjA== via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
GET H/1.1	200 OK	sync x.bidswitch.net/ Frame B304	43 B 220 B	291ms 68ms	Image image/gif	35.158.200.182 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.158.200.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-158-200-182.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 22 Aug 2022 11:35:15 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	liveCS.php live.primis.tech/live/ Frame B304 Redirect Chain https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=&advId=93&advUuid=0036d72b-8f6d-4227-8b87-95d0228468a2	0 398 B	80ms 80ms	Image text/html	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=&advId=93&advUuid=0036d72b-8f6d-4227-8b87-95d0228468a2 Protocol H2 Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip server nginx age 0 vary Accept-Encoding x-cache Miss from cloudfront p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) cache-control no-store x-amz-cf-pop FRA6-C1 content-type text/html; charset=utf-8 x-amz-cf-id XBj-pby8GxKzRMGzS_SpSBjsF4aNdYuwQIaIq9gPbGqU5LpTSlPE_Q== Redirect headers date Mon, 22 Aug 2022 11:35:14 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" location https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=&advId=93&advUuid=0036d72b-8f6d-4227-8b87-95d0228468a2 cf-ray 73eb4dce6f7d1600-ARN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	liveCS.php live.primis.tech/live/ Frame B304 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3D%26advId%3D99%26advUuid%3D https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=&advId=99&advUuid=YwNp8MwIrK22xk33B7wnngAAEOgAAAIB	0 396 B	83ms 80ms	Image text/html	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=&advId=99&advUuid=YwNp8MwIrK22xk33B7wnngAAEOgAAAIB Protocol H2 Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip server nginx age 0 vary Accept-Encoding x-cache Miss from cloudfront p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) cache-control no-store x-amz-cf-pop FRA6-C1 content-type text/html; charset=utf-8 x-amz-cf-id 8S73XwYOK8LBqfSoFvo4KgshoxR_PYS9rPIc6n4Z0BcZQ2qbzP2ziQ== Redirect headers pragma no-cache date Mon, 22 Aug 2022 11:35:15 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6ell4lDwgXTts1b%2FIDRa3NodvuAVvAf4MxvuDjeJnXSAYYtlpVNwpJvpCOd%2FUyf8mjXazYfvML7jFUJT7yRa5wt%2FshVv%2FPqe9jHT%2B8t0uLt4dpOKJululEBbpom3eo1BIOBqUEe1aYT9g%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=&advId=99&advUuid=YwNp8MwIrK22xk33B7wnngAAEOgAAAIB cache-control no-cache cf-ray 73eb4dce6ab998ee-ARN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 expires 0
GET H2	200	getuid eb2.3lift.com/ Frame B304	37 B 140 B	190ms 67ms	Image image/gif	76.223.111.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:14 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif
GET H/1.1	204 No Content	sync.php pixel.rubiconproject.com/exchange/ Frame B304	0 239 B	76ms 73ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/exchange/sync.php?p=primis Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost de8527bfa1ccfd6c1590da0d3b6cff52 Content-Type image/gif
GET H2	200	liveCS.php live.primis.tech/live/ Frame B304 Redirect Chain https://ups.analytics.yahoo.com/ups/58627/occ https://ups.analytics.yahoo.com/ups/58627/occ?verify=true https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-b1A3289E2u...	0 396 B	77ms 77ms	Image text/html	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-b1A3289E2uE0dLWCnRvIc9CjhykIJRmW40MyDw8-~A&advUuid=y-b1A3289E2uE0dLWCnRvIc9CjhykIJRmW40MyDw8-~A Protocol H2 Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:15 GMT content-encoding gzip server nginx age 0 vary Accept-Encoding x-cache Miss from cloudfront p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) cache-control no-store x-amz-cf-pop FRA6-C1 content-type text/html; charset=utf-8 x-amz-cf-id zoYI3tZLkR1S3JKWHnJ_B_Sg2xTnB2aqoGMlZI1NwqYbPl0E2NHq9A== Redirect headers location https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-b1A3289E2uE0dLWCnRvIc9CjhykIJRmW40MyDw8-~A&advUuid=y-b1A3289E2uE0dLWCnRvIc9CjhykIJRmW40MyDw8-~A date Mon, 22 Aug 2022 11:35:15 GMT server ATS/9.1.10.25 age 0 content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	liveCS.php live.primis.tech/live/ Frame B304 Redirect Chain https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3D%26advId%3D105%26advUuid%3D%24UID https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=&advId=105&advUuid=6850842669882705040	0 396 B	78ms 78ms	Image text/html	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=&advId=105&advUuid=6850842669882705040 Protocol H2 Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip server nginx age 0 vary Accept-Encoding x-cache Miss from cloudfront p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) cache-control no-store x-amz-cf-pop FRA6-C1 content-type text/html; charset=utf-8 x-amz-cf-id ggdXicxKLku3sJEWZHACtz20ZZ1evMcxbshAJMfzVL2a_2vIW7tgOQ== Redirect headers Pragma no-cache Date Mon, 22 Aug 2022 11:35:15 GMT X-Proxy-Origin 194.34.134.148; 194.34.134.148; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com AN-X-Request-Uuid c76528a2-5678-4771-9e75-b6f30d970127 Server nginx/1.21.3 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=&advId=105&advUuid=6850842669882705040 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	verify mb9eo.publishers.tremorhub.com/pubsync/ Frame B304 Redirect Chain https://mb9eo.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%... https://mb9eo.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3Dhttps%253A%252F%252Fsync.intent...	43 B 182 B	146ms 146ms	Image image/gif	2600:1f18:612b:4216:aef5:b371:fdfb:ec0 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://mb9eo.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D Protocol H2 Server 2600:1f18:612b:4216:aef5:b371:fdfb:ec0 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:15 GMT server Apache-Coyote/1.1 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' content-type image/gif Redirect headers location pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D date Mon, 22 Aug 2022 11:35:15 GMT server Apache-Coyote/1.1 content-length 0 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
GET H2	200	liveCS.php live.primis.tech/live/ Frame B304 Redirect Chain https://cs.media.net/cksync?cs=34&type=pri&ovsid=630369f2558b7&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3Dhttps%253A%252F%252... https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%...	0 396 B	78ms 78ms	Image text/html	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D0000EEA&advId=127&advUuid=0000EEA Protocol H2 Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:15 GMT content-encoding gzip server nginx age 0 vary Accept-Encoding x-cache Miss from cloudfront p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) cache-control no-store x-amz-cf-pop FRA6-C1 content-type text/html; charset=utf-8 x-amz-cf-id DitMx6z-JJjEfBfE6gxh7cm23r8nfvlKTjYnfBiy0zwTZaBCTdTjtw== Redirect headers Pragma no-cache Date Mon, 22 Aug 2022 11:35:15 GMT Server Apache P3P CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA Location https://live.primis.tech/live/liveCS.php?source=external&csuuid=630369f2558b7&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D0000EEA&advId=127&advUuid=0000EEA Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html Content-Length 154 X-MNET-HL2 E Expires Mon, 22 Aug 2022 11:35:15 GMT
GET H/1.1	204 No Content	pixel ap.lijit.com/ Frame B304	0 277 B	217ms 70ms	Image text/plain	72.251.249.14 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3D%26advId%3D130%26advUuid%3D%24UID Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 22 Aug 2022 11:35:15 GMT Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap1ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Access-Control-Allow-Methods GET, POST, DELETE, PUT
GET H2	200	liveCS.php live.primis.tech/live/ Frame B304 Redirect Chain https://ads.stickyadstv.com/user-matching?id=3586&gdpr=1&gdpr_consent= https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%2...	0 398 B	78ms 77ms	Image text/html	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%263rdpcid%3Da91d6fd3412b21d774341166776b818b&advId=134&advUuid=a91d6fd3412b21d774341166776b818b Protocol H2 Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:15 GMT content-encoding gzip server nginx age 0 vary Accept-Encoding x-cache Miss from cloudfront p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) cache-control no-store x-amz-cf-pop FRA6-C1 content-type text/html; charset=utf-8 x-amz-cf-id RykUZmCBYEY6RXECFzQZ3D6AGJ0OsxbDV4ypi5ACOU5oeGFuJfCQrw== Redirect headers Pragma no-cache Date Mon, 22 Aug 2022 11:35:15 GMT Server nginx Access-Control-Allow-Origin * Location https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%263rdpcid%3Da91d6fd3412b21d774341166776b818b&advId=134&advUuid=a91d6fd3412b21d774341166776b818b Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 x-sticky-vk 1661168115269005-516 Expires Mon, 22 Aug 2022 11:35:15 GMT
GET H2	200	vid62fe8f1319621231723319.jpg video.primis.tech/uploads/cn2/video/users/converted/30875/video_61f295398f0af743450248/	21 KB 21 KB	105ms 104ms	Image image/jpeg	185.167.96.211 CLOUDWEBMANAGE-EU
General Check archive.org Show headers Download Go to Show image Full URL https://video.primis.tech/uploads/cn2/video/users/converted/30875/video_61f295398f0af743450248/vid62fe8f1319621231723319.jpg?cbuster=1660850512 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US), Reverse DNS Software Tengine / Resource Hash 6ba42c31c043a7c449d59ef1e2b01a7d9e160a5febf9768d4c00b6c0a6056741 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:15 GMT via 1.1 697a26790d3ab8292d8546ca9be87bbc.cloudfront.net (CloudFront) last-modified Thu, 18 Aug 2022 19:37:08 GMT server Tengine x-amz-cf-pop AMS54-C1 etag "75db184b69e89597bcf756c44e78e157" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * expires Tue, 23 Aug 2022 11:35:15 GMT cache-control max-age=86400 accept-ranges bytes content-length 21467 x-amz-cf-id wo7asJa4PCazGNhn0RUKS2zf4J5pf86gZy3KyADYgiEBIHErUP0sMw== x-proxy-cache HIT
GET H2	200	liveView.php Show response live.primis.tech/live/ Frame B304	46 KB 7 KB	126ms 126ms	XHR application/json	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMvUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMDt3NSUlRaZcZGViXmYkZwI5NTM5OGYjYWY3NDM0NTAlNDtyMxZ2nWQ2MzZyOGYkMmE5NwIkMwMkNmImMmE5Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxy2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXqPRGMkTDNnpFcHVaZYryy4WzcJNU5UTTVPR1y3WVqZM05ETTBOVEF5TxRaqzRgoGgOnxcgWyRboU1UTXuPVFy5TVRJrx1UY3yNrx14T1M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx5dRXuNVFUlTURBp0NcQWqJQ0FcWyubq0ydo2qNVFxlTVRJrU5UVTRNQXA5LxkzqE54RzRXp2VcUmVcYaA2Tz5En01zZzRlV012UG1bUzUjnDVRTEkkZxxzqzyxX2NioaRyoaRsnWQ9MwQmODpkNSZ2nWRsY29hqGVhqF9xZXNwPUFgZXJcY2FhK0FcpzkcozVmK0JyqHMeT24eU3VjZXJmo25cYlgXnXRbK09lZGVlK0ZipvflMCgCo29gK092ZXJ0qXJyplZ2nWRsY29hqGVhqF90nXRfZT1BoWVlnWNuovgBnXJfnW5yplgCZXRmK09hK1N1pGVlp29hnWMeV2y0nCgPpzRypvgGo3IeMwAeQz9ioSgPqzVlqHVlZXMzqzyxX2NioaRyoaRsZHVlYXRco249MwQ4JzRyYaVaSW5zo3JgYXRco249QUJUKlUlRvgwqXJlZW5wrVN1pHBipaQeJTJGKmMeJTJGK25yqlZ4PTUjMCZ5PTI4MSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZmnW1joGVzoHycozphY29gJTJGnXRuLWFcpaqurXMgYzyxZGyhZl1woG9mZXMyMxYyM0Yzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmODJEMmImMwVGMmEmNDqEN0I3MmMkMmpmMTMjMmYmMDM0MmQ3RDqCNDMmMTMmMmQ3RDqCNTM2MmMlNTx3NDYmNxQ1NwZFNEM1NmM5Nmx1QTMkMmx3QTYkNTpmMTp3NwI0NmU2NxQ2MwQ4NxM3MDYlNxQ2Mmp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmMDMjN0Q3QwU5MmMmMmM4N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NTxmMmU2Nmx2MmZENTY3NTU5MmM2QmU0NwQ1ODQlNmp2MwMmNEEmMDQ5NDMmODY3NEQ3OTQkNmY0OTQ3MmU2QmY0NmpmRDNEN0Q3QwRDMmEmMwM3MmtmMTqERxVGRSZcp0FjpD0jJaNxn3Y9Jzqyo0kuqGx9NwAhMwE4OCZaZW9Mo25aPTI0Lwt3MDtzqXNypxyjQWRxpw0lYTBwJTNBZwA0MCUmQTAyM0E0MmU2JTNBMTAkMSUmQTMmM2YyM0E0OTE2JTNBYmRuMSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTA0LwAhNTEkMv4kMDEeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwMjMmY5ZwI1NTuvNlZwYaVmqGVlPTE2NwEkNwtkMTQ4MwYzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA== Requested by Host: live.primis.tech URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30382D32325F31347D7B7331373130363034347D7B433133347D7B5363325974636D566E4C5739795A31397A615731776247566D62486C70626D6375593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B7251554A554943386759335679636D567559336C546458427762334A30494338674D7941764947356C64773D3D7D7B4C31323738317DFEFE&userIpAddr=2a0c%3Af040%3A0%3A4356%3A1011%3A333f%3A4916%3Ac4a1&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&debugInformation=ABT+%2F+currencySupport+%2F+3+%2F+new&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=630369f2558b7&debugInfo=17106044_ABT+%2F+currencySupport+%2F+3+%2F+new&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17106044&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cfakrzxqspu&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F%3F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=60.2188&geoLong=24.8708&vpTemplate=12781&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sf-reg-org_simpleflying.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash a5734bab742dbfcf9110dc1b03d52944a79eaa72d6bbc1d73f16b332d57ad825 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip server nginx age 0 x-cache Miss from cloudfront p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin https://simpleflying.com cache-control no-store access-control-allow-credentials true x-amz-cf-pop FRA6-C1 content-type application/json; charset=utf-8 content-length 6277 via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) x-amz-cf-id B95W7jAwzs8S00Lvpus56Z12oSkdlsxHtsDb3KWyPHo6eOcYw59U-Q==
GET H2	200	liveView.php Show response live.primis.tech/live/ Frame B304	46 KB 7 KB	121ms 121ms	XHR application/json	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMvUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMDt3NSUlRaZcZGViXmYkZwI5NTM5OGYjYWY3NDM0NTAlNDtyMxZ2nWQ2MzZyOGYkMmE5NwIkMwMkNmImMmE5Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxy2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXqPRGMkTDNnpFcHVaZYryy4WzcJNU5UTTVPR1y3WVqZM05ETTBOVEF5TxRaqzRgoGgOnxcgWyRboU1UTXuPVFy5TVRJrx1UY3yNrx14T1M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx5dRXuNVFUlTURBp0NcQWqJQ0FcWyubq0ydo2qNVFxlTVRJrU5UVTRNQXA5LxkzqE54RzRXp2VcUmVcYaA2Tz5En01zZzRlV012UG1bUzUjnDVRTEkkZxxzqzyxX2NioaRyoaRsnWQ9MwQmODpkNSZ2nWRsY29hqGVhqF9xZXNwPUFgZXJcY2FhK0FcpzkcozVmK0JyqHMeT24eU3VjZXJmo25cYlgXnXRbK09lZGVlK0ZipvflMCgCo29gK092ZXJ0qXJyplZ2nWRsY29hqGVhqF90nXRfZT1BoWVlnWNuovgBnXJfnW5yplgCZXRmK09hK1N1pGVlp29hnWMeV2y0nCgPpzRypvgGo3IeMwAeQz9ioSgPqzVlqHVlZXMzqzyxX2NioaRyoaRsZHVlYXRco249MwQ4JzRyYaVaSW5zo3JgYXRco249QUJUKlUlRvgwqXJlZW5wrVN1pHBipaQeJTJGKmMeJTJGK25yqlZ4PTM0MCZ5PTE5MSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZmnW1joGVzoHycozphY29gJTJGnXRuLWFcpaqurXMgYzyxZGyhZl1woG9mZXMyMxYyM0Yzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmODJEMmImMwVGMmEmNDqEN0I3MmMkMmpmMTMjMmYmMDM0MmQ3RDqCNDMmMTMmMmQ3RDqCNTM2MmMlNTx3NDYmNxQ1NwZFNEM1NmM5Nmx1QTMkMmx3QTYkNTpmMTp3NwI0NmU2NxQ2MwQ4NxM3MDYlNxQ2Mmp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmMDMjN0Q3QwU5MmMmMmM4N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NTxmMmU2Nmx2MmZENTY3NTU5MmM2QmU0NwQ1ODQlNmp2MwMmNEEmMDQ5NDMmODY3NEQ3OTQkNmY0OTQ3MmU2QmY0NmpmRDNEN0Q3QwRDMmEmMwM3MmtmMTqERxVGRSZcp0FjpD0jJaNxn3Y9Jzqyo0kuqGx9NwAhMwE4OCZaZW9Mo25aPTI0Lwt3MDtzqXNypxyjQWRxpw0lYTBwJTNBZwA0MCUmQTAyM0E0MmU2JTNBMTAkMSUmQTMmM2YyM0E0OTE2JTNBYmRuMSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTA0LwAhNTEkMv4kMDEeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwMjMmY5ZwI1NTuvNlZwYaVmqGVlPTE2NwEkNwtkMTQ4MwpzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA== Requested by Host: live.primis.tech URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30382D32325F31347D7B7331373130363034347D7B433133347D7B5363325974636D566E4C5739795A31397A615731776247566D62486C70626D6375593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B7251554A554943386759335679636D567559336C546458427762334A30494338674D7941764947356C64773D3D7D7B4C31323738317DFEFE&userIpAddr=2a0c%3Af040%3A0%3A4356%3A1011%3A333f%3A4916%3Ac4a1&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&debugInformation=ABT+%2F+currencySupport+%2F+3+%2F+new&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=630369f2558b7&debugInfo=17106044_ABT+%2F+currencySupport+%2F+3+%2F+new&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17106044&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cfakrzxqspu&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F%3F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=60.2188&geoLong=24.8708&vpTemplate=12781&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sf-reg-org_simpleflying.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash ac84ba869f788e6dff92c9abe7f40641e612e312ea21248cf0e7affa1175d433 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip server nginx age 0 x-cache Miss from cloudfront p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin https://simpleflying.com cache-control no-store access-control-allow-credentials true x-amz-cf-pop FRA6-C1 content-type application/json; charset=utf-8 content-length 6274 via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) x-amz-cf-id N02KSgEjQiXYxeK2FiPOYmqS01Ic9gBvOItKWtjolwGS2dcFaf_rPg==
GET H2	200	liveView.php Show response live.primis.tech/live/ Frame B304	46 KB 7 KB	131ms 130ms	XHR application/json	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMvUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMDt3NSUlRaZcZGViXmYkZwI5NTM5OGYjYWY3NDM0NTAlNDtyMxZ2nWQ2MzZyOGYkMmE5NwIkMwMkNmImMmE5Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxy2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXqPRGMkTDNnpFcHVaZYryy4WzcJNU5UTTVPR1y3WVqZM05ETTBOVEF5TxRaqzRgoGgOnxcgWyRboU1UTXuPVFy5TVRJrx1UY3yNrx14T1M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx5dRXuNVFUlTURBp0NcQWqJQ0FcWyubq0ydo2qNVFxlTVRJrU5UVTRNQXA5LxkzqE54RzRXp2VcUmVcYaA2Tz5En01zZzRlV012UG1bUzUjnDVRTEkkZxxzqzyxX2NioaRyoaRsnWQ9MwQmODpkNSZ2nWRsY29hqGVhqF9xZXNwPUFgZXJcY2FhK0FcpzkcozVmK0JyqHMeT24eU3VjZXJmo25cYlgXnXRbK09lZGVlK0ZipvflMCgCo29gK092ZXJ0qXJyplZ2nWRsY29hqGVhqF90nXRfZT1BoWVlnWNuovgBnXJfnW5yplgCZXRmK09hK1N1pGVlp29hnWMeV2y0nCgPpzRypvgGo3IeMwAeQz9ioSgPqzVlqHVlZXMzqzyxX2NioaRyoaRsZHVlYXRco249MwQ4JzRyYaVaSW5zo3JgYXRco249QUJUKlUlRvgwqXJlZW5wrVN1pHBipaQeJTJGKmMeJTJGK25yqlZ4PTUjMCZ5PTI4MSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZmnW1joGVzoHycozphY29gJTJGnXRuLWFcpaqurXMgYzyxZGyhZl1woG9mZXMyMxYyM0Yzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmODJEMmImMwVGMmEmNDqEN0I3MmMkMmpmMTMjMmYmMDM0MmQ3RDqCNDMmMTMmMmQ3RDqCNTM2MmMlNTx3NDYmNxQ1NwZFNEM1NmM5Nmx1QTMkMmx3QTYkNTpmMTp3NwI0NmU2NxQ2MwQ4NxM3MDYlNxQ2Mmp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmMDMjN0Q3QwU5MmMmMmM4N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NTxmMmU2Nmx2MmZENTY3NTU5MmM2QmU0NwQ1ODQlNmp2MwMmNEEmMDQ5NDMmODY3NEQ3OTQkNmY0OTQ3MmU2QmY0NmpmRDNEN0Q3QwRDMmEmMwM3MmtmMTqERxVGRSZcp0FjpD0jJaNxn3Y9Jzqyo0kuqGx9NwAhMwE4OCZaZW9Mo25aPTI0Lwt3MDtzqXNypxyjQWRxpw0lYTBwJTNBZwA0MCUmQTAyM0E0MmU2JTNBMTAkMSUmQTMmM2YyM0E0OTE2JTNBYmRuMSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTA0LwAhNTEkMv4kMDEeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwMjMmY5ZwI1NTuvNlZwYaVmqGVlPTE2NwEkNwtkMTQ4MwpzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA== Requested by Host: live.primis.tech URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30382D32325F31347D7B7331373130363034347D7B433133347D7B5363325974636D566E4C5739795A31397A615731776247566D62486C70626D6375593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B7251554A554943386759335679636D567559336C546458427762334A30494338674D7941764947356C64773D3D7D7B4C31323738317DFEFE&userIpAddr=2a0c%3Af040%3A0%3A4356%3A1011%3A333f%3A4916%3Ac4a1&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&debugInformation=ABT+%2F+currencySupport+%2F+3+%2F+new&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=630369f2558b7&debugInfo=17106044_ABT+%2F+currencySupport+%2F+3+%2F+new&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17106044&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cfakrzxqspu&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F%3F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=60.2188&geoLong=24.8708&vpTemplate=12781&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sf-reg-org_simpleflying.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 1b9879e6a776cdd2427cfb1d8ee1075e0429666c434fac29116f0d968871b573 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip server nginx age 0 x-cache Miss from cloudfront p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin https://simpleflying.com cache-control no-store access-control-allow-credentials true x-amz-cf-pop FRA6-C1 content-type application/json; charset=utf-8 content-length 6639 via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) x-amz-cf-id 5VOynYrsQ8WbNsY7kQfql3U736rF9ORnGXHEBCpML860cCYxB7LemQ==
GET H/1.1	200 OK	setuid mbid.marfeelrev.com/ Frame 3AF5 Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6850842669882705040	86 B 825 B	87ms 86ms	Image image/png	5.9.40.209 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6850842669882705040 Protocol HTTP/1.1 Server 5.9.40.209 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS haproxy04.cl01.k8s.mrf.io Software istio-envoy / Resource Hash c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf Request headers accept-language fi-FI,fi;q=0.9 Referer https://mbid.marfeelrev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:14 GMT content-encoding gzip server istio-envoy transfer-encoding chunked content-type image/png cache-control no-cache, no-store, must-revalidate x-envoy-upstream-service-time 1 expires 0 Redirect headers Pragma no-cache Date Mon, 22 Aug 2022 11:35:14 GMT X-Proxy-Origin 194.34.134.148; 194.34.134.148; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com AN-X-Request-Uuid e72b971f-8d51-45fc-9615-471baec86735 Server nginx/1.21.3 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6850842669882705040 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame B304	2 KB 2 KB	157ms 57ms	XHR application/json	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220822 Requested by Host: live.primis.tech URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_14.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ea2697dd2d0350ed84ce89be6bc75e8462ad5d56e0d70d53c869df80ab8236a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers date Mon, 22 Aug 2022 11:35:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 30854 x-jsd-version 1.0.1439 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19129-FRA, cache-cdg20752-CDG timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"669-U3xo+2ctiPtvj8ftIPnQBFf1f4E" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0sXn%2BH07wajV1%2Bl1GJAfJi4Wr7W%2BY5XmB%2BDJC6myVl5dCMKD55TB8wrAU2hW306Iz7AaaN9uLffOVul2TU%2FKUW4QyEfgrb%2BTDQ71qVd95v%2BcdU49HKCQolJp633PL4Z60dI3fXj1luGpE7X3sw%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=604800, s-maxage=43200 cf-ray 73eb4dcf5e6c95f4-ARN access-control-expose-headers *
POST H2	204	mvo Show response tag.1rx.io/rmp/243447/0/ Frame B304	0 164 B	235ms 71ms	XHR text/plain	213.19.147.42 RHYTHMONE
General Check archive.org Show headers Download Go to Full URL https://tag.1rx.io/rmp/243447/0/mvo?z=1r&hbv=6.18,2.1 Requested by Host: live.primis.tech URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_14.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.19.147.42 Beverwijk, Netherlands, ASN26120 (RHYTHMONE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://simpleflying.com pragma no-cache date Mon, 22 Aug 2022 11:35:15 GMT cache-control private, max-age=0, no-cache, no-store access-control-allow-credentials true
POST H2	200	auction Show response prebid-server.rubiconproject.com/openrtb2/ Frame B304	173 B 404 B	287ms 66ms	XHR application/json	18.185.204.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prebid-server.rubiconproject.com/openrtb2/auction Requested by Host: live.primis.tech URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_14.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.185.204.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-204-29.eu-central-1.compute.amazonaws.com Software / Resource Hash f4549f2f36a932f11d1d12016879193a798ac29b94b0aafe125c83eb38783684 Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:15 GMT content-encoding gzip x-prebid pbs-java/1.96.0 content-type application/json access-control-allow-origin https://simpleflying.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 168 expires 0
POST H2	204	translator Show response hbopenbid.pubmatic.com/ Frame B304	0 117 B	234ms 71ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: live.primis.tech URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_14.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://simpleflying.com date Mon, 22 Aug 2022 11:35:14 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H2	200	auction Show response tlx.3lift.com/header/ Frame B304	19 B 508 B	244ms 102ms	XHR application/json	3.65.74.222 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tlx.3lift.com/header/auction?lib=prebid&v=6.18.0&referrer=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F%3F&tmax=3000&gdpr=true Requested by Host: live.primis.tech URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_14.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.65.74.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-65-74-222.eu-central-1.compute.amazonaws.com Software / Resource Hash 0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:15 GMT accept-ch sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect content-type application/json; charset=utf-8 access-control-allow-origin https://simpleflying.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 19 x-xss-protection 0 expires Thu, 15 Oct 1992 20:10:00 GMT
GET H2	200	liveView.php live.primis.tech/live/	43 B 470 B	81ms 81ms	Image image/gif	2600:9000:2057:4c00:1a:5235:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwYkMTY4MTE0JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTY4MDt4MmxzrD01MDAzrT0lODEzoXN0YT0kNmEjNwA0NCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9jYXNmRG9gYWyhPXNcoXBfZWZfrWyhZl5wo20zp3VvSWQ9p2ygpGkyZzk5nW5aLzNioSZxZWJ1Z0yhZz9loWF0nW9hPUFCVCUlMCUlRvUlMGN1paJyozN5U3VjpG9lqCUlMCUlRvUlMDMyMwAyMxYyMwBhZXpznXNBpHA9MCZ1p2VlSXBBZGRlPTJuMGMyM0FzMDQjJTNBMCUmQTQmNTYyM0EkMDEkJTNBMmMmZvUmQTQ5MTYyM0FwNGEkJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjNC4jLwUkMTIhMTAkJTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MmAmNwyzMwU1OGI3JaJ2ow0xr1ZQX1JWTy9NQUNST30zYXR0ZW1jqE11oHRcpGkcZXI9MwAzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY2MTE2ODEkNDx4NCZ1nWQ9U2VenW5xo1NQoGF5ZXI2MmAmNwyzMwp0MwY2JaB1YyVloD1bqHRjplUmQSUlRvUlRaNcoXBfZWZfrWyhZl5wo20yMxZcqGEgYWylq2F5pl1vnWRxnW5aLWNfo3NyplUlRvUmRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 22 Aug 2022 11:35:14 GMT via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) server nginx age 0 x-cache Miss from cloudfront p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin * cache-control max-age=315360000 content-disposition inline; filename="pixel.gif" x-amz-cf-pop FRA6-C1 content-type image/gif x-amz-cf-id d-fifgG57jvB2HxrU2BqjSPlcjcpgv2rcD390c_04RjI6aQhNjWpEQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	213ms 72ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://simpleflying.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 17 Aug 2022 19:24:53 GMT x-content-type-options nosniff age 403822 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7884 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:03:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 17 Aug 2023 19:24:53 GMT
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame CDDD	0 42 B	232ms 70ms	Script text/plain	198.47.127.19 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89624458&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=1--- Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D630369f2558b7%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:13 GMT content-length 0
GET H2	200	vid62fe8f1319621231723319.jpg video.primis.tech/uploads/cn2/video/users/converted/30875/video_61f295398f0af743450248/	21 KB 21 KB	69ms 68ms	Image image/jpeg	185.167.96.211 CLOUDWEBMANAGE-EU
General Check archive.org Show headers Download Go to Show image Full URL https://video.primis.tech/uploads/cn2/video/users/converted/30875/video_61f295398f0af743450248/vid62fe8f1319621231723319.jpg?cbuster=1660850512 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US), Reverse DNS Software Tengine / Resource Hash 6ba42c31c043a7c449d59ef1e2b01a7d9e160a5febf9768d4c00b6c0a6056741 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 11:35:15 GMT via 1.1 697a26790d3ab8292d8546ca9be87bbc.cloudfront.net (CloudFront) last-modified Thu, 18 Aug 2022 19:37:08 GMT server Tengine x-amz-cf-pop AMS54-C1 etag "75db184b69e89597bcf756c44e78e157" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * expires Tue, 23 Aug 2022 11:35:15 GMT cache-control max-age=86400 accept-ranges bytes content-length 21467 x-amz-cf-id wo7asJa4PCazGNhn0RUKS2zf4J5pf86gZy3KyADYgiEBIHErUP0sMw== x-proxy-cache HIT
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/ Frame B304	6 KB 3 KB	304ms 304ms	XHR application/javascript	13.32.52.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.52.59 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-52-59.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language fi-FI,fi;q=0.9 Referer https://simpleflying.com/ita-airways-bidding-closes/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-amz-version-id JXufo2ctue2uysHllG2MRpKE8F0E4.a0 content-encoding gzip etag W/"a4d296427fc806b21335359e398c025c" age 60463 x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-origin * last-modified Wed, 03 Aug 2022 22:19:11 GMT server AmazonS3 date Sun, 21 Aug 2022 18:47:33 GMT vary Accept-Encoding,Origin access-control-allow-methods GET content-type application/javascript via 1.1 b392241fa800576d1bfcc2a54be3e252.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop NRT57-C1 x-amz-cf-id Vc_Za2FjCmzbX_v3HuEQBNGisBB4vAyxBUnaEsBo2FO6_3LZWOFuTQ==
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame D619	281 B 573 B	227ms 83ms	Document text/html	23.205.235.133 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent= Requested by Host: live.primis.tech URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_14.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-235-133.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Mon, 22 Aug 2022 11:35:16 GMT ETag "402b2-119-5d32342a551c0" Last-Modified Tue, 14 Dec 2021 23:07:59 GMT Server Apache/2.2.15 (CentOS) Unused62 8096267 Vary Accept-Encoding
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame CDA6	15 KB 6 KB	71ms 70ms	Document text/html	23.35.228.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent= Requested by Host: live.primis.tech URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_14.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-228-201.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152 Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers accept-ranges bytes cache-control max-age=35274 content-encoding gzip content-length 5549 content-type text/html; charset=UTF-8 date Mon, 22 Aug 2022 11:35:16 GMT etag "1300708-3de4-5d6ef246ef4cf" expires Mon, 22 Aug 2022 21:23:10 GMT last-modified Tue, 01 Feb 2022 06:38:00 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache/2.2.15 (CentOS) unused62 8096267 vary Accept-Encoding
GET H2	200	sync Show response eb2.3lift.com/ Frame C1FD	37 B 139 B	67ms 66ms	Document image/gif	76.223.111.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://eb2.3lift.com/sync?gdpr=true& Requested by Host: live.primis.tech URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_14.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://simpleflying.com/ita-airways-bidding-closes/? Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif date Mon, 22 Aug 2022 11:35:16 GMT
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame D619	31 KB 10 KB	78ms 78ms	Script text/html	23.205.235.133 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-235-133.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 4a77aa8515e0914305d566f070e6aed1f158741280d2dfb5a9cd6d48c8bb3599 Request headers accept-language fi-FI,fi;q=0.9 Referer https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 22 Aug 2022 11:35:16 GMT Content-Encoding gzip Last-Modified Wed, 17 Aug 2022 13:55:35 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=15004 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9442 Expires Mon, 22 Aug 2022 15:45:20 GMT
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame D619	284 B 536 B	281ms 71ms	Image image/jpg	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1--- Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers accept-language fi-FI,fi;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 6f9fd0201ed801884e5299d5aabca094 Content-Type image/jpg
POST H2	204	collect Show response f.clarity.ms/	0 48 B	289ms 288ms	XHR text/plain	20.84.22.197 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://f.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/eus-b/s/0.6.39/clarity.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://simpleflying.com/ita-airways-bidding-closes/? accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-origin https://simpleflying.com date Mon, 22 Aug 2022 11:35:16 GMT access-control-allow-credentials true server Microsoft-IIS/10.0 x-powered-by ASP.NET request-context appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8