urlscan.io logo urlscan.io
SecurityTrails logo

scandinavianairline.co Open in urlscan Pro
185.150.189.143  Public Scan

Go To Rescan Add Verdict Report
URL: http://scandinavianairline.co/
Submission: On February 01 via manual from SE — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 5 countries across 26 domains to perform 72 HTTP transactions. The main IP is 185.150.189.143, located in United States and belongs to RELIABLESITE, US. The main domain is scandinavianairline.co.
This is the only time scandinavianairline.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 185.150.189.143 23470 (RELIABLESITE)
1 142.250.185.106 15169 (GOOGLE)
21 13.32.23.15 16509 (AMAZON-02)
6 142.250.180.194 15169 (GOOGLE)
1 5 142.250.184.238 15169 (GOOGLE)
1 5 35.186.212.60 15169 (GOOGLE)
1 142.250.185.168 15169 (GOOGLE)
2 157.240.253.1 32934 (FACEBOOK)
5 104.96.91.98 20940 (AKAMAI-ASN1)
1 13.32.27.7 16509 (AMAZON-02)
3 4 142.250.185.98 15169 (GOOGLE)
2 52.223.40.198 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 35.241.54.161 15169 (GOOGLE)
1 1 46.228.164.13 56396 (AMOBEE)
1 2 54.208.86.90 14618 (AMAZON-AES)
1 54.73.101.116 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 18.156.0.31 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
3 107.178.244.119 15169 (GOOGLE)
5 142.250.186.162 15169 (GOOGLE)
1 142.251.208.174 15169 (GOOGLE)
2 2 37.252.171.149 29990 (ASN-APPNEX)
2 185.60.216.35 32934 (FACEBOOK)
1 142.251.208.162 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
1 142.250.180.226 15169 (GOOGLE)
3 142.250.180.225 15169 (GOOGLE)
1 142.251.39.36 15169 (GOOGLE)
72 25
2    185.150.189.143 (United States)

ASN23470 (RELIABLESITE, US)
PTR: venus.galaxysecured.net
scandinavianairline.co
1    142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net
fonts.googleapis.com
21    13.32.23.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-15.fra56.r.cloudfront.net
d1idk9dk5z9kp6.cloudfront.net
6    142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net
pagead2.googlesyndication.com
5    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
www.google-analytics.com
fcmatch.google.com
5    35.186.212.60 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com
tag.yieldoptimizer.com
1    142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net
www.googletagmanager.com
2    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
5    104.96.91.98 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-96-91-98.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    13.32.27.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-7.fra56.r.cloudfront.net
static.hotjar.com
4    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    35.241.54.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 161.54.241.35.bc.googleusercontent.com
tag.adaraanalytics.com
1    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
2    54.208.86.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-86-90.compute-1.amazonaws.com
dpm.demdex.net
1    54.73.101.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-101-116.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
3    107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com
pixel.sojern.com
5    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.251.208.174 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f14.1e100.net
fcmatch.youtube.com
2    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    185.60.216.35 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com
www.facebook.com
1    142.251.208.162 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f2.1e100.net
partner.googleadservices.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
adservice.google.se
1    142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net
adservice.google.com
3    142.250.180.225 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f1.1e100.net
tpc.googlesyndication.com
1    142.251.39.36 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
21 cloudfront.net
d1idk9dk5z9kp6.cloudfront.net
199 KB
9 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
6 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
208 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 776
101 KB
5 yieldoptimizer.com
tag.yieldoptimizer.com — Cisco Umbrella Rank: 4049
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
21 KB
3 google.com
fcmatch.google.com — Cisco Umbrella Rank: 2444
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 sojern.com
pixel.sojern.com — Cisco Umbrella Rank: 7140
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
239 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
2 KB
2 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 833
ups.analytics.yahoo.com — Cisco Umbrella Rank: 274
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 197
2 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 304
529 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
136 KB
2 scandinavianairline.co
scandinavianairline.co
18 KB
1 google.se
adservice.google.se — Cisco Umbrella Rank: 74270
531 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 858
609 B
1 youtube.com
fcmatch.youtube.com — Cisco Umbrella Rank: 2448
432 B
1 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 3639
417 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 581
338 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1147
415 B
1 adaraanalytics.com
tag.adaraanalytics.com — Cisco Umbrella Rank: 19265
388 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 349
448 B
1 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 620
4 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
43 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
890 B
72 26
Domain Requested by
21 d1idk9dk5z9kp6.cloudfront.net scandinavianairline.co
d1idk9dk5z9kp6.cloudfront.net
6 pagead2.googlesyndication.com scandinavianairline.co
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
5 analytics.tiktok.com scandinavianairline.co
analytics.tiktok.com
5 tag.yieldoptimizer.com 1 redirects scandinavianairline.co
4 cm.g.doubleclick.net 3 redirects scandinavianairline.co
4 www.google-analytics.com scandinavianairline.co
www.googletagmanager.com
www.google-analytics.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 pixel.sojern.com scandinavianairline.co
2 www.facebook.com scandinavianairline.co
2 ib.adnxs.com 2 redirects
2 dpm.demdex.net 1 redirects scandinavianairline.co
2 match.adsrvr.org scandinavianairline.co
2 connect.facebook.net scandinavianairline.co
connect.facebook.net
2 scandinavianairline.co scandinavianairline.co
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.se pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fcmatch.youtube.com scandinavianairline.co
1 fcmatch.google.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 beacon.krxd.net scandinavianairline.co
1 d.turn.com 1 redirects
1 tag.adaraanalytics.com scandinavianairline.co
1 idsync.rlcdn.com scandinavianairline.co
1 static.hotjar.com scandinavianairline.co
1 www.googletagmanager.com scandinavianairline.co
1 fonts.googleapis.com scandinavianairline.co
72 31

This site contains links to these domains. Also see Links.

Domain
www.tripsinsider.com
www.top-cruise-deals.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-11-10 -
2023-02-08		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2022-12-15 -
2024-01-15		 a year crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adaraanalytics.com
Go Daddy Secure Certificate Authority - G2		 2022-06-25 -
2023-07-27		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-20 -
2023-10-19		 a year crt.sh
*.sojern.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-17 -
2024-02-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.se
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh

This page contains 8 frames:

Primary Page: http://scandinavianairline.co/
Frame ID: 2D29FFAEDB0F53BC9B8C3E1E69E58263
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/zrt_lookup.html
Frame ID: 441B0279512639D14C81E85419B27A96
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3049526025298869&output=html&h=80&slotname=4757800033&adk=418467429&adf=1468885513&pi=t.ma~as.4757800033&w=300&lmt=1668349273&format=300x80&url=http%3A%2F%2Fscandinavianairline.co%2F&wgl=1&dt=1675254113553&bpp=3&bdt=938&idt=479&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&correlator=2572299386483&frm=20&pv=2&ga_vid=1848888262.1675254114&ga_sid=1675254114&ga_hid=1149629742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1060&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071545%2C31071580%2C31071755%2C31071789%2C31071811%2C31071263&oid=2&pvsid=2426876963906323&tmod=1031656404&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=gtYfYrrd16&p=http%3A//scandinavianairline.co&dtd=495
Frame ID: 01D3A5360921EBB781F30E62376BC192
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3049526025298869&output=html&h=280&slotname=7711266438&adk=4066113200&adf=3459343451&pi=t.ma~as.7711266438&w=728&fwrn=4&fwrnh=100&lmt=1668349273&rafmt=1&format=728x280&url=http%3A%2F%2Fscandinavianairline.co%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1675254113556&bpp=2&bdt=941&idt=496&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x80&correlator=2572299386483&frm=20&pv=1&ga_vid=1848888262.1675254114&ga_sid=1675254114&ga_hid=1149629742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=730&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071545%2C31071580%2C31071755%2C31071789%2C31071811%2C31071263&oid=2&pvsid=2426876963906323&tmod=1031656404&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=bxcNdCEJMp&p=http%3A//scandinavianairline.co&dtd=501
Frame ID: 8C3DC253CAC6C2178395FDD5C92F6D97
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3049526025298869&output=html&h=280&slotname=1804333631&adk=2508022459&adf=2951112906&pi=t.ma~as.1804333631&w=728&fwrn=4&fwrnh=100&lmt=1668349273&rafmt=1&format=728x280&url=http%3A%2F%2Fscandinavianairline.co%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1675254113558&bpp=1&bdt=944&idt=510&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x80%2C728x280&correlator=2572299386483&frm=20&pv=1&ga_vid=1848888262.1675254114&ga_sid=1675254114&ga_hid=1149629742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=2079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071545%2C31071580%2C31071755%2C31071789%2C31071811%2C31071263&oid=2&pvsid=2426876963906323&tmod=1031656404&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=M78Vr7UKRU&p=http%3A//scandinavianairline.co&dtd=514
Frame ID: D1C892A1EEEAC396EB279F5EE70801FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3049526025298869&output=html&adk=1812271804&adf=3025194257&lmt=1668349273&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=356x540_l%7C404x540_r&format=0x0&url=http%3A%2F%2Fscandinavianairline.co%2F&ea=0&pra=7&wgl=1&dt=1675254113571&bpp=1&bdt=956&idt=507&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x80%2C728x280%2C728x280&nras=1&correlator=2572299386483&frm=20&pv=1&ga_vid=1848888262.1675254114&ga_sid=1675254114&ga_hid=1149629742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071545%2C31071580%2C31071755%2C31071789%2C31071811%2C31071263&oid=2&pvsid=2426876963906323&tmod=1031656404&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=524
Frame ID: B83D118E4975DA0C7985C53FFE8F257D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 82C03014DEC5F3E4B60463782A8FEA52
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4EDC3FB5B4F8931DF512B9B0FF5F5B45
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cheap Flights - Scandinavia Airline

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

72
Requests

82 %
HTTPS

0 %
IPv6

26
Domains

31
Subdomains

25
IPs

5
Countries

745 kB
Transfer

2271 kB
Size

33
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • http://www.google-analytics.com/ga_exp.js?utmxkey=74967075-55&utmx=&utmxx=&utmxtime=1675254112633 HTTP 307
  • https://www.google-analytics.com/ga_exp.js?utmxkey=74967075-55&utmx=&utmxx=&utmxtime=1675254112633
Request Chain 20
  • https://tag.yieldoptimizer.com/ps/ps?t=s&p=5864&pg=sh&tp=a&si=TI&adc=&cr=GH&ln=en HTTP 302
  • https://tag.yieldoptimizer.com/ps/ps?tc=63072463&t=s&p=5864&pg=sh&tp=a&si=TI&adc=&cr=GH&ln=en
Request Chain 30
  • https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNjYzODM2NTQwMQ&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNjYzODM2NTQwMQ&google_sc=&google_tc=
Request Chain 34
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID} HTTP 302
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3872451264296994851
Request Chain 35
  • https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3016638365401 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3016638365401
Request Chain 37
  • https://cms.analytics.yahoo.com/cms?partner_id=ADARA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58700/cms?partner_id=ADARA HTTP 302
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=6729&uid=y-U0CAxEpE2pE9P8lu9YRyMx62aICxdmbJ3as-~A
Request Chain 38
  • https://cm.ctnsnet.com/int/cm?crdp=true&prv=ar&uid=3016638365401 HTTP 302
  • https://tag.yieldoptimizer.com/ps/ps?t=s&p=6438&uid=f0fd67e98a54429fa502007f49faceec
Request Chain 46
  • https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=T3A3IJ8TXFsez7rtDv_LiQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=p1jS9j2dyHNg_zMjHPZfZwC08d-9eP7b4T89UfWbjMeWoO_jOO-UeIRjgiqBzBHq HTTP 302
  • https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=p1jS9j2dyHNg_zMjHPZfZwC08d-9eP7b4T89UfWbjMeWoO_jOO-UeIRjgiqBzBHq&google_gid=CAESEPSt9jWeO7JZTn2hdjIwu00&google_cver=1
Request Chain 47
  • https://cm.g.doubleclick.net/pixel?google_hm=T3A3IJ8TXFsez7rtDv_LiQ&google_nid=sojern_adh HTTP 302
  • https://fcmatch.google.com/pixel?google_gm=AMnCDopmyrHpKDxZ_18xmEWNBuORBichMiaofnm7nZ1iuQHSSh9B4uLXxgiPFEYO-RwVOiqt-s8oAu-5_qz2mgNYxEDvpKM9JG4xFq99fBv5DP2poqnDmeA HTTP 302
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDopmyrHpKDxZ_18xmEWNBuORBichMiaofnm7nZ1iuQHSSh9B4uLXxgiPFEYO-RwVOiqt-s8oAu-5_qz2mgNYxEDvpKM9JG4xFq99fBv5DP2poqnDmeA
Request Chain 48
  • https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=p1jS9j2dyHNg_zMjHPZfZwC08d-9eP7b4T89UfWbjMeWoO_jOO-UeIRjgiqBzBHq HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3Dp1jS9j2dyHNg_zMjHPZfZwC08d-9eP7b4T89UfWbjMeWoO_jOO-UeIRjgiqBzBHq HTTP 302
  • https://pixel.sojern.com/idsync/apn?id=3692277313772995806&sjrn_id=p1jS9j2dyHNg_zMjHPZfZwC08d-9eP7b4T89UfWbjMeWoO_jOO-UeIRjgiqBzBHq

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
scandinavianairline.co/ 		73 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://scandinavianairline.co/
Protocol
HTTP/1.1
Server
185.150.189.143 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
venus.galaxysecured.net
Software
Apache /
Resource Hash
7f8c6ee57d377cae3ad106f380b59b20fdee7c1eeb341504f13094411ab3e2f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Accept-Ranges
bytes
Connection
close
Content-Encoding
gzip
Content-Length
16841
Content-Type
text/html
Date
Wed, 01 Feb 2023 12:21:52 GMT
Last-Modified
Sun, 13 Nov 2022 14:21:13 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
css
fonts.googleapis.com/ 		2 KB
890 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu&subset=cyrillic,latin
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
ESF /
Resource Hash
89dc85aa13da8847f7a4243eb8ab841b40e936ea5cc810a1b174d1507e5a7524
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 01 Feb 2023 12:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 12:20:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Feb 2023 12:21:52 GMT
all-88731ba74d.min.css
d1idk9dk5z9kp6.cloudfront.net/build/assets/find/assets/landing_pages/css/ 		103 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/build/assets/find/assets/landing_pages/css/all-88731ba74d.min.css
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
/
Resource Hash
fcf5a5b1780b5fd4e6c1d23ffe3c989e3e35a86e62d6a9b7b4b95b4122c256f7

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 08:50:52 GMT
content-encoding
gzip
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Sun, 24 Nov 2019 09:50:35 GMT
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
1170761
etag
W/"5dda526b-19a29"
x-cache
Hit from cloudfront
content-type
text/css
x-iinfo
11-643068216-0 0CNN RT(1672521605100 3) q(0 -1 -1 1) r(0 -1)
cache-control
max-age=2111187, public
content-length
17918
x-amz-cf-id
jC3UpPRZzvjVA0c1JdBHrWddJul9rbauVXMtun9ky46PKm2kNFGY8g==
expires
Sun, 12 Feb 2023 09:35:38 GMT
deeplinksFlightsStyle-e2cf8a3554.min.css
d1idk9dk5z9kp6.cloudfront.net/build/assets/find/css/ 		202 B
626 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/build/assets/find/css/deeplinksFlightsStyle-e2cf8a3554.min.css
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
65be41ad9ddb9507e9251a24b8e04327f1349e99ac5ceb28210e22763fe9216a

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 12:21:53 GMT
content-encoding
gzip
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
x-iinfo
5-10218025-10211613 2NNN RT(1675254112228 4) q(0 0 0 0) r(4 4) U18
pragma
public
last-modified
Sun, 24 Nov 2019 09:50:39 GMT
server
nginx
etag
W/"5dda526f-ca"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
x-amz-cf-id
LMLn1kUXeGckPOHev9tzETh9tNskyIHNzFMeFRF6vTpVRXsA51auRA==
expires
Fri, 03 Mar 2023 12:21:53 GMT
logo.png
scandinavianairline.co/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://scandinavianairline.co/logo.png
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
HTTP/1.1
Server
185.150.189.143 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
venus.galaxysecured.net
Software
Apache /
Resource Hash
b155d480b27c493cafd65f1dfc64b5eea7c514663145b9bd2f1dd3e4f4c20f2d

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 12:21:53 GMT
Last-Modified
Sun, 13 Nov 2022 10:11:10 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
1263
Content-Type
image/png
logo-no-slogan.jpg
d1idk9dk5z9kp6.cloudfront.net/images/home/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/images/home/logo-no-slogan.jpg
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
/
Resource Hash
d040f784b653ff5f7d1a0c0df54f476517c378e5e77412bdc88a1e20b5a1937f

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 11:32:20 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2017 10:13:48 GMT
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
1169487
etag
"59f84cdc-103a"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-iinfo
8-406919387-0 0CNN RT(1672521606331 525) q(0 -1 -1 0) r(0 -1)
cache-control
max-age=1424057, public
content-length
4103
x-amz-cf-id
tpk9FPjsr5Bg4tIaiRXBkV1lSSRVOgadRQx48ZrSuAy3_GZFl-SRnw==
expires
Sat, 04 Feb 2023 11:04:42 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
HTTP/1.1
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
73406cb2d6975ee3a14fd462ff8664fc08864850481635078e7b2b7df70f7064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 12:21:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
52742
X-XSS-Protection
0
Server
cafe
ETag
10739926377646827088
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Timing-Allow-Origin
*
Expires
Wed, 01 Feb 2023 12:21:53 GMT
cookieconsentrio.min.css
d1idk9dk5z9kp6.cloudfront.net/find/cookie/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/find/cookie/cookieconsentrio.min.css
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
/
Resource Hash
876094fef3f75b76291adf85f58a3d27c5a2298375a9e29d099d1d712d9429f1

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 12:36:23 GMT
content-encoding
gzip
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Fri, 25 May 2018 11:34:16 GMT
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
896941
etag
W/"5b07f4b8-1789"
x-cache
Hit from cloudfront
content-type
text/css
x-iinfo
9-522852346-0 0CNN RT(1672533235069 6) q(0 -1 -1 0) r(0 -1)
cache-control
max-age=2319455, public
content-length
1491
x-amz-cf-id
uqbhwpDuhojauxWHEOaMSa93DqG8NMY33eMckyTT6GKmNtTpWtkRfw==
expires
Fri, 17 Feb 2023 23:30:25 GMT
cookieconsent.min.js
d1idk9dk5z9kp6.cloudfront.net/find/cookie/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/find/cookie/cookieconsent.min.js
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
/
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 00:30:09 GMT
content-encoding
gzip
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jan 2018 12:34:45 GMT
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
2029903
etag
W/"5a54b6e5-4d5a"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-iinfo
13-1119140520-0 0CNN RT(1673224209098 5) q(0 -1 -1 4) r(0 -1)
cache-control
max-age=2508143, public
content-length
6510
x-amz-cf-id
kWNeVCbB-YeVYQXGVAm_muvyDStWv81ZE_BRt6Do6XqzZy1_rOjahQ==
expires
Tue, 07 Feb 2023 01:12:32 GMT
hamburger.png
d1idk9dk5z9kp6.cloudfront.net/images/ 		124 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/images/hamburger.png
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
/
Resource Hash
e45f49516f5f283e687ceaaa29a6d5ca6becf14d9c18a7e2378454b3d694f517

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 21:20:38 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2017 10:13:48 GMT
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
140500
etag
"59f84cdc-7c"
x-cache
Hit from cloudfront
content-type
image/png
x-iinfo
6-375840785-375839272 2CNN RT(1673313053441 1) q(0 0 0 0) r(0 0) U18
cache-control
max-age=1878313, public
content-length
124
x-amz-cf-id
vzo1GaXHVSElde9m9SdAZVPj9aqQ6WWknIu0zc6FZztcEJJdeX7vnA==
expires
Tue, 21 Feb 2023 15:05:25 GMT
upTo70.png
d1idk9dk5z9kp6.cloudfront.net/assets/en/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/assets/en/upTo70.png?115
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
4a0d4fbe8f9096ef3eb5bfe5adea4e4ad8a4afce726d815d84fab7e4a231a22d

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 09:19:46 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
385448
x-cache
Hit from cloudfront
x-iinfo
13-955601455-955600449 2NNN RT(1672564749120 2) q(0 0 0 1) r(3 3) U18
content-length
5123
pragma
public
last-modified
Tue, 14 May 2019 12:08:42 GMT
server
nginx
etag
"5cdaafca-1403"
content-type
image/png
cache-control
max-age=2065807, public
accept-ranges
bytes
x-amz-cf-id
zb_90TkGxBi31vFx_zu5eFXQtKEQBeMn-CZZQch5w_Ss8uDYG97Wgw==
expires
Mon, 20 Feb 2023 23:07:51 GMT
phone-orange.png
d1idk9dk5z9kp6.cloudfront.net/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/images/phone-orange.png?115
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
/
Resource Hash
11ebc3f889b0be047e40b4746a33ca59ee8d042d028784fb759ea251d260b1e0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 12:36:23 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2017 10:13:48 GMT
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
863177
etag
"59f84cdc-bcd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-iinfo
14-720713966-0 0CNN RT(1672168256994 7) q(0 -1 -1 24) r(0 -1)
cache-control
max-age=1098637, public
content-length
2282
x-amz-cf-id
WpeQdfucGZmJm758lhdPQzrZ1EW9v0haIXIWxSessAXvqbLFCnLGIA==
expires
Sat, 04 Feb 2023 05:46:12 GMT
ga_exp.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga_exp.js?utmxkey=74967075-55&utmx=&utmxx=&utmxtime=1675254112633
  • https://www.google-analytics.com/ga_exp.js?utmxkey=74967075-55&utmx=&utmxx=&utmxtime=1675254112633
274 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga_exp.js?utmxkey=74967075-55&utmx=&utmxx=&utmxtime=1675254112633
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
sffe /
Resource Hash
0ef9ec528b4d25675436a7f90294dd02c3ecd616d56da8bd6ada849367fecee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 12:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
195
x-xss-protection
0
last-modified
Mon, 13 Jan 2020 23:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 01 Feb 2023 13:21:52 GMT

Redirect headers

Location
https://www.google-analytics.com/ga_exp.js?utmxkey=74967075-55&utmx=&utmxx=&utmxtime=1675254112633
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
all-c921897275.min.js
d1idk9dk5z9kp6.cloudfront.net/build/assets/find/assets/landing_pages/js/ 		396 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/build/assets/find/assets/landing_pages/js/all-c921897275.min.js
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
94a5116a7d57a45210aa04f70c9121861c7429fd4831dd24c31ccca7b5be1c12

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 21:20:38 GMT
content-encoding
gzip
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
982009
x-cache
Hit from cloudfront
x-iinfo
14-1037087366-1037086773 2NNN RT(1672521605105 2) q(0 0 0 0) r(6 6) U18
pragma
public
last-modified
Tue, 12 Jul 2022 11:35:31 GMT
server
nginx
etag
W/"62cd5c83-630ec"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=1922436, public
x-amz-cf-id
L-gcbpB4d4QNZjujlm8eLGRQ4E7DElPkyWUxbGv8M4fFQEFqEjU-aw==
expires
Sun, 12 Feb 2023 09:35:38 GMT
tbjs_save70_flights_multiple-b5dd4c5706.min.js
d1idk9dk5z9kp6.cloudfront.net/build/assets/find/js/bf/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/build/assets/find/js/bf/tbjs_save70_flights_multiple-b5dd4c5706.min.js
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
/
Resource Hash
8543900e727ebe842767c748da139262d8121d949d8d09a6b44d44ce7d213a68

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 04:38:53 GMT
content-encoding
gzip
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
114512
x-cache
Hit from cloudfront
x-iinfo
12-946901461-946896813 2CNN RT(1673137006637 1) q(0 0 0 0) r(0 0) U18
content-length
3043
last-modified
Tue, 12 Jul 2022 11:35:33 GMT
etag
W/"62cd5c85-2d4c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
x-amz-cf-id
RR7jFoIetTaPa_9RwMsWzERR9VJHagzoZJtHk7bOCFnCC5S4pm7E5g==
expires
Thu, 02 Mar 2023 04:33:20 GMT
dunhillsmall.png
d1idk9dk5z9kp6.cloudfront.net/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/images/dunhillsmall.png
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
/
Resource Hash
94d3b99fcaca3b947dcbf90314d89ac557895a44783826d4df9ebb1ffa5e2d75

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 16:01:01 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2017 10:13:48 GMT
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
1714851
etag
"59f84cdc-8e4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-iinfo
12-802141382-0 0CNN RT(1672533235119 5) q(0 -1 -1 0) r(0 -1)
cache-control
max-age=2082318, public
content-length
2267
x-amz-cf-id
SE2_auilXZn1f3oHCG4XsEzf2t97hLih05JJNW8c96b4PBjyLemuiw==
expires
Sun, 05 Feb 2023 18:26:19 GMT
checkmark.png
d1idk9dk5z9kp6.cloudfront.net/images/ 		482 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/images/checkmark.png
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
2da5386d859fb6b2a3c43913dfcae2848fa338d4613e30c56213e93292decebe

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 04:38:54 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
120717
x-cache
Hit from cloudfront
x-iinfo
5-404741888-404740735 2NNN RT(1672547599134 10) q(0 0 0 0) r(4 4) U18
content-length
482
pragma
public
last-modified
Tue, 31 Oct 2017 10:13:48 GMT
server
nginx
etag
"59f84cdc-1e2"
content-type
image/png
cache-control
max-age=1544721, public
accept-ranges
bytes
x-amz-cf-id
aMcE79Uz2iZOs5aJ4_UCvR6qZVh1dKYpvVER8BtjBLWF-03IVVAXCA==
expires
Fri, 17 Feb 2023 23:55:17 GMT
noentry.png
d1idk9dk5z9kp6.cloudfront.net/images/ 		346 B
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/images/noentry.png
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
/
Resource Hash
1d64e0646bbb6829f8db027f956be8b26c92c4844e2ff7f7cf0d6fe9ced05968

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 00:34:06 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2017 10:13:48 GMT
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
128866
etag
"59f84cdc-167"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-iinfo
11-824508709-824506139 2CNN RT(1673313341752 5) q(0 0 0 0) r(0 0) U18
cache-control
max-age=1552871, public
content-length
346
x-amz-cf-id
pfIX8t4VXefRVhP6d3I7eUDRBuTN_FaT2OjjOEesDnXWSm2gKxVv_A==
expires
Fri, 17 Feb 2023 23:55:17 GMT
trimmed_cruise_logo.png
d1idk9dk5z9kp6.cloudfront.net/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/images/trimmed_cruise_logo.png
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
/
Resource Hash
8be01f8e757eb9e92da087e67908b20e70dafab8fd6969c4e4bd80886d3c3eb1

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 07:44:24 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2017 10:13:48 GMT
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
1170848
etag
"59f84cdc-e88"
x-cache
Hit from cloudfront
content-type
image/png
x-iinfo
9-378626095-0 0CNN RT(1672521605790 1075) q(0 -1 -1 0) r(0 -1)
cache-control
max-age=2196956, public
content-length
3720
x-amz-cf-id
1flR24XxMIBAdnLfLTsWYSGhBfBtIe2FISErCfYTEZbTUsxpe4B9gA==
expires
Mon, 13 Feb 2023 09:23:40 GMT
Tripbase-logo-transparent.png
d1idk9dk5z9kp6.cloudfront.net/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/images/Tripbase-logo-transparent.png
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
/
Resource Hash
9625ec4233c4d3f3a2cdd34fbf2bb8302815d890fc0b6baec4fb3a3ca6e9854b

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 23:41:53 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2017 10:13:48 GMT
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
905809
etag
"59f84cdc-5d1"
x-cache
Hit from cloudfront
content-type
image/png
x-iinfo
12-802141382-0 0CNN RT(1672533235119 247) q(0 -1 -1 0) r(0 -1)
cache-control
max-age=1339419, public
content-length
1489
x-amz-cf-id
xdsN2KjyoR_Aa8MpuvbPrs1rPskiX8Qe6VgDQAiSo7jmPzSBRaHung==
expires
Mon, 06 Feb 2023 12:48:43 GMT
dealbase-nospam.png
d1idk9dk5z9kp6.cloudfront.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/images/dealbase-nospam.png
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
/
Resource Hash
129148555a20850268e51d9f1c9bf346015d20c2a3e5be992b452445784876ec

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 00:37:53 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2017 10:13:48 GMT
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
906240
etag
"59f84cdc-742"
x-cache
Hit from cloudfront
content-type
image/png
x-iinfo
14-83168848-0 0CNN RT(1674347873057 4) q(0 -1 -1 0) r(0 -1)
cache-control
max-age=2329555, public
content-length
1843
x-amz-cf-id
6AcI7wh19jSa9oRZhKm1RydIHakrbwjg8Vqd9Pk9Ra3h_gQPJNUISA==
expires
Fri, 17 Feb 2023 23:43:48 GMT
ps
tag.yieldoptimizer.com/ps/
Redirect Chain
  • https://tag.yieldoptimizer.com/ps/ps?t=s&p=5864&pg=sh&tp=a&si=TI&adc=&cr=GH&ln=en
  • https://tag.yieldoptimizer.com/ps/ps?tc=63072463&t=s&p=5864&pg=sh&tp=a&si=TI&adc=&cr=GH&ln=en
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.yieldoptimizer.com/ps/ps?tc=63072463&t=s&p=5864&pg=sh&tp=a&si=TI&adc=&cr=GH&ln=en
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Server
35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
60.212.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
d9561f67a3980512bcc1ff297e629b48e8ddb6385a92e5833a8cedb626b0eb53

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Feb 2023 12:21:52 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type
text/javascript;charset=ISO-8859-1
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1201
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Feb 2023 12:21:52 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location
https://tag.yieldoptimizer.com/ps/ps?tc=63072463&t=s&p=5864&pg=sh&tp=a&si=TI&adc=&cr=GH&ln=en
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-87412869-1
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0ed2e1a4ddab12aa7c2c0833c3c0a98d99affd857e332403ea7f7dd5ec6d3201
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 12:21:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43937
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Feb 2023 12:21:53 GMT
ui-icons_222222_256x240.png
d1idk9dk5z9kp6.cloudfront.net/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/images/ui-icons_222222_256x240.png?115
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
/
Resource Hash
a79facbcc3d02b45d9e1e6dd36450d53068b0c655683087e44c707ca6864aeba

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 01:28:03 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2017 10:13:48 GMT
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
2199229
etag
"59f84cdc-d16"
x-cache
Hit from cloudfront
content-type
image/png
x-iinfo
13-1081921137-0 0CNN RT(1673054883784 3) q(0 -1 -1 1) r(0 -1)
cache-control
max-age=2217657, public
content-length
3260
x-amz-cf-id
Rj0R_Nt4A7Pqz67IQu5BgTKqxWRjWc2x-Z-tNbNP1SGmWhhYnjojqQ==
expires
Wed, 01 Feb 2023 17:29:00 GMT
ui-icons_222222_256x240.png
d1idk9dk5z9kp6.cloudfront.net/assets/jquery-ui/css/smoothness/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/assets/jquery-ui/css/smoothness/images/ui-icons_222222_256x240.png?115
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
ce7961738e4b5447f5a8883f1f6bf21b049e3cd7ebf4ef1d77abe992b40848e9

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 00:42:16 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
387577
x-cache
Hit from cloudfront
x-iinfo
14-24742881-24742443 2NNN RT(1674866535974 2) q(0 0 0 0) r(4 4) U18
content-length
3350
pragma
public
last-modified
Tue, 14 May 2019 12:09:07 GMT
server
nginx
etag
"5cdaafe3-d16"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
3FRP4XO9xCKPjdToq301c2uMhy-wNme4Y540Bl-TvEg3EhGUrwKypA==
expires
Mon, 27 Feb 2023 00:42:16 GMT
ui-icons_469bdd_256x240.png
d1idk9dk5z9kp6.cloudfront.net/assets/jquery.ptTimeSelect/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/assets/jquery.ptTimeSelect/images/ui-icons_469bdd_256x240.png?115
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
f5afc40a1ef6eefbfc5a3a096fdd51ce0ab8af1b31b3a64caa5eb49d034b9149

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 21:20:29 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
1681841
x-cache
Hit from cloudfront
x-iinfo
8-406919387-406916334 2NNN RT(1672521606331 1344) q(0 0 0 0) r(4 4) U18
content-length
4369
pragma
public
last-modified
Tue, 14 May 2019 12:09:13 GMT
server
nginx
etag
"5cdaafe9-1111"
content-type
image/png
cache-control
max-age=2335031, public
accept-ranges
bytes
x-amz-cf-id
f-3LSj98wg46OdidS6CDknLQuecZ7s7YhzwLpAwCCjham8GCqMCnhg==
expires
Thu, 09 Feb 2023 01:48:23 GMT
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 01 Feb 2023 12:21:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27843
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
cK5VidkJeGjO8HCQG1BU38erdaoPv0YaqgnWAZgYVkuJmwDvhSP+pRktcvraYajvquxyCZXtfTh0x1M0LKQy3g==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4HL1LNM9G8R5RJ125RG&lib=ttq
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.91.98 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-96-91-98.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b5a09ac4bdb47696b2b60fafbb2ee416d050a9fa2e9192ec3a2761e149723055

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-akamai-request-id
5eee950c.14aa375f
date
Wed, 01 Feb 2023 12:21:53 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-96-91-94.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time
124,104.96.91.94
server-timing
cdn-cache; desc=MISS, edge; dur=118, origin; dur=9, inner; dur=3
content-length
1137
pragma
no-cache
server
nginx
x-tt-logid
20230201122153E86D1C22482593036CCA
x-cache-remote
TCP_MISS from a23-194-131-151.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
9,23.194.131.151
x-tt-trace-host
0132d580c574c3cbc457441b8051c45fadbdc05968ad1204467f113c10401e2d14fdc03ce224eb9c48f0be9d3f81e89982fe3a2146a4816960f9539adfdc53ef4700ea447a6018d19c6aaa65319c5d1519a1c0bbb7c5dcabe73b80ffa652455dc247b4ac768bb935a2162155c393859785
expires
Wed, 01 Feb 2023 12:21:53 GMT
hotjar-2796097.js
static.hotjar.com/c/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2796097.js?sv=6
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-7.fra56.r.cloudfront.net
Software
/
Resource Hash
1a319271f190a1354828474e82fe7b7e8032822798e1f73d8722587fe513fa32
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Wed, 01 Feb 2023 12:21:53 GMT
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
46
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/fa7099816f4715dd295ff03a00345fa2
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
-EhEKPJdbiqxsPUc1J8Nch4_5OEvrsCvc9oPedjodpICbZWvO4lxXw==
flights-form-cover.jpg
d1idk9dk5z9kp6.cloudfront.net/images/form-covers/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/images/form-covers/flights-form-cover.jpg
Requested by
Host: d1idk9dk5z9kp6.cloudfront.net
URL: https://d1idk9dk5z9kp6.cloudfront.net/build/assets/find/css/deeplinksFlightsStyle-e2cf8a3554.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
/
Resource Hash
8ff24378407f07764f9256092445d2ca349242baa1c61041eb61a29a7c301af1

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://d1idk9dk5z9kp6.cloudfront.net/build/assets/find/css/deeplinksFlightsStyle-e2cf8a3554.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 12:36:23 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2017 10:13:48 GMT
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
1418967
etag
"59f84cdc-380a"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-iinfo
8-406919387-0 0CNN RT(1672521606331 5) q(0 -1 -1 0) r(0 -1)
cache-control
max-age=2504535, public
content-length
14306
x-amz-cf-id
f8I0lVP5aQ6RvlC3S5Y_JidL6NE3J0uGBeDLfOqsNHxCe4g6S1VJ6Q==
expires
Tue, 14 Feb 2023 01:54:41 GMT
date_box.png
d1idk9dk5z9kp6.cloudfront.net/images/home/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1idk9dk5z9kp6.cloudfront.net/images/home/date_box.png
Requested by
Host: d1idk9dk5z9kp6.cloudfront.net
URL: https://d1idk9dk5z9kp6.cloudfront.net/build/assets/find/assets/landing_pages/css/all-88731ba74d.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-15.fra56.r.cloudfront.net
Software
/
Resource Hash
e706e85daca2ab4eee069b5f556994193a6a10033212328c6351b766b5c79dae

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://d1idk9dk5z9kp6.cloudfront.net/build/assets/find/assets/landing_pages/css/all-88731ba74d.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 01:07:15 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2017 10:13:48 GMT
x-cdn
Imperva
x-amz-cf-pop
FRA56-C2
age
1941278
etag
"59f84cdc-4b8"
x-cache
Hit from cloudfront
content-type
image/png
x-iinfo
10-817061028-0 0CNN RT(1673312835356 2) q(0 -1 -1 1) r(0 -1)
cache-control
max-age=2332664, public
content-length
1195
x-amz-cf-id
lfU4WrtITrhROza-u5rDBnYbgd5RI4jWzefuU8gR-KwN44lcbZDZ1Q==
expires
Mon, 06 Feb 2023 01:04:59 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNjYzODM2NTQwMQ&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNjYzODM2NTQwMQ&google_sc=&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNjYzODM2NTQwMQ&google_sc=&google_tc=
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Feb 2023 12:21:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Feb 2023 12:21:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNjYzODM2NTQwMQ&google_sc=&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
315
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=o456qfe&ttd_tpi=1
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 01 Feb 2023 12:21:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
394499.gif
idsync.rlcdn.com/ 		42 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/394499.gif?partner_uid=3016638365401
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 12:21:53 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
aasync
tag.adaraanalytics.com/ps/ 		0
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.adaraanalytics.com/ps/aasync?ckid=MzAxNjYzODM2NTQwMXwxNjc1MjU0MTEzMzIx
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.54.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.54.241.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Feb 2023 12:21:52 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ps
tag.yieldoptimizer.com/ps/
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID}
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3872451264296994851
43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3872451264296994851
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H3
Server
35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
60.212.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Feb 2023 12:21:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type
image/gif
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3872451264296994851
pragma
no-cache
date
Wed, 01 Feb 2023 12:21:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3016638365401
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3016638365401
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3016638365401
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
HTTP/1.1
Server
54.208.86.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-86-90.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v044-0c49469df.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
CoZbfNh9SS4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-1-v044-08b587bd5.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
fVq9gtrWTvo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3016638365401
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
usermatch.gif
beacon.krxd.net/ 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=adara&partner_uid=3016638365401
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.101.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-101-116.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-served-by
beacon-n012-dub-prod.krxd.net
date
Wed, 01 Feb 2023 12:21:53 GMT
cache-control
private, no-cache, no-store
x-request-time
D=231 t=1675254113
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ps
tag.yieldoptimizer.com/ps/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ADARA
  • https://ups.analytics.yahoo.com/ups/58700/cms?partner_id=ADARA
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=6729&uid=y-U0CAxEpE2pE9P8lu9YRyMx62aICxdmbJ3as-~A
43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.yieldoptimizer.com/ps/ps?t=i&p=6729&uid=y-U0CAxEpE2pE9P8lu9YRyMx62aICxdmbJ3as-~A
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H3
Server
35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
60.212.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Feb 2023 12:21:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type
image/gif
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://tag.yieldoptimizer.com/ps/ps?t=i&p=6729&uid=y-U0CAxEpE2pE9P8lu9YRyMx62aICxdmbJ3as-~A
date
Wed, 01 Feb 2023 12:21:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ps
tag.yieldoptimizer.com/ps/
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?crdp=true&prv=ar&uid=3016638365401
  • https://tag.yieldoptimizer.com/ps/ps?t=s&p=6438&uid=f0fd67e98a54429fa502007f49faceec
2 B
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.yieldoptimizer.com/ps/ps?t=s&p=6438&uid=f0fd67e98a54429fa502007f49faceec
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H3
Server
35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
60.212.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Feb 2023 12:21:52 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type
text/javascript;charset=ISO-8859-1
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Feb 2023 12:21:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://tag.yieldoptimizer.com/ps/ps?t=s&p=6438&uid=f0fd67e98a54429fa502007f49faceec
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
hp
pixel.sojern.com/partner/wQn37hCztLAYiTCd/ 		3 KB
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.sojern.com/partner/wQn37hCztLAYiTCd/hp?
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
1675b598183ccbc503565b98205a7914ea7dfe74a472bffacb33617d42b124a4

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 12:21:53 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding
content-type
application/javascript
p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
568
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-87412869-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 Feb 2023 10:54:50 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5223
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 01 Feb 2023 12:54:50 GMT
376503576549279
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/376503576549279?v=2.9.95&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
22c4ef98dd43be6933e9105ecb0ed667eb446cc2f7973a88406ebd8527748600
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 01 Feb 2023 12:21:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110179
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
hN5bhu3DaJCRYWsQ3khc3/uZfHb0FFR3k9tlODe7EYbFSx1m4JnExsyRVQlYMjJIv+SAKorUfGkfqyDoGTOhWQ==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/ 		360 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3049526025298869&plah=scandinavianairline.co&bust=31071811
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
9baa9c902a5d3b4f0751952f4c10a0549b5467824565828eedbe3bf07f92e8ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 12:21:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121051
x-xss-protection
0
server
cafe
etag
2615697865442219278
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Feb 2023 12:21:53 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/ Frame 441B 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://scandinavianairline.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

age
76976
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Jan 2023 14:58:57 GMT
etag
10353107486223812946
expires
Tue, 14 Feb 2023 14:58:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1149629742&t=pageview&_s=1&dl=http%3A%2F%2Fscandinavianairline.co%2F&ul=en-us&de=UTF-8&dt=Cheap%20Flights%20-%20Scandinavia%20Airline&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1327457905&gjid=1392548017&cid=1848888262.1675254114&tid=UA-87412869-1&_gid=1036814856.1675254114&_r=1&_slc=1&gtm=2ou1u0&z=930491771
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://scandinavianairline.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Feb 2023 12:21:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://scandinavianairline.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1149629742&t=event&_s=2&dl=http%3A%2F%2Fscandinavianairline.co%2F&ul=en-us&de=UTF-8&dt=Cheap%20Flights%20-%20Scandinavia%20Airline&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AdBlocker&ea=blocked&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=1848888262.1675254114&tid=UA-87412869-1&_gid=1036814856.1675254114&gtm=2ou1u0&z=1222521169
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Feb 2023 02:05:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36957
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
AdX
pixel.sojern.com/idSync/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=T3A3IJ8TXFsez7rtDv_LiQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=p1jS9j2dyHNg_zMjHPZfZwC08d-9eP7b4T89UfWbjMeWoO_jOO-...
  • https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=p1jS9j2dyHNg_zMjHPZfZwC08d-9eP7b4T89UfWbjMeWoO_jOO-UeIRjgiqBzBHq&google_gid=CAESEPSt9jWeO7JZTn2hdjIwu00&google_cver=1
42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=p1jS9j2dyHNg_zMjHPZfZwC08d-9eP7b4T89UfWbjMeWoO_jOO-UeIRjgiqBzBHq&google_gid=CAESEPSt9jWeO7JZTn2hdjIwu00&google_cver=1
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Wed, 01 Feb 2023 12:21:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 01 Feb 2023 12:21:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=p1jS9j2dyHNg_zMjHPZfZwC08d-9eP7b4T89UfWbjMeWoO_jOO-UeIRjgiqBzBHq&google_gid=CAESEPSt9jWeO7JZTn2hdjIwu00&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
389
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
fcmatch.youtube.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_hm=T3A3IJ8TXFsez7rtDv_LiQ&google_nid=sojern_adh
  • https://fcmatch.google.com/pixel?google_gm=AMnCDopmyrHpKDxZ_18xmEWNBuORBichMiaofnm7nZ1iuQHSSh9B4uLXxgiPFEYO-RwVOiqt-s8oAu-5_qz2mgNYxEDvpKM9JG4xFq99fBv5DP2poqnDmeA
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDopmyrHpKDxZ_18xmEWNBuORBichMiaofnm7nZ1iuQHSSh9B4uLXxgiPFEYO-RwVOiqt-s8oAu-5_qz2mgNYxEDvpKM9JG4xFq99fBv5DP2poqnDmeA
170 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopmyrHpKDxZ_18xmEWNBuORBichMiaofnm7nZ1iuQHSSh9B4uLXxgiPFEYO-RwVOiqt-s8oAu-5_qz2mgNYxEDvpKM9JG4xFq99fBv5DP2poqnDmeA
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Server
142.251.208.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f14.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Feb 2023 12:21:54 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Feb 2023 12:21:53 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopmyrHpKDxZ_18xmEWNBuORBichMiaofnm7nZ1iuQHSSh9B4uLXxgiPFEYO-RwVOiqt-s8oAu-5_qz2mgNYxEDvpKM9JG4xFq99fBv5DP2poqnDmeA
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
apn
pixel.sojern.com/idsync/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=p1jS9j2dyHNg_zMjHPZfZwC08d-9eP7b4T89UfWbjMeWoO_jOO-UeIRjgiqBzBHq
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3Dp1jS9j2dyHNg_zMjHPZfZwC08d-9eP7b4T89UfWbjMeWoO_jOO-UeIRjgiqBzBHq
  • https://pixel.sojern.com/idsync/apn?id=3692277313772995806&sjrn_id=p1jS9j2dyHNg_zMjHPZfZwC08d-9eP7b4T89UfWbjMeWoO_jOO-UeIRjgiqBzBHq
42 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sojern.com/idsync/apn?id=3692277313772995806&sjrn_id=p1jS9j2dyHNg_zMjHPZfZwC08d-9eP7b4T89UfWbjMeWoO_jOO-UeIRjgiqBzBHq
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H3
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Wed, 01 Feb 2023 12:21:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif

Redirect headers

Date
Wed, 01 Feb 2023 12:21:53 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.147.213.181; 185.147.213.181; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
664bae66-bc3d-4025-8740-cd11c224afd8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://pixel.sojern.com/idsync/apn?id=3692277313772995806&sjrn_id=p1jS9j2dyHNg_zMjHPZfZwC08d-9eP7b4T89UfWbjMeWoO_jOO-UeIRjgiqBzBHq
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=p1jS9j2dyHNg_zMjHPZfZwC08d-9eP7b4T89UfWbjMeWoO_jOO-UeIRjgiqBzBHq&ttd_tpi=1
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 01 Feb 2023 12:21:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=376503576549279&ev=PageView&dl=http%3A%2F%2Fscandinavianairline.co%2F&rl=&if=false&ts=1675254113714&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675254113713.1968793677&it=1675254113525&coo=false&rqm=GET
Requested by
Host: scandinavianairline.co
URL: http://scandinavianairline.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 01 Feb 2023 12:21:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
main.MWE2YWY2YTgzMA.js
analytics.tiktok.com/i18n/pixel/static/ 		238 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4HL1LNM9G8R5RJ125RG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.91.98 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-96-91-98.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
922e8229cf571f325c0d39bc9fb00c36baa75bdb3599c65ac93fa733b815daf5

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-akamai-request-id
14aa3b29
date
Wed, 01 Feb 2023 12:21:53 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023011217583726C14BC15F39CB18C32F
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-96-91-94.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0174641b65866788da106adfe81f46d35d1568b016584cd8691d7341ec18b9621c1a6cd4b911d81a0072410493c54f4fcd53438eb1a0a27112b6c9ed9ae667e7dc00086dca165a272271dde97ac14dec5e69bd02f457b820194de3e7f5c9720fef
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
68080
identify_c4832.js
analytics.tiktok.com/i18n/pixel/static/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.91.98 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-96-91-98.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-akamai-request-id
14aa3ed4
date
Wed, 01 Feb 2023 12:21:54 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202301121758285A6B210AD6AA8987AEFF
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-96-91-94.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0172bd597aa82efc1f24c23d9da73467db379b5a34ecba1ff2f6ba4f01c3979f87daa601f7d039d9c88f7e86e4deb82258ef02f1857f969f5d665a3c3cc1044c00d266504b4f6d288096252fa14ec3f01984f20e4058fa7b9aeb872f4a3ce53108
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
30895
pixel
analytics.tiktok.com/api/v2/ 		0
691 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.91.98 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-96-91-98.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://scandinavianairline.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
9a88c497.14aa40ac
date
Wed, 01 Feb 2023 12:21:54 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-96-91-94.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time
125,104.96.91.94
server-timing
cdn-cache; desc=MISS, edge; dur=103, origin; dur=27, inner; dur=25
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20230201122154B179B45A29E6E3F32F63
x-cache-remote
TCP_MISS from a23-220-106-9.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
27,23.220.106.9
x-tt-trace-host
0132d580c574c3cbc457441b8051c45fadbdc05968ad1204467f113c10401e2d14eef95b64c1bdbb0449ef0dae577571fe947f6545f0abf3d72f8f3e5b69b28f6a7a4e3a2a54bbfc4c751c6e959a13d7ff4a0af5b90400233c4c2712fb1342fb062c65c1473d5e93653ef5a67135fa20c0
expires
Wed, 01 Feb 2023 12:21:54 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
689 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.91.98 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-96-91-98.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://scandinavianairline.co/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
28004aa.14aa40ad
date
Wed, 01 Feb 2023 12:21:54 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-96-91-94.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time
121,104.96.91.94
server-timing
cdn-cache; desc=MISS, edge; dur=107, origin; dur=20, inner; dur=16
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20230201122154F30F44EE9270CFCD98DE
x-cache-remote
TCP_MISS from a23-220-106-7.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
20,23.220.106.7
x-tt-trace-host
0132d580c574c3cbc457441b8051c45fadbdc05968ad1204467f113c10401e2d1421b62567082caa013bbab9a6dfb2f0295cd7050b07d90facf313ee67cf1662ed1e73ad80c49171053d6032cfc4108f3617d2fc282659199e55aebf9144b119e72d66e4536802be8ed27ef585d8e3b4da
expires
Wed, 01 Feb 2023 12:21:54 GMT
cookie.js
partner.googleadservices.com/gampad/ 		411 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=scandinavianairline.co&callback=_gfp_s_&client=ca-pub-3049526025298869
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3049526025298869&plah=scandinavianairline.co&bust=31071811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
cafe /
Resource Hash
1fab4e7ac7f88970841f9d9f73c3ec2f990ee7fe529b99503bca9e32671df54d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 12:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
257
x-xss-protection
0
integrator.js
adservice.google.se/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.se/adsid/integrator.js?domain=scandinavianairline.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3049526025298869&plah=scandinavianairline.co&bust=31071811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 12:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=scandinavianairline.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3049526025298869&plah=scandinavianairline.co&bust=31071811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 12:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 01D3 		603 B
116 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3049526025298869&output=html&h=80&slotname=4757800033&adk=418467429&adf=1468885513&pi=t.ma~as.4757800033&w=300&lmt=1668349273&format=300x80&url=http%3A%2F%2Fscandinavianairline.co%2F&wgl=1&dt=1675254113553&bpp=3&bdt=938&idt=479&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&correlator=2572299386483&frm=20&pv=2&ga_vid=1848888262.1675254114&ga_sid=1675254114&ga_hid=1149629742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1060&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071545%2C31071580%2C31071755%2C31071789%2C31071811%2C31071263&oid=2&pvsid=2426876963906323&tmod=1031656404&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=gtYfYrrd16&p=http%3A//scandinavianairline.co&dtd=495
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3049526025298869&plah=scandinavianairline.co&bust=31071811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://scandinavianairline.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Feb 2023 12:21:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8C3D 		603 B
113 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3049526025298869&output=html&h=280&slotname=7711266438&adk=4066113200&adf=3459343451&pi=t.ma~as.7711266438&w=728&fwrn=4&fwrnh=100&lmt=1668349273&rafmt=1&format=728x280&url=http%3A%2F%2Fscandinavianairline.co%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1675254113556&bpp=2&bdt=941&idt=496&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x80&correlator=2572299386483&frm=20&pv=1&ga_vid=1848888262.1675254114&ga_sid=1675254114&ga_hid=1149629742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=730&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071545%2C31071580%2C31071755%2C31071789%2C31071811%2C31071263&oid=2&pvsid=2426876963906323&tmod=1031656404&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=bxcNdCEJMp&p=http%3A//scandinavianairline.co&dtd=501
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3049526025298869&plah=scandinavianairline.co&bust=31071811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://scandinavianairline.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Feb 2023 12:21:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D1C8 		603 B
113 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3049526025298869&output=html&h=280&slotname=1804333631&adk=2508022459&adf=2951112906&pi=t.ma~as.1804333631&w=728&fwrn=4&fwrnh=100&lmt=1668349273&rafmt=1&format=728x280&url=http%3A%2F%2Fscandinavianairline.co%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1675254113558&bpp=1&bdt=944&idt=510&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x80%2C728x280&correlator=2572299386483&frm=20&pv=1&ga_vid=1848888262.1675254114&ga_sid=1675254114&ga_hid=1149629742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=2079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071545%2C31071580%2C31071755%2C31071789%2C31071811%2C31071263&oid=2&pvsid=2426876963906323&tmod=1031656404&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=M78Vr7UKRU&p=http%3A//scandinavianairline.co&dtd=514
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3049526025298869&plah=scandinavianairline.co&bust=31071811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://scandinavianairline.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Feb 2023 12:21:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B83D 		0
46 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3049526025298869&output=html&adk=1812271804&adf=3025194257&lmt=1668349273&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=356x540_l%7C404x540_r&format=0x0&url=http%3A%2F%2Fscandinavianairline.co%2F&ea=0&pra=7&wgl=1&dt=1675254113571&bpp=1&bdt=956&idt=507&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x80%2C728x280%2C728x280&nras=1&correlator=2572299386483&frm=20&pv=1&ga_vid=1848888262.1675254114&ga_sid=1675254114&ga_hid=1149629742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071545%2C31071580%2C31071755%2C31071789%2C31071811%2C31071263&oid=2&pvsid=2426876963906323&tmod=1031656404&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=524
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3049526025298869&plah=scandinavianairline.co&bust=31071811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://scandinavianairline.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Feb 2023 12:21:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230125&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3049526025298869&plah=scandinavianairline.co&bust=31071811
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
9de15352135b29cdd0107a9fdc53b3a7828b0d061b7f6c716557dde2fe897170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 12:21:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11344
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3049526025298869&plah=scandinavianairline.co&bust=31071811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 12:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Feb 2023 12:21:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 82C0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://scandinavianairline.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

accept-ranges
bytes
age
13690
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Feb 2023 08:33:44 GMT
expires
Thu, 01 Feb 2024 08:33:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4EDC 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f4.1e100.net
Software
GSE /
Resource Hash
9889a9adc916dba09228a88514326180e8ea24949c0288f1478a45b7321dbabb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SHr3Ts9YgnXWdACuwrm8Rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://scandinavianairline.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-SHr3Ts9YgnXWdACuwrm8Rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Feb 2023 12:21:55 GMT
expires
Wed, 01 Feb 2023 12:21:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js
pagead2.googlesyndication.com/bg/ Frame 82C0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
sffe /
Resource Hash
d9eea42f179e4a54d72c720728866ef3328c9a1025666414811dfbcfcfee7962
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 20:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
576042
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14224
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jan 2024 20:21:12 GMT
generate_204
tpc.googlesyndication.com/ Frame 82C0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zfubfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 12:21:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 4EDC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230125&jk=2426876963906323&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=376503576549279&ev=Microdata&dl=http%3A%2F%2Fscandinavianairline.co%2F&rl=&if=false&ts=1675254115219&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Cheap%20Flights%20-%20Scandinavia%20Airline%22%2C%22meta%3Adescription%22%3A%22Find%20the%20best%20flight%20rates.%20Easily%20compare%20over%20450%20providers%20and%20save%20big%20on%20your%20next%20flight%20booking%22%2C%22meta%3Akeywords%22%3A%22flights%2C%20flight%20prices%2C%20tripsinsider%2C%20travel%2C%20cheap%2C%20airline%2C%20hotels%2C%20price%2C%20flight%20search%2C%20tickets%2C%20airports%2C%20cities%2C%20rental%2C%20deals%2C%20flight%20comparison%2C%20tripsinsider.com%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.95&r=stable&ec=1&o=30&fbp=fb.1.1675254113713.1968793677&it=1675254113525&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 01 Feb 2023 12:21:55 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230125&jk=2426876963906323&bg=!oaKloubNAAbFy4Ck5cs7ACkAdvg8Wg3ZGfhoNXVc5g-IIaQ1MEa-7x8Fr3mNwKC6NS7x6PyUSWDBDQIAAABcUgAAAANoAQcKAEmhHxeUk1znsmzt5ynSzJCTK4YApURDrJwJtfysBTUNxUkeFUuz7ccVvFJaq9X5hf0lo5gS6mcuGAE8pJmfkmgU1W3njbMFcWuRmQKv6lzgUIB3uPdBa5KkGmOj2srHrku_t9zlrOl6qvsudr7KkvqF_qGIk8XgMnxC_K6_Mr56-R7SWXEqyMXvs_dddJDndhDppXJqRm7FHLlAMr13GNzKyRIzdf3lVg56MgRVxBbWG-Kyz682kHRDuwQZkZyL7VMl8rmZMn0DZfjOgfc0yRCrK_Y8KbajuCos-ERqZc4TgtJYv4s2DdKllPzQd2aNFurOCGx7CCDRdPqd_PXJ9_oOzEMA1-ZvABPRJrvw6EMoXaiVmagc0XiOpQMhaF8xEqBqwFIOTuUJ7z_syWsYpCrv_3aUMPEJBwM_Y7mx0X1G6jVNuVE_6bRRQtrXUD72KgtEPziNrqYI0CKXgDl_Fcdd1i0jzy3N-TfEurWBJRFocDV2O97KP6S1VnZKh5drvWsfG7mRbx2NZix4SmxwT1csAGbKwJvb4-pNdnbSaOtJ5_6Ujo7mGI3S2TSKl_KzAW2bFvSuRsIQG9OrtfJukNf-3SWzixEAH4MoewOtItZIyqvIgWOX0sYiAboi8caqlapbm4Qd3ofGKZYzbxa4cJZ4OiyPOU0HzW35e0d7b69xz1lWyumMJMcXOAREDy_8TPPLayswbxjdPGAL2CW8W3-bGGFGqcIRSfN_C4biEgohwoP_EybtNYVN0P5UzBZBhgKMLqseR1rnEqCqwy-Z1I2pCdrax16e1UycSYgy4axez2rp6nEonvtthJK6XeyWMB_y_96y5PXm_E_orxXMmC6JplnZxDf9KZlPhgXZXg7WghNpBeQ7Oq6ouxgmXmtTBYarZBYeTo0ExxJ5LVjqUk2et9ix6tYeCe6hI-h34zE6MeshaXDEZBKBFr7ciAThAzMa-oti40z1hQ1kXI7C2BNidAUBSuJqtpSQx_XrjnwU59I_HXjbO39aq1Ok
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://scandinavianairline.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| oncontentvisibilityautostatechange object| Save70 string| mobileDevice function| utmx_section function| utmx object| newsletterFormOpener object| newSave70Newsletter object| dictionary object| preloadImages object| img function| getQueryStringParameter function| isFacebookApp object| redirectAdapter function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq function| hj object| _hjSettings string| pageLang string| mobileVersion object| adsbygoogle object| cookieconsent function| setCookie function| getParam object| gclid undefined| gclsrc object| mkwid object| utmSource object| BrowserDetect function| isMultiLangPage function| translateExpression function| $ function| jQuery object| jQuery11020729520401811222 object| tbjs function| BookingForm function| NewsletterForm function| StaticNewsletterForm function| save70Newsletter function| FlightsBookingFormMultiple number| logoWidth number| maxFont object| item object| flightsBookingForm string| _amazonItems string| _langFromFlightsPage string| _nolb number| c boolean| isRoundTrip object| om_app_pix function| gtag object| dataLayer object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| gaplugins object| gaGlobal object| gaData object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

33 Cookies

Domain/Path Name / Value
.yieldoptimizer.com/ Name: fbh0
Value: %7B%7D
.yieldoptimizer.com/ Name: gcma
Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/ Name: rmxc
Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/ Name: cktst
Value: 63072463
.yieldoptimizer.com/ Name: ckid
Value: 3016638365401
.yieldoptimizer.com/ Name: ph
Value: %7B%22p%22%3A%5B1025%2C1457%2C1203%2C1476%2C39%2C1305%2C1034%2C1084%2C1022%5D%2C%22t%22%3A%5B123468%2C123468%2C123468%2C123468%2C123468%2C123468%2C123468%2C123468%2C123468%5D%7D
.adaraanalytics.com/ Name: ckid
Value: 3016638365401
.adaraanalytics.com/ Name: aackid
Value: 3016638365401
.rlcdn.com/ Name: rlas3
Value: MjFS4UaIP97c+A/8f7o6wlb3h9Q4STOF51HwJMwigro=
.rlcdn.com/ Name: pxrc
Value: CAA=
.turn.com/ Name: uid
Value: 3872451264296994851
.scandinavianairline.co/ Name: _ga
Value: GA1.2.1848888262.1675254114
.scandinavianairline.co/ Name: _gid
Value: GA1.2.1036814856.1675254114
.scandinavianairline.co/ Name: _gat_gtag_UA_87412869_1
Value: 1
.ctnsnet.com/ Name: cid_f0fd67e98a54429fa502007f49faceec
Value: 1
.sojern.com/ Name: adh
Value: 1
.krxd.net/ Name: _kuid_
Value: PWn8KGbH
.doubleclick.net/ Name: IDE
Value: AHWqTUnlDz-yZSbfGvKSCZCDriGNgxBzTrAfFrqITCfwwjnVVeAaMUeGMsPi93Q8z0o
.scandinavianairline.co/ Name: _fbp
Value: fb.1.1675254113713.1968793677
.tiktok.com/ Name: _ttp
Value: 2L8YKc8LSyii45m16V1Mobc7aOF
.sojern.com/ Name: gid
Value: CAESEPSt9jWeO7JZTn2hdjIwu00
.sojern.com/ Name: cid
Value: 4f703720-9f13-5c5b-1ecf-baed0effcb89#1675209600000
.adnxs.com/ Name: uuid2
Value: 3692277313772995806
.analytics.yahoo.com/ Name: IDSYNC
Value: 19ak~29r0
.yahoo.com/ Name: A3
Value: d=AQABBGFZ2mMCEDIDqYiFGLHKXIr1oceD2I4FEgEBAQGq22PkYwAAAAAA_eMAAA&S=AQAAAsHPEaQrTxnuzOCME43n92k
.sojern.com/ Name: apnid
Value: 3692277313772995806
.demdex.net/ Name: demdex
Value: 83392480682251579741591767556205126684
.yieldoptimizer.com/ Name: dph
Value: %7B%22t%22%3A%5B123468%2C123468%2C123468%5D%2C%22dp%22%3A%5B6438%2C5864%2C6729%5D%7D
.scandinavianairline.co/ Name: _tt_enable_cookie
Value: 1
.scandinavianairline.co/ Name: _ttp
Value: LUK3f5QZkqKYWTa_IaUE8DEpWXG
.dpm.demdex.net/ Name: dpm
Value: 83392480682251579741591767556205126684
.scandinavianairline.co/ Name: __gads
Value: ID=09f884036c4885af-22789bbfcdda004f:T=1675254114:RT=1675254114:S=ALNI_MZvnHDJWrlnMa7rBfe1Y2G-cyeb5g
.scandinavianairline.co/ Name: __gpi
Value: UID=0000099c0c754a70:T=1675254114:RT=1675254114:S=ALNI_MaB23j2Hy5PskpBLYDAoKs5s-gSyg

5 Console Messages

Source Level URL
Text
javascript warning URL: http://scandinavianairline.co/(Line 51)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga_exp.js?utmxkey=74967075-55&utmx=&utmxx=&utmxtime=1675254112633, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://scandinavianairline.co/(Line 51)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga_exp.js?utmxkey=74967075-55&utmx=&utmxx=&utmxtime=1675254112633, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3049526025298869&output=html&h=80&slotname=4757800033&adk=418467429&adf=1468885513&pi=t.ma~as.4757800033&w=300&lmt=1668349273&format=300x80&url=http%3A%2F%2Fscandinavianairline.co%2F&wgl=1&dt=1675254113553&bpp=3&bdt=938&idt=479&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&correlator=2572299386483&frm=20&pv=2&ga_vid=1848888262.1675254114&ga_sid=1675254114&ga_hid=1149629742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1060&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071545%2C31071580%2C31071755%2C31071789%2C31071811%2C31071263&oid=2&pvsid=2426876963906323&tmod=1031656404&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=gtYfYrrd16&p=http%3A//scandinavianairline.co&dtd=495
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3049526025298869&output=html&h=280&slotname=7711266438&adk=4066113200&adf=3459343451&pi=t.ma~as.7711266438&w=728&fwrn=4&fwrnh=100&lmt=1668349273&rafmt=1&format=728x280&url=http%3A%2F%2Fscandinavianairline.co%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1675254113556&bpp=2&bdt=941&idt=496&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x80&correlator=2572299386483&frm=20&pv=1&ga_vid=1848888262.1675254114&ga_sid=1675254114&ga_hid=1149629742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=730&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071545%2C31071580%2C31071755%2C31071789%2C31071811%2C31071263&oid=2&pvsid=2426876963906323&tmod=1031656404&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=bxcNdCEJMp&p=http%3A//scandinavianairline.co&dtd=501
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3049526025298869&output=html&h=280&slotname=1804333631&adk=2508022459&adf=2951112906&pi=t.ma~as.1804333631&w=728&fwrn=4&fwrnh=100&lmt=1668349273&rafmt=1&format=728x280&url=http%3A%2F%2Fscandinavianairline.co%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1675254113558&bpp=1&bdt=944&idt=510&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x80%2C728x280&correlator=2572299386483&frm=20&pv=1&ga_vid=1848888262.1675254114&ga_sid=1675254114&ga_hid=1149629742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=2079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071545%2C31071580%2C31071755%2C31071789%2C31071811%2C31071263&oid=2&pvsid=2426876963906323&tmod=1031656404&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=M78Vr7UKRU&p=http%3A//scandinavianairline.co&dtd=514
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.se
analytics.tiktok.com
beacon.krxd.net
cm.ctnsnet.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.turn.com
d1idk9dk5z9kp6.cloudfront.net
dpm.demdex.net
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.sojern.com
scandinavianairline.co
static.hotjar.com
tag.adaraanalytics.com
tag.yieldoptimizer.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
104.96.91.98
107.178.244.119
13.32.23.15
13.32.27.7
142.250.180.194
142.250.180.225
142.250.180.226
142.250.181.226
142.250.184.238
142.250.185.106
142.250.185.168
142.250.185.98
142.250.186.162
142.251.208.162
142.251.208.174
142.251.39.36
157.240.253.1
18.156.0.31
185.150.189.143
185.60.216.35
212.82.100.182
35.186.193.173
35.186.212.60
35.241.54.161
35.244.174.68
37.252.171.149
46.228.164.13
52.223.40.198
54.208.86.90
54.73.101.116
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ed2e1a4ddab12aa7c2c0833c3c0a98d99affd857e332403ea7f7dd5ec6d3201
0ef9ec528b4d25675436a7f90294dd02c3ecd616d56da8bd6ada849367fecee6
11ebc3f889b0be047e40b4746a33ca59ee8d042d028784fb759ea251d260b1e0
129148555a20850268e51d9f1c9bf346015d20c2a3e5be992b452445784876ec
1675b598183ccbc503565b98205a7914ea7dfe74a472bffacb33617d42b124a4
1a319271f190a1354828474e82fe7b7e8032822798e1f73d8722587fe513fa32
1d64e0646bbb6829f8db027f956be8b26c92c4844e2ff7f7cf0d6fe9ced05968
1fab4e7ac7f88970841f9d9f73c3ec2f990ee7fe529b99503bca9e32671df54d
22c4ef98dd43be6933e9105ecb0ed667eb446cc2f7973a88406ebd8527748600
2da5386d859fb6b2a3c43913dfcae2848fa338d4613e30c56213e93292decebe
4a0d4fbe8f9096ef3eb5bfe5adea4e4ad8a4afce726d815d84fab7e4a231a22d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65be41ad9ddb9507e9251a24b8e04327f1349e99ac5ceb28210e22763fe9216a
73406cb2d6975ee3a14fd462ff8664fc08864850481635078e7b2b7df70f7064
7f8c6ee57d377cae3ad106f380b59b20fdee7c1eeb341504f13094411ab3e2f7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8543900e727ebe842767c748da139262d8121d949d8d09a6b44d44ce7d213a68
876094fef3f75b76291adf85f58a3d27c5a2298375a9e29d099d1d712d9429f1
89dc85aa13da8847f7a4243eb8ab841b40e936ea5cc810a1b174d1507e5a7524
8be01f8e757eb9e92da087e67908b20e70dafab8fd6969c4e4bd80886d3c3eb1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ff24378407f07764f9256092445d2ca349242baa1c61041eb61a29a7c301af1
922e8229cf571f325c0d39bc9fb00c36baa75bdb3599c65ac93fa733b815daf5
94a5116a7d57a45210aa04f70c9121861c7429fd4831dd24c31ccca7b5be1c12
94d3b99fcaca3b947dcbf90314d89ac557895a44783826d4df9ebb1ffa5e2d75
9625ec4233c4d3f3a2cdd34fbf2bb8302815d890fc0b6baec4fb3a3ca6e9854b
9889a9adc916dba09228a88514326180e8ea24949c0288f1478a45b7321dbabb
9baa9c902a5d3b4f0751952f4c10a0549b5467824565828eedbe3bf07f92e8ee
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9de15352135b29cdd0107a9fdc53b3a7828b0d061b7f6c716557dde2fe897170
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a79facbcc3d02b45d9e1e6dd36450d53068b0c655683087e44c707ca6864aeba
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b155d480b27c493cafd65f1dfc64b5eea7c514663145b9bd2f1dd3e4f4c20f2d
b5a09ac4bdb47696b2b60fafbb2ee416d050a9fa2e9192ec3a2761e149723055
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
ce7961738e4b5447f5a8883f1f6bf21b049e3cd7ebf4ef1d77abe992b40848e9
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d040f784b653ff5f7d1a0c0df54f476517c378e5e77412bdc88a1e20b5a1937f
d9561f67a3980512bcc1ff297e629b48e8ddb6385a92e5833a8cedb626b0eb53
d9eea42f179e4a54d72c720728866ef3328c9a1025666414811dfbcfcfee7962
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45f49516f5f283e687ceaaa29a6d5ca6becf14d9c18a7e2378454b3d694f517
e706e85daca2ab4eee069b5f556994193a6a10033212328c6351b766b5c79dae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5afc40a1ef6eefbfc5a3a096fdd51ce0ab8af1b31b3a64caa5eb49d034b9149
fcf5a5b1780b5fd4e6c1d23ffe3c989e3e35a86e62d6a9b7b4b95b4122c256f7