s266319173.t.en25.com Open in urlscan Pro
141.145.8.14 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://s266319173.t.en25.com/e/f2.aspx?elqFormName=SYSTEM-DoubleOpt-inForm&elqSiteID=266319173&emailAddress=cengrand%40amadeu...
Submission: On September 23 via manual (September 23rd 2021, 9:00:27 am UTC) from IN — Scanned from DE

Summary HTTP 40 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 15 IPs in 7 countries across 13 domains to perform 40 HTTP transactions. The main IP is 141.145.8.14, located in Amsterdam, Netherlands and belongs to ORCL-AM-OPC1, SE. The main domain is s266319173.t.en25.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 31st 2021. Valid for: a year.

This is the only time s266319173.t.en25.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	141.145.8.14 141.145.8.14	43898 (ORCL-AM-OPC1) (ORCL-AM-OPC1)
4	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
3	107.154.251.68 107.154.251.68	19551 (INCAPSULA) (INCAPSULA)
5	54.228.42.199 54.228.42.199	16509 (AMAZON-02) (AMAZON-02)
2	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
9	104.111.229.66 104.111.229.66	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.16.175.42 69.16.175.42	20446 (HIGHWINDS3) (HIGHWINDS3)
4	104.16.19.94 104.16.19.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	141.145.8.13 141.145.8.13	43898 (ORCL-AM-OPC1) (ORCL-AM-OPC1)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
2	63.32.159.255 63.32.159.255	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
1	34.247.192.108 34.247.192.108	16509 (AMAZON-02) (AMAZON-02)
2	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
1 1	99.80.210.73 99.80.210.73	16509 (AMAZON-02) (AMAZON-02)
40	15

1 141.145.8.14 (Amsterdam, Netherlands)

ASN43898 (ORCL-AM-OPC1, SE)

s266319173.t.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.154.251.68 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.251.68.ip.incapdns.net

amadeus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.228.42.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-42-199.eu-west-1.compute.amazonaws.com

amadeus-bootstrap-preview.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.111.229.66 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-229-66.deploy.static.akamaitechnologies.com

img06.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.145.8.13 (Amsterdam, Netherlands) 2 redirects

ASN43898 (ORCL-AM-OPC1, SE)

s266319173.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s487768300.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.159.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.192.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-192-108.eu-west-1.compute.amazonaws.com

amadeusitgroup.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

amadeus.d3.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.210.73 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-210-73.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	en25.com s266319173.t.en25.com img06.en25.com	60 KB
5	herokuapp.com amadeus-bootstrap-preview.herokuapp.com	102 KB
4	eloqua.com 2 redirects s266319173.t.eloqua.com s487768300.t.eloqua.com	2 KB
4	cloudflare.com cdnjs.cloudflare.com	57 KB
4	tiqcdn.com tags.tiqcdn.com	96 KB
3	demdex.net dpm.demdex.net amadeusitgroup.demdex.net	5 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	amadeus.com amadeus.com	36 KB
2	omtrdc.net amadeus.d3.sc.omtrdc.net	542 B
2	youtube.com www.youtube.com	45 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	14 KB
1	jquery.com code.jquery.com	24 KB
40	13

	Domain	Requested by
9	img06.en25.com	s266319173.t.en25.com tags.tiqcdn.com
5	amadeus-bootstrap-preview.herokuapp.com	s266319173.t.en25.com
4	cdnjs.cloudflare.com	s266319173.t.en25.com
4	tags.tiqcdn.com	s266319173.t.en25.com tags.tiqcdn.com
3	amadeus.com	s266319173.t.en25.com
2	amadeus.d3.sc.omtrdc.net	tags.tiqcdn.com s266319173.t.en25.com
2	s487768300.t.eloqua.com	1 redirects s266319173.t.en25.com
2	www.youtube.com	tags.tiqcdn.com www.youtube.com
2	dpm.demdex.net	tags.tiqcdn.com s266319173.t.en25.com
2	s266319173.t.eloqua.com	1 redirects s266319173.t.en25.com
2	platform.twitter.com	s266319173.t.en25.com platform.twitter.com
1	cm.everesttech.net	1 redirects
1	amadeusitgroup.demdex.net	tags.tiqcdn.com
1	syndication.twitter.com	platform.twitter.com
1	maxcdn.bootstrapcdn.com	s266319173.t.en25.com
1	code.jquery.com	s266319173.t.en25.com
1	s266319173.t.en25.com
40	17

This site contains links to these domains. Also see Links.

Domain
amadeus.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
*.t.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-31` - `2022-04-21`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
amadeus.com Sectigo RSA Organization Validation Secure Server CA	`2021-08-02` - `2022-08-11`	a year	crt.sh
*.herokuapp.com Amazon	`2021-06-01` - `2022-06-30`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.en25.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.t.eloqua.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2022-04-08`	2 years	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.d3.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-02-28` - `2022-03-04`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://s266319173.t.en25.com/e/f2.aspx?elqFormName=SYSTEM-DoubleOpt-inForm&elqSiteID=266319173&emailAddress=cengrand%40amadeus.com&TypeOpt-inOpt-out=Opt-in%20-%20Double&EmailSource=Amadeus%20Updates&elqTrackId=97ee0c6b32154f30a59d45d637164e80&elq=2987e32e0cfe435fb58aa40b3398f9f9&elqaid=301&elqat=1&elqCampaignId=319&elqcst=272&elqcsid=160
Frame ID: 18565087D09D8965325D76F799AD6739
Requests: 37 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fs266319173.t.en25.com
Frame ID: 8757F01DA5FD1DBD1713564DD234F8CA
Requests: 2 HTTP requests in this frame

Frame: https://amadeusitgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: 5CB04DD5A73C0E2FD3E4D811692F49DB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AmadeusAmadeus logoKeyboard arrow leftKeyboard arrow rightArrow backArrow forwardExternal linkDownloadPlay circleEmailPhoneTwitter

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/clientlibs/
/etc\.clientlibs/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Tealium (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

^(?:https?:)?//tags\.tiqcdn\.com/

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jquery[.-]([\d.]*\d)[^/]*\.js

Page Statistics

40
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

17
Subdomains

15
IPs

7
Countries

572 kB
Transfer

1413 kB
Size

19
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://amadeus.com/en/policies/cookies-policy
Title: Cookie Policy.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AmadeusITGroup/?elqTrackId=50d7cd3497e744ea9cebe3fb148f9721&elqaid=216&elqat=2

Search URL Search Domain Scan URL

URL: https://twitter.com/AmadeusITGroup?elqTrackId=4fc8636d54174402892dccdcac979eb5&elqaid=216&elqat=2

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/amadeus?elqTrackId=281eb04cd1b147888eaa2ecea53a0c9a&elqaid=216&elqat=2

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/AmadeusITGroup?elqTrackId=2d53ad8574ec432e854dc54fae745c73&elqaid=216&elqat=2

Search URL Search Domain Scan URL

URL: https://amadeus.com/en/social-media?elqTrackId=93e3555a11b14aefa89738bfb28971d4&elqaid=216&elqat=2
Title: See all

Search URL Search Domain Scan URL

URL: https://amadeus.com/en/policies/amadeus-policies?elqTrackId=e67f984468fc4fe5aa9b057883cc1758&elqaid=216&elqat=2
Title: Legal Notices & Privacy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://s266319173.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=266319173&PURLSiteID=3&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=216&PURLRecordID=0&PURLGUID=b0f42aa0-4a56-480d-ad32-383051579927&UseRelativePath=False&elq={00000000-0000-0000-0000-000000000000}&firstPartyCookieDomain=campaign.amadeus.com&elqGUID=b0f42aa0-4a56-480d-ad32-383051579927&elq_ck=0 HTTP 302
https://s266319173.t.eloqua.com/eloquaimages/tinydot.gif

Request Chain 32

https://s487768300.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=487768300&ref2=elqNone&tzo=0&ms=697&optin=disabled HTTP 302
https://s487768300.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=487768300&ref2=elqNone&tzo=0&ms=697&optin=disabled&elqCookie=1

Request Chain 37

https://cm.everesttech.net/cm/dd?d_uuid=18052414421909698140469387223404362900 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YUxCJgAAAFilhwQD

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set f2.aspx Show response
s266319173.t.en25.com/e/ 23 KB
24 KB 4277ms
4208ms Document
text/html 141.145.8.14
ORCL-AM-OPC1

General

Check archive.org

Show headers Download Go to

Full URL

https://s266319173.t.en25.com/e/f2.aspx?elqFormName=SYSTEM-DoubleOpt-inForm&elqSiteID=266319173&emailAddress=cengrand%40amadeus.com&TypeOpt-inOpt-out=Opt-in%20-%20Double&EmailSource=Amadeus%20Updates&elqTrackId=97ee0c6b32154f30a59d45d637164e80&elq=2987e32e0cfe435fb58aa40b3398f9f9&elqaid=301&elqat=1&elqCampaignId=319&elqcst=272&elqcsid=160

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

141.145.8.14 Amsterdam, Netherlands, ASN43898 (ORCL-AM-OPC1, SE),

Reverse DNS

Software

Resource Hash

92e6d2d643767826e93ba84d7d350aecdeb9539d945295be09f8b923fc8370f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: s266319173.t.en25.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
Content-Encoding: identity
Expires: -1
X-Robots-Tag: noindex, nofollow
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Origin: *
Set-Cookie: ELOQUA=GUID=B0F42AA04A56480DAD32383051579927; domain=.en25.com; expires=Sun, 23-Oct-2022 09:00:17 GMT; path=/;SameSite=None; secure ELQSTATUS=OK; domain=.en25.com; expires=Sun, 23-Oct-2022 09:00:17 GMT; path=/;SameSite=None; secure
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
X-Content-Type-Options: nosniff
Date: Thu, 23 Sep 2021 09:00:20 GMT

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/amadeus/marketing/prod/ 4 KB
1 KB 185ms
117ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/amadeus/marketing/prod/utag.sync.js
Requested by: Host: s266319173.t.en25.com
URL: https://s266319173.t.en25.com/e/f2.aspx?elqFormName=SYSTEM-DoubleOpt-inForm&elqSiteID=266319173&emailAddress=cengrand%40amadeus.com&TypeOpt-inOpt-out=Opt-in%20-%20Double&EmailSource=Amadeus%20Updates&elqTrackId=97ee0c6b32154f30a59d45d637164e80&elq=2987e32e0cfe435fb58aa40b3398f9f9&elqaid=301&elqat=1&elqCampaignId=319&elqcst=272&elqcsid=160
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 71d2145dbd6f0ea6ed31e20fb59c44c5d93d7066b13cb50fced933fa7a37816a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:00:21 GMT
content-encoding: gzip
last-modified: Fri, 03 Sep 2021 12:48:25 GMT
server: AkamaiNetStorage
etag: "00f9eb3e06e44cb7083e1cfdd46dda29:1630673305.201877"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 1252
expires: Thu, 23 Sep 2021 09:05:21 GMT

GET
H2 200 campaigns.css
amadeus.com/etc/clientlibs/amadeus/ 0
0 428ms
140ms Stylesheet
text/html 107.154.251.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://amadeus.com/etc/clientlibs/amadeus/campaigns.css
Requested by: Host: s266319173.t.en25.com
URL: https://s266319173.t.en25.com/e/f2.aspx?elqFormName=SYSTEM-DoubleOpt-inForm&elqSiteID=266319173&emailAddress=cengrand%40amadeus.com&TypeOpt-inOpt-out=Opt-in%20-%20Double&EmailSource=Amadeus%20Updates&elqTrackId=97ee0c6b32154f30a59d45d637164e80&elq=2987e32e0cfe435fb58aa40b3398f9f9&elqaid=301&elqat=1&elqCampaignId=319&elqcst=272&elqcsid=160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.251.68 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.251.68.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 200
OK slick.css
amadeus-bootstrap-preview.herokuapp.com/css/ 2 KB
2 KB 153ms
32ms Stylesheet
text/css 54.228.42.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://amadeus-bootstrap-preview.herokuapp.com/css/slick.css
Requested by: Host: s266319173.t.en25.com
URL: https://s266319173.t.en25.com/e/f2.aspx?elqFormName=SYSTEM-DoubleOpt-inForm&elqSiteID=266319173&emailAddress=cengrand%40amadeus.com&TypeOpt-inOpt-out=Opt-in%20-%20Double&EmailSource=Amadeus%20Updates&elqTrackId=97ee0c6b32154f30a59d45d637164e80&elq=2987e32e0cfe435fb58aa40b3398f9f9&elqaid=301&elqat=1&elqCampaignId=319&elqcst=272&elqcsid=160
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.42.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-42-199.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 09:00:21 GMT
Via: 1.1 vegur
Last-Modified: Tue, 03 Oct 2017 17:39:47 GMT
Server: Cowboy
Etag: W/"6f0-15ee3527ab8"
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1776

GET
H2 200 jquery.min.js Show response
amadeus.com/etc.clientlibs/clientlibs/granite/ 98 KB
36 KB 992ms
704ms Script
application/javascript 107.154.251.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://amadeus.com/etc.clientlibs/clientlibs/granite/jquery.min.js

Requested by

Host: s266319173.t.en25.com
URL: https://s266319173.t.en25.com/e/f2.aspx?elqFormName=SYSTEM-DoubleOpt-inForm&elqSiteID=266319173&emailAddress=cengrand%40amadeus.com&TypeOpt-inOpt-out=Opt-in%20-%20Double&EmailSource=Amadeus%20Updates&elqTrackId=97ee0c6b32154f30a59d45d637164e80&elq=2987e32e0cfe435fb58aa40b3398f9f9&elqaid=301&elqat=1&elqCampaignId=319&elqcst=272&elqcsid=160

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.251.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.251.68.ip.incapdns.net

Software

Apache /

Resource Hash

1d5dcc1f5ef70e9ab2b6190c1bc183d8c7b7bb7e37f99a2a426174c5c4f2b7c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .seismic.com .decibel.com .decibelinsight.net .twitter.com .shareaholic.net .onetrust.com .omtrdc.net .demdex.net .doubleclick.net .shareaholic.com .linkedin.com .facebook.com .eurolandir.com .cookielaw.com .geoip-js.com .google-analytics.com .google.;
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOW-FROM .seismic.com .decibel.com .decibelinsight.net .twitter.com .shareaholic.net .onetrust.com .omtrdc.net .demdex.net .doubleclick.net .shareaholic.com .linkedin.com .facebook.com .eurolandir.com .cookielaw.com .geoip-js.com .google-analytics.com .google. *.facebook.com;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:00:21 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-cdn: Imperva
content-security-policy-report-only: font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: m9m6e2w5.stackpathcdn.com fonts.gstatic.com; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.co.uk www.google.com.eg t.co px.ads.linkedin.com www.google.fr www.google.it www.google.com.ng cdn.cookielaw.org www.google.com.ar www.google.com.mx www.google.com.ua www.google.pl img.youtube.com www.google-analytics.com s266319173.t.eloqua.com dpm.demdex.net cm.everesttech.net *.omtrdc.net www.google.es www.googletagmanager.com www.google.co.in www.facebook.com connect.facebook.net www.google.de; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com t.co www.google-analytics.com *.doubleclick.net analytics.shareaholic.com dpm.demdex.net collection.decibelinsight.net cdn.cookielaw.org www.facebook.com *.omtrdc.net privacyportal-eu.onetrust.com www.shareaholic.net geoip-js.com; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.googleapis.com; form-action www.facebook.com; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com.co www.google.com tags.tiqcdn.com www.googleadservices.com www.google.co.uk www.google.fr snap.licdn.com cdnjs.cloudflare.com connect.facebook.net www.google.com.eg tools.euroland.com *.doubleclick.net img06.en25.com www.youtube.com cdn.decibelinsight.net www.google-analytics.com geolocation.onetrust.com analytics.twitter.com www.googletagmanager.com static.ads-twitter.com platform.twitter.com apps.shareaholic.com m9m6e2w5.stackpathcdn.com cdn.cookielaw.org js.maxmind.com; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.facebook.com platform.twitter.com www.google.com tools.eurolandir.com www.youtube.com amadeusitgroup.demdex.net *.doubleclick.net; report-uri /csp_report
x-iinfo: 5-236390849-236367893 2NNN RT(1632387621205 0) q(0 0 0 0) r(5 5)
content-length: 35339
last-modified: Thu, 09 Sep 2021 09:35:46 GMT
server: Apache
x-frame-options: ALLOW-FROM *.seismic.com *.decibel.com *.decibelinsight.net *.twitter.com *.shareaholic.net *.onetrust.com *.omtrdc.net *.demdex.net *.doubleclick.net *.shareaholic.com *.linkedin.com *.facebook.com *.eurolandir.com *.cookielaw.com *.geoip-js.com *.google-analytics.com *.google.* *.facebook.com;
etag: "1878d-5cb8cb92ac080-gzip"
strict-transport-security: max-age=0
content-type: application/javascript
cache-control: no-cache="set-cookie"
content-security-policy: frame-ancestors *.seismic.com *.decibel.com *.decibelinsight.net *.twitter.com *.shareaholic.net *.onetrust.com *.omtrdc.net *.demdex.net *.doubleclick.net *.shareaholic.com *.linkedin.com *.facebook.com *.eurolandir.com *.cookielaw.com *.geoip-js.com *.google-analytics.com *.google.*;
accept-ranges: bytes

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 28ms
6ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: s266319173.t.en25.com
URL: https://s266319173.t.en25.com/e/f2.aspx?elqFormName=SYSTEM-DoubleOpt-inForm&elqSiteID=266319173&emailAddress=cengrand%40amadeus.com&TypeOpt-inOpt-out=Opt-in%20-%20Double&EmailSource=Amadeus%20Updates&elqTrackId=97ee0c6b32154f30a59d45d637164e80&elq=2987e32e0cfe435fb58aa40b3398f9f9&elqaid=301&elqat=1&elqCampaignId=319&elqcst=272&elqcsid=160
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C2) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 09:00:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/67C2)
Age: 734
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28872

GET
H/1.1 200
OK %7B23e3736e-5d4c-4798-a5e3-2f8c4a1047d9%7D_lp_template_form_css.css
img06.en25.com/Web/Amadeus/ 15 KB
16 KB 46ms
14ms Stylesheet
text/css 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img06.en25.com/Web/Amadeus/%7B23e3736e-5d4c-4798-a5e3-2f8c4a1047d9%7D_lp_template_form_css.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

ba63736820ceacd2422f3538e38fbc55a09bfa3c5c528bdc1b42e0b8b5aad10e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Oct 2018 08:38:45 GMT
ETag: "b97be8a77460d41:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-cache, no-store
Date: Thu, 23 Sep 2021 09:00:21 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 15759
X-XSS-Protection: 1; mode=block
Expires: Thu, 23 Sep 2021 09:00:21 GMT

GET
H/1.1 200
OK %7Bd12f9567-f3e0-4ad6-bbfc-485e53530ef6%7D_logo.png
img06.en25.com/EloquaImages/clients/Amadeus/ 3 KB
3 KB 24ms
11ms Image
image/png 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img06.en25.com/EloquaImages/clients/Amadeus/%7Bd12f9567-f3e0-4ad6-bbfc-485e53530ef6%7D_logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

7a354cf8c5b08fd5947724f50043c636b43ae16b131e1216fc038402f8619321

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 12 Apr 2018 11:48:57 GMT
ETag: "0ca583d54d2d31:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-cache, no-store
Date: Thu, 23 Sep 2021 09:00:22 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 3023
X-XSS-Protection: 1; mode=block
Expires: Thu, 23 Sep 2021 09:00:22 GMT

GET
H/1.1 200
OK %7B6f3065a2-d44b-450e-aa60-073ffa78291e%7D_ic_facebook.png
img06.en25.com/EloquaImages/clients/Amadeus/ 197 B
719 B 30ms
16ms Image
image/png 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img06.en25.com/EloquaImages/clients/Amadeus/%7B6f3065a2-d44b-450e-aa60-073ffa78291e%7D_ic_facebook.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

cc23d7e106f949b4a837aee7f535132f2b056fe36489e9de8b615ec5c88ef82f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 Jun 2018 08:08:24 GMT
ETag: "a57275dc6d8d41:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-cache, no-store
Date: Thu, 23 Sep 2021 09:00:22 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 197
X-XSS-Protection: 1; mode=block
Expires: Thu, 23 Sep 2021 09:00:22 GMT

GET
H/1.1 200
OK %7B7ce143fa-256a-456a-b65d-84e8026dc8f7%7D_ic_twitter.png
img06.en25.com/EloquaImages/clients/Amadeus/ 245 B
767 B 29ms
16ms Image
image/png 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img06.en25.com/EloquaImages/clients/Amadeus/%7B7ce143fa-256a-456a-b65d-84e8026dc8f7%7D_ic_twitter.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

9d9f29631580a835236f4d78ed2b4f89f6593d17fd32ccd1e1e7ba7f718b242a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 Jun 2018 08:08:24 GMT
ETag: "d99b79dc6d8d41:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-cache, no-store
Date: Thu, 23 Sep 2021 09:00:22 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 245
X-XSS-Protection: 1; mode=block
Expires: Thu, 23 Sep 2021 09:00:22 GMT

GET
H/1.1 200
OK %7B91dc0c2e-b2ee-4cef-978a-cc72b4719580%7D_ic_linkedin.png
img06.en25.com/EloquaImages/clients/Amadeus/ 237 B
717 B 36ms
11ms Image
image/png 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img06.en25.com/EloquaImages/clients/Amadeus/%7B91dc0c2e-b2ee-4cef-978a-cc72b4719580%7D_ic_linkedin.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

25df29d28526d286e4be343c75535f1ab51958bd2b177708f78f3452dfd838c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 Jun 2018 08:08:24 GMT
ETag: "8c9178dc6d8d41:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-cache, no-store
Date: Thu, 23 Sep 2021 09:00:22 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 237
Expires: Thu, 23 Sep 2021 09:00:22 GMT

GET
H/1.1 200
OK %7B475e1597-dd47-4ced-83c7-0d5927e9431a%7D_ic_youtube.png
img06.en25.com/EloquaImages/clients/Amadeus/ 198 B
678 B 20ms
11ms Image
image/png 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img06.en25.com/EloquaImages/clients/Amadeus/%7B475e1597-dd47-4ced-83c7-0d5927e9431a%7D_ic_youtube.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

26714b300a6640bff23115265c0bba490aad894d809df335ec64378347657a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 Jun 2018 08:08:24 GMT
ETag: "523e7bdc6d8d41:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-cache, no-store
Date: Thu, 23 Sep 2021 09:00:22 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 198
Expires: Thu, 23 Sep 2021 09:00:22 GMT

GET
H2 200 campaigns.min.js Show response
amadeus.com/etc/clientlibs/amadeus/ 0
0 139ms
139ms Script
text/html 107.154.251.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://amadeus.com/etc/clientlibs/amadeus/campaigns.min.js
Requested by: Host: s266319173.t.en25.com
URL: https://s266319173.t.en25.com/e/f2.aspx?elqFormName=SYSTEM-DoubleOpt-inForm&elqSiteID=266319173&emailAddress=cengrand%40amadeus.com&TypeOpt-inOpt-out=Opt-in%20-%20Double&EmailSource=Amadeus%20Updates&elqTrackId=97ee0c6b32154f30a59d45d637164e80&elq=2987e32e0cfe435fb58aa40b3398f9f9&elqaid=301&elqat=1&elqCampaignId=319&elqcst=272&elqcsid=160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.251.68 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.251.68.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 215ms
15ms Script
application/javascript 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: s266319173.t.en25.com
URL: https://s266319173.t.en25.com/e/f2.aspx?elqFormName=SYSTEM-DoubleOpt-inForm&elqSiteID=266319173&emailAddress=cengrand%40amadeus.com&TypeOpt-inOpt-out=Opt-in%20-%20Double&EmailSource=Amadeus%20Updates&elqTrackId=97ee0c6b32154f30a59d45d637164e80&elq=2987e32e0cfe435fb58aa40b3398f9f9&elqaid=301&elqat=1&elqCampaignId=319&elqcst=272&elqcsid=160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer: https://s266319173.t.en25.com/
Origin: https://s266319173.t.en25.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:00:21 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
etag: W/"58d026fb-10fdd"
vary: Accept-Encoding
x-hw: 1632387621.dop238.am5.t,1632387621.cds209.am5.hn,1632387621.cds255.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 23856

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 40ms
18ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://s266319173.t.en25.com/
Origin: https://s266319173.t.en25.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1689802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6157
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEdxFsuOtZvwLaXcDsSyX3KVLxneoeo5NNIopsVyCa2PBjqLm%2BQuladiF8uMYPEvazf3qBOtkXeegwExCWOanbhf7%2Bdz6IOEb%2FgBzAgjbjqwmxHyOIaB%2B%2FoWuL7CQrACzRPOOGN7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6932950d9b7a2169-DUS
expires: Tue, 13 Sep 2022 09:00:22 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
14 KB 66ms
44ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s266319173.t.en25.com/
Origin: https://s266319173.t.en25.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
access-control-allow-origin: *
cdn-cachedat: 08/04/2021 00:04:37
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: aac192da012b1f1637140b0610a50b02
cf-ray: 6932950dcb27c4db-DUS
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/ 113 KB
34 KB 37ms
24ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/TweenMax.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 649348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 33534
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1c274"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPc6lOrZlQUNsb3SZ5pDyi6ZwzWQtChWkeW%2B1aPQhdAy1rgPcsJLsaybXggbCVXtMi0IyteOXVRqUsal7qwJgp1oceYkQMTm1vQf%2B30rGNVFSvSylkmqvU%2BMxbw%2Faw%2BEzOzGGpfO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6932950e38ba8766-DUS
expires: Tue, 13 Sep 2022 09:00:22 GMT

GET
H3 200 Draggable.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/utils/ 38 KB
13 KB 25ms
25ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/utils/Draggable.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

756199ae996c5c89ce2eb94c63611cb0d817535e6e7deabd734949f1dc30b62f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 54391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12613
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-979a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Smo4Uj5gV7dL1Jc09lIK1usTly3VE383%2BiCSl%2B4cNoUqe7Bx5WhI9Muk19ejY%2B9kaDxcHCvZcinJvM1wfCIkBJoyivmVvK7lWAfZyTI21h3261MZGcHBS3glzM5WtDEhA%2FjWC1VO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6932950e79428766-DUS
expires: Tue, 13 Sep 2022 09:00:22 GMT

GET
H/1.1 200
OK DrawSVGPlugin.min.js Show response
amadeus-bootstrap-preview.herokuapp.com/gsap/src/minified/plugins/ 4 KB
5 KB 33ms
33ms Script
application/javascript 54.228.42.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://amadeus-bootstrap-preview.herokuapp.com/gsap/src/minified/plugins/DrawSVGPlugin.min.js
Requested by: Host: s266319173.t.en25.com
URL: https://s266319173.t.en25.com/e/f2.aspx?elqFormName=SYSTEM-DoubleOpt-inForm&elqSiteID=266319173&emailAddress=cengrand%40amadeus.com&TypeOpt-inOpt-out=Opt-in%20-%20Double&EmailSource=Amadeus%20Updates&elqTrackId=97ee0c6b32154f30a59d45d637164e80&elq=2987e32e0cfe435fb58aa40b3398f9f9&elqaid=301&elqat=1&elqCampaignId=319&elqcst=272&elqcsid=160
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.42.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-42-199.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: 4d1127022bcc9ba7fb3a7103310badab47687770d79bee2764b641feb14e88d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 09:00:22 GMT
Via: 1.1 vegur
Last-Modified: Tue, 23 Feb 2021 14:48:24 GMT
Server: Cowboy
Etag: W/"115b-177cf5cd6c0"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4443

GET
H3 200 balancetext.min.js Show response
cdnjs.cloudflare.com/ajax/libs/balance-text/3.2.0/ 9 KB
3 KB 40ms
26ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/balance-text/3.2.0/balancetext.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcb31c4ac1ffbf43d3f036c39f64e614b9e623a205b40e7ddb3ec6b9cf663694

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://s266319173.t.en25.com/
Origin: https://s266319173.t.en25.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 53795
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2546
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:10 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d72-2397"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8BcoTqUO8TH5ehtXWOV%2BmGRxu4bCtjmH%2Bo2%2Bn6YQYLFy4sluMeGRGXgF0M%2BuUzbNcbtvToN2BabhMd%2BgWCXTJlwIoEAKd93iD6B3rkpl0tX%2FpNDHb%2F3%2BeUqHBLNCNCTzByQarsl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6932950ef8e3fb5c-DUS
expires: Tue, 13 Sep 2022 09:00:22 GMT

GET
H/1.1 200
OK _carousel_custom_2.js Show response
amadeus-bootstrap-preview.herokuapp.com/js/ 6 KB
7 KB 32ms
32ms Script
application/javascript 54.228.42.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://amadeus-bootstrap-preview.herokuapp.com/js/_carousel_custom_2.js
Requested by: Host: s266319173.t.en25.com
URL: https://s266319173.t.en25.com/e/f2.aspx?elqFormName=SYSTEM-DoubleOpt-inForm&elqSiteID=266319173&emailAddress=cengrand%40amadeus.com&TypeOpt-inOpt-out=Opt-in%20-%20Double&EmailSource=Amadeus%20Updates&elqTrackId=97ee0c6b32154f30a59d45d637164e80&elq=2987e32e0cfe435fb58aa40b3398f9f9&elqaid=301&elqat=1&elqCampaignId=319&elqcst=272&elqcsid=160
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.42.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-42-199.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: 50a3b0c5f61271b12a0c62a6ad1631fdc25c3942d2f7d346d225de17ecafbe63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 09:00:22 GMT
Via: 1.1 vegur
Last-Modified: Tue, 23 Feb 2021 14:48:24 GMT
Server: Cowboy
Etag: W/"19c5-177cf5cd6c0"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6597

GET
H/1.1 200
OK slick.js Show response
amadeus-bootstrap-preview.herokuapp.com/js/ 87 KB
87 KB 62ms
62ms Script
application/javascript 54.228.42.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://amadeus-bootstrap-preview.herokuapp.com/js/slick.js
Requested by: Host: s266319173.t.en25.com
URL: https://s266319173.t.en25.com/e/f2.aspx?elqFormName=SYSTEM-DoubleOpt-inForm&elqSiteID=266319173&emailAddress=cengrand%40amadeus.com&TypeOpt-inOpt-out=Opt-in%20-%20Double&EmailSource=Amadeus%20Updates&elqTrackId=97ee0c6b32154f30a59d45d637164e80&elq=2987e32e0cfe435fb58aa40b3398f9f9&elqaid=301&elqat=1&elqCampaignId=319&elqcst=272&elqcsid=160
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.42.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-42-199.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: d7a517a0c66f574237ca33ea1e47e5a0a4806fa38ac7fe6ec192badebf44d84a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 09:00:22 GMT
Via: 1.1 vegur
Last-Modified: Tue, 03 Oct 2017 17:49:55 GMT
Server: Cowboy
Etag: W/"15b9d-15ee35bc1b8"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88989

GET
H/1.1 200
OK _carousel_video.js Show response
amadeus-bootstrap-preview.herokuapp.com/js/ 771 B
1 KB 95ms
34ms Script
application/javascript 54.228.42.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://amadeus-bootstrap-preview.herokuapp.com/js/_carousel_video.js
Requested by: Host: s266319173.t.en25.com
URL: https://s266319173.t.en25.com/e/f2.aspx?elqFormName=SYSTEM-DoubleOpt-inForm&elqSiteID=266319173&emailAddress=cengrand%40amadeus.com&TypeOpt-inOpt-out=Opt-in%20-%20Double&EmailSource=Amadeus%20Updates&elqTrackId=97ee0c6b32154f30a59d45d637164e80&elq=2987e32e0cfe435fb58aa40b3398f9f9&elqaid=301&elqat=1&elqCampaignId=319&elqcst=272&elqcsid=160
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.42.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-42-199.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: e200b094fcb88f9b0462d94b1c8161cb141dcf67f1a8fd32a2c0e6f6b3c95f21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 09:00:22 GMT
Via: 1.1 vegur
Last-Modified: Tue, 23 Feb 2021 14:48:24 GMT
Server: Cowboy
Etag: W/"303-177cf5cd6c0"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 771

GET
H/1.1 200
OK %7Bbf5acb67-78f7-4cd3-b208-8587c6d7640a%7D_getVal.js Show response
img06.en25.com/Web/ONEAMADEUSTEST2/ 1 KB
2 KB 65ms
64ms Script
application/x-javascript 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img06.en25.com/Web/ONEAMADEUSTEST2/%7Bbf5acb67-78f7-4cd3-b208-8587c6d7640a%7D_getVal.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

38212d7868cb2c6eb75257750ba735d129e2c35217b0b325c1700e7f2eb06dc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: application/x-javascript
Last-Modified: Fri, 22 Nov 2019 08:42:59 GMT
ETag: "f34bfdd710a1d51:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Thu, 23 Sep 2021 09:00:22 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 1127
X-XSS-Protection: 1; mode=block
Expires: Thu, 23 Sep 2021 09:00:22 GMT

GET
H/1.1 200
OK %7Bcc4af823-e3e5-438c-ac7a-0c4950dc9e19%7D_bannerCookies.min.js Show response
img06.en25.com/Web/ONEAMADEUSTEST2/ 5 KB
5 KB 40ms
26ms Script
application/x-javascript 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img06.en25.com/Web/ONEAMADEUSTEST2/%7Bcc4af823-e3e5-438c-ac7a-0c4950dc9e19%7D_bannerCookies.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

d66eb9a42ced21def6d22a18a3aaddccc4f07fc6f12f9ba8f126364a80450f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: application/x-javascript
Last-Modified: Tue, 10 Dec 2019 09:42:57 GMT
ETag: "a79f4c343eafd51:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Thu, 23 Sep 2021 09:00:22 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 4694
X-XSS-Protection: 1; mode=block
Expires: Thu, 23 Sep 2021 09:00:22 GMT

GET
H/1.1

200
OK

tinydot.gif
s266319173.t.eloqua.com/eloquaimages/
Redirect Chain

https://s266319173.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=266319173&PURLSiteID=3&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=216&PURLRecordID=0&PURLGUID=b0f42aa0-4a56-480d-ad32-383...
https://s266319173.t.eloqua.com/eloquaimages/tinydot.gif

49 B
542 B

17ms
17ms

Image
image/gif

141.145.8.13
ORCL-AM-OPC1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s266319173.t.eloqua.com/eloquaimages/tinydot.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

141.145.8.13 Amsterdam, Netherlands, ASN43898 (ORCL-AM-OPC1, SE),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/gif
Last-Modified: Fri, 23 Jul 2021 17:22:28 GMT
ETag: "ffad94fe77fd71:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Thu, 23 Sep 2021 09:00:22 GMT
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-XSS-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Thu, 23 Sep 2021 09:00:21 GMT
X-Robots-Tag: noindex, nofollow
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: /eloquaimages/tinydot.gif
Cache-Control: no-store
Content-Type: text/html; charset=utf-8
Content-Length: 142
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/amadeus/marketing/prod/ 213 KB
66 KB 322ms
321ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/amadeus/marketing/prod/utag.js
Requested by: Host: s266319173.t.en25.com
URL: https://s266319173.t.en25.com/e/f2.aspx?elqFormName=SYSTEM-DoubleOpt-inForm&elqSiteID=266319173&emailAddress=cengrand%40amadeus.com&TypeOpt-inOpt-out=Opt-in%20-%20Double&EmailSource=Amadeus%20Updates&elqTrackId=97ee0c6b32154f30a59d45d637164e80&elq=2987e32e0cfe435fb58aa40b3398f9f9&elqaid=301&elqat=1&elqCampaignId=319&elqcst=272&elqcsid=160
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a5f79c4ec3cb65b660a4f3d42d2adcaf52563e5bb9bb6bd8b256a77884668b6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:00:22 GMT
content-encoding: gzip
last-modified: Fri, 03 Sep 2021 12:48:26 GMT
server: AkamaiNetStorage
etag: "8c744285861a3ae1b03812efcad9b29c:1630673306.078843"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
expires: Thu, 23 Sep 2021 09:05:22 GMT

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame 8757 319 KB
103 KB 7ms
6ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fs266319173.t.en25.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D5) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s266319173.t.en25.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 817247
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 23 Sep 2021 09:00:22 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67D5)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 8757 293 B
455 B 127ms
111ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=316e1765a072a3267a2d4ead220d44ea45cfc286

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fs266319173.t.en25.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

d9ceff65bdd50ee19f5d2759c03809e7ad2269f04008a0a98ae94c9e04e2c894

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:00:22 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 09:00:22 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 7b98229d5d27bcad027c98a089ddb16b750449ef69067510da71d82e7fcbf8fe
content-length: 189

GET
H/1.1 200
OK elqCfg.min.js Show response
img06.en25.com/i/ 6 KB
6 KB 11ms
11ms Script
application/x-javascript 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img06.en25.com/i/elqCfg.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/amadeus/marketing/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: application/x-javascript
Last-Modified: Fri, 23 Jul 2021 17:22:32 GMT
ETag: "f43f2652e77fd71:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Thu, 23 Sep 2021 09:00:22 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 6080
X-XSS-Protection: 1; mode=block
Expires: Thu, 23 Sep 2021 09:00:22 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 373 B
1 KB 137ms
34ms XHR
application/json 63.32.159.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=10C66EA5532231080A490D44%40AdobeOrg&d_nsid=0&ts=1632387622688

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/amadeus/marketing/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c0bfcc6ea1f57c277f2fb2e6e84ddefb8af7370cc1631cde0a29d2ddfe879908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://s266319173.t.en25.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v017-0b1645713.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 9UjwsXznSK8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://s266319173.t.en25.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 313
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 98ms
42ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/amadeus/marketing/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

dc7334c9c89e9a6f685772653be300ab88b0b9ca44527a8e9402e72b30ee3111

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires: Thu, 23 Sep 2021 09:00:22 GMT

GET
H2 200 utag.4.js Show response
tags.tiqcdn.com/utag/amadeus/marketing/prod/ 91 KB
29 KB 12ms
12ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/amadeus/marketing/prod/utag.4.js?utv=ut4.46.202106300705
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/amadeus/marketing/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f444b8c2c3789fbad71dc039b536cdb644ec0963b22229ceed68e22a5def37a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:00:22 GMT
content-encoding: gzip
last-modified: Wed, 30 Jun 2021 07:05:32 GMT
server: AkamaiNetStorage
etag: "ca169d97c2b0af7ac2df06a5c1604287:1625036732.53442"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 29504
expires: Fri, 08 Oct 2021 09:00:22 GMT

GET
H/1.1

200
OK

svrGP.aspx
s487768300.t.eloqua.com/visitor/v200/
Redirect Chain

https://s487768300.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=487768300&ref2=elqNone&tzo=0&ms=697&optin=disabled
https://s487768300.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=487768300&ref2=elqNone&tzo=0&ms=697&optin=disabled&elqCookie=1

49 B
448 B

329ms
329ms

Image
image/gif

141.145.8.13
ORCL-AM-OPC1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s487768300.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=487768300&ref2=elqNone&tzo=0&ms=697&optin=disabled&elqCookie=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

141.145.8.13 Amsterdam, Netherlands, ASN43898 (ORCL-AM-OPC1, SE),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/gif
Date: Thu, 23 Sep 2021 09:00:22 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Thu, 23 Sep 2021 09:00:22 GMT
X-Robots-Tag: noindex, nofollow
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://s487768300.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=487768300&ref2=elqNone&tzo=0&ms=697&optin=disabled&elqCookie=1
Cache-Control: no-store
Content-Type: text/html; charset=utf-8
Content-Length: 272
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 10ms
10ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=amadeus/marketing/202109031248&cb=1632387622722
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/amadeus/marketing/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:00:22 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Thu, 23 Sep 2021 09:10:22 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/202721c6/www-widgetapi.vflset/ 135 KB
44 KB 75ms
26ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/202721c6/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

sffe /

Resource Hash

410b77cfed895ed4121c51db552980b028e957881909f803f67192c4ad59b315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 08:23:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 00:16:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Sep 2022 08:23:35 GMT

GET
H/1.1 200
OK dest5.html Show response
amadeusitgroup.demdex.net/ Frame 5CB0 7 KB
3 KB 147ms
33ms Document
text/html 34.247.192.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://amadeusitgroup.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/amadeus/marketing/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.192.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-192-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: amadeusitgroup.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s266319173.t.en25.com/
Accept-Encoding: gzip, deflate, br
Cookie: demdex=18052414421909698140469387223404362900
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 23 Sep 2021 09:00:22 GMT
DCS: dcs-prod-irl1-2-v017-0247c7893.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 22 Sep 2021 15:04:11 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 4NAWl5XaSPo=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
amadeus.d3.sc.omtrdc.net/ 2 B
321 B 79ms
18ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://amadeus.d3.sc.omtrdc.net/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=10C66EA5532231080A490D44%40AdobeOrg&mid=14981131593480412330811850028216992083&ts=1632387622834

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/amadeus/marketing/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s266319173.t.en25.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 23 Sep 2021 09:00:22 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-567564d5d5-qnj4n
vary: Origin
x-c: main-1531.I2ae8be.M0-520
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://s266319173.t.en25.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YUxCJgAAAFilhwQD
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=18052414421909698140469387223404362900
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YUxCJgAAAFilhwQD

42 B
945 B

36ms
36ms

Image
image/gif

63.32.159.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YUxCJgAAAFilhwQD

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v017-0adb41fe1.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: kqEL9/NqSF8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YUxCJgAAAFilhwQD
Date: Thu, 23 Sep 2021 09:00:22 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 s71025395014778
amadeus.d3.sc.omtrdc.net/b/ss/amadeusmarketingprod,amadeusecoglobalprod/1/JS-2.7.0/ 43 B
221 B 19ms
19ms Image
image/gif 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amadeus.d3.sc.omtrdc.net/b/ss/amadeusmarketingprod,amadeusecoglobalprod/1/JS-2.7.0/s71025395014778?AQB=1&ndh=1&pf=1&t=23%2F8%2F2021%209%3A0%3A22%204%200&sdid=6B1ABCDE8A977B45-108FC01E99459942&mid=14981131593480412330811850028216992083&aamlh=6&ce=UTF-8&ns=amadeus&pageName=campaigns%3Ae%3Af2.aspx&g=https%3A%2F%2Fs266319173.t.en25.com%2Fe%2Ff2.aspx%3FelqFormName%3DSYSTEM-DoubleOpt-inForm%26elqSiteID%3D266319173%26emailAddress%3Dcengrand%2540amadeus.com%26TypeOpt-inOpt-out%3DOpt-in%2520-%2520Double%26EmailSource%3DAmadeus%2520Updates%26elqTrackId%3D97ee0c6b32154f30a59d45d637164e80%26elq%3D2987e32&cc=EUR&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=campaigns%3Ae%3Af2.aspx&v6=https%3A%2F%2Fs266319173.t.en25.com%2Fe%2Ff2.aspx%3FelqFormName%3DSYSTEM-DoubleOpt-inForm%26elqSiteID%3D266319173%26emailAddress%3Dcengrand%2540amadeus.com%26TypeOpt-inOpt-out%3DOpt-in%2520-%2520Double%26EmailSource%3DAmadeus%2520Updates%26elqTrackId%3D97ee0c6b32154f30a59d45d637164e80%26elq%3D2987e32e0cfe435fb58aa40b3398f9f9%26elqaid%3D301%26elqat%3D1%26elqCampaignId%3D319%26elqcst%3D272%26elqcsid%3D160&v9=11%3A00%20AM%7CThursday&v18=English-American&v19=Global&c33=English-American&v33=Corporate%20communication%20%26%20Brand&v73=New&v90=Other&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=e0cfe435fb58aa40b3398f9f9%26elqaid%3D301%26elqat%3D1%26elqCampaignId%3D319%26elqcst%3D272%26elqcsid%3D160&mcorgid=10C66EA5532231080A490D44%40AdobeOrg&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s266319173.t.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:00:22 GMT
x-content-type-options: nosniff
x-c: main-1531.I2ae8be.M0-520
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 24 Sep 2021 09:00:22 GMT
server: jag
xserver: anedge-567564d5d5-6rzrm
etag: 3505525726694440960-4619452980928794043
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 22 Sep 2021 09:00:22 GMT

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.en25.com/	1970-01-20 06:55:15	Name: ELOQUA Value: GUID=B0F42AA04A56480DAD32383051579927
.en25.com/	1970-01-20 06:55:15	Name: ELQSTATUS Value: OK
amadeus.com/	1970-01-19 21:26:28	Name: AWSELBCORS Value: 7D43F71316A88EE2F507AB4E5E761F8BF05DC13B7695311DF3CFD6FF8DDABE8F389FDD8D7FA931CBAC3EFACC3F2877EF557BF58F0F43826272F4622B15F4964F7FD07E742A
.en25.com/	1970-01-20 06:12:03	Name: utag_main Value: v_id:017c11e26718009cfccda6e83ff003072015406a00b08$_sn:1$_se:1$_ss:1$_st:1632389422681$ses_id:1632387622681%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:en25.com
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: tQ-Gy6CSabg
.youtube.com/	1970-01-20 01:45:39	Name: VISITOR_INFO1_LIVE Value: TtvD34rhat0
.eloqua.com/	1970-01-20 06:55:15	Name: ELOQUA Value: GUID=00E91113DDC1408B8A459597A4FD15F2
.eloqua.com/	1970-01-20 06:55:15	Name: ELQSTATUS Value: OK
.demdex.net/	1970-01-20 01:45:39	Name: demdex Value: 18052414421909698140469387223404362900
.en25.com/	1969-12-31 23:59:59	Name: AMCVS_10C66EA5532231080A490D44%40AdobeOrg Value: 1
.en25.com/	1970-01-19 21:26:29	Name: gpv_pn Value: campaigns%3Ae%3Af2.aspx
.en25.com/	1970-01-19 21:37:26	Name: s_vnum Value: 1633046400918%26vn%3D1
.en25.com/	1970-01-19 21:26:29	Name: s_invisit Value: true
.en25.com/	1970-01-19 21:26:29	Name: gpv_pl Value: https%3A%2F%2Fs266319173.t.en25.com%2Fe%2Ff2.aspx%3FelqFormName%3DSYSTEM-DoubleOpt-inForm%26elqSiteID%3D266319173%26emailAddress%3Dcengrand%2540amadeus.com%26TypeOpt-inOpt-out%3DOpt-in%2520-%2520Double%26EmailSource%3DAmadeus%2520Updates%26elqTrackId%3D97ee0c6b32154f30a59d45d637164e80%26elq%3D2987e32e0cfe435fb58aa40b3398f9f9%26elqaid%3D301%26elqat%3D1%26elqCampaignId%3D319%26elqcst%3D272%26elqcsid%3D160
.en25.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-20 06:12:03	Name: everest_g_v2 Value: g_surferid~YUxCJgAAAFilhwQD
.dpm.demdex.net/	1970-01-20 01:45:39	Name: dpm Value: 18052414421909698140469387223404362900
.en25.com/	1970-01-20 14:57:39	Name: AMCV_10C66EA5532231080A490D44%40AdobeOrg Value: -330454231%7CMCIDTS%7C18894%7CMCMID%7C14981131593480412330811850028216992083%7CMCAAMLH-1632992422%7C6%7CMCAAMB-1632992422%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1632394822s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18901%7CvVersion%7C3.1.2
.en25.com/	1969-12-31 23:59:59	Name: s_ptc Value: 6.25

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amadeus-bootstrap-preview.herokuapp.com
amadeus.com
amadeus.d3.sc.omtrdc.net
amadeusitgroup.demdex.net
cdnjs.cloudflare.com
cm.everesttech.net
code.jquery.com
dpm.demdex.net
img06.en25.com
maxcdn.bootstrapcdn.com
platform.twitter.com
s266319173.t.eloqua.com
s266319173.t.en25.com
s487768300.t.eloqua.com
syndication.twitter.com
tags.tiqcdn.com
www.youtube.com
104.111.229.66
104.16.19.94
104.18.11.207
104.244.42.8
104.75.88.194
107.154.251.68
141.145.8.13
141.145.8.14
142.250.185.142
15.236.176.210
34.247.192.108
54.228.42.199
63.32.159.255
69.16.175.42
93.184.220.66
99.80.210.73
1d5dcc1f5ef70e9ab2b6190c1bc183d8c7b7bb7e37f99a2a426174c5c4f2b7c5
25df29d28526d286e4be343c75535f1ab51958bd2b177708f78f3452dfd838c2
26714b300a6640bff23115265c0bba490aad894d809df335ec64378347657a78
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
38212d7868cb2c6eb75257750ba735d129e2c35217b0b325c1700e7f2eb06dc7
410b77cfed895ed4121c51db552980b028e957881909f803f67192c4ad59b315
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
4d1127022bcc9ba7fb3a7103310badab47687770d79bee2764b641feb14e88d6
50a3b0c5f61271b12a0c62a6ad1631fdc25c3942d2f7d346d225de17ecafbe63
71d2145dbd6f0ea6ed31e20fb59c44c5d93d7066b13cb50fced933fa7a37816a
756199ae996c5c89ce2eb94c63611cb0d817535e6e7deabd734949f1dc30b62f
7a354cf8c5b08fd5947724f50043c636b43ae16b131e1216fc038402f8619321
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
92e6d2d643767826e93ba84d7d350aecdeb9539d945295be09f8b923fc8370f0
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
9d9f29631580a835236f4d78ed2b4f89f6593d17fd32ccd1e1e7ba7f718b242a
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a5f79c4ec3cb65b660a4f3d42d2adcaf52563e5bb9bb6bd8b256a77884668b6d
ba63736820ceacd2422f3538e38fbc55a09bfa3c5c528bdc1b42e0b8b5aad10e
c0bfcc6ea1f57c277f2fb2e6e84ddefb8af7370cc1631cde0a29d2ddfe879908
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cc23d7e106f949b4a837aee7f535132f2b056fe36489e9de8b615ec5c88ef82f
d66eb9a42ced21def6d22a18a3aaddccc4f07fc6f12f9ba8f126364a80450f75
d7a517a0c66f574237ca33ea1e47e5a0a4806fa38ac7fe6ec192badebf44d84a
d9ceff65bdd50ee19f5d2759c03809e7ad2269f04008a0a98ae94c9e04e2c894
dc7334c9c89e9a6f685772653be300ab88b0b9ca44527a8e9402e72b30ee3111
dcb31c4ac1ffbf43d3f036c39f64e614b9e623a205b40e7ddb3ec6b9cf663694
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e200b094fcb88f9b0462d94b1c8161cb141dcf67f1a8fd32a2c0e6f6b3c95f21
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f444b8c2c3789fbad71dc039b536cdb644ec0963b22229ceed68e22a5def37a2

s266319173.t.en25.com Open in urlscan Pro 141.145.8.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

0 %IPv6

13 Domains

17 Subdomains

15 IPs

7 Countries

572 kBTransfer

1413 kBSize

19 Cookies

7 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

s266319173.t.en25.com Open in urlscan Pro
141.145.8.14 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

17
Subdomains

15
IPs

7
Countries

572 kB
Transfer

1413 kB
Size

19
Cookies

40 HTTP transactions
0 data transactions