simpleflying.com Open in urlscan Pro
34.233.113.241 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app.getresponse.com/click.html?x=a62b&lc=hMxY1B&mc=Iw&s=BEC42xl&u=ybXJD&z=EwelFHv&
Effective URL:
https://simpleflying.com/ita-airways-bidding-closes/
Submission: On August 22 via manual (August 22nd 2022, 12:45:56 pm UTC) from FI — Scanned from FI

Summary HTTP 119 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 50 IPs in 9 countries across 43 domains to perform 119 HTTP transactions. The main IP is 34.233.113.241, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is simpleflying.com. The Cisco Umbrella rank of the primary domain is 139758.
TLS certificate: Issued by R3 on June 6th 2022. Valid for: 3 months.

This is the only time simpleflying.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.160.64.9 104.160.64.9	46469 (GETRESPON...) (GETRESPONSE-IMPLIX)
13	34.233.113.241 34.233.113.241	14618 (AMAZON-AES) (AMAZON-AES)
5	2606:4700:10:... 2606:4700:10::6816:4aea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	54.144.151.126 54.144.151.126	14618 (AMAZON-AES) (AMAZON-AES)
3	18.66.139.110 18.66.139.110	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
7	2600:1901:0:f... 2600:1901:0:f8d1::1	15169 (GOOGLE) (GOOGLE)
1	35.86.50.147 35.86.50.147	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
5	52.222.209.55 52.222.209.55	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	52.25.0.70 52.25.0.70	16509 (AMAZON-02) (AMAZON-02)
5	116.202.159.137 116.202.159.137	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:27::... 2620:1ec:27::cafe:1959	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	52.84.106.46 52.84.106.46	16509 (AMAZON-02) (AMAZON-02)
1	92.123.21.200 92.123.21.200	16625 (AKAMAI-AS) (AKAMAI-AS)
1	44.238.206.49 44.238.206.49	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:8c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.6 143.204.215.6	16509 (AMAZON-02) (AMAZON-02)
2 3	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c0d::9a	15169 (GOOGLE) (GOOGLE)
21	2600:9000:205... 2600:9000:2057:ea00:1a:5235:f980:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a00:1450:400... 2a00:1450:400e:80c::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	2600:9000:206... 2600:9000:206e:9e00:1:6448:6d00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.67.157.21 3.67.157.21	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700::68... 2606:4700::6813:ac6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2600:1f18:612... 2600:1f18:612b:4264:e0e1:1325:9af4:ac16	14618 (AMAZON-AES) (AMAZON-AES)
1 1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	72.251.249.9 72.251.249.9	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	23.50.131.213 23.50.131.213	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 3	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	15.188.216.240 15.188.216.240	16509 (AMAZON-02) (AMAZON-02)
1	18.192.39.116 18.192.39.116	16509 (AMAZON-02) (AMAZON-02)
1	18.198.87.118 18.198.87.118	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	54.171.211.68 54.171.211.68	16509 (AMAZON-02) (AMAZON-02)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
119	50

1 104.160.64.9 (United States) 1 redirects

ASN46469 (GETRESPONSE-IMPLIX, US)
PTR: norevdns.getresponse.com

app.getresponse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.233.113.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-113-241.compute-1.amazonaws.com

simpleflying.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:4aea (United States)

ASN13335 (CLOUDFLARENET, US)

static1.simpleflyingimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.151.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-151-126.compute-1.amazonaws.com

adsninja.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.139.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-110.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1901:0:f8d1::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

childlikeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.86.50.147 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-86-50-147.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.209.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-55.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.25.0.70 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-0-70.us-west-2.compute.amazonaws.com

seg.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 116.202.159.137 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy02.cl01.k8s.mrf.io

mbid.marfeelrev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1959 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.106.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-106-46.bud50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.21.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-21-200.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.206.49 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-206-49.us-west-2.compute.amazonaws.com

id.halo.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:8c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-6.fra53.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:2057:ea00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206e:9e00:1:6448:6d00:93a1 (United States)

ASN16509 (AMAZON-02, US)

video.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.157.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-157-21.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:ac6c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.116 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4264:e0e1:1325:9af4:ac16 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

mb9eo.publishers.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.50.131.213 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-213.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.153 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.188.216.240 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-216-240.eu-west-3.compute.amazonaws.com

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.39.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-39-116.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.87.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-87-118.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.211.68 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-211-68.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	primis.tech live.primis.tech — Cisco Umbrella Rank: 3304 video.primis.tech — Cisco Umbrella Rank: 5870	721 KB
13	simpleflying.com simpleflying.com — Cisco Umbrella Rank: 139758	394 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 512 c.clarity.ms — Cisco Umbrella Rank: 954 f.clarity.ms — Cisco Umbrella Rank: 5310	26 KB
7	childlikeform.com childlikeform.com — Cisco Umbrella Rank: 35875	233 KB
6	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 327 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1064 eus.rubiconproject.com — Cisco Umbrella Rank: 582 token.rubiconproject.com — Cisco Umbrella Rank: 711	12 KB
5	adnxs.com 5 redirects secure.adnxs.com — Cisco Umbrella Rank: 463 ib.adnxs.com — Cisco Umbrella Rank: 230	5 KB
5	marfeelrev.com mbid.marfeelrev.com — Cisco Umbrella Rank: 20322	6 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 304	90 KB
5	simpleflyingimages.com static1.simpleflyingimages.com — Cisco Umbrella Rank: 194267	125 KB
4	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 492 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 493 image6.pubmatic.com — Cisco Umbrella Rank: 634	12 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 stats.g.doubleclick.net — Cisco Umbrella Rank: 108	137 KB
3	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 418 tlx.3lift.com — Cisco Umbrella Rank: 617	787 B
3	gstatic.com fonts.gstatic.com	83 KB
3	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1324 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456	3 KB
3	ad.gt a.ad.gt — Cisco Umbrella Rank: 5070 seg.ad.gt — Cisco Umbrella Rank: 10334 id.halo.ad.gt — Cisco Umbrella Rank: 4254	12 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45 region1.google-analytics.com — Cisco Umbrella Rank: 3094	20 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123	233 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 1723	87 KB
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 671	725 B
2	tremorhub.com 1 redirects mb9eo.publishers.tremorhub.com — Cisco Umbrella Rank: 6624	644 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 278	683 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 521	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	2 KB
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1517 u.openx.net — Cisco Umbrella Rank: 705	654 B
2	google.com ampcid.google.com — Cisco Umbrella Rank: 1867 www.google.com — Cisco Umbrella Rank: 9	1 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 868	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	133 KB
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 652	839 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 654	277 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1357	821 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 942	428 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 292	220 B
1	google.fi www.google.fi — Cisco Umbrella Rank: 30207	501 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 204	558 B
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1383	595 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 589	465 B
1	google.ru ampcid.google.ru — Cisco Umbrella Rank: 308452	462 B
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1301	12 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1509	17 KB
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 1340	37 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	28 KB
1	adsninja.ca adsninja.ca — Cisco Umbrella Rank: 27984	13 KB
1	getresponse.com 1 redirects app.getresponse.com — Cisco Umbrella Rank: 57931	785 B
119	43

	Domain	Requested by
21	live.primis.tech	tagan.adlightning.com live.primis.tech
13	simpleflying.com	simpleflying.com
7	childlikeform.com	simpleflying.com childlikeform.com
5	mbid.marfeelrev.com	simpleflying.com mbid.marfeelrev.com
5	c.amazon-adsystem.com	simpleflying.com c.amazon-adsystem.com live.primis.tech
5	static1.simpleflyingimages.com	simpleflying.com
3	ib.adnxs.com	3 redirects
3	video.primis.tech
3	fonts.gstatic.com	fonts.googleapis.com
3	f.clarity.ms	www.clarity.ms
3	pagead2.googlesyndication.com	simpleflying.com pagead2.googlesyndication.com
3	tagan.adlightning.com	simpleflying.com tagan.adlightning.com
2	eus.rubiconproject.com	live.primis.tech eus.rubiconproject.com
2	ad.360yield.com	2 redirects
2	mb9eo.publishers.tremorhub.com	1 redirects
2	secure.adnxs.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	eb2.3lift.com	live.primis.tech
2	sync.search.spotxchange.com	2 redirects
2	ads.pubmatic.com	tagan.adlightning.com live.primis.tech
2	fonts.googleapis.com	tagan.adlightning.com
2	pixel.rubiconproject.com
2	c.clarity.ms	1 redirects
2	ssum.casalemedia.com	1 redirects
2	securepubads.g.doubleclick.net	tagan.adlightning.com www.googletagservices.com
2	www.clarity.ms	simpleflying.com www.clarity.ms
2	unpkg.com	1 redirects simpleflying.com
2	www.google-analytics.com	simpleflying.com www.google-analytics.com
2	www.googletagmanager.com	simpleflying.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	image6.pubmatic.com	ads.pubmatic.com
1	tlx.3lift.com	live.primis.tech
1	prebid-server.rubiconproject.com	live.primis.tech
1	hbopenbid.pubmatic.com	live.primis.tech
1	ads.stickyadstv.com	1 redirects
1	ap.lijit.com
1	cs.media.net	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	csync.loopme.me	1 redirects
1	x.bidswitch.net
1	u.openx.net	tagan.adlightning.com
1	rtb.openx.net
1	www.google.fi
1	www.google.com
1	c.bing.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	geo.privacymanager.io	ats.rlcdn.com
1	static.adsafeprotected.com	tagan.adlightning.com
1	googleads.g.doubleclick.net	tagan.adlightning.com
1	ampcid.google.ru	www.google-analytics.com
1	cdn.id5-sync.com	tagan.adlightning.com
1	id.halo.ad.gt	tagan.adlightning.com
1	secure.cdn.fastclick.net	tagan.adlightning.com
1	ats.rlcdn.com	tagan.adlightning.com
1	ampcid.google.com	www.google-analytics.com
1	seg.ad.gt	simpleflying.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagservices.com	simpleflying.com
1	a.ad.gt	simpleflying.com
1	adsninja.ca	simpleflying.com
1	app.getresponse.com	1 redirects
119	61

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
facebook.com
www.instagram.com
twitter.com
www.tiktok.com
www.linkedin.com
www.pinterest.ca
anchor.fm
www.facebook.com
www.aviacionline.com
www.corriere.it
getadmiral.com

Subject Issuer	Validity	Valid
simpleflying.com R3	`2022-06-06` - `2022-09-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-04` - `2023-01-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
adsninja.ca R3	`2022-07-16` - `2022-10-14`	3 months	crt.sh
*.adlightning.com Amazon	`2022-06-09` - `2023-07-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
childlikeform.com R3	`2022-06-16` - `2022-09-14`	3 months	crt.sh
*.ad.gt Amazon	`2022-05-10` - `2023-06-08`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.cl01.k8s.mrf.io R3	`2022-08-10` - `2022-11-08`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2022-01-15` - `2023-01-17`	a year	crt.sh
halo.ad.gt Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
*.google.com.ru GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
*.primis.tech Amazon	`2021-10-28` - `2022-11-26`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.fi GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://simpleflying.com/ita-airways-bidding-closes/
Frame ID: B2CE146D0E06D6A79E042DDCBB9EF034
Requests: 74 HTTP requests in this frame

Frame: https://mbid.marfeelrev.com/static/cookie-sync.html
Frame ID: 5FF04BC2B04235F61ACABF7E79665103
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20190131/zrt_lookup.html
Frame ID: 8DC7D5DA97A973AB90BE14FEC2726036
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=109906&subId=[SF-Reg-Org]&cbuster=1661172351&pubUrlAuto=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 01E4AF4000842CA31540147D8398C38A
Requests: 27 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: 5FA2CCE7E071CA29BD3D8701DD63C33B
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=&advId=94&advUuid=5b195243-2218-11ed-b54d-1a7cb9e30106
Frame ID: CCB9BB86F2D7648C3ECE206B03E431C3
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: 209321120BDAA29186BDD87FAC990519
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=true&
Frame ID: 436DE72342458988309DAA9CD9DFB2A5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Frame ID: 8AA7D445FAB13B2C41FFCA75233D4BAB
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: 2125C611E3835A07D5E10F00D394155B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Final Countdown: Bids For ITA Airways Close At Midnightuser-signalchecklistsettings-toggle-horizontal

Page URL History Show full URLs

https://app.getresponse.com/click.html?x=a62b&lc=hMxY1B&mc=Iw&s=BEC42xl&u=ybXJD&z=EwelFHv& HTTP 302
https://simpleflying.com/ita-airways-bidding-closes/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

119
Requests

89 %
HTTPS

40 %
IPv6

43
Domains

61
Subdomains

50
IPs

9
Countries

2441 kB
Transfer

6712 kB
Size

35
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/SimpleFlyingNews

Search URL Search Domain Scan URL

URL: https://facebook.com/simpleflyingnews

Search URL Search Domain Scan URL

URL: https://www.instagram.com/simpleflyingnews

Search URL Search Domain Scan URL

URL: https://twitter.com/simple_flying

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@simpleflying

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/simple-flying

Search URL Search Domain Scan URL

URL: https://www.pinterest.ca/simpleflying/

Search URL Search Domain Scan URL

URL: https://anchor.fm/simpleflying

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F%2F&src=sdkpreparse
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=The%20Final%20Countdown%3A%20Bids%20For%20ITA%20Airways%20Close%20At%20Midnight&url=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&title=The%20Final%20Countdown%3A%20Bids%20For%20ITA%20Airways%20Close%20At%20Midnight&source=simpleflying.com&summary=German%20flag%20carrier%20Lufthansa%20is%20one%20of%20the%20interested%20parties.
Title: Share

Search URL Search Domain Scan URL

URL: https://www.aviacionline.com/2022/07/msc-lufthansa-or-certares-who-will-get-ita-airways/
Title: Aviacionline

Search URL Search Domain Scan URL

URL: https://www.corriere.it/economia/aziende/22_agosto_21/ita-airways-governo-bivio-vendita-diretta-o-nulla-fatto-c5657a2e-2117-11ed-bbcc-919072521658.shtml
Title: Corriere Della Sera

Search URL Search Domain Scan URL

URL: https://getadmiral.com/pb/?utm_source=simpleflying.com&utm_medium=pb&session=5-a3a5bdb3e9427dfc611d8b3646f23eb3-6763652d6575726f70652d7765737431-0
Title: Powered By

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://app.getresponse.com/click.html?x=a62b&lc=hMxY1B&mc=Iw&s=BEC42xl&u=ybXJD&z=EwelFHv& HTTP 302
https://simpleflying.com/ita-airways-bidding-closes/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js

Request Chain 53

https://ssum.casalemedia.com/usermatchredir?s=184550&cb= HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1

Request Chain 59

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=30CE8A1841B74BC5B7BAA36CD95FF79C&RedC=c.clarity.ms&MXFR=002AC22D66B362CC1821D02562B36C63 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=30CE8A1841B74BC5B7BAA36CD95FF79C&MUID=3F4CCAB37F9D6ACD1F47D8BB7E126BFC

Request Chain 81

https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=5b19527a-2218-11ed-b54d-1a7cb9e30106 HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=&advId=94&advUuid=5b195243-2218-11ed-b54d-1a7cb9e30106

Request Chain 87

https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=&advId=93&advUuid=d299fca6-1f21-42d1-a278-226983904a04

Request Chain 88

https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=&advId=99&advUuid=YwN6f40fpbVvQ8FWyeTqqwAAEbIAAAIB

Request Chain 91

https://ups.analytics.yahoo.com/ups/58627/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58627/occ?verify=true HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-ELCwEoFE2uECMPqlZQ8M5UzVF5_kRUrmXtqlxrM-~A&advUuid=y-ELCwEoFE2uECMPqlZQ8M5UzVF5_kRUrmXtqlxrM-~A

Request Chain 92

https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D63037a7f6ca54%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=&advId=105&advUuid=4209007844303499845

Request Chain 93

https://mb9eo.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
https://mb9eo.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D

Request Chain 94

https://cs.media.net/cksync?cs=34&type=pri&ovsid=63037a7f6ca54&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D1723987475%2526pcid%253D%3Cvsid%3E%26advId%3D127%26advUuid%3D%3Cvsid%3E HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D0000EEA&advId=127&advUuid=0000EEA

Request Chain 96

https://ads.stickyadstv.com/user-matching?id=3586&gdpr=1&gdpr_consent= HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%263rdpcid%3D0c3e98b532fcfc6c157f3bf60111f&advId=134&advUuid=0c3e98b532fcfc6c157f3bf60111f

Request Chain 101

https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmbid.marfeelrev.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526f%253Di%2526uid%253D%2524UID HTTP 302
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=7026098930653703403

Request Chain 110

https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=5fa15558-3d76-4be9-969c-ab3cd0dd7ef7

Request Chain 111

https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=4209007844303499845

119 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
simpleflying.com/ita-airways-bidding-closes/
Redirect Chain

https://app.getresponse.com/click.html?x=a62b&lc=hMxY1B&mc=Iw&s=BEC42xl&u=ybXJD&z=EwelFHv&
https://simpleflying.com/ita-airways-bidding-closes/

651 KB
118 KB

944ms
633ms

Document
text/html

34.233.113.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://simpleflying.com/ita-airways-bidding-closes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-113-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b702cc8cdb99b7a9b173d73655746acb19412681f8d5497242e262ecad909ec8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: br
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 12:45:49 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-security-policy-report-only: default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; frame-src https:; font-src https: data:; report-uri https://index-log.getresponse.com/index/marketing_csp?source=app-gr
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 12:45:48 GMT
feature-policy: accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
location: https://simpleflying.com/ita-airways-bidding-closes/
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

GET
H2 200 ITA-Airways-Airbus-A330-200-EI-EJO-(2).jpg
static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/08/ 55 KB
56 KB 168ms
56ms Image
image/avif 2606:4700:10::6816:4aea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/08/ITA-Airways-Airbus-A330-200-EI-EJO-(2).jpg?q=50&fit=contain&w=1500&h=&dpr=1.5
Requested by: Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f78bee40318da80e30bdbd868517da4cdb5965169e643c706698a8fde5c31151

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:49 GMT
cf-cache-status: HIT
age: 9524
content-disposition: inline; filename="ITA-Airways-Airbus-A330-200-EI-EJO-(2).avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56417
x-request-id: Xq20p5kKTCP0pb7oCSRMT
server: cloudflare
etag: "KAcKWb6z_qKkooxOY8caG3so1uqJzqqGTzGJoiouUVQ/RIkFqSEwzTWFTMVZoNTdFQTYzTEdGbUEi"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 73ebb531afbc991b-ARN
expires: Tue, 22 Aug 2023 10:02:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
73 KB 235ms
85ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6HWFJ4EQLT

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8f5bfde6269fe826c4b0f1d7da79ea037faa2bcddd99063a920a8ae7b1d4f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:49 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74150
x-xss-protection: 0
expires: Mon, 22 Aug 2022 12:45:49 GMT

GET
H2 200 a-article.ffb95c32.css
simpleflying.com/public/build/ 239 KB
33 KB 284ms
284ms Stylesheet
text/css 34.233.113.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://simpleflying.com/public/build/a-article.ffb95c32.css

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-113-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

40d960d2f34acea6636b72c111f60d6db68e31ce1f98bfece9d6a776df371768

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 19 Aug 2022 20:14:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62ffef28-3bdee"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Tue, 22 Aug 2023 12:45:49 GMT

GET
H2 200 dfp.js Show response
simpleflying.com/public/build/ 36 B
509 B 146ms
146ms Script
application/javascript 34.233.113.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://simpleflying.com/public/build/dfp.js

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-113-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ffc4b44e1b7402c08e5f2f702ca535e7e7083a684cda203dfdcb734cd5761aa6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 19 Aug 2022 20:14:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62ffef28-24"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Tue, 22 Aug 2023 12:45:49 GMT

GET
H2 200 valnet-header-ads.f984de39.js Show response
simpleflying.com/public/build/ 3 KB
2 KB 149ms
145ms Script
application/javascript 34.233.113.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://simpleflying.com/public/build/valnet-header-ads.f984de39.js

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-113-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7f7f9215366a526576e0e91f1e79b1e2c817921dbd9dd96f2cdf51bfe98706f5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 19 Aug 2022 20:14:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62ffef28-ba3"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Tue, 22 Aug 2023 12:45:49 GMT

GET
H2 200 adsninja_client.js Show response
adsninja.ca/ 53 KB
13 KB 606ms
294ms Script
application/javascript 54.144.151.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://adsninja.ca/adsninja_client.js?v=1659544401

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.144.151.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-144-151-126.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1ead244357de11688c2818ae28b86304e740d6581027ebced63febc0ffd19ec3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 18:26:35 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62fbe15b-d2d8"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Tue, 22 Aug 2023 12:45:50 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/valnet/ 48 KB
19 KB 223ms
74ms Script
application/javascript 18.66.139.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/valnet/op.js
Requested by: Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-110.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a84269dca33a997a8b241adf1b768390a33d12f1943627d71097c91a2a4c4cde

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: T5MA03vnD5pb5IhQGp6BXXtIN1heaPoG
content-encoding: gzip
etag: "3fedbe89822aab4eae6624c953a83c04"
age: 2360
x-cache: Hit from cloudfront
content-length: 19325
x-amz-meta-git_commit: 39123b0
last-modified: Sat, 20 Aug 2022 01:06:22 GMT
server: AmazonS3
date: Mon, 22 Aug 2022 12:06:30 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: xW9-wdEcKAF_BPmnlf114HSiuejY9om_lvcvgULx2zaGdD2G1VMFgA==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
56 KB 315ms
161ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae90da549a5bf68510a8298e23eae4c4db328383c35b60b0fd505d3cb0b80ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57253
x-xss-protection: 0
server: cafe
etag: 12786391579820205030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Aug 2022 12:45:50 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
56 KB 278ms
125ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8382598503519971

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af6434f018ec5d8eb878f699589b36b02401db7aff687bb6db56dee54ae583c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
Origin: https://simpleflying.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57173
x-xss-protection: 0
server: cafe
etag: 3227555111334701325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Aug 2022 12:45:50 GMT

GET
H2 200 valnet-footer.144b5218.js Show response
simpleflying.com/public/build/ 49 KB
14 KB 151ms
148ms Script
application/javascript 34.233.113.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://simpleflying.com/public/build/valnet-footer.144b5218.js

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-113-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5745cbcab491dfc7594b475d20aa80a5fd43b7f09d5d97533b028a9194e94713

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 19 Aug 2022 20:14:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62ffef28-c514"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Tue, 22 Aug 2023 12:45:49 GMT

GET
H2 200 valnet-footer-article.d048a54a.js Show response
simpleflying.com/public/build/ 9 KB
3 KB 152ms
149ms Script
application/javascript 34.233.113.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://simpleflying.com/public/build/valnet-footer-article.d048a54a.js

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-113-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ec267c0ec001f1dede649a96c38a3ae036a7a8b129d02025b35cc99c0427eec3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 19 Aug 2022 20:14:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62ffef28-24d2"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Tue, 22 Aug 2023 12:45:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 223ms
70ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6230
date: Mon, 22 Aug 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 22 Aug 2022 13:02:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
61 KB 86ms
83ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53CFZHZ

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca570d4eb25436159b89fc2284666ada5f637342468be247dfd8b558def52dfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61944
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Aug 2022 12:45:49 GMT

GET
H2 200 v2gcfx2ERU5kb_dukxapx69c4smqW9IVElpgfkmu-yZOmRRB_0U1OY4lV Show response
childlikeform.com/ 594 KB
101 KB 318ms
197ms Script
text/javascript 2600:1901:0:f8d1::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://childlikeform.com/v2gcfx2ERU5kb_dukxapx69c4smqW9IVElpgfkmu-yZOmRRB_0U1OY4lV

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

1cfab7cfca501474b26776422944827e7cb77756c1ff4ea3206d3f342f9c9fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "dd4e61ded1a489790ab450d75af11bf865b02a3b053069aac5aea54db2167199"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-hhc0
content-type: text/javascript; charset=utf-8
via: 1.1 google
cache-control: private, must-revalidate, max-age=21600
date: Mon, 22 Aug 2022 12:45:50 GMT
x-buildnumber: 609294353
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 v2dki52CM8TZyMJTTCco7op_-FkeiOsiId7bVJUIEZY3xETNc8rNdPQk5x_Lf8shx056eUhCyYw Show response
childlikeform.com/ 16 KB
6 KB 306ms
185ms Script
text/javascript 2600:1901:0:f8d1::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://childlikeform.com/v2dki52CM8TZyMJTTCco7op_-FkeiOsiId7bVJUIEZY3xETNc8rNdPQk5x_Lf8shx056eUhCyYw

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

403d9912aaf8b8aa888bbaf4d7374bfa4ae047d4ff37f765d15210ba4cdc8ac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
etag: "5785fb1c2ec7fe236515a8ad939a95fbbd732cfb368702e74555735e9c7ad8e9"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-hhc0
content-type: text/javascript; charset=utf-8
via: 1.1 google
cache-control: private, must-revalidate, max-age=21600
date: Mon, 22 Aug 2022 12:45:50 GMT
x-buildnumber: 609294353
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 269 Show response
a.ad.gt/api/v1/u/matches/ 10 KB
4 KB 611ms
201ms Script
application/javascript 35.86.50.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/269?url=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&ref=
Requested by: Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.86.50.147 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-86-50-147.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 1e93edaae779de82f634e824d225a2a7fba4a4bb7b6e6adf13b64f8a31b398f6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 22 Aug 2022 12:45:50 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.20.0
content-type: application/javascript

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 241ms
79ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35276b3264a552839666cfe3b4dd0d00e69ef8fd503e774aa75d52e3b0d09f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28578
x-xss-protection: 0
server: sffe
etag: "1310 / 272 of 1000 / last-modified: 1661166591"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Aug 2022 12:45:50 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 159 KB
41 KB 231ms
75ms Script
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 22 Aug 2022 12:39:24 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
last-modified: Mon, 15 Aug 2022 16:12:00 GMT
server: AmazonS3
age: 388
etag: W/"52a6bc60961c702869c58b9d159c8e37"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-P3
content-encoding: gzip
x-amz-cf-id: pHciRY2OM270hbMv-vI1ToLXF291RbGo8sjZCVsXoYw9RIM_G7iK1g==

GET
H2 200 sf-logo-full-colored-dark.e4f86e30.svg
simpleflying.com/public/build/images/ 4 KB
2 KB 146ms
146ms Image
image/svg+xml 34.233.113.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://simpleflying.com/public/build/images/sf-logo-full-colored-dark.e4f86e30.svg

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/public/build/a-article.ffb95c32.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-113-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

83503f4c964c073a8f31f45073af0a649ffabdcb01b30afa073ca69b0df90045

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/public/build/a-article.ffb95c32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 19 Aug 2022 20:14:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62ffef28-116d"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Tue, 22 Aug 2023 12:45:49 GMT

GET
H2 200 WorkSans-Bold.b1961502.woff2
simpleflying.com/public/build/fonts/ 68 KB
69 KB 147ms
147ms Font
font/woff2 34.233.113.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://simpleflying.com/public/build/fonts/WorkSans-Bold.b1961502.woff2

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/public/build/a-article.ffb95c32.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-113-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

09efd3dd55adb96a7b40b6a4b2400d356ae9d78a17f5e1ad689232b6df4e62fc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://simpleflying.com/public/build/a-article.ffb95c32.css
Origin: https://simpleflying.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
x-content-type-options: nosniff
content-length: 70096
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 19 Aug 2022 20:14:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "62ffef28-111d0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
accept-ranges: bytes
expires: Tue, 22 Aug 2023 12:45:50 GMT

GET
H2 200 icomoon.5dc39019.woff
simpleflying.com/public/build/fonts/ 20 KB
21 KB 271ms
270ms Font
font/woff 34.233.113.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://simpleflying.com/public/build/fonts/icomoon.5dc39019.woff

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/public/build/a-article.ffb95c32.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-113-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

67a3bd65ea989336425908f6b29aa33fb4d180a4cc4ae768971fd8c3008c75b1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://simpleflying.com/public/build/a-article.ffb95c32.css
Origin: https://simpleflying.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
x-content-type-options: nosniff
content-length: 20552
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 19 Aug 2022 20:14:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "62ffef28-5048"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
accept-ranges: bytes
expires: Tue, 22 Aug 2023 12:45:50 GMT

GET
H2 200 WorkSans-Regular.a4c77ad7.woff2
simpleflying.com/public/build/fonts/ 64 KB
64 KB 146ms
146ms Font
font/woff2 34.233.113.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://simpleflying.com/public/build/fonts/WorkSans-Regular.a4c77ad7.woff2

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/public/build/a-article.ffb95c32.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-113-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ff35b06ac7e5d6c94018d6cd356e3d9d74bdd768a05042144ca390209add0131

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://simpleflying.com/public/build/a-article.ffb95c32.css
Origin: https://simpleflying.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
x-content-type-options: nosniff
content-length: 65452
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 19 Aug 2022 20:14:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "62ffef28-ffac"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
accept-ranges: bytes
expires: Tue, 22 Aug 2023 12:45:50 GMT

GET
H2 200 Montserrat-Bold.3255356e.woff2
simpleflying.com/public/build/fonts/ 65 KB
66 KB 270ms
270ms Font
font/woff2 34.233.113.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://simpleflying.com/public/build/fonts/Montserrat-Bold.3255356e.woff2

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/public/build/a-article.ffb95c32.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-113-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

85c38352712041c50428f57fde76da934384f91015e46878072115f04b00f531

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://simpleflying.com/public/build/a-article.ffb95c32.css
Origin: https://simpleflying.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
x-content-type-options: nosniff
content-length: 66856
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 19 Aug 2022 20:14:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "62ffef28-10528"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
accept-ranges: bytes
expires: Tue, 22 Aug 2023 12:45:50 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
339 B 147ms
44ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6HWFJ4EQLT&gtm=2oe8h0&_p=1609571944&cid=524236018.1661172350&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661172350&sct=1&seg=0&dl=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&dt=The%20Final%20Countdown%3A%20Bids%20For%20ITA%20Airways%20Close%20At%20Midnight&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.post_id=2005177&ep.author=jake&ep.jr_editor=&ep.sr_editor=michael-doran&ep.primary_category=Airline%20News&ep.tags=%7CAirline%20News%7CEurope%7CITA%20Airways%7Citaly%7CEurope%7Cbidding%7CLufthansa%7C&ep.payment_category=news&ep.content_type=News&ep.intent=Short-Term&ep.network_category=airlines&ep.is_amp_traffic=false&ep.template=content-all&ep.is_ad_block=false&ep.classification=Standard&ep.is_subscribed_premium=false&ep.subscription_plan=free&ep.ip_address=194.34.134.148&ep.date_published=20220822&ep.date_republished=20220822
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6HWFJ4EQLT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://simpleflying.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 segments.js Show response
seg.ad.gt/api/v1/ 0
52 B 606ms
199ms Script
text/plain 52.25.0.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v1/segments.js?partner_id=269&url=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F
Requested by: Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.25.0.70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-0-70.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
server: nginx/1.20.0

GET
H/1.1 200
OK cookie-sync.html Show response
mbid.marfeelrev.com/static/ Frame 5FF0 6 KB
3 KB 289ms
85ms Document
text/html 116.202.159.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mbid.marfeelrev.com/static/cookie-sync.html
Requested by: Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.159.137 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy02.cl01.k8s.mrf.io
Software: istio-envoy /
Resource Hash: c97fc82429a0a8c24a88c64213782da0c325bebc3fc3293235c5c5bd79cb0aa0

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 22 Aug 2022 09:45:50 ART
expires: 0
last-modified: Fri, 15 Jul 2022 06:23:35 ART
pragma: no-cache
server: istio-envoy
transfer-encoding: chunked
vary: accept-encoding
x-envoy-upstream-service-time: 1

GET
H2 200 sf-logo-full-colored-light.d0a5ff5a.svg
simpleflying.com/public/build/images/ 4 KB
2 KB 201ms
201ms Image
image/svg+xml 34.233.113.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://simpleflying.com/public/build/images/sf-logo-full-colored-light.d0a5ff5a.svg

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/public/build/a-article.ffb95c32.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-113-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

96ca8d5aa2560ca4e68889153eb20bd38a031b4f8ca5c19b90c35df6ff0e6b0b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/public/build/a-article.ffb95c32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 19 Aug 2022 20:14:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62ffef28-1149"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Tue, 22 Aug 2023 12:45:50 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js

4 KB
2 KB

60ms
60ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18441008
fly-request-id: 01FSX6P2BR4Q6A18MTKY3QNRZR
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"114c-NCNEyA/dMQ5L7XGqd2v2QNXHero"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 73ebb536ad0a9927-ARN

Redirect headers

date: Mon, 22 Aug 2022 12:45:50 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GB2S5QP6XKDEDPPNFM47G2H6-fra
server: cloudflare
age: 237
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@2.1.4/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 73ebb535499e9927-ARN
access-control-allow-origin: *

GET
H2 200 8w3iven4f0 Show response
www.clarity.ms/tag/ 1 KB
2 KB 354ms
186ms Script
application/x-javascript 2620:1ec:27::cafe:1959
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/8w3iven4f0?ref=gtm2
Requested by: Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1959 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: f974ba14306dafc6c1a78bd873772cd168499d7ab4b2c26b6f5b99b4fa1f48b1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
x-powered-by: ASP.NET
x-azure-ref: 0fnoDYwAAAACgm0uWux2YQIINP0gD9SHMUk9NMzBFREdFMDUxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H3 200 ITA-Airways-Airbus-A330-202-EI-EJO-(4).jpg
static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/04/ 676 B
1 KB 107ms
54ms Image
image/avif 2606:4700:10::6816:4aea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/04/ITA-Airways-Airbus-A330-202-EI-EJO-(4).jpg?q=50&fit=crop&w=50&dpr=1.5
Requested by: Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4aea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdd268765b0443e01166abb141c5a5934f149c21ea6cd5bc8fe1f2757edfb53f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
cf-cache-status: HIT
age: 66944
content-disposition: inline; filename="ITA-Airways-Airbus-A330-202-EI-EJO-(4).avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 676
x-request-id: 5Jx4No3rleiehRdV_Wjnq
server: cloudflare
etag: "kUr-Z98hzplYQWjYJlQp6XL1NpwgNa9SvG4JVBBtxUk/RInh3UzIxR010NF9JSGlPMWZBRl9TMlEi"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 73ebb534590d15f8-ARN
expires: Mon, 21 Aug 2023 18:08:50 GMT

GET
H3 200 HS-BBY.jpeg
static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/08/ 30 KB
31 KB 109ms
57ms Image
image/avif 2606:4700:10::6816:4aea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/08/HS-BBY.jpeg?q=50&fit=crop&w=660&h=340&dpr=1.5
Requested by: Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4aea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd78a2fe4db0afda9d16c59ddfa1b54a47c812fff846e1118b4195b7ab92f7c2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
cf-cache-status: HIT
age: 33020
content-disposition: inline; filename="HS-BBY.avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31117
x-request-id: P4hY_6Cj6e_nm-qV_RxMA
server: cloudflare
etag: "rMarXIqUjRDZw1ktk-T5DgEmVRKXzGE3yb-Ovdb78-w/RImZybk5FSVUzSGpOOGlHSGdIR2JvLWci"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 73ebb534591115f8-ARN
expires: Tue, 22 Aug 2023 02:30:05 GMT

GET
H3 200 Wizz-Air-Airbus-A321-Taking-off.jpg
static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/08/ 24 KB
24 KB 199ms
147ms Image
image/avif 2606:4700:10::6816:4aea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/08/Wizz-Air-Airbus-A321-Taking-off.jpg?q=50&fit=crop&w=660&h=340&dpr=1.5
Requested by: Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4aea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb798c0df6597e01cdc87080c9a46c97b1a303c6977263441345f677902a4dca

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
cf-cache-status: HIT
age: 338950
content-disposition: inline; filename="Wizz-Air-Airbus-A321-Taking-off.avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24111
x-request-id: ybu3E-LixrDxfuQoZD9pD
server: cloudflare
etag: "rMarXIqUjRDZw1ktk-T5DgEmVRKXzGE3yb-Ovdb78-w/RInZFREF2cHFHdTZCbXJlSk9jVjE4RUEi"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 73ebb534591215f8-ARN
expires: Fri, 18 Aug 2023 14:17:44 GMT

GET
H3 200 88714_edelweissa340cedelweissair_619384.jpg
static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/08/ 13 KB
14 KB 154ms
102ms Image
image/avif 2606:4700:10::6816:4aea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.simpleflyingimages.com/wordpress/wp-content/uploads/2022/08/88714_edelweissa340cedelweissair_619384.jpg?q=50&fit=crop&w=660&h=340&dpr=1.5
Requested by: Host: simpleflying.com
URL: https://simpleflying.com/ita-airways-bidding-closes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4aea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f65b63cdc40ba4684b19f328c9b767ac9e8d553b5b840bd6ac8073048279e53

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
cf-cache-status: HIT
age: 409114
content-disposition: inline; filename="88714_edelweissa340cedelweissair_619384.avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13570
x-request-id: vvAj1lcGoj66oJ0dJ2nIC
server: cloudflare
etag: "rMarXIqUjRDZw1ktk-T5DgEmVRKXzGE3yb-Ovdb78-w/RInZWNDJLUDJkZlY5UzhDSUR0UTdpd0Ei"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 73ebb534591315f8-ARN
expires: Thu, 17 Aug 2023 18:33:16 GMT

GET
H2 200 b-39123b0-fa09635e.js Show response
tagan.adlightning.com/valnet/ 80 KB
30 KB 76ms
76ms Script
application/javascript 18.66.139.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/valnet/b-39123b0-fa09635e.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-110.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a385633f1e2fe45e65c2bc3b322d776c9bab1c9687998f764c0c83f79e2963e2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 17:41:54 GMT
content-encoding: gzip
age: 10695837
x-cache: Hit from cloudfront
content-length: 30715
x-amz-meta-git_commit: 39123b0
last-modified: Wed, 20 Apr 2022 17:41:08 GMT
server: AmazonS3
etag: "23c27c2577b9feea80aa6027bc91763c"
x-amz-version-id: JSEd0qRkBL1UzV0q0sd2GocBv7cTMBwJ
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: tknqfsNh562gC4FIJFO_aT425-K-dCjc9t0aHJKjkKn5uZqcBr-n_w==

GET
H2 200 bl-c6d1176-f9a0e351.js Show response
tagan.adlightning.com/valnet/ 122 KB
37 KB 97ms
97ms Script
application/javascript 18.66.139.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/valnet/bl-c6d1176-f9a0e351.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-110.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1597fe03a36ee79347c803bfb8045a83ec3f371a77ec320ef4fd8f91baac6f13

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 01:06:27 GMT
content-encoding: gzip
age: 214764
x-cache: Hit from cloudfront
content-length: 37880
x-amz-meta-git_commit: c6d1176
last-modified: Sat, 20 Aug 2022 01:06:02 GMT
server: AmazonS3
etag: "71c9345dca4dc594377ded1e112a137c"
x-amz-version-id: z7XZcUE70e_WxBPTczkLRdPYW9o8qcph
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: vlzxUzD3iM8VGpP30GAjJFBoH8moSjBvfDVkMloFtfJvGqKEbb_36A==

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
533 B 253ms
78ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5c4b08e25c86c8e2155f7fb34c0213ba67d57226ddd803a486fa69f8d32ec38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://simpleflying.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 pubads_impl_2022081701.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
131 KB 238ms
73ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js?cb=31069059

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 11:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133512
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 08:37:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 22 Aug 2023 11:27:45 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 302 B
784 B 279ms
112ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=simpleflying.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

0c97ac7b27e315180271371922482ee106e8ef302b7ffb1f7f30ecaeec249c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 12:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147
x-xss-protection: 0
expires: Mon, 22 Aug 2022 12:45:50 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 161ms
160ms XHR
application/json 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3741&u=https%3A%2F%2Fsimpleflying.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 8b51fff4ef0d655c6f08650b81a835b8521a4179b08118d34c2938f2a1fb6c00

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:49 GMT
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://simpleflying.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1975
x-amz-cf-id: nHDS6xdVqXv2Z3H7YgsmXIOtrD8p8DtaUT9ZvLwNbpzou47Dkjp9Ug==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 198ms
65ms XHR
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: JXufo2ctue2uysHllG2MRpKE8F0E4.a0
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 51914
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 22:19:11 GMT
server: AmazonS3
date: Mon, 22 Aug 2022 02:07:43 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: QKyriOkrH5zF3PfsAF_JPiy-AaqIUQdqGRhlksBLeFUfhuSbtdBkZw==

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
37 KB 223ms
69ms Script
application/x-javascript 52.84.106.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.106.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-106-46.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding: gzip
etag: W/"148e21f812b555a13b2a9c6b616141f4"
age: 22287
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 58acf9e97c03c481f490be71338f7f57
last-modified: Tue, 17 May 2022 11:35:33 GMT
server: AmazonS3
date: Mon, 22 Aug 2022 07:40:17 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
via: 1.1 f2cdfa9ac532d95b891a67e5bd6bab30.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: BUD50-C1
content-type: application/x-javascript
x-amz-cf-id: ijEfT6DpWZjxoSo7Qma568fu2zUH7C-w6GnfRs7uhKeW09gIl3L3VA==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 292ms
85ms Script
application/javascript 92.123.21.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.21.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-21-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Mon, 22 Aug 2022 13:00:50 GMT

GET
H2 200 269 Show response
id.halo.ad.gt/api/v1/partner/ 52 KB
8 KB 618ms
204ms Script
text/javascript 44.238.206.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.halo.ad.gt/api/v1/partner/269?url=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&ref=&_it=amazon
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.206.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-206-49.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: b869ba707523b441249606161d0830e5fb203732f80e61ac65ec283ee6a934af

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
content-encoding: gzip
origin-trial
server: nginx/1.20.0
content-type: text/javascript; charset=UTF-8

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 42 KB
12 KB 167ms
56ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af44d280920264564147250d0841eebf33288a04c932c182c06ec21600a228c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 3168
x-amz-server-side-encryption: AES256
x-amz-request-id: TVF3351JAWVH7CEV
x-amz-id-2: XVs02iGaM10RG2UUujVvh4nX2pqEGBOBwdJx8k01nqm5WnmPsMIIsqgkpd/9kyHfcU6SObOxLRI=
last-modified: Wed, 27 Jul 2022 15:06:46 GMT
server: cloudflare
etag: W/"a49d5e2684c7e5d488d526ca41c2f3e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 73ebb5375a1698fd-ARN

POST
H2 200 publisher:getClientId Show response
ampcid.google.ru/v1/ 3 B
462 B 240ms
78ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.ru/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://simpleflying.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/ 341 KB
120 KB 270ms
126ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8382598503519971&plah=simpleflying.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8382598503519971

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f5e71c7aa7dbca35e37dbb49a498dd9dccde2159408c9e714176b96d0b3a558

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122626
x-xss-protection: 0
server: cafe
etag: 2129829126283258373
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 Aug 2022 12:45:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220817/r20190131/ Frame 8DC7 10 KB
5 KB 220ms
70ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220817/r20190131/zrt_lookup.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 53467
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 21:54:43 GMT
etag: 8616628553774171045
expires: Sun, 04 Sep 2022 21:54:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 acv.json Show response
childlikeform.com/ 210 KB
46 KB 166ms
82ms Fetch
application/json 2600:1901:0:f8d1::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://childlikeform.com/acv.json

Requested by

Host: childlikeform.com
URL: https://childlikeform.com/v2gcfx2ERU5kb_dukxapx69c4smqW9IVElpgfkmu-yZOmRRB_0U1OY4lV

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
access-control-allow-origin: https://simpleflying.com
x-buildnumber: 609294353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-ranges: bytes
last-modified: Thu, 18 Aug 2022 17:15:37 GMT
x-datacenter: gce-europe-west1
date: Mon, 22 Aug 2022 12:45:50 GMT
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
via: 1.1 google
access-control-allow-credentials: true
x-hostname: fen-hoothoot-europe-west1-hhc0
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2 200 skeleton.js Show response
static.adsafeprotected.com/ 17 B
465 B 226ms
66ms Script
application/javascript 2600:9000:214f:8c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:01:00 GMT
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
age: 4531491
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: NZhfuLyYfDOXHu7eMENlREu5y2z9f88UnW4bDFw-_1npyWBQF3P0mw==

POST
H/1.1 200
OK cookie_sync Show response
mbid.marfeelrev.com/ Frame 5FF0 1 KB
803 B 82ms
82ms XHR
application/json 116.202.159.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mbid.marfeelrev.com/cookie_sync
Requested by: Host: mbid.marfeelrev.com
URL: https://mbid.marfeelrev.com/static/cookie-sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.159.137 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy02.cl01.k8s.mrf.io
Software: istio-envoy /
Resource Hash: 369b6a06cf0598a92b22182eb79ecc4387aff4c5507cdf798d5febccb1f5656d

Request headers

Referer: https://mbid.marfeelrev.com/static/cookie-sync.html
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:50 GMT
content-encoding: gzip
server: istio-envoy
content-type: application/json
access-control-allow-origin: https://mbid.marfeelrev.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
content-length: 435
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 222ms
77ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1609571944&t=pageview&_s=1&dl=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&ul=en-us&de=UTF-8&dt=The%20Final%20Countdown%3A%20Bids%20For%20ITA%20Airways%20Close%20At%20Midnight&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAQCAC~&jid=319763847&gjid=928716008&cid=524236018.1661172350&tid=UA-121433877-1&_gid=1439536400.1661172351&_r=1&_slc=1&cd1=2005177&cd2=jake&cd3=&cd4=Airline%20News&cd5=Airline%20News&cd6=regular&cd7=0&cd8=all&cd9=&cd10=&cd11=false&cd12=native&cd13=article&cd14=2005177&cd15=jake&cd16=&cd17=michael-doran&cd18=regular&cd19=all&cd20=false&cd21=0&cd22=false&cd23=native&cd24=desktop&cd25=194.34.134.148&cd26=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.101%20Safari%2F537.36&cd27=20-24&cd28=20220822&cd29=&cd30=news&cd31=Airline%20News&cd32=%7CAirline%20News%7CEurope%7CITA%20Airways%7Citaly%7CEurope%7Cbidding%7CLufthansa%7C&cd33=N&cd34=showAds&cd35=false&cd36=content-all&cd38=airlines&cd39=News&cd40=Short-Term&cd41=20220822&cd43=not-logged&cd44=Standard&cd45=free&z=17826783

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://simpleflying.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-b/s/0.6.39/ 53 KB
23 KB 184ms
184ms Script
application/javascript 2620:1ec:27::cafe:1959
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-b/s/0.6.39/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/8w3iven4f0?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1959 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:50 GMT
content-encoding: br
etag: "1d8b099e3740ca1"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0fnoDYwAAAABShcS1ZelsRJYWZMA0SHBBUk9NMzBFREdFMDUxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
595 B 216ms
66ms Fetch
application/json 143.204.215.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-6.fra53.r.cloudfront.net
Software: /
Resource Hash: b419d6f37255da8dba74a37d4593757e065accbd7c21e9f82bb2b5f63c9ec098

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 01:54:47 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
age: 39064
x-amzn-requestid: 6dc8ea53-cc3a-465c-abe8-98919bf31966
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6302e1e7-2dd782686b4ef26950f55251;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1, FRA53-C1
x-amz-apigw-id: XPg8JEgHDoEFb_g=
content-length: 30
x-amz-cf-id: gZwKNLHXqIO9wK1UEqnCDTeVTN7_ulMIwf3ZITOjb0BODWFzLNnVNg==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H3

200

usermatchredir
ssum.casalemedia.com/ Frame 5FF0
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=184550&cb=
https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1

43 B
935 B

192ms
101ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://mbid.marfeelrev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73ebb53b6a9af152-ARN
pragma: no-cache
date: Mon, 22 Aug 2022 12:45:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOiGCRWSGmn2CwYgXdp7xFTeGpfyazGbfAiQGukstlI%2BlXseNTPS3vRkqQW%2F5K6usCPHRcDpTASTZuzoeoZ6ZGQjs4ATqMYzhkew93AkeER7TlXCVL3CORmHfWMncLlZc%2FaR0kXb"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMRQM%2BvAmngVPntwLW%2FqaTmRhOsKJirGvGyXMEz7qMQ1Mia7t9K08BvvGwcXoYQ6%2BxDlGKoNxlKgGxWTWyd82z0tfHwaY0qQFuEh2JXgOKIbevjoNLqUC5T5NptkUY%2FSqubNK8H7"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /usermatchredir?s=184550&cb=&C=1
cache-control: no-cache
cf-ray: 73ebb53a2ef598f7-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

POST
H3 200 v2xhwc263sB6lHZRiCdTyBIVttr4f-6Tv0WVsqpjb1TZbkDAToY1zPMiDWVEK_MUwppnHZyfGOA Show response
childlikeform.com/ 209 B
236 B 100ms
100ms Fetch
application/json 2600:1901:0:f8d1::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://childlikeform.com/v2xhwc263sB6lHZRiCdTyBIVttr4f-6Tv0WVsqpjb1TZbkDAToY1zPMiDWVEK_MUwppnHZyfGOA

Requested by

Host: childlikeform.com
URL: https://childlikeform.com/v2gcfx2ERU5kb_dukxapx69c4smqW9IVElpgfkmu-yZOmRRB_0U1OY4lV

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

521f878f49925bd0dae4c5f7ad2730b88cfc0ea582779eea6287d4331ec31f0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
via: 1.1 google
x-buildnumber: 609294353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209
x-datacenter: gce-europe-west1
date: Mon, 22 Aug 2022 12:45:51 GMT
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://simpleflying.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: fen-hoothoot-europe-west1-hhc0
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Mon, 22 Aug 2022 12:45:49 GMT

POST
H3 200 v2qqwkyJ-RGkJr-s9roxgxS0-aSDMWRK6b-YxZs9xRTHzvTi3qmGmrwGWHID76fOOu2sgk6fLAQ Show response
childlikeform.com/ 1 KB
1 KB 80ms
80ms Fetch
application/json 2600:1901:0:f8d1::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://childlikeform.com/v2qqwkyJ-RGkJr-s9roxgxS0-aSDMWRK6b-YxZs9xRTHzvTi3qmGmrwGWHID76fOOu2sgk6fLAQ

Requested by

Host: childlikeform.com
URL: https://childlikeform.com/v2gcfx2ERU5kb_dukxapx69c4smqW9IVElpgfkmu-yZOmRRB_0U1OY4lV

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

2d3b69e5c41a219053144cfca1d051d5f8b3c1381bb0cfdef512f80d4b8f0842

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
via: 1.1 google
x-buildnumber: 609294353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1294
x-datacenter: gce-europe-west1
date: Mon, 22 Aug 2022 12:45:51 GMT
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://simpleflying.com
access-control-allow-credentials: true
x-hostname: fen-hoothoot-europe-west1-hhc0
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 251ms
75ms XHR
text/plain 2a00:1450:400c:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-121433877-1&cid=524236018.1661172350&jid=319763847&gjid=928716008&_gid=1439536400.1661172351&_u=IADAAEAAAAQCAC~&z=1694097281

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Aug 2022 12:45:51 GMT
content-type: text/plain
access-control-allow-origin: https://simpleflying.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 liveView.php Show response
live.primis.tech/live/ 45 KB
17 KB 251ms
78ms Script
text/javascript 2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=109906&subId=[SF-Reg-Org]
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3796472359c42b2889748dfa457c4567b06e143bdc2a8a01005a60aaff287d6e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:51 GMT
content-encoding: gzip
server: nginx
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-pop: FRA6-C1
content-type: text/javascript; charset=utf-8
x-amz-cf-id: _I-f4PgA1LPQansZ4n_Wa9IrqoBQ7xJggk0n2nnm4Te_m6GBmOT3tw==
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)

GET
H2 200 pixel.png Show response
simpleflying.com/ 103 B
441 B 146ms
145ms XHR
image/png 34.233.113.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://simpleflying.com/pixel.png?params=---{%22group%22:%22browseclip_imp%22,%22device%22:%22desktop%22,%22ids%22:[{%22id%22:%222005126%22,%22position%22:%22sentinel-article-sidebarTop-1%22},{%22id%22:%222005060%22,%22position%22:%22sentinel-article-sidebarTop-2%22},{%22id%22:%222005039%22,%22position%22:%22sentinel-article-sidebarTop-3%22},{%22id%22:%222004567%22,%22position%22:%22sentinel-article-sidebarTop-4%22},{%22id%22:%222005096%22,%22position%22:%22sentinel-article-sidebarTop-5%22},{%22id%22:%222005051%22,%22position%22:%22sentinel-article-sidebarTop-6+%22},{%22id%22:%222005137%22,%22position%22:%22sentinel-article-sidebarSticky-1%22},{%22id%22:%222005136%22,%22position%22:%22sentinel-article-sidebarSticky-2%22},{%22id%22:%222005007%22,%22position%22:%22sentinel-article-sidebarSticky-3%22},{%22id%22:%227634%22,%22position%22:%22sentinel-article-relatedContent-1%22},{%22id%22:%222005106%22,%22position%22:%22sentinel-article-relatedContent-2%22},{%22id%22:%222004847%22,%22position%22:%22sentinel-article-relatedContent-3%22},{%22id%22:%222004936%22,%22position%22:%22sentinel-article-relatedContent-4%22},{%22id%22:%222004920%22,%22position%22:%22sentinel-article-relatedContent-5%22},{%22id%22:%222004667%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%222005159%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%2220835%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%222004823%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%222005121%22,%22position%22:%22sentinel-article-nextArticle%22}],%22eventType%22:%22impression%22}---&rdm=0.14202526994374987

Requested by

Host: simpleflying.com
URL: https://simpleflying.com/public/build/valnet-footer.144b5218.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.113.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-113-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d4ed5bd20c3036042165e91001bd91497551164b0e34c76cb8a6eb15c33f3c15

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:51 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 25 Oct 2019 05:53:00 GMT
server: nginx
etag: "5db28dbc-67"
x-frame-options: SAMEORIGIN
content-type: image/png
x-xss-protection: 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 103
x-content-type-options: nosniff

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=30CE8A1841B74BC5B7BAA36CD95FF79C&RedC=c.clarity.ms&MXFR=002AC22D66B362CC1821D02562B36C63
https://c.clarity.ms/c.gif?CtsSyncId=30CE8A1841B74BC5B7BAA36CD95FF79C&MUID=3F4CCAB37F9D6ACD1F47D8BB7E126BFC

42 B
369 B

82ms
82ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=30CE8A1841B74BC5B7BAA36CD95FF79C&MUID=3F4CCAB37F9D6ACD1F47D8BB7E126BFC
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:51 GMT
last-modified: Wed, 17 Aug 2022 23:56:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "de363c295b2d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 70884292BE0840BA89BC497C94D8904F Ref B: STOEDGE1122 Ref C: 2022-08-22T12:45:51Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=30CE8A1841B74BC5B7BAA36CD95FF79C&MUID=3F4CCAB37F9D6ACD1F47D8BB7E126BFC
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 204 collect Show response
f.clarity.ms/ 0
177 B 603ms
293ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.39/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://simpleflying.com/ita-airways-bidding-closes/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://simpleflying.com
date: Mon, 22 Aug 2022 12:45:51 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H3 200 ConsentManager,Sticky2 Show response
childlikeform.com/v2lehEcKbAxDVaoFifqTwaiRueRvhhlODzjfbRDF_nFfjayqQVnTQImIhsl-zprf7M9KAL-N1/ 272 KB
78 KB 189ms
189ms Script
text/javascript 2600:1901:0:f8d1::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://childlikeform.com/v2lehEcKbAxDVaoFifqTwaiRueRvhhlODzjfbRDF_nFfjayqQVnTQImIhsl-zprf7M9KAL-N1/ConsentManager,Sticky2

Requested by

Host: childlikeform.com
URL: https://childlikeform.com/v2gcfx2ERU5kb_dukxapx69c4smqW9IVElpgfkmu-yZOmRRB_0U1OY4lV

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

397171be600d7b7211f1dd2cc2a89f98127cd1d68d1e5dfe5093c59de7a0161d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
Origin: https://simpleflying.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
etag: "fd32fc02f0d0c68cdb29e7b089a0524b15e8f3111a2171ef9a3ae4ac266d9164"
access-control-allow-origin: https://simpleflying.com
x-buildnumber: 609294353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-datacenter: gce-europe-west1
date: Mon, 22 Aug 2022 12:45:51 GMT
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language, Origin
access-control-allow-methods: POST, OPTIONS
content-type: text/javascript; charset=utf-8
via: 1.1 google
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
x-hostname: fen-hoothoot-europe-west1-hhc0
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 257ms
109ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-121433877-1&cid=524236018.1661172350&jid=319763847&_u=IADAAEAAAAQCAC~&z=518470042

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
501 B 270ms
108ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-121433877-1&cid=524236018.1661172350&jid=319763847&_u=IADAAEAAAAQCAC~&z=518470042

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 5FF0 43 B
350 B 182ms
79ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24%7BUID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://mbid.marfeelrev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:50 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 2ucu7gt57meh9dsjrij7vfidtf07omo7

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame 01E4 5 KB
2 KB 80ms
80ms Script
text/javascript 2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=109906&subId=[SF-Reg-Org]&cbuster=1661172351&pubUrlAuto=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109906&subId=[SF-Reg-Org]
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 53a43670e94291f6d32182883b9ccd2c83e3f15936007ab589b6e2d6ae91179a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:51 GMT
content-encoding: gzip
server: nginx
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-pop: FRA6-C1
content-type: text/javascript; charset=utf-8
x-amz-cf-id: tzIfLH0ferBBZJFP57tbfn_29h1xc_X9onGhAZYTeHO5nSIa8tM0HA==
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)

GET
H2 200 iab_consent_sdk.v1.0.js Show response
live.primis.tech/content/ClientDetections/ Frame 01E4 19 KB
8 KB 81ms
80ms Script
application/javascript 2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109906&subId=[SF-Reg-Org]&cbuster=1661172351&pubUrlAuto=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:51 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 15:01:36 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5e441350-4be0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: qvYQ60BYsPgtB8tWraSH_XTyrzQBOrvvfK0pENVtE6bcAu7AXoOpYQ==
expires: Tue, 22 Aug 2023 12:45:51 GMT

GET
H2 200 DetectGDPR2.v1.1.js Show response
live.primis.tech/content/ClientDetections/ Frame 01E4 9 KB
4 KB 87ms
85ms Script
application/javascript 2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109906&subId=[SF-Reg-Org]&cbuster=1661172351&pubUrlAuto=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:51 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 09:45:48 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"6024fccc-228f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: _cVpatLRofhmSR9sk04t8e-G_3zC_qBSkh3Q3LhTdWCIUbPJLHxTyQ==
expires: Tue, 22 Aug 2023 12:45:51 GMT

GET
H2 200 DetectGDPR.v1.1.js Show response
live.primis.tech/content/ClientDetections/ Frame 01E4 8 KB
3 KB 83ms
81ms Script
application/javascript 2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109906&subId=[SF-Reg-Org]&cbuster=1661172351&pubUrlAuto=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:51 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 09:45:48 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"6024fccc-1ef8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: mbMhZVvmACiUv3ZXzEmImyFDVwv4cNvLVs5yw5_CbbCdJZ1WpctDYg==
expires: Tue, 22 Aug 2023 12:45:51 GMT

GET
H2 200 hls.0.12.4_3.min.js Show response
live.primis.tech/content/video/hls/ Frame 01E4 258 KB
117 KB 109ms
108ms Script
application/javascript 2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109906&subId=[SF-Reg-Org]&cbuster=1661172351&pubUrlAuto=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:51 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 12:48:36 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"623b1724-409bc"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: q_ZIxxLX4-T_3EdzNK2JJvqb3sUQ5tVVMz7gDPx7fIR2eksNwtx8nw==
expires: Tue, 22 Aug 2023 12:45:51 GMT

GET
H2 200 prebidVid.6.18.0_14.min.js Show response
live.primis.tech/content/prebid/ Frame 01E4 512 KB
257 KB 102ms
101ms Script
application/javascript 2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_14.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109906&subId=[SF-Reg-Org]&cbuster=1661172351&pubUrlAuto=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 96f409862c915903476f19726d492c9016f836ef0a1139a895c9834c1a4a3e7c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:51 GMT
content-encoding: gzip
last-modified: Mon, 22 Aug 2022 06:59:49 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"63032965-7fe6b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: LIkAlfL3LpTLrmtIpy0m7XpIz64wgrPun1O9e3KCfTXrZz-Dd3Dh_Q==
expires: Tue, 22 Aug 2023 12:45:51 GMT

GET
H2 200 liveVideo.php Show response
live.primis.tech/live/ Frame 01E4 546 KB
225 KB 292ms
292ms Script
text/html 2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30382D32325F31357D7B7331373130363034347D7B433133347D7B5363325974636D566E4C5739795A31397A615731776247566D62486C70626D6375593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B4C31323738317DFEFE&userIpAddr=2a0c%3Af040%3A0%3A4356%3A1011%3A333f%3A4916%3Ac4a1&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=63037a7f6ca54&debugInfo=17106044_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17106044&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cfakrzxqspu&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=60.2188&geoLong=24.8708&vpTemplate=12781&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sf-reg-org_simpleflying.com
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109906&subId=[SF-Reg-Org]&cbuster=1661172351&pubUrlAuto=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 177ad4545e541ad506dec2956612d8677643e1b36d1dc82ff063fb1804063a2f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:51 GMT
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
content-encoding: gzip
x-amz-cf-id: IOKLHcD-MJDiRVPSKMQWtF5e-WVp41ojZrxl0HxGXdK8rHnJcuk2LA==

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 5FF0 0
239 B 317ms
73ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-marfeel&gdpr=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://mbid.marfeelrev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 219ms
76ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9800bdcfee680a224931e132e95552d4e5d70f9f147ced4af8a9c8bc52c80c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 12:27:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Aug 2022 12:45:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Aug 2022 12:45:51 GMT

POST
H3 200 v2xhwc263sB6lHZRiCdTyBIVttr4f-6Tv0WVsqpjb1TZbkDAToY1zPMiDWVEK_MUwppnHZyfGOA Show response
childlikeform.com/ 196 B
223 B 227ms
227ms Fetch
application/json 2600:1901:0:f8d1::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://childlikeform.com/v2xhwc263sB6lHZRiCdTyBIVttr4f-6Tv0WVsqpjb1TZbkDAToY1zPMiDWVEK_MUwppnHZyfGOA

Requested by

Host: childlikeform.com
URL: https://childlikeform.com/v2gcfx2ERU5kb_dukxapx69c4smqW9IVElpgfkmu-yZOmRRB_0U1OY4lV

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

5b6f8bb09cabbe0b02abd5948ecf5f76484b1fb5e3211b8dd1eaa7d944717e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
via: 1.1 google
x-buildnumber: 609294353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 196
x-datacenter: gce-europe-west1
date: Mon, 22 Aug 2022 12:45:51 GMT
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://simpleflying.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: fen-hoothoot-europe-west1-hhc0
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Mon, 22 Aug 2022 12:45:50 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 220ms
72ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://simpleflying.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:54:37 GMT
x-content-type-options: nosniff
age: 589874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 16:54:37 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 302ms
154ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://simpleflying.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:54:37 GMT
x-content-type-options: nosniff
age: 589874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 16:54:37 GMT

GET
H2 200 primisslate.css
live.primis.tech/content/video/css/ 18 KB
7 KB 77ms
76ms Stylesheet
text/css 2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/css/primisslate.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:51 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 07:06:30 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"620367f6-465a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-cf-id: -V6KN7koKErlwuGDTrDlzviPERUYI1jml3YQ4T7V1JLR7GNti3mI0Q==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 01E4 159 KB
41 KB 74ms
74ms Script
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30382D32325F31357D7B7331373130363034347D7B433133347D7B5363325974636D566E4C5739795A31397A615731776247566D62486C70626D6375593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B4C31323738317DFEFE&userIpAddr=2a0c%3Af040%3A0%3A4356%3A1011%3A333f%3A4916%3Ac4a1&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=63037a7f6ca54&debugInfo=17106044_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17106044&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cfakrzxqspu&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=60.2188&geoLong=24.8708&vpTemplate=12781&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sf-reg-org_simpleflying.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 22 Aug 2022 12:39:24 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
last-modified: Mon, 15 Aug 2022 16:12:00 GMT
server: AmazonS3
age: 389
etag: W/"52a6bc60961c702869c58b9d159c8e37"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-P3
content-encoding: gzip
x-amz-cf-id: qLZRfdv2SIg8jq4OFg4OsKpyH0hXoU6lqU28ZSiWEa_Oy6suGnnjfA==

GET
H3 200 css
fonts.googleapis.com/ 1 KB
432 B 215ms
76ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins&display=swap

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:01:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Aug 2022 12:45:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Aug 2022 12:45:52 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5FA2 15 KB
6 KB 229ms
68ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=30908
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 12:45:52 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Mon, 22 Aug 2022 21:21:00 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2

200

liveCS.php Show response
live.primis.tech/live/ Frame CCB9
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3D%26advId%3D94%26advUuid%3D%24...
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3D%26advId%3D94%26advUuid%3D%24...
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=&advId=94&advUuid=5b195243-2218-11ed-b54d-1a7cb9e30106

0
397 B

78ms
78ms

Document
text/html

2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=&advId=94&advUuid=5b195243-2218-11ed-b54d-1a7cb9e30106
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 0
cache-control: no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 22 Aug 2022 12:45:52 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
server: nginx
vary: Accept-Encoding
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-id: SYEYjhhw_LM63bsOY6ZVosXKuCl-kbqjkjDxtoVMUud8jIF9XToYNA==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront

Redirect headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Mon, 22 Aug 2022 12:45:52 GMT
Location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=&advId=94&advUuid=5b195243-2218-11ed-b54d-1a7cb9e30106
Server: nginx
X-fe: 59

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame 2093 43 B
304 B 180ms
79ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-length: 56
content-type: text/html
date: Mon, 22 Aug 2022 12:45:52 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame 01E4 34 KB
6 KB 106ms
105ms XHR
application/json 2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwEyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA4NmUyMxZ2nWRyo182MzYjY2IjZTA4MTFvNmY4NwtmOTt0JTJGqzyxNwJzNTuzOTyuMmZwZDU4MmMkMwp2MS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJrEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu6TURaM05TOTJuV1JfYwE4Mx1gWXqZMxy3WyRBNE1URzyOryx0Tzcarx9UZmBMM1cjWxRZrVcdVTRnnzf1WVRNMyxlUTFPRE16TVRJM05dRXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnyy4TVRFMU5dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx5dRXyNnzN3T0RBS2ZRLwNOYVM4ZFVXQ1RxTzJ6VaNlrUydVGNFS2ZlqyZ1SmqOQ3RwpE9xWxJLYWMzqzyxX2NioaRyoaRsnWQ9MwQlMTA1NCZ2nWRsY29hqGVhqF9xZXNwPVBioGUeU2kcY2VmK1Rbpz91Z2teUWF0YXIeQWylq2F5plgCo2VcozpeNmp3K0ZlZWyanHRypvgXnW5aK0kcn2UeSG90K0ghnWZyK0yhK0J1qHRypvZ2nWRsY29hqGVhqF90nXRfZT1Qo2kyK1NfnWNyplgUnHJiqWqbK1FuqGFlK0FcpaqurXMeQz9ynW5aKmp3NlgGpzVcZ2u0ZXIeV2yhZlgMnWgyK0uiqCgLozyzZSgJovgCqXR0ZXIzqzyxX2NioaRyoaRsZHVlYXRco249MwA3JzRyYaVaSW5zo3JgYXRco249Jat9NwAjJax9MmM4JaB1YyVloD1bqHRjplUmQSUlRvUlRaNcoXBfZWZfrWyhZl5wo20yMxZcqGEgYWylq2F5pl1vnWRxnW5aLWNfo3NyplUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDM4MxQmMwMlNUYmMTM1N0Q3QwpmMmEmNmMkMmAmNwMjMmQmNDqEN0I0MmMkMmMmNDqEN0I1MmYmMmI1OTp0NwM2RDU2NxU0QmU3Mmx3OTVBMmEmOTqBNwE1NmMkNmp2MwQ3NTY2RDYlNDt2QmpjNwI2RDYmNmU1OTMlMmx3NDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwMjMmA3RDqCNTxmMmMmMmt3RDqCNwYmMTqEN0I0QmMkMmImNmM4MmE3REZFRxUznXNBpHA9MCZmZGg2PSZaZW9MYXRcPTYjLwIkODtzZ2ViTG9hZm0lNC44NmA4JaVmZXJJpEFxZHI9MzEjYlUmQWYjNDAyM0EjJTNBNDM1NvUmQTEjMTEyM0EmMmNzJTNBNDxkNvUmQWM0YTEzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjNC4jLwUkMTIhMTAkK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zY3N1qWyxPTYmMDM3YTqzNzNuNTQzY2J1p3Rypw0kNwYkMTplMmUkODt0JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30382D32325F31357D7B7331373130363034347D7B433133347D7B5363325974636D566E4C5739795A31397A615731776247566D62486C70626D6375593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B4C31323738317DFEFE&userIpAddr=2a0c%3Af040%3A0%3A4356%3A1011%3A333f%3A4916%3Ac4a1&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=63037a7f6ca54&debugInfo=17106044_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17106044&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cfakrzxqspu&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=60.2188&geoLong=24.8708&vpTemplate=12781&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sf-reg-org_simpleflying.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: dc79f000df5a02a56af9e0f76b7308cbeb1f129b2b3bceaba1ae08451857ebb9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:51 GMT
content-encoding: gzip
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://simpleflying.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
content-type: application/json; charset=utf-8
content-length: 5553
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-id: BE-_EekA_R8XzbjRFSV3LftCJXhpuwCnn_9JsOo5J1buHP4DwX6j_w==

GET
H2 200 logo_12781.png
video.primis.tech/uploads/video/users/logo/30875/ 12 KB
12 KB 264ms
87ms Image
image/png 2600:9000:206e:9e00:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/video/users/logo/30875/logo_12781.png?cbuster=1643106178
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9e00:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f6082bce2b2c7c1bb6a58e06a17aa69b25882a2dbdbe38f3238f6b8aa30a25d7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:52 GMT
via: 1.1 4b3bed207ec72204ebc89ae818e573ee.cloudfront.net (CloudFront), 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
age: 23404
x-cache: Hit from cloudfront
content-length: 12291
last-modified: Tue, 25 Jan 2022 10:22:59 GMT
server: nginx
etag: "9f73d4e23ad3d9bf6ce6512fe416d525"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: AMS54-C1, VIE50-C1
accept-ranges: bytes
x-amz-cf-id: Pa9VFzoqvlhOklton-MZ_dmR43dG3l9Q3TwQ58HJA-E9cZYLVrJU9Q==
expires: Tue, 23 Aug 2022 06:15:48 GMT

GET
H2 200 liveView.php
live.primis.tech/live/ 0
421 B 81ms
78ms Image
text/html 2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY2MTE3MwM1MSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA5OTA2JaN0YT0jJat9NwAjJax9MmM4JaZcZF9jYXNmRG9gYWyhPXNcoXBfZWZfrWyhZl5wo20zp3VvSWQ9p2YgpzVaLW9lZ19mnW1joGVzoHycozphY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmODJEMmImMwVGMmEmNTqEN0I3MmMkMmpmMTMjMmYmMDM0MmQ3RDqCNDMmMTMmMmQ3RDqCNTM2MmMlNTx3NDYmNxQ1NwZFNEM1NmM5Nmx1QTMkMmx3QTYkNTpmMTp3NwI0NmU2NxQ2MwQ4NxM3MDYlNxQ2Mmp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmMDMjN0Q3QwU5MmMmMmM4N0Q3QwY2MmE3RDqCNEMmMTMlMmpmODMkN0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTJuMGMyM0FzMDQjJTNBMCUmQTQmNTYyM0EkMDEkJTNBMmMmZvUmQTQ5MTYyM0FwNGEkJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjNC4jLwUkMTIhMTAkJTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MmAmN2E3ZwZwYTU0JzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NwEkNmImNTE4NwxzqWyxPVNyn2yhZG9TUGkurWVlNwMjMmquN2Y4YwE2MSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZmnW1joGVzoHycozphY29gJTJGnXRuLWFcpaqurXMgYzyxZGyhZl1woG9mZXMyMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:51 GMT
content-encoding: gzip
server: nginx
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-pop: FRA6-C1
content-type: text/html; charset=UTF-8
x-amz-cf-id: 4R6ZeBIdeUqSfIZfgtkZKqPKBVZpEFSEzeCvO5pzIQKQyqVXIjIRnA==
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 01E4 43 B
220 B 284ms
65ms Image
image/gif 3.67.157.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.157.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-157-21.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 22 Aug 2022 12:45:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame 01E4
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=&advId=93&advUuid=d299fca6-1f21-42d1-a278-226983904a04

0
395 B

79ms
78ms

Image
text/html

2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=&advId=93&advUuid=d299fca6-1f21-42d1-a278-226983904a04
Protocol: H2
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:52 GMT
content-encoding: gzip
server: nginx
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
cache-control: no-store
x-amz-cf-pop: FRA6-C1
content-type: text/html; charset=utf-8
x-amz-cf-id: PzsEdfz5BomCSCtaDxT81j-9si8me_XcZEvw6BXoq6RJics49v2p5w==

Redirect headers

date: Mon, 22 Aug 2022 12:45:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=&advId=93&advUuid=d299fca6-1f21-42d1-a278-226983904a04
cf-ray: 73ebb54049679938-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame 01E4
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3D%26advId%3D99%26advUuid%3D
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=&advId=99&advUuid=YwN6f40fpbVvQ8FWyeTqqwAAEbIAAAIB

0
397 B

78ms
78ms

Image
text/html

2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=&advId=99&advUuid=YwN6f40fpbVvQ8FWyeTqqwAAEbIAAAIB
Protocol: H2
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:51 GMT
content-encoding: gzip
server: nginx
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
cache-control: no-store
x-amz-cf-pop: FRA6-C1
content-type: text/html; charset=utf-8
x-amz-cf-id: Z2_zOyBqFdbyidV4D8I9e7TePntCi8aHobfB5Z6LIEHWh5kVrLEXZQ==

Redirect headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6l2e0E7nYDF8GtwYuS%2FD87VX3IUJos%2FEMIf7WOFXk7O1MpBjTH8luwjB1k74g%2FVyIEFDLQ%2BH1VyC36P%2FnkYyja4m1XFD7DmBS92KEDy6lTddjtClvcKiUSoogAzCphR6jgIcwqMFnhhpxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=&advId=99&advUuid=YwN6f40fpbVvQ8FWyeTqqwAAEbIAAAIB
cache-control: no-cache
cf-ray: 73ebb5404f3ef152-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 getuid
eb2.3lift.com/ Frame 01E4 37 B
140 B 213ms
65ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 01E4 0
239 B 77ms
75ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame 01E4
Redirect Chain

https://ups.analytics.yahoo.com/ups/58627/occ
https://ups.analytics.yahoo.com/ups/58627/occ?verify=true
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-ELCwEoFE2u...

0
396 B

78ms
78ms

Image
text/html

2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-ELCwEoFE2uECMPqlZQ8M5UzVF5_kRUrmXtqlxrM-~A&advUuid=y-ELCwEoFE2uECMPqlZQ8M5UzVF5_kRUrmXtqlxrM-~A
Protocol: H2
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:52 GMT
content-encoding: gzip
server: nginx
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
cache-control: no-store
x-amz-cf-pop: FRA6-C1
content-type: text/html; charset=utf-8
x-amz-cf-id: aVKa_cVMzVhK_6LlglSwvhKrXJiaCRLxjrQmv792Eqz6_7pQUcw0hA==

Redirect headers

location: https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-ELCwEoFE2uECMPqlZQ8M5UzVF5_kRUrmXtqlxrM-~A&advUuid=y-ELCwEoFE2uECMPqlZQ8M5UzVF5_kRUrmXtqlxrM-~A
date: Mon, 22 Aug 2022 12:45:52 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame 01E4
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D63037a7f6ca54%2526pixel%253D%2526advId%253D105%2526ad...
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=&advId=105&advUuid=4209007844303499845

0
397 B

78ms
77ms

Image
text/html

2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=&advId=105&advUuid=4209007844303499845
Protocol: H2
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:52 GMT
content-encoding: gzip
server: nginx
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
cache-control: no-store
x-amz-cf-pop: FRA6-C1
content-type: text/html; charset=utf-8
x-amz-cf-id: yZKGVS299wyToZXu1k3fqXVk0wZ2xGHuoXgOy_4oSr1jd39XgNzUvA==

Redirect headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 12:45:52 GMT
X-Proxy-Origin: 194.34.134.148; 194.34.134.148; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 68486e1f-2dba-49c9-ba89-b9902c771ba3
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=&advId=105&advUuid=4209007844303499845
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

verify
mb9eo.publishers.tremorhub.com/pubsync/ Frame 01E4
Redirect Chain

https://mb9eo.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%...
https://mb9eo.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3Dhttps%253A%252F%252Fsync.intent...

43 B
182 B

141ms
141ms

Image
image/gif

2600:1f18:612b:4264:e0e1:1325:9af4:ac16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mb9eo.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D
Protocol: H2
Server: 2600:1f18:612b:4264:e0e1:1325:9af4:ac16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:52 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

location: pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D
date: Mon, 22 Aug 2022 12:45:52 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame 01E4
Redirect Chain

https://cs.media.net/cksync?cs=34&type=pri&ovsid=63037a7f6ca54&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3Dhttps%253A%252F%252...
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%...

0
396 B

79ms
78ms

Image
text/html

2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D0000EEA&advId=127&advUuid=0000EEA
Protocol: H2
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:52 GMT
content-encoding: gzip
server: nginx
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
cache-control: no-store
x-amz-cf-pop: FRA6-C1
content-type: text/html; charset=utf-8
x-amz-cf-id: qLyq48dkwIUFSnHExHrYg68DjuuZTDQRVenQr-cicC13-cb0mSV5Dg==

Redirect headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 12:45:52 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=63037a7f6ca54&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D0000EEA&advId=127&advUuid=0000EEA
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html
Content-Length: 154
X-MNET-HL2: E
Expires: Mon, 22 Aug 2022 12:45:52 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 01E4 0
277 B 236ms
72ms Image
text/plain 72.251.249.9
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3D%26advId%3D130%26advUuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Aug 2022 12:45:52 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame 01E4
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3586&gdpr=1&gdpr_consent=
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%2...

0
395 B

78ms
78ms

Image
text/html

2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%263rdpcid%3D0c3e98b532fcfc6c157f3bf60111f&advId=134&advUuid=0c3e98b532fcfc6c157f3bf60111f
Protocol: H2
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:52 GMT
content-encoding: gzip
server: nginx
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
cache-control: no-store
x-amz-cf-pop: FRA6-C1
content-type: text/html; charset=utf-8
x-amz-cf-id: 0G2Jls6e_40GwrbC0SUMf5F3_8kWA2uf_6C6YkYpiUGrBr9D5sRxlQ==

Redirect headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 12:45:52 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%263rdpcid%3D0c3e98b532fcfc6c157f3bf60111f&advId=134&advUuid=0c3e98b532fcfc6c157f3bf60111f
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1661172352287040-531
Expires: Mon, 22 Aug 2022 12:45:52 GMT

GET
H2 200 vid62f58f99a36cd583312761.jpg
video.primis.tech/uploads/cn21/video/users/converted/30875/video_62f0cb0e0811b768683984/ 19 KB
20 KB 83ms
83ms Image
image/jpeg 2600:9000:206e:9e00:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn21/video/users/converted/30875/video_62f0cb0e0811b768683984/vid62f58f99a36cd583312761.jpg?cbuster=1660260667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9e00:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 323d840f1b90f5fdd4a246985f9a98f5798167a7fa85d1c3c80e579d9901e4c4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 07:08:13 GMT
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront), 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
age: 20259
x-cache: Hit from cloudfront
content-length: 19660
last-modified: Fri, 12 Aug 2022 00:33:49 GMT
server: nginx
etag: "19acdfa404edd464e4d1f87f9d14c4ec"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P4, VIE50-C1
accept-ranges: bytes
x-amz-cf-id: nNbqEjl0bMaeaoQhx3HvB-NSjE3fCLuwvQQh1IWfJ5b5mP0m509ATg==
expires: Tue, 23 Aug 2022 07:08:13 GMT

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame 01E4 43 KB
7 KB 108ms
108ms XHR
application/json 2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwEyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA4NmUyMxZ2nWRyo182MzYjY2IjZTA4MTFvNmY4NwtmOTt0JTJGqzyxNwJzNTuzOTyuMmZwZDU4MmMkMwp2MS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJrEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu6TURaM05TOTJuV1JfYwE4Mx1gWXqZMxy3WyRBNE1URzyOryx0Tzcarx9UZmBMM1cjWxRZrVcdVTRnnzf1WVRNMyxlUTFPRE16TVRJM05dRXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnyy4TVRFMU5dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx5dRXyNnzN3T0RBS2ZRLwNOYVM4ZFVXQ1RxTzJ6VaNlrUydVGNFS2ZlqyZ1SmqOQ3RwpE9xWxJLYWMzqzyxX2NioaRyoaRsnWQ9MwQlMTA1NCZ2nWRsY29hqGVhqF9xZXNwPVBioGUeU2kcY2VmK1Rbpz91Z2teUWF0YXIeQWylq2F5plgCo2VcozpeNmp3K0ZlZWyanHRypvgXnW5aK0kcn2UeSG90K0ghnWZyK0yhK0J1qHRypvZ2nWRsY29hqGVhqF90nXRfZT1Qo2kyK1NfnWNyplgUnHJiqWqbK1FuqGFlK0FcpaqurXMeQz9ynW5aKmp3NlgGpzVcZ2u0ZXIeV2yhZlgMnWgyK0uiqCgLozyzZSgJovgCqXR0ZXIzqzyxX2NioaRyoaRsZHVlYXRco249MwA3JzRyYaVaSW5zo3JgYXRco249Jat9NTAjJax9MwtkJaB1YyVloD1bqHRjplUmQSUlRvUlRaNcoXBfZWZfrWyhZl5wo20yMxZcqGEgYWylq2F5pl1vnWRxnW5aLWNfo3NyplUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDM4MxQmMwMlNUYmMTM1N0Q3QwpmMmEmNmMkMmAmNwMjMmQmNDqEN0I0MmMkMmMmNDqEN0I1MmYmMmI1OTp0NwM2RDU2NxU0QmU3Mmx3OTVBMmEmOTqBNwE1NmMkNmp2MwQ3NTY2RDYlNDt2QmpjNwI2RDYmNmU1OTMlMmx3NDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwMjMmA3RDqCNTxmMmMmMmt3RDqCNwYmMTqEN0I0QmMkMmImNmM4MmE3REZFRxUznXNBpHA9MCZmZGg2PSZaZW9MYXRcPTYjLwIkODtzZ2ViTG9hZm0lNC44NmA4JaVmZXJJpEFxZHI9MzEjYlUmQWYjNDAyM0EjJTNBNDM1NvUmQTEjMTEyM0EmMmNzJTNBNDxkNvUmQWM0YTEzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjNC4jLwUkMTIhMTAkK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zY3N1qWyxPTYmMDM3YTqzNzNuNTQzY2J1p3Rypw0kNwYkMTplMmUkOTI1JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30382D32325F31357D7B7331373130363034347D7B433133347D7B5363325974636D566E4C5739795A31397A615731776247566D62486C70626D6375593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B4C31323738317DFEFE&userIpAddr=2a0c%3Af040%3A0%3A4356%3A1011%3A333f%3A4916%3Ac4a1&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=63037a7f6ca54&debugInfo=17106044_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17106044&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cfakrzxqspu&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=60.2188&geoLong=24.8708&vpTemplate=12781&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sf-reg-org_simpleflying.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 39ed44bcbd49c95c7707e2eea7d373ef6dbad98bd55d016fd11e23a30d0e1a23

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:51 GMT
content-encoding: gzip
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://simpleflying.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
content-type: application/json; charset=utf-8
content-length: 6477
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-id: 2bVcnV0f5XWmsqAgvMPVDDsAYSCke8XtUC_9zv2VEoUpcGYJ8CMH2Q==

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame 01E4 43 KB
7 KB 131ms
131ms XHR
application/json 2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwEyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA4NmUyMxZ2nWRyo182MzYjY2IjZTA4MTFvNmY4NwtmOTt0JTJGqzyxNwJzNTuzOTyuMmZwZDU4MmMkMwp2MS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJrEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu6TURaM05TOTJuV1JfYwE4Mx1gWXqZMxy3WyRBNE1URzyOryx0Tzcarx9UZmBMM1cjWxRZrVcdVTRnnzf1WVRNMyxlUTFPRE16TVRJM05dRXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnyy4TVRFMU5dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx5dRXyNnzN3T0RBS2ZRLwNOYVM4ZFVXQ1RxTzJ6VaNlrUydVGNFS2ZlqyZ1SmqOQ3RwpE9xWxJLYWMzqzyxX2NioaRyoaRsnWQ9MwQlMTA1NCZ2nWRsY29hqGVhqF9xZXNwPVBioGUeU2kcY2VmK1Rbpz91Z2teUWF0YXIeQWylq2F5plgCo2VcozpeNmp3K0ZlZWyanHRypvgXnW5aK0kcn2UeSG90K0ghnWZyK0yhK0J1qHRypvZ2nWRsY29hqGVhqF90nXRfZT1Qo2kyK1NfnWNyplgUnHJiqWqbK1FuqGFlK0FcpaqurXMeQz9ynW5aKmp3NlgGpzVcZ2u0ZXIeV2yhZlgMnWgyK0uiqCgLozyzZSgJovgCqXR0ZXIzqzyxX2NioaRyoaRsZHVlYXRco249MwA3JzRyYaVaSW5zo3JgYXRco249Jat9MmQjJax9MTxkJaB1YyVloD1bqHRjplUmQSUlRvUlRaNcoXBfZWZfrWyhZl5wo20yMxZcqGEgYWylq2F5pl1vnWRxnW5aLWNfo3NyplUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDM4MxQmMwMlNUYmMTM1N0Q3QwpmMmEmNmMkMmAmNwMjMmQmNDqEN0I0MmMkMmMmNDqEN0I1MmYmMmI1OTp0NwM2RDU2NxU0QmU3Mmx3OTVBMmEmOTqBNwE1NmMkNmp2MwQ3NTY2RDYlNDt2QmpjNwI2RDYmNmU1OTMlMmx3NDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwMjMmA3RDqCNTxmMmMmMmt3RDqCNwYmMTqEN0I0QmMkMmImNmM4MmE3REZFRxUznXNBpHA9MCZmZGg2PSZaZW9MYXRcPTYjLwIkODtzZ2ViTG9hZm0lNC44NmA4JaVmZXJJpEFxZHI9MzEjYlUmQWYjNDAyM0EjJTNBNDM1NvUmQTEjMTEyM0EmMmNzJTNBNDxkNvUmQWM0YTEzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjNC4jLwUkMTIhMTAkK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zY3N1qWyxPTYmMDM3YTqzNzNuNTQzY2J1p3Rypw0kNwYkMTplMmUkOTI2JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30382D32325F31357D7B7331373130363034347D7B433133347D7B5363325974636D566E4C5739795A31397A615731776247566D62486C70626D6375593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B4C31323738317DFEFE&userIpAddr=2a0c%3Af040%3A0%3A4356%3A1011%3A333f%3A4916%3Ac4a1&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=63037a7f6ca54&debugInfo=17106044_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17106044&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cfakrzxqspu&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=60.2188&geoLong=24.8708&vpTemplate=12781&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sf-reg-org_simpleflying.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7a3df7a8bf66baeeb700983f3d2fb413f1b38a7df77463b2bc98de7d432e7b98

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:51 GMT
content-encoding: gzip
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://simpleflying.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
content-type: application/json; charset=utf-8
content-length: 6474
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-id: KexqoxC37WcyYGyqAGbIIutwjtAoQ4cqwSlFHsNYiqKKr7sDFnjztg==

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame 01E4 34 KB
6 KB 132ms
132ms XHR
application/json 2600:9000:2057:ea00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwEyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA4NmUyMxZ2nWRyo182MzYjY2IjZTA4MTFvNmY4NwtmOTt0JTJGqzyxNwJzNTuzOTyuMmZwZDU4MmMkMwp2MS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJrEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu6TURaM05TOTJuV1JfYwE4Mx1gWXqZMxy3WyRBNE1URzyOryx0Tzcarx9UZmBMM1cjWxRZrVcdVTRnnzf1WVRNMyxlUTFPRE16TVRJM05dRXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnyy4TVRFMU5dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx5dRXyNnzN3T0RBS2ZRLwNOYVM4ZFVXQ1RxTzJ6VaNlrUydVGNFS2ZlqyZ1SmqOQ3RwpE9xWxJLYWMzqzyxX2NioaRyoaRsnWQ9MwQlMTA1NCZ2nWRsY29hqGVhqF9xZXNwPVBioGUeU2kcY2VmK1Rbpz91Z2teUWF0YXIeQWylq2F5plgCo2VcozpeNmp3K0ZlZWyanHRypvgXnW5aK0kcn2UeSG90K0ghnWZyK0yhK0J1qHRypvZ2nWRsY29hqGVhqF90nXRfZT1Qo2kyK1NfnWNyplgUnHJiqWqbK1FuqGFlK0FcpaqurXMeQz9ynW5aKmp3NlgGpzVcZ2u0ZXIeV2yhZlgMnWgyK0uiqCgLozyzZSgJovgCqXR0ZXIzqzyxX2NioaRyoaRsZHVlYXRco249MwA3JzRyYaVaSW5zo3JgYXRco249Jat9NTAjJax9MwtkJaB1YyVloD1bqHRjplUmQSUlRvUlRaNcoXBfZWZfrWyhZl5wo20yMxZcqGEgYWylq2F5pl1vnWRxnW5aLWNfo3NyplUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDM4MxQmMwMlNUYmMTM1N0Q3QwpmMmEmNmMkMmAmNwMjMmQmNDqEN0I0MmMkMmMmNDqEN0I1MmYmMmI1OTp0NwM2RDU2NxU0QmU3Mmx3OTVBMmEmOTqBNwE1NmMkNmp2MwQ3NTY2RDYlNDt2QmpjNwI2RDYmNmU1OTMlMmx3NDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwMjMmA3RDqCNTxmMmMmMmt3RDqCNwYmMTqEN0I0QmMkMmImNmM4MmE3REZFRxUznXNBpHA9MCZmZGg2PSZaZW9MYXRcPTYjLwIkODtzZ2ViTG9hZm0lNC44NmA4JaVmZXJJpEFxZHI9MzEjYlUmQWYjNDAyM0EjJTNBNDM1NvUmQTEjMTEyM0EmMmNzJTNBNDxkNvUmQWM0YTEzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjNC4jLwUkMTIhMTAkK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zY3N1qWyxPTYmMDM3YTqzNzNuNTQzY2J1p3Rypw0kNwYkMTplMmUkOTI2JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30382D32325F31357D7B7331373130363034347D7B433133347D7B5363325974636D566E4C5739795A31397A615731776247566D62486C70626D6375593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B4C31323738317DFEFE&userIpAddr=2a0c%3Af040%3A0%3A4356%3A1011%3A333f%3A4916%3Ac4a1&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=63037a7f6ca54&debugInfo=17106044_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17106044&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2cfakrzxqspu&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=60.2188&geoLong=24.8708&vpTemplate=12781&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sf-reg-org_simpleflying.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ea00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: aa007cbc08a9df3279c0cbcfaa1438e2a0c4a99aa526ff3d5642ec07e716ecb3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:51 GMT
content-encoding: gzip
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://simpleflying.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
content-type: application/json; charset=utf-8
content-length: 5551
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-id: WZ34I1Qkx_OClmdsoCDdyEf8aGUmcT0NfL09HLXtTHst4RfL7tNSyg==

GET
H/1.1

200
OK

setuid
mbid.marfeelrev.com/ Frame 5FF0
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmbid.marfeelrev.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526f%253Di%2526uid%253D%2524UID
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=7026098930653703403

86 B
693 B

84ms
83ms

Image
image/png

116.202.159.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=7026098930653703403
Protocol: HTTP/1.1
Server: 116.202.159.137 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy02.cl01.k8s.mrf.io
Software: istio-envoy /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://mbid.marfeelrev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:52 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 12:45:52 GMT
X-Proxy-Origin: 194.34.134.148; 194.34.134.148; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f072fbc6-ceeb-45f4-817f-445f723410cd
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=7026098930653703403
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 01E4 6 KB
3 KB 67ms
66ms XHR
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/ita-airways-bidding-closes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: JXufo2ctue2uysHllG2MRpKE8F0E4.a0
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 51915
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 22:19:11 GMT
server: AmazonS3
date: Mon, 22 Aug 2022 02:07:43 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: v3GRmci2uOiipFLZmhlPPFvc9Fec1AqpP4N0je8u2GsrKgqfLqXpwA==

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 01E4 0
140 B 393ms
85ms XHR
text/plain 15.188.216.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_14.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.188.216.240 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-188-216-240.eu-west-3.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simpleflying.com
date: Mon, 22 Aug 2022 12:45:52 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 01E4 173 B
404 B 270ms
66ms XHR
application/json 18.192.39.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_14.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.39.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-39-116.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6629410693d4919d7a485904eac9d5ea69b9cd981bc79a9815f4a65c762ebdba

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:52 GMT
content-encoding: gzip
x-prebid: pbs-java/1.96.0
content-type: application/json
access-control-allow-origin: https://simpleflying.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 01E4 19 B
508 B 243ms
94ms XHR
application/json 18.198.87.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.18.0&referrer=https%3A%2F%2Fsimpleflying.com%2Fita-airways-bidding-closes%2F&tmax=3000&gdpr=true

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_14.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.87.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-87-118.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:52 GMT
accept-ch: sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent
content-type: application/json; charset=utf-8
access-control-allow-origin: https://simpleflying.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 214ms
71ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://simpleflying.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 19:24:53 GMT
x-content-type-options: nosniff
age: 408059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 19:24:53 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5FA2 0
42 B 283ms
77ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65132419&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63037a7f6ca54%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 12:45:51 GMT
content-length: 0

GET
H2 200 vid62f58f99a36cd583312761.jpg
video.primis.tech/uploads/cn21/video/users/converted/30875/video_62f0cb0e0811b768683984/ 19 KB
20 KB 78ms
77ms Image
image/jpeg 2600:9000:206e:9e00:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn21/video/users/converted/30875/video_62f0cb0e0811b768683984/vid62f58f99a36cd583312761.jpg?cbuster=1660260667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9e00:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 323d840f1b90f5fdd4a246985f9a98f5798167a7fa85d1c3c80e579d9901e4c4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://simpleflying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 07:08:13 GMT
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront), 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
age: 20259
x-cache: Hit from cloudfront
content-length: 19660
last-modified: Fri, 12 Aug 2022 00:33:49 GMT
server: nginx
etag: "19acdfa404edd464e4d1f87f9d14c4ec"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P4, VIE50-C1
accept-ranges: bytes
x-amz-cf-id: NpSz97p43hHIoXxlAW5MM13pwrwE3fQZM34rfEpy84vbWqzyPGihog==
expires: Tue, 23 Aug 2022 07:08:13 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 289ms
289ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.39/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://simpleflying.com/ita-airways-bidding-closes/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://simpleflying.com
date: Mon, 22 Aug 2022 12:45:52 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H/1.1

200
OK

setuid
mbid.marfeelrev.com/ Frame 5FF0
Redirect Chain

https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid...
https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di...
https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=5fa15558-3d76-4be9-969c-ab3cd0dd7ef7

86 B
825 B

82ms
82ms

Image
image/png

116.202.159.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=5fa15558-3d76-4be9-969c-ab3cd0dd7ef7
Protocol: HTTP/1.1
Server: 116.202.159.137 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy02.cl01.k8s.mrf.io
Software: istio-envoy /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://mbid.marfeelrev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:52 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
expires: 0

Redirect headers

location: https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=5fa15558-3d76-4be9-969c-ab3cd0dd7ef7
date: Mon, 22 Aug 2022 12:45:52 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

setuid
mbid.marfeelrev.com/ Frame 5FF0
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=4209007844303499845

86 B
825 B

82ms
82ms

Image
image/png

116.202.159.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=4209007844303499845
Protocol: HTTP/1.1
Server: 116.202.159.137 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy02.cl01.k8s.mrf.io
Software: istio-envoy /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://mbid.marfeelrev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 12:45:52 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 12:45:52 GMT
X-Proxy-Origin: 194.34.134.148; 194.34.134.148; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e86cb66c-1826-4e95-ab94-04e41af4e556
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=4209007844303499845
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 436D 37 B
139 B 65ms
65ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?gdpr=true&
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_14.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Mon, 22 Aug 2022 12:45:53 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8AA7 281 B
573 B 275ms
68ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_14.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 Aug 2022 12:45:53 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2125 15 KB
6 KB 70ms
69ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_14.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://simpleflying.com/ita-airways-bidding-closes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=30907
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 12:45:53 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Mon, 22 Aug 2022 21:21:00 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8AA7 31 KB
10 KB 68ms
68ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4a77aa8515e0914305d566f070e6aed1f158741280d2dfb5a9cd6d48c8bb3599

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 22 Aug 2022 12:45:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Aug 2022 13:55:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=10767
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9442
Expires: Mon, 22 Aug 2022 15:45:20 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 8AA7 284 B
536 B 283ms
71ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/jpg

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 145ms
144ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.39/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://simpleflying.com/ita-airways-bidding-closes/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://simpleflying.com
date: Mon, 22 Aug 2022 12:45:54 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
simpleflying.com/	1969-12-31 23:59:59	Name: viewType Value: direct
.simpleflying.com/	1970-01-20 15:02:12	Name: _ga_6HWFJ4EQLT Value: GS1.1.1661172350.1.0.1661172350.0.0.0
.simpleflying.com/	1970-01-20 14:11:48	Name: usprivacy Value: 1---
.ad.gt/	1970-01-20 05:27:38	Name: au_idmatch Value: eyJhcG4iOiAxNjYxMTcyMzUwNDEzLCAidHRkIjogMTY2MTE3MjM1MDQxMywgInB1YiI6IDE2NjExNzIzNTA0MTMsICJhZHgiOiAxNjYxMTcyMzUwNDEzLCAiZ29vIjogMTY2MTE3MjM1MDQxMywgImltcHIiOiAxNjYxMTcyMzUwNDEzLCAiYWRvIjogMTY2MTE3MjM1MDQxMywgInBwbnQiOiAxNjYxMTcyMzUwNDEzLCAic21hcnQiOiAxNjYxMTcyMzUwNDEzLCAicnViIjogMTY2MTE3MjM1MDQxMywgInVucnVseSI6IDE2NjExNzIzNTA0MTMsICJiZWVzIjogMTY2MTE3MjM1MDQxMywgIm1lZGlhbWF0aCI6IDE2NjExNzIzNTA0MTMsICJpcCI6IDE2NjExNzIzNTA0MTMsICJzb24iOiAxNjYxMTcyMzUwNDEzLCAib3BlbngiOiAxNjYxMTcyMzUwNDEzLCAidGFib29sYSI6IDE2NjExNzIzNTA0MTN9
www.clarity.ms/	1970-01-20 14:11:48	Name: CLID Value: 098f4ed481d6451f98e6ca13362fe927.20220822.20230822
.simpleflying.com/	1970-01-20 05:26:15	Name: AMP_TOKEN Value: %24NOT_FOUND
.simpleflying.com/	1970-01-20 15:02:12	Name: _ga Value: GA1.2.524236018.1661172350
.simpleflying.com/	1970-01-20 05:27:38	Name: _gid Value: GA1.2.1439536400.1661172351
.simpleflying.com/	1970-01-20 05:26:12	Name: _gat Value: 1
.simpleflying.com/	1970-01-20 15:02:12	Name: _awl Value: 2.1661172351.0.5-a3a5bdb3e9427dfc611d8b3646f23eb3-6763652d6575726f70652d7765737431-0
.simpleflying.com/	1970-01-20 14:11:48	Name: _clck Value: lms9jx\|1\|f48\|0
simpleflying.com/	1970-01-20 05:27:38	Name: _lr_geo_location Value: FI
.casalemedia.com/	1970-01-20 14:11:48	Name: CMID Value: YwN6f40fpbVvQ8FWyeTqqwAA
.casalemedia.com/	1970-01-20 07:35:48	Name: CMPS Value: 4530
.casalemedia.com/	1970-01-20 07:35:48	Name: CMPRO Value: 4530
simpleflying.com/	1970-01-20 06:09:24	Name: _pbjs_userid_consent_data Value: 6683316680106290
.simpleflying.com/	1970-01-20 09:45:24	Name: _pubcid Value: 6e1a6cd4-fc0f-4ba2-94a4-d0dc6a16c69f
.c.bing.com/	1970-01-20 14:47:48	Name: SRM_B Value: 3F4CCAB37F9D6ACD1F47D8BB7E126BFC
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 14:47:48	Name: MUID Value: 3F4CCAB37F9D6ACD1F47D8BB7E126BFC
.c.clarity.ms/	1970-01-20 05:26:12	Name: ANONCHK Value: 0
.simpleflying.com/	1970-01-20 05:27:38	Name: _clsk Value: 16of71u\|1661172351803\|1\|1\|f.clarity.ms/collect
.casalemedia.com/	1970-01-20 07:35:48	Name: CMTS Value: 4460
.yahoo.com/	1970-01-20 14:12:09	Name: A3 Value: d=AQABBIB6A2MCEPUOURDQ0H7TWQihuJhzK4kFEgEBAQHMBGMNYwAAAAAA_eMAAA&S=AQAAAnIcy7c_wk5Wy7waLslqASw
.csync.loopme.me/	1970-01-20 07:38:41	Name: viewer_token Value: d299fca6-1f21-42d1-a278-226983904a04
.spotxchange.com/	1970-01-20 06:06:31	Name: audience Value: 5b195243-2218-11ed-b54d-1a7cb9e30106
.media.net/	1970-01-20 14:11:48	Name: data-pri Value: 63037a7f6ca54~~34
.analytics.yahoo.com/	1970-01-20 14:11:48	Name: IDSYNC Value: 198j~26qc
.adnxs.com/	1970-01-20 07:35:48	Name: uuid2 Value: 4209007844303499845
ads.stickyadstv.com/	1970-01-20 06:09:24	Name: UID Value: 0c3e98b532fcfc6c157f3bf60111f
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 3ef5f625bbd90299946bc55a2567c1
.tremorhub.com/	1970-01-20 14:12:09	Name: tvid Value: fdaf62959c9e4d7fad501bc4a063af68
.360yield.com/	1970-01-20 07:35:48	Name: tuuid Value: 5fa15558-3d76-4be9-969c-ab3cd0dd7ef7
.360yield.com/	1970-01-20 07:35:48	Name: tuuid_lu Value: 1661172352
.mbid.marfeelrev.com/	1970-01-20 07:35:48	Name: uids Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYWRueHMiOnsidWlkIjoiNDIwOTAwNzg0NDMwMzQ5OTg0NSIsImV4cGlyZXMiOiIyMDIyLTA5LTA1VDEyOjQ1OjUyLjkzNFoifSwiaW1wcm92ZWRpZ2l0YWwiOnsidWlkIjoiNWZhMTU1NTgtM2Q3Ni00YmU5LTk2OWMtYWIzY2QwZGQ3ZWY3IiwiZXhwaXJlcyI6IjIwMjItMDktMDVUMTI6NDU6NTIuNzQ1WiJ9fSwiYmRheSI6IjIwMjItMDgtMjJUMTI6NDU6NTIuMjgyWiJ9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
ad.360yield.com
ads.pubmatic.com
ads.stickyadstv.com
adsninja.ca
ampcid.google.com
ampcid.google.ru
ap.lijit.com
app.getresponse.com
ats.rlcdn.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
cdn.id5-sync.com
childlikeform.com
cs.media.net
csync.loopme.me
eb2.3lift.com
eus.rubiconproject.com
f.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
id.halo.ad.gt
image6.pubmatic.com
live.primis.tech
mb9eo.publishers.tremorhub.com
mbid.marfeelrev.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
prebid-server.rubiconproject.com
region1.google-analytics.com
rtb.openx.net
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
seg.ad.gt
simpleflying.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static1.simpleflyingimages.com
stats.g.doubleclick.net
sync.search.spotxchange.com
tagan.adlightning.com
tlx.3lift.com
token.rubiconproject.com
u.openx.net
unpkg.com
ups.analytics.yahoo.com
video.primis.tech
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.fi
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.160.64.9
104.18.19.126
116.202.159.137
13.248.245.213
142.250.186.98
143.204.215.6
15.188.216.240
18.156.0.31
18.192.39.116
18.198.87.118
18.66.139.110
185.64.190.78
185.89.210.153
185.89.211.116
185.94.180.125
20.234.93.27
20.84.22.197
2001:4860:4802:32::36
23.205.235.133
23.35.228.23
23.35.236.201
23.50.131.213
2600:1901:0:f8d1::1
2600:1f18:612b:4264:e0e1:1325:9af4:ac16
2600:9000:2057:ea00:1a:5235:f980:93a1
2600:9000:206e:9e00:1:6448:6d00:93a1
2600:9000:214f:8c00:8:48e:53c0:93a1
2606:4700:10::6816:3556
2606:4700:10::6816:4aea
2606:4700::6810:7daf
2606:4700::6813:ac6c
2620:1ec:27::cafe:1959
2620:1ec:c11::200
2a00:1450:4001:800::2008
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:830::200e
2a00:1450:400c:c0d::9a
2a00:1450:400e:80c::200a
3.67.157.21
34.233.113.241
35.227.252.103
35.244.159.8
35.86.50.147
44.238.206.49
52.222.209.55
52.25.0.70
52.84.106.46
54.144.151.126
54.171.211.68
69.173.144.138
69.173.144.139
72.251.249.9
92.123.21.200
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09efd3dd55adb96a7b40b6a4b2400d356ae9d78a17f5e1ad689232b6df4e62fc
0c97ac7b27e315180271371922482ee106e8ef302b7ffb1f7f30ecaeec249c70
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
0f5e71c7aa7dbca35e37dbb49a498dd9dccde2159408c9e714176b96d0b3a558
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
1597fe03a36ee79347c803bfb8045a83ec3f371a77ec320ef4fd8f91baac6f13
177ad4545e541ad506dec2956612d8677643e1b36d1dc82ff063fb1804063a2f
1cfab7cfca501474b26776422944827e7cb77756c1ff4ea3206d3f342f9c9fc2
1e93edaae779de82f634e824d225a2a7fba4a4bb7b6e6adf13b64f8a31b398f6
1ead244357de11688c2818ae28b86304e740d6581027ebced63febc0ffd19ec3
1f65b63cdc40ba4684b19f328c9b767ac9e8d553b5b840bd6ac8073048279e53
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
2d3b69e5c41a219053144cfca1d051d5f8b3c1381bb0cfdef512f80d4b8f0842
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
323d840f1b90f5fdd4a246985f9a98f5798167a7fa85d1c3c80e579d9901e4c4
369b6a06cf0598a92b22182eb79ecc4387aff4c5507cdf798d5febccb1f5656d
3796472359c42b2889748dfa457c4567b06e143bdc2a8a01005a60aaff287d6e
397171be600d7b7211f1dd2cc2a89f98127cd1d68d1e5dfe5093c59de7a0161d
39ed44bcbd49c95c7707e2eea7d373ef6dbad98bd55d016fd11e23a30d0e1a23
3d35276b3264a552839666cfe3b4dd0d00e69ef8fd503e774aa75d52e3b0d09f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403d9912aaf8b8aa888bbaf4d7374bfa4ae047d4ff37f765d15210ba4cdc8ac8
40d960d2f34acea6636b72c111f60d6db68e31ce1f98bfece9d6a776df371768
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a77aa8515e0914305d566f070e6aed1f158741280d2dfb5a9cd6d48c8bb3599
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
521f878f49925bd0dae4c5f7ad2730b88cfc0ea582779eea6287d4331ec31f0d
53a43670e94291f6d32182883b9ccd2c83e3f15936007ab589b6e2d6ae91179a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5745cbcab491dfc7594b475d20aa80a5fd43b7f09d5d97533b028a9194e94713
5b6f8bb09cabbe0b02abd5948ecf5f76484b1fb5e3211b8dd1eaa7d944717e48
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a
6629410693d4919d7a485904eac9d5ea69b9cd981bc79a9815f4a65c762ebdba
67a3bd65ea989336425908f6b29aa33fb4d180a4cc4ae768971fd8c3008c75b1
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
7a3df7a8bf66baeeb700983f3d2fb413f1b38a7df77463b2bc98de7d432e7b98
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f7f9215366a526576e0e91f1e79b1e2c817921dbd9dd96f2cdf51bfe98706f5
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
83503f4c964c073a8f31f45073af0a649ffabdcb01b30afa073ca69b0df90045
85c38352712041c50428f57fde76da934384f91015e46878072115f04b00f531
8b51fff4ef0d655c6f08650b81a835b8521a4179b08118d34c2938f2a1fb6c00
925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f
96ca8d5aa2560ca4e68889153eb20bd38a031b4f8ca5c19b90c35df6ff0e6b0b
96f409862c915903476f19726d492c9016f836ef0a1139a895c9834c1a4a3e7c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a385633f1e2fe45e65c2bc3b322d776c9bab1c9687998f764c0c83f79e2963e2
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a84269dca33a997a8b241adf1b768390a33d12f1943627d71097c91a2a4c4cde
a9800bdcfee680a224931e132e95552d4e5d70f9f147ced4af8a9c8bc52c80c9
aa007cbc08a9df3279c0cbcfaa1438e2a0c4a99aa526ff3d5642ec07e716ecb3
ae90da549a5bf68510a8298e23eae4c4db328383c35b60b0fd505d3cb0b80ed6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af44d280920264564147250d0841eebf33288a04c932c182c06ec21600a228c2
af6434f018ec5d8eb878f699589b36b02401db7aff687bb6db56dee54ae583c7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b419d6f37255da8dba74a37d4593757e065accbd7c21e9f82bb2b5f63c9ec098
b702cc8cdb99b7a9b173d73655746acb19412681f8d5497242e262ecad909ec8
b869ba707523b441249606161d0830e5fb203732f80e61ac65ec283ee6a934af
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb798c0df6597e01cdc87080c9a46c97b1a303c6977263441345f677902a4dca
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c97fc82429a0a8c24a88c64213782da0c325bebc3fc3293235c5c5bd79cb0aa0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca570d4eb25436159b89fc2284666ada5f637342468be247dfd8b558def52dfe
d4ed5bd20c3036042165e91001bd91497551164b0e34c76cb8a6eb15c33f3c15
dc79f000df5a02a56af9e0f76b7308cbeb1f129b2b3bceaba1ae08451857ebb9
dd78a2fe4db0afda9d16c59ddfa1b54a47c812fff846e1118b4195b7ab92f7c2
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f5bfde6269fe826c4b0f1d7da79ea037faa2bcddd99063a920a8ae7b1d4f01
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec267c0ec001f1dede649a96c38a3ae036a7a8b129d02025b35cc99c0427eec3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d
f5c4b08e25c86c8e2155f7fb34c0213ba67d57226ddd803a486fa69f8d32ec38
f6082bce2b2c7c1bb6a58e06a17aa69b25882a2dbdbe38f3238f6b8aa30a25d7
f78bee40318da80e30bdbd868517da4cdb5965169e643c706698a8fde5c31151
f974ba14306dafc6c1a78bd873772cd168499d7ab4b2c26b6f5b99b4fa1f48b1
fdd268765b0443e01166abb141c5a5934f149c21ea6cd5bc8fe1f2757edfb53f
ff35b06ac7e5d6c94018d6cd356e3d9d74bdd768a05042144ca390209add0131
ffc4b44e1b7402c08e5f2f702ca535e7e7083a684cda203dfdcb734cd5761aa6

simpleflying.com Open in urlscan Pro 34.233.113.241 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

119 Requests

89 %HTTPS

40 %IPv6

43 Domains

61 Subdomains

50 IPs

9 Countries

2441 kBTransfer

6712 kBSize

35 Cookies

14 Outgoing links

Page URL History

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

simpleflying.com Open in urlscan Pro
34.233.113.241 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

89 %
HTTPS

40 %
IPv6

43
Domains

61
Subdomains

50
IPs

9
Countries

2441 kB
Transfer

6712 kB
Size

35
Cookies

119 HTTP transactions
0 data transactions