urlscan.io logo urlscan.io
SecurityTrails logo

www.flytradewind.com Open in urlscan Pro
3.224.125.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.flytradewind.com/
Effective URL: https://www.flytradewind.com/
Submission: On October 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 17 domains to perform 65 HTTP transactions. The main IP is 3.224.125.11, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.flytradewind.com.
TLS certificate: Issued by Amazon on August 12th 2022. Valid for: a year.
This is the only time www.flytradewind.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 3.224.125.11 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 35.244.188.9 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 54.91.59.199 14618 (AMAZON-AES)
3 107.178.244.119 15169 (GOOGLE)
2 2 142.250.184.230 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 4 142.250.186.162 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 185.89.211.84 29990 (ASN-APPNEX)
1 15.197.193.217 16509 (AMAZON-02)
1 34.239.12.113 14618 (AMAZON-AES)
1 2600:9000:212... 16509 (AMAZON-02)
8 54.231.172.168 16509 (AMAZON-02)
65 19
28    3.224.125.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-125-11.compute-1.amazonaws.com
www.flytradewind.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:3034::6815:5f66 (United States)

ASN13335 (CLOUDFLARENET, US)
static.marketingcdn.net
4    35.244.188.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.188.244.35.bc.googleusercontent.com
static.sojern.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
cdn.tooltip.io
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700:3031::ac43:d292 (United States)

ASN13335 (CLOUDFLARENET, US)
tracker.personizely.net
www.personizely.net
2    54.91.59.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-59-199.compute-1.amazonaws.com
api.ipify.org
3    107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com
beacon.sojern.com
pixel.sojern.com
2    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fcmatch.google.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fcmatch.youtube.com
2    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    34.239.12.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-12-113.compute-1.amazonaws.com
pp.signalayer.com
1    2600:9000:2127:3600:6:36e8:9f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
data.tooltip.io
8    54.231.172.168 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
Apex Domain
Subdomains		 Transfer
28 flytradewind.com
www.flytradewind.com
395 KB
8 amazonaws.com
s3.amazonaws.com
87 KB
7 sojern.com
static.sojern.com — Cisco Umbrella Rank: 16500
beacon.sojern.com — Cisco Umbrella Rank: 5519
pixel.sojern.com — Cisco Umbrella Rank: 8213
31 KB
6 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 185
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
2 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 78
fcmatch.google.com — Cisco Umbrella Rank: 2557
42 KB
3 personizely.net
tracker.personizely.net — Cisco Umbrella Rank: 188442
www.personizely.net — Cisco Umbrella Rank: 359393
5 KB
3 gstatic.com
www.gstatic.com
340 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
2 KB
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 3082
259 B
2 tooltip.io
cdn.tooltip.io — Cisco Umbrella Rank: 171681
data.tooltip.io — Cisco Umbrella Rank: 195154
78 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
1 signalayer.com
pp.signalayer.com — Cisco Umbrella Rank: 125178
260 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
265 B
1 youtube.com
fcmatch.youtube.com — Cisco Umbrella Rank: 2577
525 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
1 KB
1 marketingcdn.net
static.marketingcdn.net
41 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
54 KB
65 17
Domain Requested by
28 www.flytradewind.com 1 redirects www.flytradewind.com
8 s3.amazonaws.com
4 cm.g.doubleclick.net 4 redirects
4 static.sojern.com www.googletagmanager.com
www.flytradewind.com
static.sojern.com
4 www.google.com www.flytradewind.com
www.gstatic.com
3 www.gstatic.com www.google.com
2 ib.adnxs.com 2 redirects
2 pixel.sojern.com static.sojern.com
2 ad.doubleclick.net 2 redirects
2 api.ipify.org cdn.tooltip.io
2 tracker.personizely.net static.marketingcdn.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 data.tooltip.io cdn.tooltip.io
1 pp.signalayer.com cdn.tooltip.io
1 match.adsrvr.org static.sojern.com
1 fcmatch.youtube.com static.sojern.com
1 fcmatch.google.com 1 redirects
1 adservice.google.com static.sojern.com
1 beacon.sojern.com static.sojern.com
1 www.personizely.net static.marketingcdn.net
1 fonts.googleapis.com static.marketingcdn.net
1 cdn.tooltip.io www.flytradewind.com
1 static.marketingcdn.net www.googletagmanager.com
1 www.googletagmanager.com www.flytradewind.com
65 24
Subject Issuer Validity Valid
flytradewind.com
Amazon		 2022-08-12 -
2023-09-10		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-08 -
2023-06-07		 a year crt.sh
*.sojern.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-16 -
2023-01-16		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
cdn.tooltip.io
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2022-02-07 -
2023-03-10		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.signalayer.com
Amazon		 2022-02-01 -
2023-02-28		 a year crt.sh
*.tooltip.io
Amazon		 2022-03-18 -
2023-04-15		 a year crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.flytradewind.com/
Frame ID: 05E19FE629BF45218B7918549DE67184
Requests: 59 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ_b0UAAAAAD7figKBucPwVzUR_dINpJKM0DMX&co=aHR0cHM6Ly93d3cuZmx5dHJhZGV3aW5kLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=uum4yq8gqb7f
Frame ID: 70607B46FE3EFF30632A1B09AF7F20A8
Requests: 5 HTTP requests in this frame

Frame: https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=kvrqt-cz43g-4spj-gsqra-0prqn&auto_ga=857307520.1666669458&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Frame ID: BC4639E5D4747138C4D2460D0CDE3B9A
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Scheduled and Private Charter Flights | Tradewind Aviation

Page URL History Show full URLs

  1. http://www.flytradewind.com/ HTTP 301
    https://www.flytradewind.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

65
Requests

94 %
HTTPS

55 %
IPv6

17
Domains

24
Subdomains

19
IPs

3
Countries

1096 kB
Transfer

6755 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.flytradewind.com/ HTTP 301
    https://www.flytradewind.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://ad.doubleclick.net/ddm/activity/src=11013503;type=homep0;cat=trade0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=11013503;dc_pre=CJDVuMi7-voCFZbpmgod-mgN5Q;type=homep0;cat=trade0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=11013503;dc_pre=CJDVuMi7-voCFZbpmgod-mgN5Q;type=homep0;cat=trade0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID
Request Chain 57
  • https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=74lzqPArJx9Tq1cZAfyyMg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=kqUHR9WgcuMyTOaGjx6ZcNIE96FGVpXZ1Ldgc342N2P3ZfhKvLM138FnPtE_sQhg&sjrn_ula=6716875213 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=74lzqPArJx9Tq1cZAfyyMg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=kqUHR9WgcuMyTOaGjx6ZcNIE96FGVpXZ1Ldgc342N2P3ZfhKvLM138FnPtE_sQhg&sjrn_ula=6716875213&google_tc= HTTP 302
  • https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=kqUHR9WgcuMyTOaGjx6ZcNIE96FGVpXZ1Ldgc342N2P3ZfhKvLM138FnPtE_sQhg&sjrn_ula=6716875213&google_gid=CAESEJObWkGcaK-p9WrXMG3bcTA&google_cver=1
Request Chain 58
  • https://cm.g.doubleclick.net/pixel?google_hm=74lzqPArJx9Tq1cZAfyyMg&google_nid=sojern_adh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=74lzqPArJx9Tq1cZAfyyMg&google_nid=sojern_adh&google_tc= HTTP 302
  • https://fcmatch.google.com/pixel?google_gm=AMnCDoppZKZ1n06DjuLkpwk9wWzzHRJS35jjgw1e5M3FQUSgjljSxaPAaJTNKi6An0yNntpim_WV3wl6ZGIm06pIrYTD1JZbaovthf934iuld1oWKigp56E HTTP 302
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDoppZKZ1n06DjuLkpwk9wWzzHRJS35jjgw1e5M3FQUSgjljSxaPAaJTNKi6An0yNntpim_WV3wl6ZGIm06pIrYTD1JZbaovthf934iuld1oWKigp56E
Request Chain 59
  • https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=kqUHR9WgcuMyTOaGjx6ZcNIE96FGVpXZ1Ldgc342N2P3ZfhKvLM138FnPtE_sQhg HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DkqUHR9WgcuMyTOaGjx6ZcNIE96FGVpXZ1Ldgc342N2P3ZfhKvLM138FnPtE_sQhg HTTP 302
  • https://pixel.sojern.com/idsync/apn?id=3752868740128013227&sjrn_id=kqUHR9WgcuMyTOaGjx6ZcNIE96FGVpXZ1Ldgc342N2P3ZfhKvLM138FnPtE_sQhg

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.flytradewind.com/
Redirect Chain
  • http://www.flytradewind.com/
  • https://www.flytradewind.com/
470 KB
74 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 / PHP/7.4.3
Resource Hash
7f4a8d75d32dfc4380fb08b6e7e286c3555f725fdd7e77209ff439265944e0d3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 03:44:17 GMT
link
<https://www.flytradewind.com/wp-json/>; rel="https://api.w.org/" <https://www.flytradewind.com/wp-json/wp/v2/pages/302>; rel="alternate"; type="application/json" <https://www.flytradewind.com/>; rel=shortlink
server
nginx/1.11.10
vary
Accept-Encoding
x-powered-by
PHP/7.4.3

Redirect headers

Connection
keep-alive
Content-Length
134
Content-Type
text/html
Date
Tue, 25 Oct 2022 03:44:15 GMT
Location
https://www.flytradewind.com:443/
Server
awselb/2.0
work-sans-v9-latin-500.woff2
www.flytradewind.com/app/themes/azds-default/assets/font/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/font/work-sans-v9-latin-500.woff2
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
52cad65ce87876520c3352eb31455c22332a3bcd6ad392a10ac2d3afbb6b0297

Request headers

Referer
https://www.flytradewind.com/
Origin
https://www.flytradewind.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
last-modified
Thu, 20 Oct 2022 17:00:13 GMT
server
nginx/1.11.10
etag
"668c-5eb7a42372140"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26252
expires
Wed, 25 Oct 2023 03:44:17 GMT
spectral-v7-latin-200.woff2
www.flytradewind.com/app/themes/azds-default/assets/font/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/font/spectral-v7-latin-200.woff2
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
5bd42875cca5d757db0ebc7a06af4c1f69f793144963ed475ae454f883e8e307

Request headers

Referer
https://www.flytradewind.com/
Origin
https://www.flytradewind.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"527c-5eb7a4227df00"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21116
expires
Wed, 25 Oct 2023 03:44:17 GMT
spectral-v7-latin-300.woff2
www.flytradewind.com/app/themes/azds-default/assets/font/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/font/spectral-v7-latin-300.woff2
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
7b4d6c961422afd3f1e6081b4c91612fa03568e19f3bc7bdfcb8198c3493e95a

Request headers

Referer
https://www.flytradewind.com/
Origin
https://www.flytradewind.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"56a0-5eb7a4227df00"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
22176
expires
Wed, 25 Oct 2023 03:44:17 GMT
spectral-v7-latin-regular.woff2
www.flytradewind.com/app/themes/azds-default/assets/font/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/font/spectral-v7-latin-regular.woff2
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
4d46b9cf533d460ad479908c269a802f8bd08c5b44dfefccff56c0e327ae4ff2

Request headers

Referer
https://www.flytradewind.com/
Origin
https://www.flytradewind.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
last-modified
Thu, 20 Oct 2022 17:00:13 GMT
server
nginx/1.11.10
etag
"553c-5eb7a42372140"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21820
expires
Wed, 25 Oct 2023 03:44:17 GMT
karla-v15-latin-regular.woff2
www.flytradewind.com/app/themes/azds-default/assets/font/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/font/karla-v15-latin-regular.woff2
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
a968f482a73e8e8faf0032ad6e172d458b89725e88e5f0b7b16eb8cac332c308

Request headers

Referer
https://www.flytradewind.com/
Origin
https://www.flytradewind.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"2b9c-5eb7a4227df00"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11164
expires
Wed, 25 Oct 2023 03:44:17 GMT
spectral-v7-latin-italic.woff2
www.flytradewind.com/app/themes/azds-default/assets/font/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/font/spectral-v7-latin-italic.woff2
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
04bb69545c5ebe6436e4bb5d65e9f8384a1f174eed6cab3bcabfd30dea3ed5fe

Request headers

Referer
https://www.flytradewind.com/
Origin
https://www.flytradewind.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
last-modified
Thu, 20 Oct 2022 17:00:13 GMT
server
nginx/1.11.10
etag
"5944-5eb7a42372140"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
22852
expires
Wed, 25 Oct 2023 03:44:17 GMT
karla-v15-latin-500.woff2
www.flytradewind.com/app/themes/azds-default/assets/font/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/font/karla-v15-latin-500.woff2
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
dd23ecb31245d58dd8fbd954c9968bab217607fa0b692e6362524b69f9d18b43

Request headers

Referer
https://www.flytradewind.com/
Origin
https://www.flytradewind.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"2c64-5eb7a4227df00"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11364
expires
Wed, 25 Oct 2023 03:44:17 GMT
styles.css
www.flytradewind.com/app/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
content-encoding
gzip
last-modified
Mon, 11 Oct 2021 09:40:30 GMT
server
nginx/1.11.10
etag
"aab-5ce1085043f80-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
972
expires
Wed, 25 Oct 2023 03:44:17 GMT
gtm.js
www.googletagmanager.com/ 		147 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MMW5QCK
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e66aaad73dd30b10b25d46ecc612414a92d353bfd0005108712398b3e5d3e45f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54372
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 25 Oct 2022 03:44:17 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f92c23610d65aa0524b3e394d7318d440f9913cf26bed9d717e37f160dde4c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
logo__fleet.svg
www.flytradewind.com/app/themes/azds-default/assets/img/ 		975 B
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/img/logo__fleet.svg
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
37abddfb7a9e55f634b5395e678101454952747efb16dce8ce74ea59b9f18a39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:13 GMT
server
nginx/1.11.10
etag
"3cf-5eb7a42372140-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
535
expires
Wed, 25 Oct 2023 03:44:17 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c482e04ba22cc76980cab50a08ab6777603d3ed2680d3e2bbae5af0555ed2fe7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce9da6c80827c2db1607b0f5ad8df66f1043a4650d8f7dd2a50ad550443753e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f31aa8c0cf4d6156f180f3bd059a2433b8aab417033bcd1493440a4fa834a041

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		72 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
706ae8b1c189658b26057365b69835892e3ea1e60a784746e4e55f313a8dbe82

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
swiper.min.css
www.flytradewind.com/app/themes/azds-default/assets/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/css/swiper.min.css?ver=1666285211
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
906ba97c9e3365be3f9b418f3d56349e0ec5c128d99b5134c0c586d5a4586f09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:11 GMT
server
nginx/1.11.10
etag
"356d-5eb7a42189cc0-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4131
expires
Wed, 25 Oct 2023 03:44:17 GMT
app.min.css
www.flytradewind.com/app/themes/azds-default/assets/css/ 		243 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/css/app.min.css?ver=1666285212
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
4ded3d2799d579fac2859f32ab75cf32cbc5c967d3424436245bb33095c77369

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"3cd89-5eb7a4227df00-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
36752
expires
Wed, 25 Oct 2023 03:44:17 GMT
regenerator-runtime.min.js
www.flytradewind.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 17:46:17 GMT
server
nginx/1.11.10
etag
"194b-5e778f50e4c40-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2457
expires
Wed, 25 Oct 2023 03:44:17 GMT
wp-polyfill.min.js
www.flytradewind.com/wp-includes/js/dist/vendor/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 17:46:17 GMT
server
nginx/1.11.10
etag
"4ac6-5e778f50e4c40-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7095
expires
Wed, 25 Oct 2023 03:44:17 GMT
index.js
www.flytradewind.com/app/plugins/contact-form-7/includes/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/plugins/contact-form-7/includes/js/index.js?ver=5.5.3
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
content-encoding
gzip
last-modified
Mon, 11 Oct 2021 09:40:30 GMT
server
nginx/1.11.10
etag
"2e56-5ce1085043f80-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3767
expires
Wed, 25 Oct 2023 03:44:17 GMT
app.min.js
www.flytradewind.com/app/themes/azds-default/assets/js/ 		102 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/js/app.min.js?ver=1666285214
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
0168928274741e90968146c44cb2213df57cb40922c7bb42ca2b27be7a088265

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:14 GMT
server
nginx/1.11.10
etag
"198df-5eb7a42466380-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
28644
expires
Wed, 25 Oct 2023 03:44:17 GMT
api.js
www.google.com/recaptcha/ 		884 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdJ_b0UAAAAAD7figKBucPwVzUR_dINpJKM0DMX&ver=3.0
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
88a5718ccf0d8e0cefb70d4416b61c215bf4b324391070fad2f8f0dedba5a288
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
1; mode=block
expires
Tue, 25 Oct 2022 03:44:17 GMT
index.js
www.flytradewind.com/app/plugins/contact-form-7/modules/recaptcha/ 		934 B
740 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.3
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
content-encoding
gzip
last-modified
Mon, 11 Oct 2021 09:40:30 GMT
server
nginx/1.11.10
etag
"3a6-5ce1085043f80-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
483
expires
Wed, 25 Oct 2023 03:44:17 GMT
crisis-message.min.js
www.flytradewind.com/app/themes/azds-default/assets/js//blocks/optional/ 		388 B
511 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/js//blocks/optional/crisis-message.min.js?ver=1666285212
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
a22badee8cd482794deae8129e2c5238d07f67190c200490200489f4c6557643

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"184-5eb7a4227df00-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
254
expires
Wed, 25 Oct 2023 03:44:17 GMT
flight-widget.min.js
www.flytradewind.com/app/themes/azds-default/assets/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/js/flight-widget.min.js?ver=1666285212
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
d5a470acd663d3c61ea613f7de9dc4f0fe474fa47e4fc66d137b3dc37f5590cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"6063-5eb7a4227df00-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7010
expires
Wed, 25 Oct 2023 03:44:17 GMT
swiper.min.js
www.flytradewind.com/app/themes/azds-default/assets/js/ 		138 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/js/swiper.min.js?ver=1666285212
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
36231d9ccbf4581029b3733c99c07b587ce56a7113b74ae7c0c0a083aec38029

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"22681-5eb7a4227df00-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
35892
expires
Wed, 25 Oct 2023 03:44:17 GMT
slider-section.min.js
www.flytradewind.com/app/themes/azds-default/assets/js//blocks/optional/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/js//blocks/optional/slider-section.min.js?ver=1666285213
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
a66ac891d92873b1493d1e8c68c7ff8c0df0ed39c18d7b22539723d23f5ea8c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:13 GMT
server
nginx/1.11.10
etag
"b16-5eb7a42372140-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1022
expires
Wed, 25 Oct 2023 03:44:17 GMT
testimonials-slider.min.js
www.flytradewind.com/app/themes/azds-default/assets/js//blocks/optional/ 		1 KB
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/js//blocks/optional/testimonials-slider.min.js?ver=1666285213
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
72b05bc3c7050f8f5ac74385342728e543456f762031a40d1da34a7f01a8273d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:13 GMT
server
nginx/1.11.10
etag
"43a-5eb7a42372140-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
546
expires
Wed, 25 Oct 2023 03:44:17 GMT
base.min.js
www.flytradewind.com/app/themes/azds-default/assets/js/bootstrap/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/js/bootstrap/base.min.js?ver=1666285212
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
4603551cec51635aac0570a21e523be89401c1adf44755a9b5c9ca24657b6a4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"2405-5eb7a4227df00-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3275
expires
Wed, 25 Oct 2023 03:44:17 GMT
tab.min.js
www.flytradewind.com/app/themes/azds-default/assets/js/bootstrap/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/js/bootstrap/tab.min.js?ver=1666285212
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
aedc83e4448429f4e42a935882bfbb94c070b79514d8019ba9b1ab62acf2d25d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:17 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:12 GMT
server
nginx/1.11.10
etag
"f15-5eb7a4227df00-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1635
expires
Wed, 25 Oct 2023 03:44:17 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MMW5QCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 03:15:56 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1701
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 25 Oct 2022 05:15:56 GMT
02868c2a7d.js
static.marketingcdn.net/ 		146 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.marketingcdn.net/02868c2a7d.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MMW5QCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4af6c31c77f1df984a4c9009659ab0dcaee896bd1e28751a3c47f2a682d8ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:18 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 17 Oct 2022 18:39:23 GMT
server
cloudflare
age
47065
etag
W/"634da15b-249c5"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hdw0F2mtH1kQJ78Dq9WvZoNWVtXx70TKWyM%2BJCjvyoquRm%2B5NP75sNRqxhJXFhtoH5fPE5pTqC1FvuZfZBVcpq5n4P3zoL8%2BVUUm%2BThxLcDsxhSAz7z3YqnwXyl%2FBUrCMVBy7zEZbl5tpvzduv9tXHWIBy7W4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cf-ray
75f7f3f11e279022-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sjrn_autocx.js
static.sojern.com/utils/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.sojern.com/utils/sjrn_autocx.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MMW5QCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.188.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6cb087bd377229f8b7dc9cc77d14cf7829661950f4d97a0723bf856464c43c4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:12:06 GMT
age
1931
x-guploader-uploadid
ADPycdtZxuOqBPFZ6SOIhEzPAsXpt1xNGODxdBfqWYaenLpD5oJz5v9MRg1WGSzR87IV1KcXSe9Mclm_2iyQ4raWqt5SjwIXZCrQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5611
last-modified
Mon, 24 Oct 2022 10:30:59 GMT
server
UploadServer
etag
"d3bee3018f4ab530aacb22e3909b63a0"
x-goog-generation
1666607459018144
x-goog-hash
crc32c=taeang==, md5=077jAY9KtTCqyyLjkJtjoA==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
5611
accept-ranges
bytes
expires
Tue, 25 Oct 2022 04:12:06 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ 		396 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdJ_b0UAAAAAD7figKBucPwVzUR_dINpJKM0DMX&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flytradewind.com/
Origin
https://www.flytradewind.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161341
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 01:09:36 GMT
collect
www.google-analytics.com/j/ 		1 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=306661675&t=pageview&_s=1&dl=https%3A%2F%2Fwww.flytradewind.com%2F&ul=en-us&de=UTF-8&dt=Scheduled%20and%20Private%20Charter%20Flights%20%7C%20Tradewind%20Aviation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAABBAAAAC~&jid=1521308641&gjid=223666059&cid=857307520.1666669458&tid=UA-480359-1&_gid=876508376.1666669458&_r=1&gtm=2wgaj0MMW5QCK&z=2092039002
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.flytradewind.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 03:44:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.flytradewind.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin
https://www.flytradewind.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/ 		232 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b21ebb47d15e878d5fc3f7b5e00dbc4df42e8b0d9a26cbd2aac43b7ab6ca23a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		168 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9b0b47b1bd04b9a0c52c61c3db1c7b87dc11915d21772577898787c4a040293

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		591 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9de03a3b6cb1923d73e3cbeaa395ad5eb8f8b82c666ab1015117b67cde911d18

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc54cffe2cfaed80c1f1117c2bd7aa983e22b2d629d8b6d7785a4c91368acc6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
anchor
www.google.com/recaptcha/api2/ Frame 7060 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ_b0UAAAAAD7figKBucPwVzUR_dINpJKM0DMX&co=aHR0cHM6Ly93d3cuZmx5dHJhZGV3aW5kLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=uum4yq8gqb7f
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
779805d5d37d3095b32cbb05d5bdb4d905474fd83ff0ce914c337e72d96dc60d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jyMQ41sIT0sBQPmiebQUkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.flytradewind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22135
content-security-policy
script-src 'report-sample' 'nonce-jyMQ41sIT0sBQPmiebQUkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 03:44:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
logo__small.svg
www.flytradewind.com/app/themes/azds-default/assets/img/ 		145 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flytradewind.com/app/themes/azds-default/assets/img/logo__small.svg
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 /
Resource Hash
6d902a642aaf983c5aa8b5b41985c51dcc23b24cd6c5b2bccb219b693247dfbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:18 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:14 GMT
server
nginx/1.11.10
etag
"243f1-5eb7a42466380-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
50597
expires
Wed, 25 Oct 2023 03:44:18 GMT
player.js
cdn.tooltip.io/static/ 		465 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tooltip.io/static/player.js
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e1162eee6294593f45863829349350729495263a59ecd9e63525de0979c04c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:18 GMT
content-encoding
gzip
x-amz-request-id
E4DKMM3PYRV119QV
x-edge-location
defr
x-cache
HIT
content-length
78825
x-amz-id-2
F9Ww0pT5En/M/SvAqFBunCoLf9RLBsQ+Oy6loYk6fbjWlsqAD8n2PA8R1znV3/qTzZk4H1CGfZ4=
last-modified
Thu, 18 Aug 2022 12:58:29 GMT
server
keycdn-engine
etag
"02d644aa6278a6ee77a74c4590769485"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://s3.amazonaws.com/tooltip-static-player/static/player.js>; rel="canonical"
expires
Tue, 01 Nov 2022 03:44:18 GMT
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: static.marketingcdn.net
URL: https://static.marketingcdn.net/02868c2a7d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d53b8656b8f584f2303e2ca2e8be93d17c0245e7d62c419c79f701c4219b30cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Oct 2022 03:44:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 02:35:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Oct 2022 03:44:18 GMT
events
tracker.personizely.net/02868c2a7d/ 		524 B
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracker.personizely.net/02868c2a7d/events
Requested by
Host: static.marketingcdn.net
URL: https://static.marketingcdn.net/02868c2a7d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d292 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901914022cf1eeae0fbad1c9437cd1896b21fa025347d53ac10f06f0c5a16795

Request headers

Referer
https://www.flytradewind.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Oct 2022 03:44:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
allow
POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGwyQTwsdskPP1h9T7spPEpFA%2F5Kpf%2B9DlVZbo7m4DZ8Nmzwmlb8Zus%2FWBmJz24Ad%2BHjo6TyTTxBlkmfKMK1P9BMbXJPeJc%2BXcmHJ4NXDjwVhZrSSF3UBxmpnktmunQO2gXJt62JJxa7jinXWpo%2FPUUb5kwsNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.flytradewind.com
cache-control
max-age=0, must-revalidate, private
cf-ray
75f7f3f2ca1f9948-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 25 Oct 2022 03:44:18 GMT
logo-on-dark.svg
www.personizely.net/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.personizely.net/logo-on-dark.svg
Requested by
Host: static.marketingcdn.net
URL: https://static.marketingcdn.net/02868c2a7d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d292 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:42:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7118665
etag
W/"61a76dbb-30bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAmTBeUGB%2Bb0NIf7RVHf5JYcLVCA4GeeSpHjfGeAVRwwNWO1eIuoGrwDULAWNR9fRpIh8d500Sj80WRI3iBvGwz8iT0T1j9zKgGm2IW2J376JKNbSB0DskxL9c63KWaSLAYOdkf4hz7IygpTElPI9W8u"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
75f7f3f25973911f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 03 Aug 2023 18:19:53 GMT
events
tracker.personizely.net/02868c2a7d/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tracker.personizely.net/02868c2a7d/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d292 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.flytradewind.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST, PUT, GET, DELETE
access-control-allow-origin
https://www.flytradewind.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
75f7f3f259d2bbd7-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 03:44:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMa0kqsdlf4xc28imCn84%2Bo43NJCikIjDeiujzb4367gV%2B24Amrp%2B3t6BerT6TgKXdJyzgHEJpgVwrRUW%2BXR2EQDXbr%2Brdh4ZeMWLo9afQNu6kW1ACPjzm1smJc1UBIBB7WDH2ve6YZ%2FUt7TLsdlC3r9Xd3B2w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
s
static.sojern.com/cip/w/ Frame BC46 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=kvrqt-cz43g-4spj-gsqra-0prqn&auto_ga=857307520.1666669458&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.188.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7a6a0e0209f4d6005e8ec73b9c446aae0d7e5160971d325e59145f671ee0dc63

Request headers

Referer
https://www.flytradewind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
592
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
1265
content-type
text/html
date
Tue, 25 Oct 2022 03:34:26 GMT
etag
"5388bce0d9aa970cb2aa3027fb3db3a0"
expires
Tue, 25 Oct 2022 04:34:26 GMT
last-modified
Wed, 08 Dec 2021 10:40:49 GMT
server
UploadServer
x-goog-generation
1638960048994942
x-goog-hash
crc32c=BlpLWA== md5=U4i84NmqlwyyqjAn+z2zoA==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1265
x-guploader-uploadid
ADPycduuuWcbGOXT-OACna6Og-_Rlcbjgbsk5rqVJsckdzoahw8za0u2v6LdIM4adGzd1aEPD8azBk7h02NFtj6M9gRK-w
styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 7060 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ_b0UAAAAAD7figKBucPwVzUR_dINpJKM0DMX&co=aHR0cHM6Ly93d3cuZmx5dHJhZGV3aW5kLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=uum4yq8gqb7f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:41:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32578
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Oct 2023 18:41:20 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 7060 		396 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ_b0UAAAAAD7figKBucPwVzUR_dINpJKM0DMX&co=aHR0cHM6Ly93d3cuZmx5dHJhZGV3aW5kLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=uum4yq8gqb7f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161341
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 01:09:36 GMT
hasher.js
static.sojern.com/cip/ Frame BC46 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.sojern.com/cip/hasher.js
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=kvrqt-cz43g-4spj-gsqra-0prqn&auto_ga=857307520.1666669458&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.188.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=kvrqt-cz43g-4spj-gsqra-0prqn&auto_ga=857307520.1666669458&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:00:08 GMT
age
2650
x-guploader-uploadid
ADPycdvvj4w49oxe6uwRp_75Cp4TE9eYg5734wQQG4ixNIV3291lqmkiHt2u4M7w_gJRSIGS2D6_8YgEXTKNkACQh3mjSA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18469
last-modified
Tue, 07 Dec 2021 16:23:19 GMT
server
UploadServer
etag
"676881567863e15eb1b6aa81b384455c"
x-goog-generation
1638894199335821
x-goog-hash
crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
18469
accept-ranges
bytes
expires
Tue, 25 Oct 2022 04:00:08 GMT
create_params.js
static.sojern.com/utils/ Frame BC46 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.sojern.com/utils/create_params.js
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=kvrqt-cz43g-4spj-gsqra-0prqn&auto_ga=857307520.1666669458&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.188.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
02b02be496e69e49f701452a382cdb4a194e299c93dbb04b810fdfc2202ba1e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=kvrqt-cz43g-4spj-gsqra-0prqn&auto_ga=857307520.1666669458&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:14:14 GMT
age
1804
x-guploader-uploadid
ADPycdsIT2KSNMX3IeQMbJKWX-e1UGHQx3FEo3Bqbn6u9_HGwGHS62JzmYn8k7REEoI6s3WrMrEDltOD8Fb9GfXe7Z1kyg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4254
last-modified
Tue, 28 Jun 2022 09:19:26 GMT
server
UploadServer
etag
"8cd8e4fb2688fa4187547e1314b4f383"
x-goog-generation
1656407966894244
x-goog-hash
crc32c=q4e+bw==, md5=jNjk+yaI+kGHVH4TFLTzgw==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
4254
accept-ranges
bytes
expires
Tue, 25 Oct 2022 04:14:14 GMT
/
api.ipify.org/ 		22 B
259 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
8f9b8ac599577f559a58d40afccbc1d7f5eaf8678c85d4840a31f6309bfa543d

Request headers

Accept
application/json
Referer
https://www.flytradewind.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 25 Oct 2022 03:44:18 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.flytradewind.com
Connection
keep-alive
Content-Length
22
/
api.ipify.org/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.flytradewind.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
https://www.flytradewind.com
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Tue, 25 Oct 2022 03:44:18 GMT
Server
Cowboy
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
Via
1.1 vegur
317218
beacon.sojern.com/pixel/p/ Frame BC46 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.sojern.com/pixel/p/317218?f_v=v6_js&p_v=1&id=317218&cid=&f_v=v6_js&p_v=1&version=2&vid=hot&domain=https%3A%2F%2Fwww.flytradewind.com%2F&s=ccid_ga%7Cccid_auto&ccid=857307520.1666669458%7Ckvrqt-cz43g-4spj-gsqra-0prqn&et=hc
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=kvrqt-cz43g-4spj-gsqra-0prqn&auto_ga=857307520.1666669458&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
07c214fbee3073e73c98f390b5bbe419c15c30704b2314a72cd43d6d00508d28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:18 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding
content-type
application/javascript
p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
737
webworker.js
www.google.com/recaptcha/api2/ Frame 7060 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
deaf5a4d4987d3198c038ffa6ebfb7b3aefc084c71d8f02805e918d25096412a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ_b0UAAAAAD7figKBucPwVzUR_dINpJKM0DMX&co=aHR0cHM6Ly93d3cuZmx5dHJhZGV3aW5kLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=uum4yq8gqb7f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 25 Oct 2022 03:44:18 GMT
src=11013503;dc_pre=CJDVuMi7-voCFZbpmgod-mgN5Q;type=homep0;cat=trade0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;...
adservice.google.com/ddm/fls/z/ Frame BC46
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=11013503;type=homep0;cat=trade0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_7...
  • https://ad.doubleclick.net/ddm/activity/src=11013503;dc_pre=CJDVuMi7-voCFZbpmgod-mgN5Q;type=homep0;cat=trade0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%...
  • https://adservice.google.com/ddm/fls/z/src=11013503;dc_pre=CJDVuMi7-voCFZbpmgod-mgN5Q;type=homep0;cat=trade0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7...
42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=11013503;dc_pre=CJDVuMi7-voCFZbpmgod-mgN5Q;type=homep0;cat=trade0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=kvrqt-cz43g-4spj-gsqra-0prqn&auto_ga=857307520.1666669458&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Protocol
H2
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 03:44:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Oct 2022 03:44:18 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adservice.google.com/ddm/fls/z/src=11013503;dc_pre=CJDVuMi7-voCFZbpmgod-mgN5Q;type=homep0;cat=trade0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdX
pixel.sojern.com/idSync/ Frame BC46
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=74lzqPArJx9Tq1cZAfyyMg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=kqUHR9WgcuMyTOaGjx6ZcNIE96FGVpXZ1Ldgc342N2P3ZfhKvLM...
  • https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=74lzqPArJx9Tq1cZAfyyMg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=kqUHR9WgcuMyTOaGjx6ZcNIE96FGVpXZ1Ldgc342N2P3ZfhKvLM...
  • https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=kqUHR9WgcuMyTOaGjx6ZcNIE96FGVpXZ1Ldgc342N2P3ZfhKvLM138FnPtE_sQhg&sjrn_ula=6716875213&google_gid=CAESEJObWkGcaK-p9WrXMG3bcTA&google_cver=1
42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=kqUHR9WgcuMyTOaGjx6ZcNIE96FGVpXZ1Ldgc342N2P3ZfhKvLM138FnPtE_sQhg&sjrn_ula=6716875213&google_gid=CAESEJObWkGcaK-p9WrXMG3bcTA&google_cver=1
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=kvrqt-cz43g-4spj-gsqra-0prqn&auto_ga=857307520.1666669458&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Protocol
H2
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Tue, 25 Oct 2022 03:44:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 25 Oct 2022 03:44:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=kqUHR9WgcuMyTOaGjx6ZcNIE96FGVpXZ1Ldgc342N2P3ZfhKvLM138FnPtE_sQhg&sjrn_ula=6716875213&google_gid=CAESEJObWkGcaK-p9WrXMG3bcTA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
413
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
fcmatch.youtube.com/ Frame BC46
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_hm=74lzqPArJx9Tq1cZAfyyMg&google_nid=sojern_adh
  • https://cm.g.doubleclick.net/pixel?google_hm=74lzqPArJx9Tq1cZAfyyMg&google_nid=sojern_adh&google_tc=
  • https://fcmatch.google.com/pixel?google_gm=AMnCDoppZKZ1n06DjuLkpwk9wWzzHRJS35jjgw1e5M3FQUSgjljSxaPAaJTNKi6An0yNntpim_WV3wl6ZGIm06pIrYTD1JZbaovthf934iuld1oWKigp56E
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDoppZKZ1n06DjuLkpwk9wWzzHRJS35jjgw1e5M3FQUSgjljSxaPAaJTNKi6An0yNntpim_WV3wl6ZGIm06pIrYTD1JZbaovthf934iuld1oWKigp56E
170 B
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoppZKZ1n06DjuLkpwk9wWzzHRJS35jjgw1e5M3FQUSgjljSxaPAaJTNKi6An0yNntpim_WV3wl6ZGIm06pIrYTD1JZbaovthf934iuld1oWKigp56E
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=kvrqt-cz43g-4spj-gsqra-0prqn&auto_ga=857307520.1666669458&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Protocol
H2
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 03:44:19 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Oct 2022 03:44:19 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoppZKZ1n06DjuLkpwk9wWzzHRJS35jjgw1e5M3FQUSgjljSxaPAaJTNKi6An0yNntpim_WV3wl6ZGIm06pIrYTD1JZbaovthf934iuld1oWKigp56E
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
apn
pixel.sojern.com/idsync/ Frame BC46
Redirect Chain
  • https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=kqUHR9WgcuMyTOaGjx6ZcNIE96FGVpXZ1Ldgc342N2P3ZfhKvLM138FnPtE_sQhg
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DkqUHR9WgcuMyTOaGjx6ZcNIE96FGVpXZ1Ldgc342N2P3ZfhKvLM138FnPtE_sQhg
  • https://pixel.sojern.com/idsync/apn?id=3752868740128013227&sjrn_id=kqUHR9WgcuMyTOaGjx6ZcNIE96FGVpXZ1Ldgc342N2P3ZfhKvLM138FnPtE_sQhg
42 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sojern.com/idsync/apn?id=3752868740128013227&sjrn_id=kqUHR9WgcuMyTOaGjx6ZcNIE96FGVpXZ1Ldgc342N2P3ZfhKvLM138FnPtE_sQhg
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=kvrqt-cz43g-4spj-gsqra-0prqn&auto_ga=857307520.1666669458&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Protocol
H2
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Tue, 25 Oct 2022 03:44:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 03:44:18 GMT
AN-X-Request-Uuid
14e758fb-aa78-4922-bc2f-b2a4262bc9af
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://pixel.sojern.com/idsync/apn?id=3752868740128013227&sjrn_id=kqUHR9WgcuMyTOaGjx6ZcNIE96FGVpXZ1Ldgc342N2P3ZfhKvLM138FnPtE_sQhg
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame BC46 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=kqUHR9WgcuMyTOaGjx6ZcNIE96FGVpXZ1Ldgc342N2P3ZfhKvLM138FnPtE_sQhg&ttd_tpi=1
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=317218&f_v=v6_js&p_v=1&version=2&auto_url=https%3A%2F%2Fwww.flytradewind.com%2F&auto_ccid=kvrqt-cz43g-4spj-gsqra-0prqn&auto_ga=857307520.1666669458&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vid=tou&cid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 25 Oct 2022 03:44:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
reload
www.google.com/recaptcha/api2/ Frame 7060 		32 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LdJ_b0UAAAAAD7figKBucPwVzUR_dINpJKM0DMX
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9b9ce8f8308ee70c13de8995239560f4fcb3c622b0e2e37d388ec8cc4fd5ba59
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ_b0UAAAAAD7figKBucPwVzUR_dINpJKM0DMX&co=aHR0cHM6Ly93d3cuZmx5dHJhZGV3aW5kLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=uum4yq8gqb7f
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Tue, 25 Oct 2022 03:44:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18494
x-xss-protection
1; mode=block
expires
Tue, 25 Oct 2022 03:44:18 GMT
01fc6155-c6fe-4e58-bc81-3a62886e7d99
pp.signalayer.com/ 		2 B
260 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pp.signalayer.com/01fc6155-c6fe-4e58-bc81-3a62886e7d99
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.12.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-12-113.compute-1.amazonaws.com
Software
nginx/1.15.8 / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, application/xml, text/play, text/html, *.*
Referer
https://www.flytradewind.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:19 GMT
server
nginx/1.15.8
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type,Authorization
content-length
2
01fc6155-c6fe-4e58-bc81-3a62886e7d99.json
data.tooltip.io/player/fetch/ 		54 B
517 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.tooltip.io/player/fetch/01fc6155-c6fe-4e58-bc81-3a62886e7d99.json
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3600:6:36e8:9f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e099629cd81ad69ae59437b8d17f8c059695cc385f1493af5f3a6cce4c994f7

Request headers

Accept
application/json, application/xml, text/play, text/html, *.*
Referer
https://www.flytradewind.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:20 GMT
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
last-modified
Sat, 22 Oct 2022 08:05:19 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
etag
"21c5d7ac3026c86f166a0e24b12b2b5d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
content-length
54
x-amz-cf-id
YYySwK0XtiS3JhqzFjm_LNbvUvOFRNnW9p4m3THyb7Neb1XMVcdWkw==
refill
www.flytradewind.com/wp-json/contact-form-7/v1/contact-forms/287/ 		2 B
366 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/wp-json/contact-form-7/v1/contact-forms/287/refill
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/app/plugins/contact-form-7/includes/js/index.js?ver=5.5.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 / PHP/7.4.3
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, */*;q=0.1
Referer
https://www.flytradewind.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:19 GMT
x-content-type-options
nosniff
server
nginx/1.11.10
x-powered-by
PHP/7.4.3
allow
GET
vary
Origin
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-robots-tag
noindex
link
<https://www.flytradewind.com/wp-json/>; rel="https://api.w.org/"
content-length
2
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
refill
www.flytradewind.com/wp-json/contact-form-7/v1/contact-forms/1442/ 		2 B
366 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.flytradewind.com/wp-json/contact-form-7/v1/contact-forms/1442/refill
Requested by
Host: www.flytradewind.com
URL: https://www.flytradewind.com/app/plugins/contact-form-7/includes/js/index.js?ver=5.5.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.125.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-125-11.compute-1.amazonaws.com
Software
nginx/1.11.10 / PHP/7.4.3
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, */*;q=0.1
Referer
https://www.flytradewind.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:44:19 GMT
x-content-type-options
nosniff
server
nginx/1.11.10
x-powered-by
PHP/7.4.3
allow
GET
vary
Origin
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-robots-tag
noindex
link
<https://www.flytradewind.com/wp-json/>; rel="https://api.w.org/"
content-length
2
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cover-2-scaled.jpeg.webp
s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02193305/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02193305/cover-2-scaled.jpeg.webp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.172.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6922ed6653e75d7dfc969ea221e620dfb5f02623b1c2aa03a4c7f792ddbb12ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 03:44:20 GMT
Last-Modified
Fri, 26 Nov 2021 16:09:23 GMT
Server
AmazonS3
x-amz-request-id
TTPGGJ4V7TWVSJNG
ETag
"6761e8577315f4e4e5e8f819e8b93fad"
Content-Type
image/webp
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
37534
x-amz-id-2
wOw1mmyNs30dggU4FNqrJS7RBRRDLb9n4a4UL1LtmXIvPvDT0bxcJzLZOJJq8GWcP/pgJ9vSu2E=
Expires
Sat, 26 Nov 2022 16:09:20 GMT
traveler-2-300x113.png
s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02194152/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02194152/traveler-2-300x113.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.172.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7d5a3c5ca70c587f25cb141f64613d465869c0d22ebfac07938310230fddc7f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 03:44:20 GMT
Last-Modified
Fri, 26 Nov 2021 16:11:55 GMT
Server
AmazonS3
x-amz-request-id
TTPYJ7VZW9YKY72K
ETag
"3921fd18077db73dec0422475d7f6fa2"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
7708
x-amz-id-2
/Mf3DlmVd5rOr82PTeRTYve65PsaFN3qz6dLinlJCxDZau2vDrNXEjStFYE5A03La4X3bJ7dJS4=
Expires
Sat, 26 Nov 2022 16:11:54 GMT
logo.svg
s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/22201814/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/22201814/logo.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.172.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5c9a38c9b9da63118d5c210d9581d0d98353085c79085d8a80097528888c9aed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 03:44:20 GMT
Content-Encoding
gzip
Last-Modified
Sun, 22 Aug 2021 20:18:15 GMT
Server
AmazonS3
x-amz-request-id
TTPRGCQXWXTDTVBD
ETag
"3fc05618fe524718003c4f7fa7c10f3b"
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
3735
x-amz-id-2
rFhHul5EyXErwAxWO3a4PE6J8GBJaWENRydJ38V3XjoELlkk04fxBbfwGH/h1blTOZ/uCcOYfiM=
Expires
Mon, 22 Aug 2022 20:18:14 GMT
forbes-2-1-300x117.png
s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02194158/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02194158/forbes-2-1-300x117.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.172.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e19446cd678134715f1edb8c3f65cee5ea7f4a048715be96779877f873c49897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 03:44:20 GMT
Last-Modified
Fri, 26 Nov 2021 16:12:07 GMT
Server
AmazonS3
x-amz-request-id
TTPG09FG9GFGW13M
ETag
"a71402793eac6cff584880557ed02217"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
5605
x-amz-id-2
b+USiZkdm78+y3xsQvrfE+A5rMsqUMX+48Xo8DPWyY6oOVzhCWFj7I+nfBNoEfYmD2I/CBHjM7s=
Expires
Sat, 26 Nov 2022 16:12:05 GMT
kisspng-town-country-new-york-city-magazine-people-tellu-town-square-5b227e5b0bbdc0.4110110615289872270481-1-300x52.png
s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/22202648/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/22202648/kisspng-town-country-new-york-city-magazine-people-tellu-town-square-5b227e5b0bbdc0.4110110615289872270481-1-300x52.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.172.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
483bac9502555809b16c4a6d4c5f06a5a838e397d3147fb80be7092c9f7e22c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flytradewind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 03:44:20 GMT
Last-Modified
Fri, 26 Nov 2021 20:31:23 GMT
Server
AmazonS3
x-amz-request-id
TTPZ12B5M4W5J3GQ
ETag
"f9687e1989348e0fea524775ececfd63"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
4825
x-amz-id-2
rMdab4qa00gnj+QxxI76A2ICo++isR4ac3bPvvqTtlcWoUi5JvMq3YP1XC90FdzvnV8PpvCphz4=
Expires
Sat, 26 Nov 2022 20:31:22 GMT
home_1-1.mp4
s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02100114/ 		50 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02100114/home_1-1.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.172.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.flytradewind.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 25 Oct 2022 03:44:20 GMT
Last-Modified
Mon, 02 Aug 2021 10:01:15 GMT
Server
AmazonS3
x-amz-request-id
TTPPXVX96C0HB9EV
ETag
"e55314a759216667d362e9abdbf7f365"
Content-Type
video/mp4
Content-Range
bytes 0-3631492/3631493
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
3631493
x-amz-id-2
eS6WMiIAiVWpBD8XKp4HwX0BXmHmWTTlwnZKZnGtvl/eEkHNqo2KCQAG/dMoYF3796ReMKCZd14=
Expires
Tue, 02 Aug 2022 10:01:14 GMT
home_1-1.mp4
s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02100114/ 		26 KB
27 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02100114/home_1-1.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.172.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
eac5380294ca3c422c83f59fc1b9b0f55870b221d60edbc12b0eb61954cd2ffc

Request headers

Referer
https://www.flytradewind.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range
bytes=3604480-

Response headers

Date
Tue, 25 Oct 2022 03:44:20 GMT
Last-Modified
Mon, 02 Aug 2021 10:01:15 GMT
Server
AmazonS3
x-amz-request-id
TTPHQMF31AZ9ZXRY
ETag
"e55314a759216667d362e9abdbf7f365"
Content-Type
video/mp4
Content-Range
bytes 3604480-3631492/3631493
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
27013
x-amz-id-2
d+GCqc8+7IsfngS8Q9BKPk2zZBBp/JV/Bl6T4kdd0dw+3pmATCpAFUiFNkKEO7YimY9qrKhbG90=
Expires
Tue, 02 Aug 2022 10:01:14 GMT
home_1-1.mp4
s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02100114/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/uploads.flytradewind.com/app/uploads/2021/07/02100114/home_1-1.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.172.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.flytradewind.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range
bytes=32768-

Response headers

Date
Tue, 25 Oct 2022 03:44:20 GMT
Last-Modified
Mon, 02 Aug 2021 10:01:15 GMT
Server
AmazonS3
x-amz-request-id
TTPJ52EE5D502493
ETag
"e55314a759216667d362e9abdbf7f365"
Content-Type
video/mp4
Content-Range
bytes 32768-3631492/3631493
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
3598725
x-amz-id-2
WZWXbof6uECJ7c29NJw58JL5gcWJ0se+Pe/DJXZKY7o0Lh8Gayv5Ysp9CargnDINd7wPwx6vOnI=
Expires
Tue, 02 Aug 2022 10:01:14 GMT

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation undefined| $ function| jQuery object| dataLayer object| predefined_search object| wpcf7 object| azdsDefaultSettings object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| wpcf7_recaptcha object| gaplugins object| gaGlobal object| gaData object| directions object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate function| getBreakpoints function| removeA function| setCookie function| deleteCookie function| getCookie function| validateEmail function| confirmationDialog function| urlHasVars function| removeHash function| parseHash function| delay function| getBrowserInfo number| loadLazyScriptsTimer object| userInteractionEvents function| triggerScriptLoader function| loadScripts function| preloaderDone function| flatpickr function| LazyLoad function| controlsPlugin function| rangePlugin function| timeListPlugin object| gridBreakPoints object| selectedBlock object| wayType function| apc function| FuzzySearch object| recaptcha object| closure_lm_293905 function| Swiper object| Data object| EventHandler object| Manipulator object| SelectorEngine function| Base function| Tab object| Tooltip string| key object| ply boolean| plyInitialized function| deml function| sjrn_cipher function| sjrn_wfe function| sjrn_e function| feml function| sjrn_heml function| sjrn_ccid function| sjrn_ga function| sjrn_run string| value object| parts object| ga_ids string| ga_id object| ga_id_split object| matched_set object| first_matched object| matched boolean| domain_match number| referrer_match string| auto_eml_domain object| sjrn_eml object| sjrn_params object| Outlog string| currentIp object| slide object| Signalayer

14 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AHtfOcjUmZtjTk8TffocKHbWwkP3ubn4wOCmDSExOVX-tGYxl_P5T_3n5-yXj84OVXZ5UFJGhCd68-d3O-393lY
.flytradewind.com/ Name: _ga
Value: GA1.2.857307520.1666669458
.flytradewind.com/ Name: _gid
Value: GA1.2.876508376.1666669458
.flytradewind.com/ Name: _gat_UA-480359-1
Value: 1
www.flytradewind.com/ Name: _ply_first_visit_page
Value: /
www.flytradewind.com/ Name: _ply_first_visit
Value: 1666669458000
www.flytradewind.com/ Name: _ply_last_visit
Value: 1666669458000
www.flytradewind.com/ Name: _ply
Value: f1647c03f76dca83af846125af05c1f7
.adnxs.com/ Name: uuid2
Value: 3752868740128013227
.doubleclick.net/ Name: IDE
Value: AHWqTUk29gqwNUB2dF1iU-TpXsN_e2AezR60XUaUjEhSmRXnRBBzEG2vfStOqUHJ0mA
.sojern.com/ Name: gid
Value: CAESEJObWkGcaK-p9WrXMG3bcTA
.sojern.com/ Name: cid
Value: ef8973a8-f02b-271f-53ab-571901fcb232#1666656000000
.sojern.com/ Name: apnid
Value: 3752868740128013227
www.flytradewind.com/ Name: _sl_ping_marker
Value: initial

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
api.ipify.org
beacon.sojern.com
cdn.tooltip.io
cm.g.doubleclick.net
data.tooltip.io
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
ib.adnxs.com
match.adsrvr.org
pixel.sojern.com
pp.signalayer.com
s3.amazonaws.com
static.marketingcdn.net
static.sojern.com
tracker.personizely.net
www.flytradewind.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.personizely.net
107.178.244.119
142.250.184.230
142.250.186.162
15.197.193.217
185.89.211.84
2600:9000:2127:3600:6:36e8:9f00:93a1
2606:4700:3031::ac43:d292
2606:4700:3034::6815:5f66
2a00:1450:4001:803::2004
2a00:1450:4001:803::200e
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2008
2a00:1450:4001:827::200a
2a00:1450:4001:829::2003
2a0b:4d07:101::1
3.224.125.11
34.239.12.113
35.244.188.9
54.231.172.168
54.91.59.199
0168928274741e90968146c44cb2213df57cb40922c7bb42ca2b27be7a088265
02b02be496e69e49f701452a382cdb4a194e299c93dbb04b810fdfc2202ba1e0
04bb69545c5ebe6436e4bb5d65e9f8384a1f174eed6cab3bcabfd30dea3ed5fe
07c214fbee3073e73c98f390b5bbe419c15c30704b2314a72cd43d6d00508d28
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
2b21ebb47d15e878d5fc3f7b5e00dbc4df42e8b0d9a26cbd2aac43b7ab6ca23a
36231d9ccbf4581029b3733c99c07b587ce56a7113b74ae7c0c0a083aec38029
37abddfb7a9e55f634b5395e678101454952747efb16dce8ce74ea59b9f18a39
4603551cec51635aac0570a21e523be89401c1adf44755a9b5c9ca24657b6a4d
483bac9502555809b16c4a6d4c5f06a5a838e397d3147fb80be7092c9f7e22c7
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4d46b9cf533d460ad479908c269a802f8bd08c5b44dfefccff56c0e327ae4ff2
4ded3d2799d579fac2859f32ab75cf32cbc5c967d3424436245bb33095c77369
4e099629cd81ad69ae59437b8d17f8c059695cc385f1493af5f3a6cce4c994f7
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52cad65ce87876520c3352eb31455c22332a3bcd6ad392a10ac2d3afbb6b0297
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a4af6c31c77f1df984a4c9009659ab0dcaee896bd1e28751a3c47f2a682d8ea
5bd42875cca5d757db0ebc7a06af4c1f69f793144963ed475ae454f883e8e307
5c9a38c9b9da63118d5c210d9581d0d98353085c79085d8a80097528888c9aed
5e1162eee6294593f45863829349350729495263a59ecd9e63525de0979c04c3
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
6922ed6653e75d7dfc969ea221e620dfb5f02623b1c2aa03a4c7f792ddbb12ca
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb087bd377229f8b7dc9cc77d14cf7829661950f4d97a0723bf856464c43c4c
6d902a642aaf983c5aa8b5b41985c51dcc23b24cd6c5b2bccb219b693247dfbc
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
706ae8b1c189658b26057365b69835892e3ea1e60a784746e4e55f313a8dbe82
72b05bc3c7050f8f5ac74385342728e543456f762031a40d1da34a7f01a8273d
779805d5d37d3095b32cbb05d5bdb4d905474fd83ff0ce914c337e72d96dc60d
7a6a0e0209f4d6005e8ec73b9c446aae0d7e5160971d325e59145f671ee0dc63
7b4d6c961422afd3f1e6081b4c91612fa03568e19f3bc7bdfcb8198c3493e95a
7d5a3c5ca70c587f25cb141f64613d465869c0d22ebfac07938310230fddc7f1
7f4a8d75d32dfc4380fb08b6e7e286c3555f725fdd7e77209ff439265944e0d3
88a5718ccf0d8e0cefb70d4416b61c215bf4b324391070fad2f8f0dedba5a288
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f92c23610d65aa0524b3e394d7318d440f9913cf26bed9d717e37f160dde4c3
8f9b8ac599577f559a58d40afccbc1d7f5eaf8678c85d4840a31f6309bfa543d
901914022cf1eeae0fbad1c9437cd1896b21fa025347d53ac10f06f0c5a16795
906ba97c9e3365be3f9b418f3d56349e0ec5c128d99b5134c0c586d5a4586f09
9b9ce8f8308ee70c13de8995239560f4fcb3c622b0e2e37d388ec8cc4fd5ba59
9de03a3b6cb1923d73e3cbeaa395ad5eb8f8b82c666ab1015117b67cde911d18
a22badee8cd482794deae8129e2c5238d07f67190c200490200489f4c6557643
a66ac891d92873b1493d1e8c68c7ff8c0df0ed39c18d7b22539723d23f5ea8c1
a968f482a73e8e8faf0032ad6e172d458b89725e88e5f0b7b16eb8cac332c308
aedc83e4448429f4e42a935882bfbb94c070b79514d8019ba9b1ab62acf2d25d
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bc54cffe2cfaed80c1f1117c2bd7aa983e22b2d629d8b6d7785a4c91368acc6a
c482e04ba22cc76980cab50a08ab6777603d3ed2680d3e2bbae5af0555ed2fe7
c9b0b47b1bd04b9a0c52c61c3db1c7b87dc11915d21772577898787c4a040293
ce9da6c80827c2db1607b0f5ad8df66f1043a4650d8f7dd2a50ad550443753e3
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce
d53b8656b8f584f2303e2ca2e8be93d17c0245e7d62c419c79f701c4219b30cd
d5a470acd663d3c61ea613f7de9dc4f0fe474fa47e4fc66d137b3dc37f5590cd
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
dd23ecb31245d58dd8fbd954c9968bab217607fa0b692e6362524b69f9d18b43
deaf5a4d4987d3198c038ffa6ebfb7b3aefc084c71d8f02805e918d25096412a
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f
df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b
e19446cd678134715f1edb8c3f65cee5ea7f4a048715be96779877f873c49897
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e66aaad73dd30b10b25d46ecc612414a92d353bfd0005108712398b3e5d3e45f
eac5380294ca3c422c83f59fc1b9b0f55870b221d60edbc12b0eb61954cd2ffc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f31aa8c0cf4d6156f180f3bd059a2433b8aab417033bcd1493440a4fa834a041