Submitted URL: http://www.flytradewind.com/
Effective URL: https://www.flytradewind.com/
Submission: On October 25 via api from US — Scanned from DE

Summary

This website contacted 20 IPs in 3 countries across 17 domains to perform 65 HTTP transactions. The main IP is 3.215.146.34, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.flytradewind.com.
TLS certificate: Issued by Amazon on August 12th 2022. Valid for: a year.
This is the only time www.flytradewind.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 3.215.146.34 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 35.244.188.9 15169 (GOOGLE)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 52.20.78.240 14618 (AMAZON-AES)
3 107.178.244.119 15169 (GOOGLE)
2 2 172.217.16.198 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 4 172.217.18.2 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 37.252.173.215 29990 (ASN-APPNEX)
1 35.71.131.137 16509 (AMAZON-02)
1 34.239.12.113 14618 (AMAZON-AES)
1 2600:9000:223... 16509 (AMAZON-02)
8 52.217.174.128 16509 (AMAZON-02)
65 20
Apex Domain
Subdomains
Transfer
28 flytradewind.com
www.flytradewind.com
395 KB
8 amazonaws.com
s3.amazonaws.com
87 KB
7 sojern.com
static.sojern.com — Cisco Umbrella Rank: 16500
beacon.sojern.com — Cisco Umbrella Rank: 5519
pixel.sojern.com — Cisco Umbrella Rank: 8213
31 KB
6 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 185
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
2 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 78
fcmatch.google.com — Cisco Umbrella Rank: 2557
42 KB
3 personizely.net
tracker.personizely.net — Cisco Umbrella Rank: 188442
www.personizely.net — Cisco Umbrella Rank: 359393
5 KB
3 gstatic.com
www.gstatic.com
340 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
2 KB
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 3082
261 B
2 tooltip.io
cdn.tooltip.io — Cisco Umbrella Rank: 171681
data.tooltip.io — Cisco Umbrella Rank: 195154
78 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
1 signalayer.com
pp.signalayer.com — Cisco Umbrella Rank: 125178
260 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
265 B
1 youtube.com
fcmatch.youtube.com — Cisco Umbrella Rank: 2577
525 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
1 KB
1 marketingcdn.net
static.marketingcdn.net
41 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
54 KB
65 17
Domain Requested by
28 www.flytradewind.com 1 redirects www.flytradewind.com
8 s3.amazonaws.com
4 cm.g.doubleclick.net 4 redirects
4 static.sojern.com www.googletagmanager.com
www.flytradewind.com
static.sojern.com
4 www.google.com www.flytradewind.com
www.gstatic.com
www.google.com
3 www.gstatic.com www.google.com
2 ib.adnxs.com 2 redirects
2 pixel.sojern.com static.sojern.com
2 ad.doubleclick.net 2 redirects
2 api.ipify.org cdn.tooltip.io
2 tracker.personizely.net static.marketingcdn.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 data.tooltip.io cdn.tooltip.io
1 pp.signalayer.com cdn.tooltip.io
1 match.adsrvr.org static.sojern.com
1 fcmatch.youtube.com static.sojern.com
1 fcmatch.google.com 1 redirects
1 adservice.google.com static.sojern.com
1 beacon.sojern.com static.sojern.com
1 www.personizely.net static.marketingcdn.net
1 fonts.googleapis.com static.marketingcdn.net
1 cdn.tooltip.io www.flytradewind.com
1 static.marketingcdn.net www.googletagmanager.com
1 www.googletagmanager.com www.flytradewind.com
65 24
Subject Issuer Validity Valid
flytradewind.com
Amazon
2022-08-12 -
2023-09-10
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
www.google.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-08 -
2023-06-07
a year crt.sh
*.sojern.com
DigiCert TLS RSA SHA256 2020 CA1
2021-12-16 -
2023-01-16
a year crt.sh
cdn.tooltip.io
R3
2022-09-07 -
2022-12-06
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA
2022-02-07 -
2023-03-10
a year crt.sh
*.google.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.signalayer.com
Amazon
2022-02-01 -
2023-02-28
a year crt.sh
*.tooltip.io
Amazon
2022-03-18 -
2023-04-15
a year crt.sh
s3.amazonaws.com
Amazon
2022-04-01 -
2023-03-30
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.flytradewind.com/
Frame ID: 2F7BC07A6DD88312E328E0F58893EC10
Requests: 59 HTTP requests in this frame

Frame: https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=cdjrrg-ynrxs-mjs2g-anxgf-93hmq&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Frame ID: 19A6CCF2B6CBAEA2E5D069CE9E56C9CD
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ_b0UAAAAAD7figKBucPwVzUR_dINpJKM0DMX&co=aHR0cHM6Ly93d3cuZmx5dHJhZGV3aW5kLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=umu5fnuk8z62
Frame ID: 5E6FA524BE207DC0B515741178567A4C
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

Scheduled and Private Charter Flights | Tradewind Aviation

Page URL History Show full URLs

  1. http://www.flytradewind.com/ HTTP 301
    https://www.flytradewind.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

65
Requests

94 %
HTTPS

57 %
IPv6

17
Domains

24
Subdomains

20
IPs

3
Countries

1095 kB
Transfer

6755 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.flytradewind.com/ HTTP 301
    https://www.flytradewind.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55
  • https://ad.doubleclick.net/ddm/activity/src=11013503;type=homep0;cat=trade0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=11013503;dc_pre=COzusrHD-voCFQ7Lsgod2asNyQ;type=homep0;cat=trade0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=11013503;dc_pre=COzusrHD-voCFQ7Lsgod2asNyQ;type=homep0;cat=trade0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID
Request Chain 56
  • https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=kfm6qEioVtqH55p-qqwvYQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=Jf_1BW35LT4Nqx5dH-auABIXBuGeEUPc9zFxGdV5uLxjTN5bE1TLeOsaf1drh_hC&sjrn_ula=6716875213 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=kfm6qEioVtqH55p-qqwvYQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=Jf_1BW35LT4Nqx5dH-auABIXBuGeEUPc9zFxGdV5uLxjTN5bE1TLeOsaf1drh_hC&sjrn_ula=6716875213&google_tc= HTTP 302
  • https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=Jf_1BW35LT4Nqx5dH-auABIXBuGeEUPc9zFxGdV5uLxjTN5bE1TLeOsaf1drh_hC&sjrn_ula=6716875213&google_gid=CAESEM_hebM7PBhwkF44dQwf3GA&google_cver=1
Request Chain 57
  • https://cm.g.doubleclick.net/pixel?google_hm=kfm6qEioVtqH55p-qqwvYQ&google_nid=sojern_adh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=kfm6qEioVtqH55p-qqwvYQ&google_nid=sojern_adh&google_tc= HTTP 302
  • https://fcmatch.google.com/pixel?google_gm=AMnCDopKc1dPkoNDcM78s0ooI_CHlIFOaZqP2CQnvfpHeT0uJcaUsJZVylGwz_KqW0s5sKrnZR2rOQlGQPY6HM5BxXUdZ-Wmh8GSV3egIldMyva70nJh-YE HTTP 302
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDopKc1dPkoNDcM78s0ooI_CHlIFOaZqP2CQnvfpHeT0uJcaUsJZVylGwz_KqW0s5sKrnZR2rOQlGQPY6HM5BxXUdZ-Wmh8GSV3egIldMyva70nJh-YE
Request Chain 58
  • https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=Jf_1BW35LT4Nqx5dH-auABIXBuGeEUPc9zFxGdV5uLxjTN5bE1TLeOsaf1drh_hC HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DJf_1BW35LT4Nqx5dH-auABIXBuGeEUPc9zFxGdV5uLxjTN5bE1TLeOsaf1drh_hC HTTP 302
  • https://pixel.sojern.com/idsync/apn?id=2809616104358720859&sjrn_id=Jf_1BW35LT4Nqx5dH-auABIXBuGeEUPc9zFxGdV5uLxjTN5bE1TLeOsaf1drh_hC

65 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.flytradewind.com/
Redirect Chain
  • http://www.flytradewind.com/
  • https://www.flytradewind.com/
470 KB
74 KB
Document
General
Full URL
https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 / PHP/7.4.3
Resource Hash
28b2899bb3c248a684effa9094061fa81876e82cc61df1a7cff46902b085d54f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 04:19:16 GMT
link
<https://www.flytradewind.com/wp-json/>; rel="https://api.w.org/" <https://www.flytradewind.com/wp-json/wp/v2/pages/302>; rel="alternate"; type="application/json" <https://www.flytradewind.com/>; rel=shortlink
server
nginx/1.11.10
vary
Accept-Encoding
x-powered-by
PHP/7.4.3

Redirect headers

Connection
keep-alive
Content-Length
134
Content-Type
text/html
Date
Tue, 25 Oct 2022 04:19:15 GMT
Location
https://www.flytradewind.com:443/
Server
awselb/2.0
work-sans-v9-latin-500.woff2
www.flytradewind.com/app/themes/azds-default/assets/font/
26 KB
26 KB
Font
General
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/font/work-sans-v9-latin-500.woff2
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
52cad65ce87876520c3352eb31455c22332a3bcd6ad392a10ac2d3afbb6b0297

Request headers

Referer
https://www.flytradewind.com/
Origin
https://www.flytradewind.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
last-modified
Thu, 20 Oct 2022 17:00:13 GMT
server
nginx/1.11.10
etag
"668c-5eb7a42372140"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26252
expires
Wed, 25 Oct 2023 04:19:16 GMT
spectral-v7-latin-200.woff2
www.flytradewind.com/app/themes/azds-default/assets/font/
21 KB
21 KB
Font
General
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/font/spectral-v7-latin-200.woff2
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
5bd42875cca5d757db0ebc7a06af4c1f69f793144963ed475ae454f883e8e307

Request headers

Referer
https://www.flytradewind.com/
Origin
https://www.flytradewind.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"527c-5eb7a4227df00"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21116
expires
Wed, 25 Oct 2023 04:19:16 GMT
spectral-v7-latin-300.woff2
www.flytradewind.com/app/themes/azds-default/assets/font/
22 KB
22 KB
Font
General
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/font/spectral-v7-latin-300.woff2
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
7b4d6c961422afd3f1e6081b4c91612fa03568e19f3bc7bdfcb8198c3493e95a

Request headers

Referer
https://www.flytradewind.com/
Origin
https://www.flytradewind.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"56a0-5eb7a4227df00"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
22176
expires
Wed, 25 Oct 2023 04:19:16 GMT
spectral-v7-latin-regular.woff2
www.flytradewind.com/app/themes/azds-default/assets/font/
21 KB
22 KB
Font
General
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/font/spectral-v7-latin-regular.woff2
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
4d46b9cf533d460ad479908c269a802f8bd08c5b44dfefccff56c0e327ae4ff2

Request headers

Referer
https://www.flytradewind.com/
Origin
https://www.flytradewind.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
last-modified
Thu, 20 Oct 2022 17:00:13 GMT
server
nginx/1.11.10
etag
"553c-5eb7a42372140"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21820
expires
Wed, 25 Oct 2023 04:19:16 GMT
karla-v15-latin-regular.woff2
www.flytradewind.com/app/themes/azds-default/assets/font/
11 KB
11 KB
Font
General
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/font/karla-v15-latin-regular.woff2
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
a968f482a73e8e8faf0032ad6e172d458b89725e88e5f0b7b16eb8cac332c308

Request headers

Referer
https://www.flytradewind.com/
Origin
https://www.flytradewind.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"2b9c-5eb7a4227df00"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11164
expires
Wed, 25 Oct 2023 04:19:16 GMT
spectral-v7-latin-italic.woff2
www.flytradewind.com/app/themes/azds-default/assets/font/
22 KB
23 KB
Font
General
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/font/spectral-v7-latin-italic.woff2
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
04bb69545c5ebe6436e4bb5d65e9f8384a1f174eed6cab3bcabfd30dea3ed5fe

Request headers

Referer
https://www.flytradewind.com/
Origin
https://www.flytradewind.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
last-modified
Thu, 20 Oct 2022 17:00:13 GMT
server
nginx/1.11.10
etag
"5944-5eb7a42372140"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
22852
expires
Wed, 25 Oct 2023 04:19:16 GMT
karla-v15-latin-500.woff2
www.flytradewind.com/app/themes/azds-default/assets/font/
11 KB
11 KB
Font
General
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/font/karla-v15-latin-500.woff2
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
dd23ecb31245d58dd8fbd954c9968bab217607fa0b692e6362524b69f9d18b43

Request headers

Referer
https://www.flytradewind.com/
Origin
https://www.flytradewind.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"2c64-5eb7a4227df00"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11364
expires
Wed, 25 Oct 2023 04:19:16 GMT
styles.css
www.flytradewind.com/app/plugins/contact-form-7/includes/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.flytradewind.com/app/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
content-encoding
gzip
last-modified
Mon, 11 Oct 2021 09:40:30 GMT
server
nginx/1.11.10
etag
"aab-5ce1085043f80-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
972
expires
Wed, 25 Oct 2023 04:19:16 GMT
gtm.js
www.googletagmanager.com/
147 KB
54 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MMW5QCK
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
82679e10aeb7f31678e05071d750c9b5415b91ccef260cfb4d6f7a80bba0efe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54372
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 25 Oct 2022 04:19:16 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f92c23610d65aa0524b3e394d7318d440f9913cf26bed9d717e37f160dde4c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
logo__fleet.svg
www.flytradewind.com/app/themes/azds-default/assets/img/
975 B
787 B
Image
General
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/img/logo__fleet.svg
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
37abddfb7a9e55f634b5395e678101454952747efb16dce8ce74ea59b9f18a39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:13 GMT
server
nginx/1.11.10
etag
"3cf-5eb7a42372140-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
535
expires
Wed, 25 Oct 2023 04:19:16 GMT
truncated
/
71 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c482e04ba22cc76980cab50a08ab6777603d3ed2680d3e2bbae5af0555ed2fe7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
71 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce9da6c80827c2db1607b0f5ad8df66f1043a4650d8f7dd2a50ad550443753e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
71 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f31aa8c0cf4d6156f180f3bd059a2433b8aab417033bcd1493440a4fa834a041

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
72 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
706ae8b1c189658b26057365b69835892e3ea1e60a784746e4e55f313a8dbe82

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
swiper.min.css
www.flytradewind.com/app/themes/azds-default/assets/css/
13 KB
4 KB
Stylesheet
General
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/css/swiper.min.css?ver=1666285211
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
906ba97c9e3365be3f9b418f3d56349e0ec5c128d99b5134c0c586d5a4586f09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:11 GMT
server
nginx/1.11.10
etag
"356d-5eb7a42189cc0-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4131
expires
Wed, 25 Oct 2023 04:19:16 GMT
app.min.css
www.flytradewind.com/app/themes/azds-default/assets/css/
243 KB
36 KB
Stylesheet
General
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/css/app.min.css?ver=1666285212
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
4ded3d2799d579fac2859f32ab75cf32cbc5c967d3424436245bb33095c77369

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"3cd89-5eb7a4227df00-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
36752
expires
Wed, 25 Oct 2023 04:19:16 GMT
regenerator-runtime.min.js
www.flytradewind.com/wp-includes/js/dist/vendor/
6 KB
3 KB
Script
General
Full URL
https://www.flytradewind.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 17:46:17 GMT
server
nginx/1.11.10
etag
"194b-5e778f50e4c40-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2457
expires
Wed, 25 Oct 2023 04:19:16 GMT
wp-polyfill.min.js
www.flytradewind.com/wp-includes/js/dist/vendor/
19 KB
7 KB
Script
General
Full URL
https://www.flytradewind.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 17:46:17 GMT
server
nginx/1.11.10
etag
"4ac6-5e778f50e4c40-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7095
expires
Wed, 25 Oct 2023 04:19:16 GMT
index.js
www.flytradewind.com/app/plugins/contact-form-7/includes/js/
12 KB
4 KB
Script
General
Full URL
https://www.flytradewind.com/app/plugins/contact-form-7/includes/js/index.js?ver=5.5.3
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
content-encoding
gzip
last-modified
Mon, 11 Oct 2021 09:40:30 GMT
server
nginx/1.11.10
etag
"2e56-5ce1085043f80-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3767
expires
Wed, 25 Oct 2023 04:19:16 GMT
app.min.js
www.flytradewind.com/app/themes/azds-default/assets/js/
102 KB
28 KB
Script
General
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/js/app.min.js?ver=1666285214
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
0168928274741e90968146c44cb2213df57cb40922c7bb42ca2b27be7a088265

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:14 GMT
server
nginx/1.11.10
etag
"198df-5eb7a42466380-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
28644
expires
Wed, 25 Oct 2023 04:19:16 GMT
api.js
www.google.com/recaptcha/
884 B
1000 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LdJ_b0UAAAAAD7figKBucPwVzUR_dINpJKM0DMX&ver=3.0
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
88a5718ccf0d8e0cefb70d4416b61c215bf4b324391070fad2f8f0dedba5a288
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
1; mode=block
expires
Tue, 25 Oct 2022 04:19:16 GMT
index.js
www.flytradewind.com/app/plugins/contact-form-7/modules/recaptcha/
934 B
740 B
Script
General
Full URL
https://www.flytradewind.com/app/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.3
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
content-encoding
gzip
last-modified
Mon, 11 Oct 2021 09:40:30 GMT
server
nginx/1.11.10
etag
"3a6-5ce1085043f80-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
483
expires
Wed, 25 Oct 2023 04:19:16 GMT
crisis-message.min.js
www.flytradewind.com/app/themes/azds-default/assets/js//blocks/optional/
388 B
511 B
Script
General
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/js//blocks/optional/crisis-message.min.js?ver=1666285212
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
a22badee8cd482794deae8129e2c5238d07f67190c200490200489f4c6557643

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"184-5eb7a4227df00-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
254
expires
Wed, 25 Oct 2023 04:19:16 GMT
flight-widget.min.js
www.flytradewind.com/app/themes/azds-default/assets/js/
24 KB
7 KB
Script
General
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/js/flight-widget.min.js?ver=1666285212
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
d5a470acd663d3c61ea613f7de9dc4f0fe474fa47e4fc66d137b3dc37f5590cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"6063-5eb7a4227df00-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7010
expires
Wed, 25 Oct 2023 04:19:16 GMT
swiper.min.js
www.flytradewind.com/app/themes/azds-default/assets/js/
138 KB
35 KB
Script
General
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/js/swiper.min.js?ver=1666285212
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
36231d9ccbf4581029b3733c99c07b587ce56a7113b74ae7c0c0a083aec38029

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"22681-5eb7a4227df00-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
35892
expires
Wed, 25 Oct 2023 04:19:16 GMT
slider-section.min.js
www.flytradewind.com/app/themes/azds-default/assets/js//blocks/optional/
3 KB
1 KB
Script
General
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/js//blocks/optional/slider-section.min.js?ver=1666285213
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
a66ac891d92873b1493d1e8c68c7ff8c0df0ed39c18d7b22539723d23f5ea8c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:13 GMT
server
nginx/1.11.10
etag
"b16-5eb7a42372140-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1022
expires
Wed, 25 Oct 2023 04:19:16 GMT
testimonials-slider.min.js
www.flytradewind.com/app/themes/azds-default/assets/js//blocks/optional/
1 KB
803 B
Script
General
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/js//blocks/optional/testimonials-slider.min.js?ver=1666285213
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
72b05bc3c7050f8f5ac74385342728e543456f762031a40d1da34a7f01a8273d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:13 GMT
server
nginx/1.11.10
etag
"43a-5eb7a42372140-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
546
expires
Wed, 25 Oct 2023 04:19:16 GMT
base.min.js
www.flytradewind.com/app/themes/azds-default/assets/js/bootstrap/
9 KB
3 KB
Script
General
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/js/bootstrap/base.min.js?ver=1666285212
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
4603551cec51635aac0570a21e523be89401c1adf44755a9b5c9ca24657b6a4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"2405-5eb7a4227df00-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3275
expires
Wed, 25 Oct 2023 04:19:16 GMT
tab.min.js
www.flytradewind.com/app/themes/azds-default/assets/js/bootstrap/
4 KB
2 KB
Script
General
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/js/bootstrap/tab.min.js?ver=1666285212
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
aedc83e4448429f4e42a935882bfbb94c070b79514d8019ba9b1ab62acf2d25d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:16 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"f15-5eb7a4227df00-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1635
expires
Wed, 25 Oct 2023 04:19:16 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/
396 KB
158 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdJ_b0UAAAAAD7figKBucPwVzUR_dINpJKM0DMX&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flytradewind.com/
Origin
https://www.flytradewind.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161341
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Oct 2023 18:41:15 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MMW5QCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 03:01:58 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4639
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 25 Oct 2022 05:01:58 GMT
02868c2a7d.js
static.marketingcdn.net/
146 KB
41 KB
Script
General
Full URL
https://static.marketingcdn.net/02868c2a7d.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MMW5QCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4af6c31c77f1df984a4c9009659ab0dcaee896bd1e28751a3c47f2a682d8ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:17 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 17 Oct 2022 18:39:23 GMT
server
cloudflare
age
1979
etag
W/"634da15b-249c5"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9I1PkPT8Xv4RSJdkdgIdbiBKfH2HS0xcR8jDRMjjuVUmhTXJtxI84M9l1CfK%2BpA3uJeinshY61cuzNPCMRevHeors2QBs7HTdmJ10f3SME%2BS%2FlL7o5m8l3TOTFqjm9jByCAU4EMVz1uaHrqXCigiebHfCqr9mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cf-ray
75f8272fab849118-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sjrn_autocx.js
static.sojern.com/utils/
5 KB
6 KB
Script
General
Full URL
https://static.sojern.com/utils/sjrn_autocx.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MMW5QCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.188.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6cb087bd377229f8b7dc9cc77d14cf7829661950f4d97a0723bf856464c43c4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:19:42 GMT
age
3575
x-guploader-uploadid
ADPycdtFa49CZYcVlC29ndt-9OpTNdsKkZa3sp8jCP--9e2RvIbPjLiZkEiU05EHtNY_jNjVF6FqdT4n5AEG1a8WSPNL1A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5611
last-modified
Mon, 24 Oct 2022 10:30:59 GMT
server
UploadServer
etag
"d3bee3018f4ab530aacb22e3909b63a0"
x-goog-generation
1666607459018144
x-goog-hash
crc32c=taeang==, md5=077jAY9KtTCqyyLjkJtjoA==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
5611
accept-ranges
bytes
expires
Tue, 25 Oct 2022 04:19:42 GMT
truncated
/
2 KB
2 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin
https://www.flytradewind.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
player.js
cdn.tooltip.io/static/
465 KB
78 KB
Script
General
Full URL
https://cdn.tooltip.io/static/player.js
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e1162eee6294593f45863829349350729495263a59ecd9e63525de0979c04c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:17 GMT
content-encoding
gzip
x-amz-request-id
E4DKMM3PYRV119QV
x-edge-location
defr
x-cache
HIT
content-length
78825
x-amz-id-2
F9Ww0pT5En/M/SvAqFBunCoLf9RLBsQ+Oy6loYk6fbjWlsqAD8n2PA8R1znV3/qTzZk4H1CGfZ4=
last-modified
Thu, 18 Aug 2022 12:58:29 GMT
server
keycdn-engine
etag
"02d644aa6278a6ee77a74c4590769485"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://s3.amazonaws.com/tooltip-static-player/static/player.js>; rel="canonical"
expires
Tue, 01 Nov 2022 04:19:17 GMT
truncated
/
232 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b21ebb47d15e878d5fc3f7b5e00dbc4df42e8b0d9a26cbd2aac43b7ab6ca23a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
168 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9b0b47b1bd04b9a0c52c61c3db1c7b87dc11915d21772577898787c4a040293

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
591 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9de03a3b6cb1923d73e3cbeaa395ad5eb8f8b82c666ab1015117b67cde911d18

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc54cffe2cfaed80c1f1117c2bd7aa983e22b2d629d8b6d7785a4c91368acc6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
logo__small.svg
www.flytradewind.com/app/themes/azds-default/assets/img/
145 KB
50 KB
Image
General
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/img/logo__small.svg
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
6d902a642aaf983c5aa8b5b41985c51dcc23b24cd6c5b2bccb219b693247dfbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:17 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:14 GMT
server
nginx/1.11.10
etag
"243f1-5eb7a42466380-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
50597
expires
Wed, 25 Oct 2023 04:19:17 GMT
events
tracker.personizely.net/02868c2a7d/ Frame
0
0
Preflight
General
Full URL
https://tracker.personizely.net/02868c2a7d/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:45ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.flytradewind.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST, PUT, GET, DELETE
access-control-allow-origin
https://www.flytradewind.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
75f8273129725c2c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 04:19:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHRT3nNjmPGLLVLsgwDNA%2BKBjonXp2hR778%2Bl2zK%2BExScCL4wKz3uFh5k5G80prRIWYwWSlkQVlNMoUWe4QpSeABzljZU5V20rLSGkbrVTY2Jc1Kvmts8U%2FHNgUgL7YndVZ6s4cqvD1mfgpPTzrnGLGKT0Es5w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
css2
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: static.marketingcdn.net
URL: https://static.marketingcdn.net/02868c2a7d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d53b8656b8f584f2303e2ca2e8be93d17c0245e7d62c419c79f701c4219b30cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Oct 2022 04:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 03:51:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Oct 2022 04:19:17 GMT
events
tracker.personizely.net/02868c2a7d/
539 B
659 B
XHR
General
Full URL
https://tracker.personizely.net/02868c2a7d/events
Requested by
Host: static.marketingcdn.net
URL: https://static.marketingcdn.net/02868c2a7d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:45ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0007e572d7011ed0930afa4e079ca31ee3bbfe7eac4efcf604339f70d72a0d1

Request headers

Referer
https://www.flytradewind.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Oct 2022 04:19:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
allow
POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZGoml82wchGcdY6rceE13v0Qe5txO9fB34I38ARkMqvtuIu8wN9zh3mBSKzQn6GqUNQLl8CcyvspFprEILMzQbNRElXtMeFoduqXd21I%2FQieIE3rQyidL%2BBQcKPVjHAxw5LCCeKa8VxeYs%2B7Q8dAOuZnhVeaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.flytradewind.com
cache-control
max-age=0, must-revalidate, private
cf-ray
75f8273179ed5c2c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 25 Oct 2022 04:19:17 GMT
logo-on-dark.svg
www.personizely.net/
0
4 KB
Other
General
Full URL
https://www.personizely.net/logo-on-dark.svg
Requested by
Host: static.marketingcdn.net
URL: https://static.marketingcdn.net/02868c2a7d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d292 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:42:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7120764
etag
W/"61a76dbb-30bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y00fneW3QPHQ9d0PeclqsjbMX2r3lBF2mziMBFMCkxQN8MlrRuwI8eZsxOUwNIPTFqvQ%2BRknvW82LwzQdLFOIcAJdFaIQkktZhZR35kIDXbmJBCMZIAcX%2FVG74XGDdnDuehGA6%2Bm5%2BGpLKDn4qN83x5e"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
75f827312e219113-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 03 Aug 2023 18:19:53 GMT
s
static.sojern.com/cip/w/ Frame 19A6
1 KB
1 KB
Document
General
Full URL
https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=cdjrrg-ynrxs-mjs2g-anxgf-93hmq&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.188.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7a6a0e0209f4d6005e8ec73b9c446aae0d7e5160971d325e59145f671ee0dc63

Request headers

Referer
https://www.flytradewind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2691
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
1265
content-type
text/html
date
Tue, 25 Oct 2022 03:34:26 GMT
etag
"5388bce0d9aa970cb2aa3027fb3db3a0"
expires
Tue, 25 Oct 2022 04:34:26 GMT
last-modified
Wed, 08 Dec 2021 10:40:49 GMT
server
UploadServer
x-goog-generation
1638960048994942
x-goog-hash
crc32c=BlpLWA== md5=U4i84NmqlwyyqjAn+z2zoA==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1265
x-guploader-uploadid
ADPycduuuWcbGOXT-OACna6Og-_Rlcbjgbsk5rqVJsckdzoahw8za0u2v6LdIM4adGzd1aEPD8azBk7h02NFtj6M9gRK-w
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=503634072&t=pageview&_s=1&dl=https%3A%2F%2Fwww.flytradewind.com%2F&ul=en-us&de=UTF-8&dt=Scheduled%20and%20Private%20Charter%20Flights%20%7C%20Tradewind%20Aviation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAABBAAAAC~&jid=1863328099&gjid=55693797&cid=425392568.1666671558&tid=UA-480359-1&_gid=1265595279.1666671558&_r=1&gtm=2wgaj0MMW5QCK&z=1568355732
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.flytradewind.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 04:19:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.flytradewind.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api.ipify.org/
24 B
261 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.20.78.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-78-240.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e40c72156b11be8721638bb90cc34c0af5e2f2c84eb49adbabc88cadeb4aced2

Request headers

Accept
application/json
Referer
https://www.flytradewind.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 25 Oct 2022 04:19:18 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.flytradewind.com
Connection
keep-alive
Content-Length
24
/
api.ipify.org/ Frame
0
0
Preflight
General
Full URL
https://api.ipify.org/?format=json
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.20.78.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-78-240.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.flytradewind.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
https://www.flytradewind.com
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Tue, 25 Oct 2022 04:19:17 GMT
Server
Cowboy
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
Via
1.1 vegur
anchor
www.google.com/recaptcha/api2/ Frame 5E6F
42 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ_b0UAAAAAD7figKBucPwVzUR_dINpJKM0DMX&co=aHR0cHM6Ly93d3cuZmx5dHJhZGV3aW5kLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=umu5fnuk8z62
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e82908b0c5a99fbae12b314203184d25dd18e1624f8313fd273dff90af69439e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iRKxxYI3a78fyBKy1_scUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.flytradewind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22249
content-security-policy
script-src 'report-sample' 'nonce-iRKxxYI3a78fyBKy1_scUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 04:19:17 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
hasher.js
static.sojern.com/cip/ Frame 19A6
18 KB
18 KB
Script
General
Full URL
https://static.sojern.com/cip/hasher.js
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=cdjrrg-ynrxs-mjs2g-anxgf-93hmq&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.188.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=cdjrrg-ynrxs-mjs2g-anxgf-93hmq&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:00:08 GMT
age
1149
x-guploader-uploadid
ADPycdvueJW9M6scKi3E6jO-LDEXOd1eifCw2y65HjL3_FfNHwNOodG7MEAe9IiaWc3kvkjao-xoPdh-kAeNlER4pvh9xg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18469
last-modified
Tue, 07 Dec 2021 16:23:19 GMT
server
UploadServer
etag
"676881567863e15eb1b6aa81b384455c"
x-goog-generation
1638894199335821
x-goog-hash
crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
18469
accept-ranges
bytes
expires
Tue, 25 Oct 2022 05:00:08 GMT
create_params.js
static.sojern.com/utils/ Frame 19A6
4 KB
4 KB
Script
General
Full URL
https://static.sojern.com/utils/create_params.js
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=cdjrrg-ynrxs-mjs2g-anxgf-93hmq&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.188.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
02b02be496e69e49f701452a382cdb4a194e299c93dbb04b810fdfc2202ba1e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=cdjrrg-ynrxs-mjs2g-anxgf-93hmq&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:14:20 GMT
age
297
x-guploader-uploadid
ADPycdv9Z8lmBJp2g3Dz0FbmZ98mOFMLiDTJhWdcSwGdNQhvrkoeh34sGXXaCa6MDYvwIe6Eul2ToMVDx-VI36NFsdbPeQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4254
last-modified
Tue, 28 Jun 2022 09:19:26 GMT
server
UploadServer
etag
"8cd8e4fb2688fa4187547e1314b4f383"
x-goog-generation
1656407966894244
x-goog-hash
crc32c=q4e+bw==, md5=jNjk+yaI+kGHVH4TFLTzgw==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
4254
accept-ranges
bytes
expires
Tue, 25 Oct 2022 05:14:20 GMT
317218
beacon.sojern.com/pixel/p/ Frame 19A6
4 KB
1 KB
Script
General
Full URL
https://beacon.sojern.com/pixel/p/317218?f_v=v6_js&p_v=1&id=317218&cid=&f_v=v6_js&p_v=1&version=2&vid=hot&domain=https%3A%2F%2Fwww.flytradewind.com%2F&s=ccid_auto&ccid=cdjrrg-ynrxs-mjs2g-anxgf-93hmq&et=hc
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=cdjrrg-ynrxs-mjs2g-anxgf-93hmq&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
b878cc5d2142b8aa6b3a9f32ad93781fa395e7ca01366fdaff07d333604f6b09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:17 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding
content-type
application/javascript
p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
734
styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 5E6F
52 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ_b0UAAAAAD7figKBucPwVzUR_dINpJKM0DMX&co=aHR0cHM6Ly93d3cuZmx5dHJhZGV3aW5kLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=umu5fnuk8z62
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Oct 2023 18:41:11 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 5E6F
396 KB
158 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ_b0UAAAAAD7figKBucPwVzUR_dINpJKM0DMX&co=aHR0cHM6Ly93d3cuZmx5dHJhZGV3aW5kLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=umu5fnuk8z62
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161341
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Oct 2023 18:41:15 GMT
src=11013503;dc_pre=COzusrHD-voCFQ7Lsgod2asNyQ;type=homep0;cat=trade0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;...
adservice.google.com/ddm/fls/z/ Frame 19A6
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=11013503;type=homep0;cat=trade0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_7...
  • https://ad.doubleclick.net/ddm/activity/src=11013503;dc_pre=COzusrHD-voCFQ7Lsgod2asNyQ;type=homep0;cat=trade0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%...
  • https://adservice.google.com/ddm/fls/z/src=11013503;dc_pre=COzusrHD-voCFQ7Lsgod2asNyQ;type=homep0;cat=trade0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7...
42 B
494 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/src=11013503;dc_pre=COzusrHD-voCFQ7Lsgod2asNyQ;type=homep0;cat=trade0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=cdjrrg-ynrxs-mjs2g-anxgf-93hmq&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Protocol
H2
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 04:19:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Oct 2022 04:19:18 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adservice.google.com/ddm/fls/z/src=11013503;dc_pre=COzusrHD-voCFQ7Lsgod2asNyQ;type=homep0;cat=trade0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdX
pixel.sojern.com/idSync/ Frame 19A6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=kfm6qEioVtqH55p-qqwvYQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=Jf_1BW35LT4Nqx5dH-auABIXBuGeEUPc9zFxGdV5uLxjTN5bE1T...
  • https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=kfm6qEioVtqH55p-qqwvYQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=Jf_1BW35LT4Nqx5dH-auABIXBuGeEUPc9zFxGdV5uLxjTN5bE1T...
  • https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=Jf_1BW35LT4Nqx5dH-auABIXBuGeEUPc9zFxGdV5uLxjTN5bE1TLeOsaf1drh_hC&sjrn_ula=6716875213&google_gid=CAESEM_hebM7PBhwkF44dQwf3GA&google_cver=1
42 B
58 B
Image
General
Full URL
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=Jf_1BW35LT4Nqx5dH-auABIXBuGeEUPc9zFxGdV5uLxjTN5bE1TLeOsaf1drh_hC&sjrn_ula=6716875213&google_gid=CAESEM_hebM7PBhwkF44dQwf3GA&google_cver=1
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=cdjrrg-ynrxs-mjs2g-anxgf-93hmq&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Protocol
H3
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Tue, 25 Oct 2022 04:19:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 25 Oct 2022 04:19:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=Jf_1BW35LT4Nqx5dH-auABIXBuGeEUPc9zFxGdV5uLxjTN5bE1TLeOsaf1drh_hC&sjrn_ula=6716875213&google_gid=CAESEM_hebM7PBhwkF44dQwf3GA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
413
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
fcmatch.youtube.com/ Frame 19A6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_hm=kfm6qEioVtqH55p-qqwvYQ&google_nid=sojern_adh
  • https://cm.g.doubleclick.net/pixel?google_hm=kfm6qEioVtqH55p-qqwvYQ&google_nid=sojern_adh&google_tc=
  • https://fcmatch.google.com/pixel?google_gm=AMnCDopKc1dPkoNDcM78s0ooI_CHlIFOaZqP2CQnvfpHeT0uJcaUsJZVylGwz_KqW0s5sKrnZR2rOQlGQPY6HM5BxXUdZ-Wmh8GSV3egIldMyva70nJh-YE
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDopKc1dPkoNDcM78s0ooI_CHlIFOaZqP2CQnvfpHeT0uJcaUsJZVylGwz_KqW0s5sKrnZR2rOQlGQPY6HM5BxXUdZ-Wmh8GSV3egIldMyva70nJh-YE
170 B
525 B
Image
General
Full URL
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopKc1dPkoNDcM78s0ooI_CHlIFOaZqP2CQnvfpHeT0uJcaUsJZVylGwz_KqW0s5sKrnZR2rOQlGQPY6HM5BxXUdZ-Wmh8GSV3egIldMyva70nJh-YE
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=cdjrrg-ynrxs-mjs2g-anxgf-93hmq&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Protocol
H2
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 04:19:18 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Oct 2022 04:19:18 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopKc1dPkoNDcM78s0ooI_CHlIFOaZqP2CQnvfpHeT0uJcaUsJZVylGwz_KqW0s5sKrnZR2rOQlGQPY6HM5BxXUdZ-Wmh8GSV3egIldMyva70nJh-YE
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
apn
pixel.sojern.com/idsync/ Frame 19A6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=Jf_1BW35LT4Nqx5dH-auABIXBuGeEUPc9zFxGdV5uLxjTN5bE1TLeOsaf1drh_hC
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DJf_1BW35LT4Nqx5dH-auABIXBuGeEUPc9zFxGdV5uLxjTN5bE1TLeOsaf1drh_hC
  • https://pixel.sojern.com/idsync/apn?id=2809616104358720859&sjrn_id=Jf_1BW35LT4Nqx5dH-auABIXBuGeEUPc9zFxGdV5uLxjTN5bE1TLeOsaf1drh_hC
42 B
275 B
Image
General
Full URL
https://pixel.sojern.com/idsync/apn?id=2809616104358720859&sjrn_id=Jf_1BW35LT4Nqx5dH-auABIXBuGeEUPc9zFxGdV5uLxjTN5bE1TLeOsaf1drh_hC
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=cdjrrg-ynrxs-mjs2g-anxgf-93hmq&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Protocol
H2
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Tue, 25 Oct 2022 04:19:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 04:19:17 GMT
AN-X-Request-Uuid
ba20a6b3-1595-4276-9d4a-2f596aa9fd94
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://pixel.sojern.com/idsync/apn?id=2809616104358720859&sjrn_id=Jf_1BW35LT4Nqx5dH-auABIXBuGeEUPc9zFxGdV5uLxjTN5bE1TLeOsaf1drh_hC
Connection
keep-alive
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 19A6
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=Jf_1BW35LT4Nqx5dH-auABIXBuGeEUPc9zFxGdV5uLxjTN5bE1TLeOsaf1drh_hC&ttd_tpi=1
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=cdjrrg-ynrxs-mjs2g-anxgf-93hmq&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 25 Oct 2022 04:19:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
01fc6155-c6fe-4e58-bc81-3a62886e7d99
pp.signalayer.com/
2 B
260 B
Fetch
General
Full URL
https://pp.signalayer.com/01fc6155-c6fe-4e58-bc81-3a62886e7d99
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.12.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-12-113.compute-1.amazonaws.com
Software
nginx/1.15.8 / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, application/xml, text/play, text/html, *.*
Referer
https://www.flytradewind.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:18 GMT
server
nginx/1.15.8
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type,Authorization
content-length
2
01fc6155-c6fe-4e58-bc81-3a62886e7d99.json
data.tooltip.io/player/fetch/
54 B
516 B
Fetch
General
Full URL
https://data.tooltip.io/player/fetch/01fc6155-c6fe-4e58-bc81-3a62886e7d99.json
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:cc00:6:36e8:9f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e099629cd81ad69ae59437b8d17f8c059695cc385f1493af5f3a6cce4c994f7

Request headers

Accept
application/json, application/xml, text/play, text/html, *.*
Referer
https://www.flytradewind.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:19 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified
Sat, 22 Oct 2022 08:05:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
"21c5d7ac3026c86f166a0e24b12b2b5d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
content-length
54
x-amz-cf-id
PrM_zBdWZYLWsY4rc9hOt54lxodS-tdkLDxAPxUfS4kUYz2S4en_sg==
webworker.js
www.google.com/recaptcha/api2/ Frame 5E6F
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ_b0UAAAAAD7figKBucPwVzUR_dINpJKM0DMX&co=aHR0cHM6Ly93d3cuZmx5dHJhZGV3aW5kLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=umu5fnuk8z62
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
deaf5a4d4987d3198c038ffa6ebfb7b3aefc084c71d8f02805e918d25096412a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ_b0UAAAAAD7figKBucPwVzUR_dINpJKM0DMX&co=aHR0cHM6Ly93d3cuZmx5dHJhZGV3aW5kLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=umu5fnuk8z62
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 25 Oct 2022 04:19:18 GMT
reload
www.google.com/recaptcha/api2/ Frame 5E6F
32 KB
18 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LdJ_b0UAAAAAD7figKBucPwVzUR_dINpJKM0DMX
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ff69e7f54991b3ce626e231e028caa54c358db57a4f210cfc667c8d64f58e6f6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ_b0UAAAAAD7figKBucPwVzUR_dINpJKM0DMX&co=aHR0cHM6Ly93d3cuZmx5dHJhZGV3aW5kLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=umu5fnuk8z62
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Tue, 25 Oct 2022 04:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18675
x-xss-protection
1; mode=block
expires
Tue, 25 Oct 2022 04:19:18 GMT
refill
www.flytradewind.com/wp-json/contact-form-7/v1/contact-forms/287/
2 B
366 B
Fetch
General
Full URL
https://www.flytradewind.com/wp-json/contact-form-7/v1/contact-forms/287/refill
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/app/plugins/contact-form-7/includes/js/index.js?ver=5.5.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 / PHP/7.4.3
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, */*;q=0.1
Referer
https://www.flytradewind.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:18 GMT
x-content-type-options
nosniff
server
nginx/1.11.10
x-powered-by
PHP/7.4.3
allow
GET
vary
Origin
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-robots-tag
noindex
link
<https://www.flytradewind.com/wp-json/>; rel="https://api.w.org/"
content-length
2
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
refill
www.flytradewind.com/wp-json/contact-form-7/v1/contact-forms/1442/
2 B
366 B
Fetch
General
Full URL
https://www.flytradewind.com/wp-json/contact-form-7/v1/contact-forms/1442/refill
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/app/plugins/contact-form-7/includes/js/index.js?ver=5.5.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.146.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-34.compute-1.amazonaws.com
Software
nginx/1.11.10 / PHP/7.4.3
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, */*;q=0.1
Referer
https://www.flytradewind.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:19:18 GMT
x-content-type-options
nosniff
server
nginx/1.11.10
x-powered-by
PHP/7.4.3
allow
GET
vary
Origin
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-robots-tag
noindex
link
<https://www.flytradewind.com/wp-json/>; rel="https://api.w.org/"
content-length
2
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
traveler-2-300x113.png
s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02194152/
8 KB
8 KB
Image
General
Full URL
https://s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02194152/traveler-2-300x113.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.174.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7d5a3c5ca70c587f25cb141f64613d465869c0d22ebfac07938310230fddc7f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 04:19:20 GMT
Last-Modified
Fri, 26 Nov 2021 16:11:55 GMT
Server
AmazonS3
x-amz-request-id
XFF4EYAEAT88V8C1
ETag
"3921fd18077db73dec0422475d7f6fa2"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
7708
x-amz-id-2
5haWuYmkIJmmmQg6lYnchGG4Vj0FNdOms0DXizYQreHReSK29FPHTqXywiYtid4jqWTFN8jB3sg=
Expires
Sat, 26 Nov 2022 16:11:54 GMT
logo.svg
s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/22201814/
8 KB
4 KB
Image
General
Full URL
https://s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/22201814/logo.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.174.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5c9a38c9b9da63118d5c210d9581d0d98353085c79085d8a80097528888c9aed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 04:19:20 GMT
Content-Encoding
gzip
Last-Modified
Sun, 22 Aug 2021 20:18:15 GMT
Server
AmazonS3
x-amz-request-id
XFF3W3JQBJ0610ZD
ETag
"3fc05618fe524718003c4f7fa7c10f3b"
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
3735
x-amz-id-2
5xz0/IF/BzEjGk8pN01iydL2Qc5OvfxyTFNCi8VBgJEuCUtxmRu81YKC3Fb2douPgi2EC2ZHXGc=
Expires
Mon, 22 Aug 2022 20:18:14 GMT
forbes-2-1-300x117.png
s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02194158/
5 KB
6 KB
Image
General
Full URL
https://s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02194158/forbes-2-1-300x117.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.174.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e19446cd678134715f1edb8c3f65cee5ea7f4a048715be96779877f873c49897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 04:19:20 GMT
Last-Modified
Fri, 26 Nov 2021 16:12:07 GMT
Server
AmazonS3
x-amz-request-id
XFF6JKEQR5K3G0C2
ETag
"a71402793eac6cff584880557ed02217"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
5605
x-amz-id-2
8jqgIUEASC6FqrVKkPB70MJNUviUJmTsVbl23cKPhjmzLI1f0T8Bnaj2RqVKf/HZ9dhukopbGyU=
Expires
Sat, 26 Nov 2022 16:12:05 GMT
kisspng-town-country-new-york-city-magazine-people-tellu-town-square-5b227e5b0bbdc0.4110110615289872270481-1-300x52.png
s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/22202648/
5 KB
5 KB
Image
General
Full URL
https://s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/22202648/kisspng-town-country-new-york-city-magazine-people-tellu-town-square-5b227e5b0bbdc0.4110110615289872270481-1-300x52.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.174.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
483bac9502555809b16c4a6d4c5f06a5a838e397d3147fb80be7092c9f7e22c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 04:19:20 GMT
Last-Modified
Fri, 26 Nov 2021 20:31:23 GMT
Server
AmazonS3
x-amz-request-id
XFF9NV9PMZ58DV6S
ETag
"f9687e1989348e0fea524775ececfd63"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
4825
x-amz-id-2
xAa0z/+JfFslgCBCncpycQIxAyKdohhUtaj0/eIxhArb7bnD8r+dn4wsAC3c9oERa4Z8vRvAmyY=
Expires
Sat, 26 Nov 2022 20:31:22 GMT
cover-2-scaled.jpeg.webp
s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02193305/
37 KB
37 KB
Image
General
Full URL
https://s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02193305/cover-2-scaled.jpeg.webp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.174.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6922ed6653e75d7dfc969ea221e620dfb5f02623b1c2aa03a4c7f792ddbb12ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 04:19:20 GMT
Last-Modified
Fri, 26 Nov 2021 16:09:23 GMT
Server
AmazonS3
x-amz-request-id
XFF1PDJC7SY0WMPA
ETag
"6761e8577315f4e4e5e8f819e8b93fad"
Content-Type
image/webp
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
37534
x-amz-id-2
bkbGuBOl7J2dFYCgyxzLMRlnXH9KhpZo76ohrSgfh9omIomJtCQEex/n5xP1yjzrPeK33Ui18do=
Expires
Sat, 26 Nov 2022 16:09:20 GMT
home_1-1.mp4
s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02100114/
49 KB
0
Media
General
Full URL
https://s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02100114/home_1-1.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.174.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.flytradewind.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 25 Oct 2022 04:19:20 GMT
Last-Modified
Mon, 02 Aug 2021 10:01:15 GMT
Server
AmazonS3
x-amz-request-id
XFF7Q8HMG3BASARZ
ETag
"e55314a759216667d362e9abdbf7f365"
Content-Type
video/mp4
Content-Range
bytes 0-3631492/3631493
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
3631493
x-amz-id-2
u2f7oH4OnNgdZpL3p4ElttYPS4je5+VDyYR2i4qEq7vlcH0nG5hZXaZlcKRdz+RLNDS6n9R6/rY=
Expires
Tue, 02 Aug 2022 10:01:14 GMT
home_1-1.mp4
s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02100114/
26 KB
27 KB
Media
General
Full URL
https://s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02100114/home_1-1.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.174.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
eac5380294ca3c422c83f59fc1b9b0f55870b221d60edbc12b0eb61954cd2ffc

Request headers

Referer
https://www.flytradewind.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range
bytes=3604480-

Response headers

Date
Tue, 25 Oct 2022 04:19:20 GMT
Last-Modified
Mon, 02 Aug 2021 10:01:15 GMT
Server
AmazonS3
x-amz-request-id
XFF5ZCQZ70RKDV09
ETag
"e55314a759216667d362e9abdbf7f365"
Content-Type
video/mp4
Content-Range
bytes 3604480-3631492/3631493
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
27013
x-amz-id-2
c2a50bEFSwmWqhsIt4TJLZbclfFVjdbVubhUJX3gQQTmfdA/D34UcO2BbGjm0mGq1dkdaHD41FM=
Expires
Tue, 02 Aug 2022 10:01:14 GMT
home_1-1.mp4
s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02100114/
3 MB
0
Media
General
Full URL
https://s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02100114/home_1-1.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.174.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.flytradewind.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range
bytes=32768-

Response headers

Date
Tue, 25 Oct 2022 04:19:20 GMT
Last-Modified
Mon, 02 Aug 2021 10:01:15 GMT
Server
AmazonS3
x-amz-request-id
XFFDRQFA3042CZJ4
ETag
"e55314a759216667d362e9abdbf7f365"
Content-Type
video/mp4
Content-Range
bytes 32768-3631492/3631493
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
3598725
x-amz-id-2
YaGgVLvHUp0of2s8IZrcGgyhxgexrAAxX3GNydX39PO+70BFc75mf+o4QFztLZX9rSKpqhcy4no=
Expires
Tue, 02 Aug 2022 10:01:14 GMT

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation undefined| $ function| jQuery object| dataLayer object| predefined_search object| wpcf7 object| azdsDefaultSettings object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| wpcf7_recaptcha object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| directions object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate function| getBreakpoints function| removeA function| setCookie function| deleteCookie function| getCookie function| validateEmail function| confirmationDialog function| urlHasVars function| removeHash function| parseHash function| delay function| getBrowserInfo number| loadLazyScriptsTimer object| userInteractionEvents function| triggerScriptLoader function| loadScripts function| preloaderDone function| flatpickr function| LazyLoad function| controlsPlugin function| rangePlugin function| timeListPlugin object| gridBreakPoints object| selectedBlock object| wayType function| apc function| FuzzySearch object| Tooltip function| Swiper object| Data object| EventHandler object| Manipulator object| SelectorEngine function| Base function| Tab string| key object| ply boolean| plyInitialized function| deml function| sjrn_cipher function| sjrn_wfe function| sjrn_e function| feml function| sjrn_heml function| sjrn_ccid function| sjrn_ga function| sjrn_run string| value object| parts object| ga_ids object| matched_set object| first_matched object| matched boolean| domain_match number| referrer_match string| auto_eml_domain object| sjrn_eml object| sjrn_params object| gaplugins object| gaGlobal object| gaData object| Outlog object| recaptcha object| closure_lm_942868 string| currentIp object| Signalayer object| slide

14 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AHtfOcgzaa0z8RYTad_sQs3RQ1i7lLpsWe8ctfkA5crtk9GEIY6QAeJBRHGVrkGhK2gqmvxdjVs3Mh_MxQBdh6s
www.flytradewind.com/ Name: _ply_first_visit_page
Value: /
www.flytradewind.com/ Name: _ply_first_visit
Value: 1666671557000
www.flytradewind.com/ Name: _ply_last_visit
Value: 1666671557000
www.flytradewind.com/ Name: _ply
Value: 47d2b7530d38385d9442bd10e71d2d52
.flytradewind.com/ Name: _ga
Value: GA1.2.425392568.1666671558
.flytradewind.com/ Name: _gid
Value: GA1.2.1265595279.1666671558
.flytradewind.com/ Name: _gat_UA-480359-1
Value: 1
.adnxs.com/ Name: uuid2
Value: 2809616104358720859
.sojern.com/ Name: cid
Value: 91f9baa8-48a8-56da-87e7-9a7eaaac2f61#1666656000000
.sojern.com/ Name: apnid
Value: 2809616104358720859
www.flytradewind.com/ Name: _sl_ping_marker
Value: initial
.doubleclick.net/ Name: IDE
Value: AHWqTUk8fE8jK7uR-L_tWyEf50wG-mQzuScS_cY9U1wokU_4UxgwE_kccTMKMYm2PBY
.sojern.com/ Name: gid
Value: CAESEM_hebM7PBhwkF44dQwf3GA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
api.ipify.org
beacon.sojern.com
cdn.tooltip.io
cm.g.doubleclick.net
data.tooltip.io
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
ib.adnxs.com
match.adsrvr.org
pixel.sojern.com
pp.signalayer.com
s3.amazonaws.com
static.marketingcdn.net
static.sojern.com
tracker.personizely.net
www.flytradewind.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.personizely.net
107.178.244.119
172.217.16.198
172.217.18.2
2600:9000:223d:cc00:6:36e8:9f00:93a1
2606:4700:3031::ac43:d292
2606:4700:3032::6815:45ac
2606:4700:3034::6815:5f66
2a00:1450:4001:806::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2004
2a0b:4d07:101::1
3.215.146.34
34.239.12.113
35.244.188.9
35.71.131.137
37.252.173.215
52.20.78.240
52.217.174.128
0168928274741e90968146c44cb2213df57cb40922c7bb42ca2b27be7a088265
02b02be496e69e49f701452a382cdb4a194e299c93dbb04b810fdfc2202ba1e0
04bb69545c5ebe6436e4bb5d65e9f8384a1f174eed6cab3bcabfd30dea3ed5fe
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
28b2899bb3c248a684effa9094061fa81876e82cc61df1a7cff46902b085d54f
2b21ebb47d15e878d5fc3f7b5e00dbc4df42e8b0d9a26cbd2aac43b7ab6ca23a
36231d9ccbf4581029b3733c99c07b587ce56a7113b74ae7c0c0a083aec38029
37abddfb7a9e55f634b5395e678101454952747efb16dce8ce74ea59b9f18a39
4603551cec51635aac0570a21e523be89401c1adf44755a9b5c9ca24657b6a4d
483bac9502555809b16c4a6d4c5f06a5a838e397d3147fb80be7092c9f7e22c7
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4d46b9cf533d460ad479908c269a802f8bd08c5b44dfefccff56c0e327ae4ff2
4ded3d2799d579fac2859f32ab75cf32cbc5c967d3424436245bb33095c77369
4e099629cd81ad69ae59437b8d17f8c059695cc385f1493af5f3a6cce4c994f7
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52cad65ce87876520c3352eb31455c22332a3bcd6ad392a10ac2d3afbb6b0297
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a4af6c31c77f1df984a4c9009659ab0dcaee896bd1e28751a3c47f2a682d8ea
5bd42875cca5d757db0ebc7a06af4c1f69f793144963ed475ae454f883e8e307
5c9a38c9b9da63118d5c210d9581d0d98353085c79085d8a80097528888c9aed
5e1162eee6294593f45863829349350729495263a59ecd9e63525de0979c04c3
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
6922ed6653e75d7dfc969ea221e620dfb5f02623b1c2aa03a4c7f792ddbb12ca
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb087bd377229f8b7dc9cc77d14cf7829661950f4d97a0723bf856464c43c4c
6d902a642aaf983c5aa8b5b41985c51dcc23b24cd6c5b2bccb219b693247dfbc
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
706ae8b1c189658b26057365b69835892e3ea1e60a784746e4e55f313a8dbe82
72b05bc3c7050f8f5ac74385342728e543456f762031a40d1da34a7f01a8273d
7a6a0e0209f4d6005e8ec73b9c446aae0d7e5160971d325e59145f671ee0dc63
7b4d6c961422afd3f1e6081b4c91612fa03568e19f3bc7bdfcb8198c3493e95a
7d5a3c5ca70c587f25cb141f64613d465869c0d22ebfac07938310230fddc7f1
82679e10aeb7f31678e05071d750c9b5415b91ccef260cfb4d6f7a80bba0efe5
88a5718ccf0d8e0cefb70d4416b61c215bf4b324391070fad2f8f0dedba5a288
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f92c23610d65aa0524b3e394d7318d440f9913cf26bed9d717e37f160dde4c3
906ba97c9e3365be3f9b418f3d56349e0ec5c128d99b5134c0c586d5a4586f09
9de03a3b6cb1923d73e3cbeaa395ad5eb8f8b82c666ab1015117b67cde911d18
a22badee8cd482794deae8129e2c5238d07f67190c200490200489f4c6557643
a66ac891d92873b1493d1e8c68c7ff8c0df0ed39c18d7b22539723d23f5ea8c1
a968f482a73e8e8faf0032ad6e172d458b89725e88e5f0b7b16eb8cac332c308
aedc83e4448429f4e42a935882bfbb94c070b79514d8019ba9b1ab62acf2d25d
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b878cc5d2142b8aa6b3a9f32ad93781fa395e7ca01366fdaff07d333604f6b09
bc54cffe2cfaed80c1f1117c2bd7aa983e22b2d629d8b6d7785a4c91368acc6a
c482e04ba22cc76980cab50a08ab6777603d3ed2680d3e2bbae5af0555ed2fe7
c9b0b47b1bd04b9a0c52c61c3db1c7b87dc11915d21772577898787c4a040293
ce9da6c80827c2db1607b0f5ad8df66f1043a4650d8f7dd2a50ad550443753e3
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce
d53b8656b8f584f2303e2ca2e8be93d17c0245e7d62c419c79f701c4219b30cd
d5a470acd663d3c61ea613f7de9dc4f0fe474fa47e4fc66d137b3dc37f5590cd
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
dd23ecb31245d58dd8fbd954c9968bab217607fa0b692e6362524b69f9d18b43
deaf5a4d4987d3198c038ffa6ebfb7b3aefc084c71d8f02805e918d25096412a
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f
df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b
e0007e572d7011ed0930afa4e079ca31ee3bbfe7eac4efcf604339f70d72a0d1
e19446cd678134715f1edb8c3f65cee5ea7f4a048715be96779877f873c49897
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40c72156b11be8721638bb90cc34c0af5e2f2c84eb49adbabc88cadeb4aced2
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e82908b0c5a99fbae12b314203184d25dd18e1624f8313fd273dff90af69439e
eac5380294ca3c422c83f59fc1b9b0f55870b221d60edbc12b0eb61954cd2ffc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f31aa8c0cf4d6156f180f3bd059a2433b8aab417033bcd1493440a4fa834a041
ff69e7f54991b3ce626e231e028caa54c358db57a4f210cfc667c8d64f58e6f6