www.edreams.net Open in urlscan Pro
23.8.0.125 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.edreams.net/
Effective URL:
https://www.edreams.net/
Submission: On September 19 via manual (September 19th 2019, 4:51:49 pm UTC) from DO

Summary HTTP 383 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 85 IPs in 12 countries across 64 domains to perform 383 HTTP transactions. The main IP is 23.8.0.125, located in Netherlands and belongs to AKAMAI-ASN1, US. The main domain is www.edreams.net.
TLS certificate: Issued by DigiCert ECC Secure Server CA on November 26th 2018. Valid for: a year.

This is the only time www.edreams.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 68	23.8.0.125 23.8.0.125	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	192.229.233.55 192.229.233.55	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
4	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
12	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	52.47.65.151 52.47.65.151	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 4	95.131.143.205 95.131.143.205	47841 (OXALIDE) (OXALIDE)
2 5	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
14	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	3.121.16.187 3.121.16.187	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	5.57.17.220 5.57.17.220	43996 (BOOKING-B...) (BOOKING-BV Booking.com)
1	213.168.247.34 213.168.247.34	15830 (TELECITY-LON) (TELECITY-LON)
6	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
6	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3 7	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
18	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.77.224.225 54.77.224.225	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 3	45.54.49.5 45.54.49.5	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
1 3	23.43.115.95 23.43.115.95	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	147.75.102.200 147.75.102.200	54825 (PACKET) (PACKET - Packet Host)
1	95.100.78.156 95.100.78.156	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE - Google LLC)
3	192.99.16.222 192.99.16.222	16276 (OVH) (OVH)
4	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE - Google LLC)
1	143.204.208.9 143.204.208.9	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:205... 2600:9000:2057:9c00:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	93.184.220.113 93.184.220.113	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 5	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE - Google LLC)
4	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
9	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.111.241.32 104.111.241.32	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	54.76.84.205 54.76.84.205	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	54.72.14.87 54.72.14.87	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:815::200d	15169 (GOOGLE) (GOOGLE - Google LLC)
3 3	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE - Google LLC)
2 3	185.33.223.203 185.33.223.203	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE - Google LLC)
25	192.229.133.132 192.229.133.132	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 2	212.129.3.112 212.129.3.112	12876 (AS12876) (AS12876)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO - Criteo Corp.)
1	104.225.98.131 104.225.98.131	36236 (NETACTUATE) (NETACTUATE - NetActuate)
12	2a04:4e42:1b:... 2a04:4e42:1b::720	54113 (FASTLY) (FASTLY - Fastly)
3	185.33.223.215 185.33.223.215	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	35.241.54.161 35.241.54.161	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 1	46.228.164.27 46.228.164.27	56396 (TURN) (TURN)
1 2	3.248.160.221 3.248.160.221	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	52.201.39.30 52.201.39.30	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2 2	35.190.72.21 35.190.72.21	15169 (GOOGLE) (GOOGLE - Google LLC)
1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2.16.122.151 2.16.122.151	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1 2	52.59.139.190 52.59.139.190	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2.18.234.72 2.18.234.72	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.204.174 147.75.204.174	54825 (PACKET) (PACKET - Packet Host)
10	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS - CacheNetworks)
2	143.204.214.43 143.204.214.43	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	147.75.204.210 147.75.204.210	54825 (PACKET) (PACKET - Packet Host)
10	199.166.0.26 199.166.0.26	7415 (ADSAFE-1) (ADSAFE-1 - Integral Ad Science)
27	2607:f740:e61... 2607:f740:e619::1	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
1	147.75.102.227 147.75.102.227	54825 (PACKET) (PACKET - Packet Host)
10	199.166.0.32 199.166.0.32	7415 (ADSAFE-1) (ADSAFE-1 - Integral Ad Science)
2	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	213.168.247.12 213.168.247.12	15830 (TELECITY-LON) (TELECITY-LON)
3	99.86.1.198 99.86.1.198	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6	104.244.37.20 104.244.37.20	7415 (ADSAFE-1) (ADSAFE-1 - Integral Ad Science)
1	52.218.65.140 52.218.65.140	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	67.26.139.252 67.26.139.252	3356 (LEVEL3) (LEVEL3 - Level 3 Parent)
2	3.220.155.136 3.220.155.136	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	52.59.165.192 52.59.165.192	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
3	64.185.181.238 64.185.181.238	40009 (BITGRAVITY) (BITGRAVITY - BitGravity)
3	163.171.242.27 163.171.242.27	54994 (QUANTILNE...) (QUANTILNETWORKS - QUANTIL NETWORKS INC)
2	67.27.234.122 67.27.234.122	3356 (LEVEL3) (LEVEL3 - Level 3 Parent)
2	2a02:26f0:6c0... 2a02:26f0:6c00:18a::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	152.195.34.116 152.195.34.116	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
3	151.101.112.65 151.101.112.65	54113 (FASTLY) (FASTLY - Fastly)
3	178.79.226.1 178.79.226.1	22822 (LLNW) (LLNW - Limelight Networks)
2	31.3.2.126 31.3.2.126	21245 (NETSA-AS) (NETSA-AS)
1	54.243.231.206 54.243.231.206	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
383	85

68 23.8.0.125 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-8-0-125.deploy.static.akamaitechnologies.com

www.edreams.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.odistatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a3.odistatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a2.odistatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ak1.odistatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.233.55 (Los Angeles, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.tagcommander.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.47.65.151 (Paris, France)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-47-65-151.eu-west-3.compute.amazonaws.com

edreamsodigeo.commander1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.131.143.205 (France) 1 redirects

ASN47841 (OXALIDE, FR)

engage.commander1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400c:c09::9b (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.121.16.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-121-16-187.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.57.17.220 (Amsterdam, Netherlands) 1 redirects

ASN43996 (BOOKING-BV Booking.com, NL)
PTR: www.booking.com

www.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.168.247.34 (Ireland)

ASN15830 (TELECITY-LON, GB)

rentacar.edreams.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

smartlock.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.224.225 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-224-225.eu-west-1.compute.amazonaws.com

resources.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.54.49.5 (West Hollywood, United States) 1 redirects

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)
PTR: 5.49.54.45.ptr.anycast.net

radar.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.43.115.95 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-43-115-95.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.102.200 (Central, Hong Kong) 1 redirects

ASN54825 (PACKET - Packet Host, Inc., US)

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.78.156 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-100-78-156.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.99.16.222 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: us-129.sociomantic.net

us-sonar.sociomantic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.244.119 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 119.244.178.107.bc.googleusercontent.com

pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.208.9 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-9.fra53.r.cloudfront.net

d1mj578wat5n4o.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:9c00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.220.113 (London, United Kingdom)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.212.60 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 60.212.186.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.0.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.241.32 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-241-32.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.84.205 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-84-205.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.72.14.87 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-14-87.eu-west-1.compute.amazonaws.com

api.boxever.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.21.194 (United States) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.223.203 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 159.248.227.35.bc.googleusercontent.com

tapestry.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 192.229.133.132 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ajaxgeo.cartrawler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cars.cartrawler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.129.3.112 (Paris, France) 1 redirects

ASN12876 (AS12876, FR)
PTR: 212-129-3-112.rev.poneytelecom.eu

js.sddan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.150 (United States)

ASN19750 (AS-CRITEO - Criteo Corp., US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.225.98.131 (West Hollywood, United States)

ASN36236 (NETACTUATE - NetActuate, Inc, US)
PTR: 131.98.225.104.ptr.anycast.net

i2-ghfbxuaxdsxweicdfadwssvgyfwqgb.init.cedexis-radar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a04:4e42:1b::720 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

ct-supplierimage.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.223.215 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 315.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.54.161 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 161.54.241.35.bc.googleusercontent.com

tag.adaraanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.27 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

sd.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.160.221 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-248-160-221.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.201.39.30 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-201-39-30.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.72.21 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 21.72.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.122.151 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-122-151.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.139.190 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-59-139-190.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.72 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-72.deploy.static.akamaitechnologies.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.204.174 (Chicago, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-2

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US)
PTR: vip1.G-anycast1.cachefly.net

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.214.43 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-43.fra53.r.cloudfront.net

ahgele3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.204.210 (Chicago, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-4

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 199.166.0.26 (United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)
PTR: anycast.pixel.adsafeprotected.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2607:f740:e619::1 (United States)

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)

rpt.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.227 (Central, Hong Kong)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-7

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 199.166.0.32 (United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)
PTR: anycast.static.adsafeprotected.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

feedback.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.168.247.12 (Ireland)

ASN15830 (TELECITY-LON, GB)

otageo.cartrawler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.1.198 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-99-86-1-198.fra6.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.244.37.20 (United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)
PTR: daldt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.65.140 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.26.139.252 (United States)

ASN3356 (LEVEL3 - Level 3 Parent, LLC, US)

level3.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.220.155.136 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-220-155-136.compute-1.amazonaws.com

p33231.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.165.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-59-165-192.eu-central-1.compute.amazonaws.com

p33245.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net

hwcdnssl.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.185.181.238 (United States)

ASN40009 (BITGRAVITY - BitGravity, Inc., US)
PTR: pc-b.bitgravity.com

cedexis.pc.cdn.bitgravity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 163.171.242.27 (United States)

ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US)

p41683.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.27.234.122 (United States)

ASN3356 (LEVEL3 - Level 3 Parent, LLC, US)

level3ssl.optimicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:18a::1931 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 152.195.34.116 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

vdms-ssl.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.112.65 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

fastly.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.79.226.1 (Italy)

ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: https-178-79-226-1.vie.llnw.net

limelight-ssl.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.3.2.126 (Turkey)

ASN21245 (NETSA-AS, TR)

img-cedexis.mncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.231.206 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-243-231-206.compute-1.amazonaws.com

tag.cartrawler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	edreams.net 1 redirects www.edreams.net rentacar.edreams.net Failed	2 MB
30	cedexis.com 1 redirects radar.cedexis.com rpt.cedexis.com	30 KB
29	doubleclick.net 6 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	244 KB
27	cartrawler.com ajaxgeo.cartrawler.com cars.cartrawler.com otageo.cartrawler.com tag.cartrawler.com	669 KB
26	adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	422 KB
24	cedexis-test.com level3.cedexis-test.com p33231.cedexis-test.com p33245.cedexis-test.com hwcdnssl.cedexis-test.com p41683.cedexis-test.com vdms-ssl.cedexis-test.com fastly.cedexis-test.com limelight-ssl.cedexis-test.com	207 KB
19	google.com 3 redirects apis.google.com www.google.com adservice.google.com smartlock.google.com accounts.google.com	250 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	276 KB
12	adrecover.com delivery.adrecover.com feedback.adrecover.com	10 KB
12	imgix.net ct-supplierimage.imgix.net	29 KB
10	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	180 KB
10	google-analytics.com www.google-analytics.com	61 KB
9	googletagservices.com www.googletagservices.com	244 KB
7	google.de adservice.google.de www.google.de	890 B
6	adnxs.com 2 redirects ib.adnxs.com secure.adnxs.com	6 KB
6	commander1.com 1 redirects edreamsodigeo.commander1.com engage.commander1.com	4 KB
5	yieldoptimizer.com 1 redirects tag.yieldoptimizer.com	3 KB
5	odistatic.net a1.odistatic.net a3.odistatic.net a2.odistatic.net ak1.odistatic.net	19 KB
4	travelaudience.com ads.travelaudience.com	20 KB
4	sojern.com pixel.sojern.com	2 KB
4	facebook.net connect.facebook.net	120 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	bitgravity.com cedexis.pc.cdn.bitgravity.com	638 B
3	amazon-adsystem.com c.amazon-adsystem.com	25 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	74 KB
3	criteo.com 1 redirects sslwidget.criteo.com widget.us.criteo.com dis.us.criteo.com	2 KB
3	boxever.com api.boxever.com	612 B
3	crwdcntrl.net 1 redirects tags.crwdcntrl.net bcp.crwdcntrl.net	12 KB
3	sociomantic.com us-sonar.sociomantic.com	11 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	ensighten.com nexus.ensighten.com	43 KB
2	mncdn.com img-cedexis.mncdn.com	663 B
2	pinimg.com s.pinimg.com	342 B
2	optimicdn.com level3ssl.optimicdn.com	571 B
2	ahgele3.com ahgele3.com	17 KB
2	googletagmanager.com www.googletagmanager.com	65 KB
2	adscale.de 1 redirects ih.adscale.de	1 KB
2	360yield.com 1 redirects ice.360yield.com	1 KB
2	yieldlab.net ad.yieldlab.net	990 B
2	rlcdn.com 2 redirects idsync.rlcdn.com	827 B
2	liadm.com 2 redirects i.liadm.com	768 B
2	demdex.net 1 redirects dpm.demdex.net	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	1 KB
2	sddan.com 1 redirects js.sddan.com	4 KB
2	tapad.com 1 redirects tapestry.tapad.com pixel.tapad.com	814 B
2	facebook.com staticxx.facebook.com
2	googleadservices.com www.googleadservices.com	18 KB
2	bing.com bat.bing.com	7 KB
2	exelator.com 1 redirects loadeu.exelator.com	3 KB
2	booking.com www.booking.com Failed	914 B
2	tagcommander.com cdn.tagcommander.com	73 KB
1	amazonaws.com s3-eu-west-1.amazonaws.com	26 KB
1	pubmatic.com image2.pubmatic.com	839 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	pippio.com pippio.com	75 B
1	turn.com 1 redirects sd.turn.com	488 B
1	adaraanalytics.com tag.adaraanalytics.com	338 B
1	cedexis-radar.net i2-ghfbxuaxdsxweicdfadwssvgyfwqgb.init.cedexis-radar.net	1 KB
1	bluekai.com stags.bluekai.com
1	criteo.net static.criteo.net	10 KB
1	dwin1.com www.dwin1.com	7 KB
1	cloudfront.net d1mj578wat5n4o.cloudfront.net	8 KB
1	bkrtx.com tags.bkrtx.com	10 KB
1	xg4ken.com resources.xg4ken.com	5 KB
383	64

	Domain	Requested by
63	www.edreams.net	1 redirects www.edreams.net
27	rpt.cedexis.com	radar.cedexis.com
23	ajaxgeo.cartrawler.com	rentacar.edreams.net ajaxgeo.cartrawler.com
18	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.edreams.net ahgele3.com
12	ct-supplierimage.imgix.net	rentacar.edreams.net
12	fonts.gstatic.com	www.edreams.net
10	static.adsafeprotected.com	pixel.adsafeprotected.com www.edreams.net
10	pixel.adsafeprotected.com	www.edreams.net
10	delivery.adrecover.com	www.edreams.net delivery.adrecover.com
10	www.google-analytics.com	www.edreams.net www.google-analytics.com www.googletagmanager.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net
9	www.googletagservices.com	www.edreams.net securepubads.g.doubleclick.net
7	www.google.com	3 redirects www.edreams.net
6	dt.adsafeprotected.com
6	apis.google.com	www.edreams.net apis.google.com
5	tag.yieldoptimizer.com	1 redirects
5	www.google.de
5	stats.g.doubleclick.net	2 redirects www.edreams.net stats.g.doubleclick.net
4	hwcdnssl.cedexis-test.com	radar.cedexis.com
4	level3.cedexis-test.com	radar.cedexis.com
4	ads.travelaudience.com	cdn.tagcommander.com ads.travelaudience.com
4	pixel.sojern.com	cdn.tagcommander.com
4	connect.facebook.net	www.edreams.net connect.facebook.net
4	engage.commander1.com	1 redirects www.edreams.net
4	fonts.googleapis.com	www.edreams.net rentacar.edreams.net securepubads.g.doubleclick.net
3	limelight-ssl.cedexis-test.com	radar.cedexis.com
3	fastly.cedexis-test.com	radar.cedexis.com
3	vdms-ssl.cedexis-test.com	radar.cedexis.com
3	p41683.cedexis-test.com	radar.cedexis.com
3	cedexis.pc.cdn.bitgravity.com	radar.cedexis.com
3	c.amazon-adsystem.com	www.edreams.net c.amazon-adsystem.com
3	secure.adnxs.com
3	ib.adnxs.com	2 redirects
3	cm.g.doubleclick.net	3 redirects
3	api.boxever.com	d1mj578wat5n4o.cloudfront.net
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
3	us-sonar.sociomantic.com	cdn.tagcommander.com us-sonar.sociomantic.com
3	sb.scorecardresearch.com	1 redirects cdn.tagcommander.com
3	radar.cedexis.com	1 redirects radar.cedexis.com
3	nexus.ensighten.com	www.edreams.net nexus.ensighten.com
2	img-cedexis.mncdn.com
2	s.pinimg.com
2	level3ssl.optimicdn.com
2	p33245.cedexis-test.com
2	p33231.cedexis-test.com
2	a2.odistatic.net	www.edreams.net
2	feedback.adrecover.com	www.edreams.net
2	ahgele3.com	www.edreams.net
2	www.googletagmanager.com	rentacar.edreams.net
2	ih.adscale.de	1 redirects
2	ice.360yield.com	1 redirects
2	ad.yieldlab.net
2	idsync.rlcdn.com	2 redirects
2	i.liadm.com	2 redirects
2	dpm.demdex.net	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	cars.cartrawler.com	rentacar.edreams.net
2	js.sddan.com	1 redirects
2	accounts.google.com	apis.google.com
2	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
2	staticxx.facebook.com	connect.facebook.net
2	www.gstatic.com	www.google.com
2	www.googleadservices.com	cdn.tagcommander.com www.googletagmanager.com
2	bat.bing.com	cdn.tagcommander.com
2	loadeu.exelator.com	1 redirects
2	smartlock.google.com	www.edreams.net smartlock.google.com
2	adservice.google.com	www.googletagservices.com securepubads.g.doubleclick.net
2	adservice.google.de	www.googletagservices.com securepubads.g.doubleclick.net
2	www.booking.com	www.edreams.net
2	edreamsodigeo.commander1.com	www.edreams.net
2	cdn.tagcommander.com	www.edreams.net
1	tag.cartrawler.com	ajaxgeo.cartrawler.com
1	ak1.odistatic.net
1	s3-eu-west-1.amazonaws.com	securepubads.g.doubleclick.net
1	a3.odistatic.net	www.edreams.net
1	otageo.cartrawler.com	ajaxgeo.cartrawler.com
1	vars.hotjar.com	static.hotjar.com
1	dis.us.criteo.com	static.criteo.net
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	rentacar.edreams.net
1	pagead2.googlesyndication.com
1	pixel.tapad.com
1	image2.pubmatic.com
1	pixel.rubiconproject.com
1	pippio.com
1	sd.turn.com	1 redirects
1	tag.adaraanalytics.com
1	i2-ghfbxuaxdsxweicdfadwssvgyfwqgb.init.cedexis-radar.net	radar.cedexis.com
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	tapestry.tapad.com	1 redirects
1	stags.bluekai.com	tags.bkrtx.com
1	tags.crwdcntrl.net	cdn.tagcommander.com
1	static.criteo.net	cdn.tagcommander.com
1	www.dwin1.com	cdn.tagcommander.com
1	d1mj578wat5n4o.cloudfront.net	cdn.tagcommander.com
1	tags.bkrtx.com	cdn.tagcommander.com
1	resources.xg4ken.com	cdn.tagcommander.com
1	rentacar.edreams.net	www.edreams.net
1	a1.odistatic.net	www.edreams.net
383	100

This site contains links to these domains. Also see Links.

Domain
hotels.edreams.net
rentacar.edreams.com
transfers.edreams.net
www.getyourguide.com
www.edreams.cz
www.edreams.de
www.edreams.es
www.edreams.fr
www.edreams.gr
hu.edreams.com
www.edreams.it
nl.edreams.com
www.edreams.pt
ro.edreams.com
www.edreams.com.ru
www.edreams.ch
www.edreams.com.tr
www.edreams.co.uk
www.edreams.com.ar
www.edreams.com.br
cl.edreams.com
co.edreams.com
www.edreams.com.mx
www.edreams.pe
www.edreams.com.ve
www.edreams.com.au
cn.edreams.com
www.edreams.hk
id.edreams.com
www.edreams.in
www.edreams.jp
nz.edreams.com
www.edreams.ph
www.edreams.co.kr
sg.edreams.com
www.edreams.tw
th.edreams.com
www.edreams.ma
www.edreams.qa
www.edreams.sa
za.edreams.com
ca.edreams.com
www.edreams.com
itunes.apple.com
play.google.com
www.facebook.com
twitter.com
www.pinterest.com
instagram.com
edreams.com
www.youtube.com
dreamguides.edreams.com
www.edreamsodigeocareers.com
www.odigeoconnect.com
advertising.edreamsodigeo.com
www.edreams-saga.com
www.edreams-partners.com
www.edreams-deals.com
www.edreams-travel-guide.com

Subject Issuer	Validity	Valid
www.edreams.es DigiCert ECC Secure Server CA	`2018-11-26` - `2019-11-26`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
cdn.tagcommander.com DigiCert SHA2 Secure Server CA	`2017-10-26` - `2020-04-12`	2 years	crt.sh
*.googleapis.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.commander1.com Thawte RSA CA 2018	`2019-07-31` - `2020-09-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
nexus.ensighten.com DigiCert SHA2 Secure Server CA	`2018-10-17` - `2020-01-05`	a year	crt.sh
www.booking.com DigiCert ECC Extended Validation Server CA	`2018-11-27` - `2019-12-02`	a year	crt.sh
s7.ct.cartrawler.com DigiCert SHA2 High Assurance Server CA	`2019-02-28` - `2021-02-12`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-08-24` - `2019-10-19`	2 months	crt.sh
*.apis.google.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.xg4ken.com Go Daddy Secure Certificate Authority - G2	`2017-12-17` - `2020-12-17`	3 years	crt.sh
radar.cedexis.com Go Daddy Secure Certificate Authority - G2	`2019-06-26` - `2021-08-25`	2 years	crt.sh
*.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA	`2018-11-28` - `2019-12-26`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2018-12-03` - `2020-03-03`	a year	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.sociomantic.com COMODO SHA-256 Domain Validation Secure Server CA	`2018-01-18` - `2020-01-18`	2 years	crt.sh
*.sojern.com DigiCert SHA2 High Assurance Server CA	`2018-12-11` - `2020-12-10`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.dwin1.com Amazon	`2019-01-30` - `2020-02-29`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-03-26` - `2020-03-30`	a year	crt.sh
tags.crwdcntrl.net DigiCert SHA2 Secure Server CA	`2019-03-15` - `2021-04-07`	2 years	crt.sh
*.yieldoptimizer.com Go Daddy Secure Certificate Authority - G2	`2019-01-17` - `2020-02-12`	a year	crt.sh
ads.travelaudience.com Let's Encrypt Authority X3	`2019-09-04` - `2019-12-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert ECC Secure Server CA	`2018-12-10` - `2020-03-10`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.boxever.com Thawte RSA CA 2018	`2018-03-09` - `2020-03-08`	2 years	crt.sh
accounts.google.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.cartrawler.com DigiCert SHA2 Secure Server CA	`2019-08-20` - `2021-10-20`	2 years	crt.sh
*.sddan.com RapidSSL RSA CA 2018	`2018-01-09` - `2020-04-13`	2 years	crt.sh
*.us.criteo.com DigiCert ECC Secure Server CA	`2019-06-12` - `2020-06-16`	a year	crt.sh
*.init.cedexis-radar.net Go Daddy Secure Certificate Authority - G2	`2017-11-14` - `2020-01-13`	2 years	crt.sh
imgix.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-08-20` - `2020-08-20`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.adaraanalytics.com Go Daddy Secure Certificate Authority - G2	`2019-08-01` - `2021-08-24`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
pippio.com COMODO RSA Domain Validation Secure Server CA	`2017-10-23` - `2020-11-15`	3 years	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2018-12-12` - `2020-03-12`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.360yield.com Amazon	`2018-10-22` - `2019-11-22`	a year	crt.sh
cat.adscale.de DigiCert SHA2 Secure Server CA	`2019-07-29` - `2020-10-27`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2018-01-17` - `2019-11-02`	2 years	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-08-07` - `2019-11-05`	3 months	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2019-09-18` - `2021-10-29`	2 years	crt.sh
ahgele3.com Amazon	`2019-03-29` - `2020-04-29`	a year	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-08-07` - `2019-11-05`	3 months	crt.sh
*.adsafeprotected.com COMODO RSA Domain Validation Secure Server CA	`2018-08-20` - `2020-09-17`	2 years	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-08-07` - `2019-11-05`	3 months	crt.sh
*.adrecover.com COMODO RSA Domain Validation Secure Server CA	`2017-04-25` - `2020-06-23`	3 years	crt.sh
otageo.cartrawler.com DigiCert SHA2 High Assurance Server CA	`2019-02-04` - `2021-03-02`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2018-12-18` - `2019-11-21`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-11-08` - `2019-11-06`	a year	crt.sh
*.cedexis-test.com Go Daddy Secure Certificate Authority - G2	`2019-05-10` - `2020-07-09`	a year	crt.sh
*.pc.cdn.bitgravity.com RapidSSL RSA CA 2018	`2019-02-13` - `2020-02-13`	a year	crt.sh
*.optimicdn.com Gandi Standard SSL CA 2	`2018-02-26` - `2020-04-24`	2 years	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2019-06-05` - `2020-07-22`	a year	crt.sh
vdms-ssl.cedexis-test.com Go Daddy Secure Certificate Authority - G2	`2019-01-25` - `2020-01-26`	a year	crt.sh
g.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2019-05-24` - `2019-11-06`	5 months	crt.sh
*.mncdn.com Go Daddy Secure Certificate Authority - G2	`2019-06-17` - `2021-08-16`	2 years	crt.sh

This page contains 40 frames:

Primary Page: https://www.edreams.net/
Frame ID: 907565D7C93E55ECCE69DF58C97C90E1
Requests: 214 HTTP requests in this frame

Frame: https://www.booking.com/affiliatewidget.html?aid=308918;product=sb&target_aid=343806&aff_hostname=https://hotels.edreams.net&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893&lang=en-us&label=edr-link-usen-sb-conf-pc-of&utm_medium=(none)&utm_source=(direct)&utm_campaign=(direct)
Frame ID: F1F0F42F47F327A2F7D0DCFB4A2B0D42
Requests: 2 HTTP requests in this frame

Frame: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
Frame ID: 958BCE7B1CC51B042AC3292578CA5D82
Requests: 51 HTTP requests in this frame

Frame: https://www.edreams.net/travel/?preload=true
Frame ID: B96BCEC3BEFD40435D1E104685BF023E
Requests: 33 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 319BFC66FEC14FA1A0741F329E63124E
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/41246?ret=html&phint=v1%3DEUS&phint=v2%3DD&phint=v3%3D&phint=v4%3D&phint=v5%3D&phint=v6%3D&phint=v7%3D&phint=v8%3D&phint=v9%3D&phint=v10%3D&phint=s1%3D&phint=s2%3D&phint=s3%3D&phint=s4%3D&phint=s5%3D&phint=s6%3D&phint=s7%3D&phint=s8%3D&phint=s9%3D&phint=__bk_t%3DCheap%20flights%2C%20hotels%20and%20vacation%20packages%20-%20eDreams%20USA&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.edreams.net%2F&phint=__bk_v%3D3.1.3&limit=10&r=12495373
Frame ID: 1A2F266A6B863D303750C0974F5755CE
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=13552/rand=913285742/pv=y/genp=Brand%3AEUS/genp=Device%3AD/sm=Page_Name%3Ahomepage/seg=Flight_Type%3A/seg=Flight_Price%3A/seg=Flight_Class%3A/seg=Flight_number%3A/seg=Flight_airlines%3A/seg=Departure_Date%3A/seg=Departure_CountryName%3A/seg=Arrival_CountryName%3A/seg=Departure_CityCode%3A/seg=Arrival_CityCode%3A/seg=Return_Date%3A/seg=Nb_Pax%3A/seg=Nb_Adults%3A/seg=Nb_Children%3A/seg=Nb_Babies%3A/seg=Departure_Airport%3A/seg=Arrival_Airport%3A/seg=Nb_SearchToTravelDate%3A0/seg=Baggage%3A/seg=Total_basketAmount%3A/seg=Length_trip%3A/seg=Dep_weekday%3A/seg=Arr_weekday%3A/seg=Hotel_CityName%3A/seg=Hotel_Name%3A/seg=Hotel_Duration%3A/seg=Hotel_Adults%3A/seg=Hotel_Children%3A/seg=Hotel_Infants%3A/seg=Prime%3Afalse/seg=Paiement_Type%3A/int=%23OpR%2385796%23Total%20Site%20Traffic%20%3A%20www.edreams.net/rt=ifr
Frame ID: BCF3D8C5D87152C31118186C6CB3D32A
Requests: 1 HTTP requests in this frame

Frame: https://api.boxever.com/v1.2/boxever-cross-domain.html?client_key=grY1NOtKhm4xhDV9rsny82DvKa1iYFBN&parent_url=https%3A%2F%2Fwww.edreams.net%2F
Frame ID: B651CAA451D8FB3EFF60E741D465E714
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: FDB0B94319E8E6AC4B65EB60706DFB12
Requests: 1 HTTP requests in this frame

Frame: https://smartlock.google.com/iframe/request?client=https%3A%2F%2Fwww.edreams.net&id=f476233671ea76059f9024be70211f77fc70e6201b4b0b81dfad980b51ccebda&renderMode=navPopout&preloadRequest=%7B%22type%22%3A%22retrieve%22%2C%22options%22%3A%7B%22supportedAuthMethods%22%3A%5B%22https%3A%2F%2Faccounts.google.com%22%5D%2C%22supportedIdTokenProviders%22%3A%5B%7B%22uri%22%3A%22https%3A%2F%2Faccounts.google.com%22%2C%22clientId%22%3A%221044856101094-nefh1ut749dm808159t2aqt7vtl7836k.apps.googleusercontent.com%22%7D%5D%7D%7D&features=%7B%22feature%22%3A%5B%22DISPLAY_RP_TOS%22%5D%7D
Frame ID: 00144E0CAB8D472ABC272E71F8E72AD1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Frame ID: 04B0258A19F1F5FF64DC6AF53D96F835
Requests: 1 HTTP requests in this frame

Frame: https://delivery.adrecover.com/23518/adRecover.js
Frame ID: 412736A82F4E3F65F0E7AC1F2C41865D
Requests: 8 HTTP requests in this frame

Frame: https://delivery.adrecover.com/23518/adRecover.js
Frame ID: DAD97B2304444DD8C45F3151972605FA
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=926805&campId=300x250&pubId=51344715&chanId=90232635&placementId=5164744290&pubCreative=138287140360&pubOrder=2597097507&cb=1893840878
Frame ID: FE4CE94DF4D3F3BC11153BA7E5AD1C52
Requests: 2 HTTP requests in this frame

Frame: https://dis.us.criteo.com/dis/dis.aspx?p=8016&cb=83119389689&ref=&sc_r=1600x1200&sc_d=24
Frame ID: FDD02956C1280B808ACAC3E8F4D10D4F
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: F7DDB20D2C98E411E3D6F04505185E0C
Requests: 1 HTTP requests in this frame

Frame: https://us-sonar.sociomantic.com/html/2010-07-01/usrm?aid=5622616225964312727&fpc=17368259859138071772&v=adv2.09&hs=true
Frame ID: 1DB6138E1FB664C2853541B9A05B012D
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=926805&campId=300x250&pubId=46470075&chanId=90232635&placementId=5101327822&pubCreative=138274269376&pubOrder=2562606612&cb=47212742
Frame ID: 43F9A6141763399C0CC9A06FD031AD4A
Requests: 2 HTTP requests in this frame

Frame: https://delivery.adrecover.com/23518/adRecover.js
Frame ID: 7DDB5966404CA0BFCE711FA49012AB29
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C25FF3455F93008BC2F11B6628B065D5
Requests: 11 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: 9D07E448BC8BEC1F41E39BF312AD9746
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=926805&campId=300x250&pubId=11839275&chanId=86251275&placementId=129315315&pubCreative=105278407035&pubOrder=74942115&cb=1174794765
Frame ID: 1F03D314D4EE6393040C654838D3AA22
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: FA470536AEF5201CBC49FB33365E98F8
Requests: 1 HTTP requests in this frame

Frame: https://delivery.adrecover.com/23518/adRecover.js
Frame ID: 2D63C472A39174ABEE20039B1BC5E4A9
Requests: 7 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=926805&campId=300x250&pubId=11839275&chanId=86251275&placementId=129315315&pubCreative=98726236635&pubOrder=74942115&cb=328941560
Frame ID: 08A4FFBF2AD66FB5648544561226BFBF
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: D8D215D13CB95718E0DED802C8F6D23D
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: 58FC4D5681A56A64DA334D8D446F58A9
Requests: 1 HTTP requests in this frame

Frame: https://delivery.adrecover.com/23518/adRecover.js
Frame ID: C173CBE809F0C590FE4837B2EF5A6719
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHLvZ3IKCiAi8TyN2zZopBWDnl3X83plpSK5z4VX1RgEkVgk5y-42bf7FnSlTVydQMyZwHsjB55kyhRgY5QKOAQQUXcxK0Utk2lhIPCwmIh3XKt8WNdcflICXvAWzm1rcLkvD_F56QMVxe5N7lbCkKs2VWo-f5prmuX5v8siiXj9UZC2giuVqCtWwN13NXfZO_xuOTtOUFb6YkhLO15YeLvBSAtSykH0eO74w5-Qi0D-C-k6uHwswxm2YUoluw-7xnIdVlBfLVTF99eiM&sig=Cg0ArKJSzAEpW1VMTJ2iEAE&urlfix=1&adurl=
Frame ID: B09568385ACC4AB00355EE0C8C777C7E
Requests: 4 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=926805&campId=300x250&pubId=11839275&chanId=86251275&placementId=4761491906&pubCreative=138275638769&pubOrder=74942115&cb=1786561208
Frame ID: 890BD208AC36745F2DBC5F2E1660DD80
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: 7D304C141C9B1CBB72568C57B8FDE535
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 4276990150722FB1C00E949620CCDE35
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 79C41A63858FF1A98F49C23EE9B3A062
Requests: 1 HTTP requests in this frame

Frame: https://level3.cedexis-test.com/img/17652/iuni4.html?rnd=-1-1-19692-0-0-17652-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Frame ID: FB47F60594D33CE49E16000A01E9B7BF
Requests: 1 HTTP requests in this frame

Frame: https://hwcdnssl.cedexis-test.com/img/17000/iuni4.html?rnd=-1-1-19692-0-0-17000-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Frame ID: 6D8BA20569470B6AA9F383663A63E7D6
Requests: 1 HTTP requests in this frame

Frame: https://cedexis.pc.cdn.bitgravity.com/img/35/iuni4.html?rnd=-1-1-19692-0-0-38635-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Frame ID: 38A03D9F2CED007A9401EC282E002ABD
Requests: 1 HTTP requests in this frame

Frame: https://p41683.cedexis-test.com/img/41683/iuni4.html?rnd=-1-1-19692-0-0-41683-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Frame ID: 2BECCAEBF9FAB925F295B8FBA0C9903D
Requests: 1 HTTP requests in this frame

Frame: https://vdms-ssl.cedexis-test.com/img/16999/iuni4.html?rnd=-1-1-19692-0-0-16999-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Frame ID: C5C6DF2D9F8872945B2B9129D2D00A78
Requests: 1 HTTP requests in this frame

Frame: https://fastly.cedexis-test.com/img/20367/iuni4.html?rnd=-1-1-19692-0-0-20367-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Frame ID: 554BBBF6CE7830856AD97BE9F4F52BE9
Requests: 1 HTTP requests in this frame

Frame: https://limelight-ssl.cedexis-test.com/img/17003/iuni4.html?rnd=-1-1-19692-0-0-17003-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Frame ID: 5FEB94F724D4B0B8214225F26C4450FC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.edreams.net/ HTTP 301
https://www.edreams.net/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/nexus\.ensighten\.com\//i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

383
Requests

99 %
HTTPS

22 %
IPv6

64
Domains

100
Subdomains

85
IPs

12
Countries

5463 kB
Transfer

17384 kB
Size

20
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: https://hotels.edreams.net/?selected_currency=USD&lang=en&label=edr-link-usen-navtab-conf-pc-of&aid=343806
Title: Hotels

Search URL Search Domain Scan URL

URL: http://rentacar.edreams.com/en/?clientId=313381&currency=USD
Title: Car rental

Search URL Search Domain Scan URL

URL: https://transfers.edreams.net/en-us/?currency=USD&ref=edreams&campaign=edr-en-us-tab-pc
Title: Shuttles and transfers

Search URL Search Domain Scan URL

URL: https://www.getyourguide.com/?partner_id=YN8OUMM&cmp=Homepage_Header
Title: Activities

Search URL Search Domain Scan URL

URL: https://hotels.edreams.net/booking-home/index.en-us.html?aid=343806;label=edr-link-us-navtab-holidayrentals-conf-pc-of
Title: Vacation Rentals

Search URL Search Domain Scan URL

URL: https://www.edreams.cz/
Title: Czech Republic

Search URL Search Domain Scan URL

URL: https://www.edreams.de/
Title: Deutschland

Search URL Search Domain Scan URL

URL: https://www.edreams.es/
Title: España

Search URL Search Domain Scan URL

URL: https://www.edreams.fr/
Title: France

Search URL Search Domain Scan URL

URL: https://www.edreams.gr/
Title: Ελλάδα

Search URL Search Domain Scan URL

URL: https://hu.edreams.com/
Title: Hungary

Search URL Search Domain Scan URL

URL: https://www.edreams.it/
Title: Italia

Search URL Search Domain Scan URL

URL: https://nl.edreams.com/
Title: Nederland

Search URL Search Domain Scan URL

URL: https://www.edreams.pt/
Title: Portugal

Search URL Search Domain Scan URL

URL: https://ro.edreams.com/
Title: România

Search URL Search Domain Scan URL

URL: https://www.edreams.com.ru/
Title: Россия

Search URL Search Domain Scan URL

URL: https://www.edreams.ch/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.edreams.ch/fr/
Title: Français

Search URL Search Domain Scan URL

URL: https://www.edreams.ch/it/
Title: Italiano

Search URL Search Domain Scan URL

URL: https://www.edreams.com.tr/
Title: Türkiye

Search URL Search Domain Scan URL

URL: https://www.edreams.co.uk/
Title: United Kingdom

Search URL Search Domain Scan URL

URL: https://www.edreams.com.ar/
Title: Argentina

Search URL Search Domain Scan URL

URL: https://www.edreams.com.br/
Title: Brasil

Search URL Search Domain Scan URL

URL: https://cl.edreams.com/
Title: Chile

Search URL Search Domain Scan URL

URL: https://co.edreams.com/
Title: Colombia

Search URL Search Domain Scan URL

URL: https://www.edreams.com.mx/
Title: México

Search URL Search Domain Scan URL

URL: https://www.edreams.pe/
Title: Perú

Search URL Search Domain Scan URL

URL: https://www.edreams.com.ve/
Title: Venezuela

Search URL Search Domain Scan URL

URL: https://www.edreams.com.au/
Title: Australia

Search URL Search Domain Scan URL

URL: https://cn.edreams.com/
Title: 中国

Search URL Search Domain Scan URL

URL: https://www.edreams.hk/
Title: Hong Kong

Search URL Search Domain Scan URL

URL: https://id.edreams.com/
Title: Indonesia

Search URL Search Domain Scan URL

URL: https://www.edreams.in/
Title: India

Search URL Search Domain Scan URL

URL: https://www.edreams.jp/
Title: 日本

Search URL Search Domain Scan URL

URL: https://nz.edreams.com/
Title: New Zealand

Search URL Search Domain Scan URL

URL: https://www.edreams.ph/
Title: Phillipines

Search URL Search Domain Scan URL

URL: https://www.edreams.co.kr/ko/
Title: 코어 노노

Search URL Search Domain Scan URL

URL: https://www.edreams.co.kr/en/
Title: English

Search URL Search Domain Scan URL

URL: https://sg.edreams.com/
Title: Singapore

Search URL Search Domain Scan URL

URL: https://www.edreams.tw/zh/
Title: 中國

Search URL Search Domain Scan URL

URL: https://www.edreams.tw/en/
Title: English

Search URL Search Domain Scan URL

URL: https://th.edreams.com/
Title: Thailand

Search URL Search Domain Scan URL

URL: https://www.edreams.ma/
Title: Maroc

Search URL Search Domain Scan URL

URL: https://www.edreams.qa/
Title: Qatar

Search URL Search Domain Scan URL

URL: https://www.edreams.sa/
Title: Saudi Arabia

Search URL Search Domain Scan URL

URL: https://za.edreams.com/
Title: South Africa

Search URL Search Domain Scan URL

URL: https://ca.edreams.com/
Title: English

Search URL Search Domain Scan URL

URL: https://ca.edreams.com/fr/
Title: Français

Search URL Search Domain Scan URL

URL: https://www.edreams.com/
Title: global site f

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/edreams-reserva-los-vuelos/id551367321?mt=8
Title: Download on the

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.edreams.travel&hl=en_us
Title: Android app on

Search URL Search Domain Scan URL

URL: https://www.facebook.com/eDreams
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/eDreams_en
Title:

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/edreams/
Title:

Search URL Search Domain Scan URL

URL: http://instagram.com/edreams/
Title:

Search URL Search Domain Scan URL

URL: http://edreams.com/blog/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/eDreamsEN
Title:

Search URL Search Domain Scan URL

URL: http://dreamguides.edreams.com/
Title: travel guide

Search URL Search Domain Scan URL

URL: http://www.edreamsodigeocareers.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.odigeoconnect.com/en/join-us/?utm_medium=edowebs&utm_source=homepage_edreams&utm_campaign=home_edreams_lower_link_en&utm_content=onefront-ED.en-US
Title: List your property

Search URL Search Domain Scan URL

URL: https://www.edreams.com/blog/
Title: Travel blog

Search URL Search Domain Scan URL

URL: http://advertising.edreamsodigeo.com/
Title: Advertising

Search URL Search Domain Scan URL

URL: https://www.edreams-saga.com/
Title: eDreams Saga

Search URL Search Domain Scan URL

URL: https://www.edreams-partners.com/
Title: eDreams Partners

Search URL Search Domain Scan URL

URL: https://www.edreams-deals.com/
Title: eDreams Deals

Search URL Search Domain Scan URL

URL: https://www.edreams-travel-guide.com/
Title: eDreams Travel Guide

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.edreams.net/ HTTP 301
https://www.edreams.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://engage.commander1.com/dms?tc_s=3107&tc_type=dms&id=5334006470&rand=0.2961432302446787|||DEB&data_env_work=prod&data_env_market=US&data_env_language=en&data_env_site_type=d&data_env_brand_code=E&data_env_brand=edreams&data_env_currency_code=USD&data_user_sso_login=logged_out&data_user_prime_subscription=non_subscriber&data_user_prime_eligibility=non-eligible&data_flight_strategy_hub_smarthub_results=false&data_flight_strategy_hub_smarthub_selection=false&data_env_site_name=eDO_sampled_head&data_url=https%3A%2F%2Fwww.edreams.net%2F&END HTTP 307
https://engage.commander1.com/dms?tc_firsttime=1&tc_s=3107&tc_type=dms&id=5334006470&rand=0.2961432302446787%7C%7C%7CDEB&data_env_work=prod&data_env_market=US&data_env_language=en&data_env_site_type=d&data_env_brand_code=E&data_env_brand=edreams&data_env_currency_code=USD&data_user_sso_login=logged_out&data_user_prime_subscription=non_subscriber&data_user_prime_eligibility=non-eligible&data_flight_strategy_hub_smarthub_results=false&data_flight_strategy_hub_smarthub_selection=false&data_env_site_name=eDO_sampled_head&data_url=https%3A%2F%2Fwww.edreams.net%2F&END=

Request Chain 62

https://www.booking.com/_6e3fa1bbd409db2?lang=en-us&target_aid=343806&label=edr-link-usen-sb-conf-pc-of;aff_hostname=https://hotels.edreams.net&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893 HTTP 302
https://www.booking.com/affiliatewidget.html?aid=308918;product=sb&target_aid=343806&aff_hostname=https://hotels.edreams.net&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893&lang=en-us&label=edr-link-usen-sb-conf-pc-of&utm_medium=(none)&utm_source=(direct)&utm_campaign=(direct)

Request Chain 71

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-70983429-1&cid=1353815095.1568911893&jid=1409511717&gjid=334252273&_gid=1729622271.1568911893&_u=aHBGgEILR~&z=630179524 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70983429-1&cid=1353815095.1568911893&jid=1409511717&_v=j79&z=630179524 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70983429-1&cid=1353815095.1568911893&jid=1409511717&_v=j79&z=630179524&slf_rd=1&random=4105879351

Request Chain 76

https://radar.cedexis.com/1/19692/radar.js HTTP 302
https://radar.cedexis.com/1560296207/radar.js

Request Chain 78

https://loadeu.exelator.com/load/?p=807&c=20211&g=140&pname=homepage&device=D&dd=&orig=&dest=&rd=&fclass=&npax=&nadults=&nchildren=&ninfants=&geodep=&geodest=&orgweekday=&retweekday=&ins=&fccardtype=&chindate=&choutdate=&nguests=&stars=&hotcity=&hotcntry=&ch=no&in=no&citydest=&resa=no&nnight=&domain=www.edreams.net&gd=&fcprice=&prime_member=non_subscriber&source=undefined&medium=undefined&pax_number= HTTP 302
https://loadeu.exelator.com/load/?p=807&c=20211&g=140&pname=homepage&device=D&dd=&orig=&dest=&rd=&fclass=&npax=&nadults=&nchildren=&ninfants=&geodep=&geodest=&orgweekday=&retweekday=&ins=&fccardtype=&chindate=&choutdate=&nguests=&stars=&hotcity=&hotcntry=&ch=no&in=no&citydest=&resa=no&nnight=&domain=www.edreams.net&gd=&fcprice=&prime_member=non_subscriber&source=undefined&medium=undefined&pax_number=&xl8blockcheck=1

Request Chain 88

https://tag.yieldoptimizer.com/ps/ps?t=s&p=1471&pg=homepage&tp=&cr=US&ln=en&si=EUS&bd=US&ue=&umf=&utf=&sd=&ed=&na=&nc=&ni=&anm=&aoc=&adc=&aft=&htf=&acc=&hcy=&hcr=&hnm=&hbd=&hnr=&atf=&ptf=&cu=USD&cf= HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=578557633&t=s&p=1471&pg=homepage&tp=&cr=US&ln=en&si=EUS&bd=US&ue=&umf=&utf=&sd=&ed=&na=&nc=&ni=&anm=&aoc=&adc=&aft=&htf=&acc=&hcy=&hcr=&hnm=&hbd=&hnr=&atf=&ptf=&cu=USD&cf=

Request Chain 104

https://sb.scorecardresearch.com/b?c1=2&c2=12293607&c4=&c5=&c6=&c15=&cs_ucfr=0&ns__t=1568911893876&ns_c=UTF-8&cv=3.1&c8=Cheap%20flights%2C%20hotels%20and%20vacation%20packages%20-%20eDreams%20USA&c7=https%3A%2F%2Fwww.edreams.net%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=12293607&c4=&c5=&c6=&c15=&cs_ucfr=0&ns__t=1568911893876&ns_c=UTF-8&cv=3.1&c8=Cheap%20flights%2C%20hotels%20and%20vacation%20packages%20-%20eDreams%20USA&c7=https%3A%2F%2Fwww.edreams.net%2F&c9=

Request Chain 113

https://bcp.crwdcntrl.net/5/c=13552/rand=913285742/pv=y/genp=Brand%3AEUS/genp=Device%3AD/sm=Page_Name%3Ahomepage/seg=Flight_Type%3A/seg=Flight_Price%3A/seg=Flight_Class%3A/seg=Flight_number%3A/seg=Flight_airlines%3A/seg=Departure_Date%3A/seg=Departure_CountryName%3A/seg=Arrival_CountryName%3A/seg=Departure_CityCode%3A/seg=Arrival_CityCode%3A/seg=Return_Date%3A/seg=Nb_Pax%3A/seg=Nb_Adults%3A/seg=Nb_Children%3A/seg=Nb_Babies%3A/seg=Departure_Airport%3A/seg=Arrival_Airport%3A/seg=Nb_SearchToTravelDate%3A0/seg=Baggage%3A/seg=Total_basketAmount%3A/seg=Length_trip%3A/seg=Dep_weekday%3A/seg=Arr_weekday%3A/seg=Hotel_CityName%3A/seg=Hotel_Name%3A/seg=Hotel_Duration%3A/seg=Hotel_Adults%3A/seg=Hotel_Children%3A/seg=Hotel_Infants%3A/seg=Prime%3Afalse/seg=Paiement_Type%3A/int=%23OpR%2385796%23Total%20Site%20Traffic%20%3A%20www.edreams.net/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=13552/rand=913285742/pv=y/genp=Brand%3AEUS/genp=Device%3AD/sm=Page_Name%3Ahomepage/seg=Flight_Type%3A/seg=Flight_Price%3A/seg=Flight_Class%3A/seg=Flight_number%3A/seg=Flight_airlines%3A/seg=Departure_Date%3A/seg=Departure_CountryName%3A/seg=Arrival_CountryName%3A/seg=Departure_CityCode%3A/seg=Arrival_CityCode%3A/seg=Return_Date%3A/seg=Nb_Pax%3A/seg=Nb_Adults%3A/seg=Nb_Children%3A/seg=Nb_Babies%3A/seg=Departure_Airport%3A/seg=Arrival_Airport%3A/seg=Nb_SearchToTravelDate%3A0/seg=Baggage%3A/seg=Total_basketAmount%3A/seg=Length_trip%3A/seg=Dep_weekday%3A/seg=Arr_weekday%3A/seg=Hotel_CityName%3A/seg=Hotel_Name%3A/seg=Hotel_Duration%3A/seg=Hotel_Adults%3A/seg=Hotel_Children%3A/seg=Hotel_Infants%3A/seg=Prime%3Afalse/seg=Paiement_Type%3A/int=%23OpR%2385796%23Total%20Site%20Traffic%20%3A%20www.edreams.net/rt=ifr

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=sojern__adx_open_bidder_seat&google_hm=EJu4xItrNhZuietSb4HOqw&google_cm&google_sc&sjrn_id=0if7pRKoVLjXCDde7nayC9p0LwjbOhFfSZlcDIA41aB7ZzriGH5hlIj2fbAhNj2i HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=0if7pRKoVLjXCDde7nayC9p0LwjbOhFfSZlcDIA41aB7ZzriGH5hlIj2fbAhNj2i&google_gid=CAESEAOZGe_AFpLlCLAD_cg5THQ&google_cver=1

Request Chain 119

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idSync/apn?sjrn_cid=0if7pRKoVLjXCDde7nayC9p0LwjbOhFfSZlcDIA41aB7ZzriGH5hlIj2fbAhNj2i&adnxs_uid=$UID HTTP 302
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2FidSync%2Fapn%3Fsjrn_cid%3D0if7pRKoVLjXCDde7nayC9p0LwjbOhFfSZlcDIA41aB7ZzriGH5hlIj2fbAhNj2i%26adnxs_uid%3D%24UID HTTP 302
https://pixel.sojern.com/idSync/apn?sjrn_cid=0if7pRKoVLjXCDde7nayC9p0LwjbOhFfSZlcDIA41aB7ZzriGH5hlIj2fbAhNj2i&adnxs_uid=3545610488982451073

Request Chain 120

https://tapestry.tapad.com/tapestry/1?ta_partner_did=wBmyI5k_ef-g5QMtEeXDy25PkCCOwcswrErLtghXoyD141q1oILcB1wtXr10ZCR3&ta_partner_id=996&ta_redirect=https://pixel.sojern.com/tapidSync?exchangeProfileId=${IDS:key} HTTP 302
https://pixel.sojern.com/tapidSync?exchangeProfileId=bcc7e9f1-dafd-11e9-9aa1-7ec577aabb52

Request Chain 124

https://js.sddan.com/LAL.d?pa=22351&si=1&su=1&u=https%3A%2F%2Fwww.edreams.net%2F&r= HTTP 307
https://js.sddan.com/LAL.d?pa=22351&si=1&su=1&u=https%3A%2F%2Fwww.edreams.net%2F&r=&bounce=1

Request Chain 125

https://sslwidget.criteo.com/event?a=8016&v=5.3.1&p0=e%3Dexd%26site_type%3Dd%26ci%3D&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh%26si%3D0%26ui_primesubscriber%3D0&p3=e%3Ddis&adce=1&lwid=75a464eb-c334-4d79-8e9a-e6dc01215b1e&tld=edreams.net&dtycbr=79134 HTTP 302
https://widget.us.criteo.com/event?a=8016&v=5.3.1&p0=e%3Dexd%26site_type%3Dd%26ci%3D&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh%26si%3D0%26ui_primesubscriber%3D0&p3=e%3Ddis&adce=1&lwid=75a464eb-c334-4d79-8e9a-e6dc01215b1e&tld=edreams.net&dtycbr=79134

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=yo&google_hm=MzAxMTg3NTIwODk5MQ&google_sc&google_cm HTTP 302
https://tag.yieldoptimizer.com/ps/cmap?t=i&n=20&x=&google_gid=CAESENVk7ZjjF67DOPX2NxQWmlI&google_cver=1

Request Chain 144

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1044284962/?value=0&label=6Rz1CJr54wQQooz68QM&guid=ON&script=0 HTTP 302
https://www.google.com/pagead/1p-user-list/1044284962/?value=0&label=6Rz1CJr54wQQooz68QM&guid=ON&script=0&is_vtc=1&random=3580298449 HTTP 302
https://www.google.de/pagead/1p-user-list/1044284962/?value=0&label=6Rz1CJr54wQQooz68QM&guid=ON&script=0&is_vtc=1&random=3580298449&ipr=y&ezwbk=1

Request Chain 147

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=179&external_user_id=3011875208991 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=179&external_user_id=3011875208991&C=1

Request Chain 148

https://sd.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID} HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3343543312964968204

Request Chain 149

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3011875208991 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3011875208991

Request Chain 150

https://i.liadm.com/s/37065?bidder_id=106904&bidder_uuid=3011875208991 HTTP 303
https://i.liadm.com/s/37065?bidder_id=106904&bidder_uuid=3011875208991&_li_chk=true&previous_uuid=67932758bc7f47b9b9e75b6d040acc26 HTTP 303
https://tag.yieldoptimizer.com/ps/ps?t=i&p=3776

Request Chain 151

https://idsync.rlcdn.com/367258.gif?partner_uid=3011875208991 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJq1FhIYChQIARDYKBoNMzAxMTg3NTIwODk5MRAAGg0IluSO7AUSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=e7435d23243e7c3bddd97eed8afed79018652e3f5a9ad51a529d38eb9d98cd59791426b5417dce21&_=2

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_cm&google_hm=Cjz59KyiTLyokG_tOcfLow2 HTTP 302
https://ads.travelaudience.com/google_match.ashx?google_gid=CAESEFUd2_QKKZ2I5y7UTX2EJCY&google_cver=1

Request Chain 166

https://ice.360yield.com/match?publisher_dsp_id=229&external_user_id=0A3CF9F4ACA24CBCA8906FED39C7CBA3&dsp_callback=1 HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=229&external_user_id=0A3CF9F4ACA24CBCA8906FED39C7CBA3&dsp_callback=1

Request Chain 167

https://ih.adscale.de/adscale-ih/tpui?tpid=66&tpuid=0A3CF9F4ACA24CBCA8906FED39C7CBA3 HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=66&tpuid=0A3CF9F4ACA24CBCA8906FED39C7CBA3&nut&uu=324e5e5e5ef3460ca683e7eb586779f4

Request Chain 220

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-70983429-1&cid=1353815095.1568911893&jid=1281441914&gjid=1861164104&_gid=1729622271.1568911893&_u=aHBGgEILR~&z=1551525373 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70983429-1&cid=1353815095.1568911893&jid=1281441914&_v=j79&z=1551525373 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70983429-1&cid=1353815095.1568911893&jid=1281441914&_v=j79&z=1551525373&slf_rd=1&random=112362443

Request Chain 226

https://a2.odistatic.net/images/creas/brand/ed/uk/300x250_hotel.jpg HTTP 0
http://a2.odistatic.net/images/creas/brand/ed/uk/300x250_hotel.jpg

Request Chain 227

https://a2.odistatic.net/images/creas/brand/edreams.png HTTP 0
http://a2.odistatic.net/images/creas/brand/edreams.png

383 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.edreams.net/
Redirect Chain

http://www.edreams.net/
https://www.edreams.net/

189 KB
40 KB

243ms
216ms

Document
text/html

23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

4fdbf6f968dfff523244bc09be83a99a9b9629b7acd2a81486c1b6ba2822e1c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.edreams.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Odigeo-Trace-Id: e36a90b0-3a13-415d-b8d9-973221b7806a
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Fri, 23 Feb 1979 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests;
X-Content-Security-Policy: upgrade-insecure-requests;
Strict-Transport-Security: max-age=60;
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 19 Sep 2019 16:51:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive Transfer-Encoding
Set-Cookie: HOME1JSESSIONID=V4Ocly7vFN4a9q3YwaYLVozz.bcn1-app-home-263p23; Path=/; Secure; HttpOnly locale=en_US; Domain=.edreams.net; Expires=Sat, 19-Oct-2019 16:51:32 GMT; Path=/; HttpOnly tduid=-; Domain=.edreams.net; Expires=Sat, 19-Oct-2019 16:51:32 GMT; Path=/ userDevice=159e9a79-02ee-4f65-bd9b-c9fd854bed57; Expires=Sun, 16-Sep-2029 16:51:32 GMT; Path=/; HttpOnly TestTokenSpace=1#320-2#91551638150-3#11208-4#68793-5#946500-6#131545-7#61913-8#13081712930-9#30329878297-10#4966351805-11#22214095429-12#29920207189-13#20587430041-14#86471079273-15#33370246704-16#48432047501-17#51504451364-18#53013646936-19#96538890549-20#55892103078-21#45530139570-22#55777774875|19-09-2019.18:51; Expires=Sat, 19-Oct-2019 16:51:32 GMT; Path=/; HttpOnly viI=eJztVf2LVUUYPuOdGZ9ybcWk7AO6cWzdZTvnzpxz5ny4P8Sybhq7y4brtpE/rHf3zu5e9+492713d/0IyxKMEqQPkBQyFOwTlagEKaNaEiwqVFAwIjIqCjNIKJSoc9vV1kj/guaH88687/s8884D530lIfPIQCkuVnQxZw3FI9rS2dISx5b2AZLJF3N6rb2m/AvRP3cf33QnIQZpXbqit/v4JePJt40FhGyqqSHFuHfZB1Pfmgayg8DYA+NTkHdBPsesGKkQtAepMlI7kdqP1CRSR5A6BToIuhi0CXQNaAxaBh0HXQ+6EfRx0C2gT4FuA30WdDvoDtAXQXeD7gV9DXQf6Jug74AeAj0M+hHox6BHQT8DPQZ6EvQ06FegZ0C/A/0R9BzoedDfQC+C/glGwQBWA1YLdiPYzWC3g90BVgdWD9YIJsBcsACsCewesC6wHrBVYKvBcmCDYMNgMdgY2ATYBrDHwDaDPQn2NNg2sOfBtoPtBNsFtgfsZbDXwfaDvQV2EOww2Ptgk2BHwD4B+wLsBNhJsNNgX4OdAfsB7Cewc2C/gv0OdhHcAE+BzwafA14LvgB8Ifht4GnwReCLwRvBBbgLHoI3gTeDt4AvA28D7wTvBu8BXwW+GrwffAh8GDwGL4NPgG8AfxT8CfAt4FvBt4E/B/4C+E7wlwyjlhzdtfuZbxg5S6XpOsJyzEgqJX03lEpYrimlI0LLM/0wiFxLmZHnKyEs35SuVJ6yAtOXkXStMHGIUAbSiVxhRaYrXCcKg9CJAksK04t831UyFMqS0nQcR3oiUp4TWdIxnShyhCMCGSZH13SECgPPFcKTlvTM0PcCKYLICVxLKtN13UA4nh8Iz5K+6YVeUrYXKJEkB6ZKqvY8JV0/iYamckV160eub8nIjHzlhmEklBdZjjCVCiNHClcEoeVI01N/p0cqSGRwkmhQXV4YqEdkZIkqREa2DJcoOZeQL/8X7OqCEZMsIu99ePj4CevC5j/2vrqqjrSOleJRnenI5kr5bxeSQ9/vm3MLeeOswcolw+qPR+w4lx/UsT2eL+eTvjWYL2p7rKxL2UFdrNjdya65umvT64ypRWYZ/CEDE/mSLuhyud24PqfH8/165bpRXTHq2hPOzBRnZiqQ0xXdX4lLmaWX85raDR6XpxD110B0dt2bHckX1k1jrovLD+hSOZ90WGN++5rseDZTyBYHM12VUr44mCTUjl2qdwpXMRqvwd59ZXKCn3cZP33Pw8ZGI7V21NhYMhbNEOtKIvufh01rZMw3jLUl44ZqiXa1RLu1ODYyMzhaMdDS2XF/98rWFQl53dXJZ2owk6Fa2uyKkepobqkYs6WwpWerhKrh6lT/evB/sPGW5Ss6O1orxtzAs4XtBk7y5/kRuUA64vX5QiGbUbZI13dk+/PFSlweakrfl0y7QjpxpDu70g+mpeiVXq9qSDePjhZ0j+5ry1cyyg1s10/Xty1f2dF+d7qQH9bpZbp/OG5ItwyVkjmZueK2dFd2IFvKT8OIVJGOskHSChytLW/AV1ZfLuqz+qOBXKi8Pp1TB4n0PDvwbSki2z1w6tix/VvpTeSVc5y0TpJktHZ3TaarVherg3ZiYsLWuZLOjpTtoj7fQGalpiKJKSfm1sbEc1eqOpBTdSkSigNkZCaAVLJ9BV2Z6foLxKsDxA==; Expires=Thu, 19-Sep-2019 17:21:32 GMT; Path=/; HttpOnly mktportal=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ HOME1=!UOn/D3KJljWEwpVf6yO4pmpLrHoM2VIf3lXA+3H2rE4bnhC/DUOw6J+89iUJIQzX/allimXIZc8Yeg0=; expires=Thu, 19-Sep-2019 17:21:32 GMT; path=/; Httponly TS01cc6943=015135c8601e098fc073635f6a0e1e76d1da989f9edf1395526c282c6258ba67193021adc763cb25f0565f56116af7684273007b53; Path=/ TS01a388cb=015135c8601e098fc073635f6a0e1e76d1da989f9edf1395526c282c6258ba67193021adc763cb25f0565f56116af7684273007b53; path=/; domain=.edreams.net TS7b7d2a5a027=0890b26ffeab20003be4ef2243aca2af11082a481e790e8aa527a42186b8097292a53f6b790204cc08e541acf1113000548af00c74f1f65112516dd027f218b1355f58bf808896b8e7cc469376690a363f0e19217aec39a740236d5b5c8cff23;Path=/ AKA_A2=A; expires=Thu, 19-Sep-2019 17:51:32 GMT; path=/; domain=edreams.net; secure; HttpOnly

Redirect headers

Location: https://www.edreams.net/
Content-Length: 0
Date: Thu, 19 Sep 2019 16:51:32 GMT
Connection: keep-alive

GET
H/1.1 200
OK none_ed_desktop.css
www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/css/ 860 KB
75 KB 8ms
7ms Stylesheet
text/css 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/css/none_ed_desktop.css

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

2a9e694ab4ade82ca3a99c9e19248f23406288d8a027d0c7324072dbb38bf82d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: br
X-Content-Type-Options: nosniff
X-Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 76550
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 18 Sep 2019 02:38:03 GMT
Server: Akamai Resource Optimizer
Date: Thu, 19 Sep 2019 16:51:32 GMT
Strict-Transport-Security: max-age=60;
Content-Type: text/css
Cache-Control: max-age=31536000
ETag: "d7168-592bf208be080"
Accept-Ranges: bytes
Expires: Thu, 17 Sep 2020 02:37:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 479
date: Thu, 19 Sep 2019 16:43:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Thu, 19 Sep 2019 18:43:33 GMT

GET
H2 200 tc_eDreamsODIGEO_20.js Show response
cdn.tagcommander.com/4250/ 78 KB
17 KB 33ms
12ms Script
application/javascript 192.229.233.55
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_20.js
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.55 Los Angeles, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40D1) /
Resource Hash: 936b7a9418086fb3601bb615b9396fe1c5934cfbdb0d3a79009700b4fbd94666

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:32 GMT
content-encoding: gzip
last-modified: Thu, 12 Sep 2019 07:52:30 GMT
server: ECS (fcn/40D1)
x-amz-request-id: 310AED032382DADA
etag: "f5e8e711e949ebe0078f1df5467667dd+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
expires: Fri, 20 Sep 2019 16:51:32 GMT
cache-control: no-store
content-length: 17421
x-cdn: VDMS
x-amz-id-2: f7HjuBggMD3pYFe1BetFvhQ51+0YHqQqayjKWlgDFp+r7jnIeOl9UFFbDtnl9cNMhNOvtq3iSwI=

GET
H2 200 tc_eDreamsODIGEO_21.js Show response
cdn.tagcommander.com/4250/ 522 KB
56 KB 18ms
7ms Script
application/javascript 192.229.233.55
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_21.js
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.55 Los Angeles, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/419A) /
Resource Hash: be897d9b74578e78aa254f0e2787081b66c0cb71a5b806470514740253cd1103

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:32 GMT
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 16:36:41 GMT
server: ECS (fcn/419A)
x-amz-request-id: 20654920A4D26D54
etag: "7350b283c9bc544c66dacb1abb98d3f2+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
expires: Fri, 20 Sep 2019 16:51:32 GMT
cache-control: no-store
content-length: 57075
x-cdn: VDMS
x-amz-id-2: Ygwmy0/i0cgqLx+lukI+J2QMzb7qFJhIebDOjYwG/elUBcFsCh1aI2Rty/hUbJTLvE0t2ZWW2ac=

GET
H/1.1 200
OK service_worker.js Show response
www.edreams.net/ 1 KB
1 KB 7ms
7ms Script
text/javascript 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/service_worker.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

935bd9f10ea137ce18fcbd9c6d0c5a62ac2a3b67274d691b3a628a799a3c7d94

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: upgrade-insecure-requests;
Odigeo-Trace-Id: 7714c387-ad07-4b59-b8aa-2f8e0bf60d6b
Connection: keep-alive
Content-Length: 514
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Wed, 18 Sep 2019 11:43:46 GMT
Date: Thu, 19 Sep 2019 16:51:32 GMT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=60;
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
ETag: W/"1117-1568807026000"
Accept-Ranges: bytes
Expires: Fri, 23 Feb 1979 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
794 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300%7COpen+Sans:400%7COpen+Sans:600%7COpen+Sans:700

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

373a0505368dab061278aa0b7243dc58fc165a25f8b0286d57f8835d06ab6e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 19 Sep 2019 16:51:32 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Thu, 19 Sep 2019 16:51:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:32 GMT

GET
H/1.1 200
OK require.min.js Show response
www.edreams.net/frontend-home/static-content/thirdParty/require/ 15 KB
6 KB 16ms
9ms Script
application/javascript 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/static-content/thirdParty/require/require.min.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c06763b08c40d53093a43aa90af8568937b7cbbbaa4413638e79ac3d9b0197ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: br
X-Content-Type-Options: nosniff
X-Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 5524
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 22 Aug 2019 22:26:23 GMT
Server: Akamai Resource Optimizer
Date: Thu, 19 Sep 2019 16:51:32 GMT
Strict-Transport-Security: max-age=60;
Content-Type: application/javascript
Cache-Control: max-age=86400
ETag: "3ad4-58fab1390f580"
Accept-Ranges: bytes
Expires: Wed, 14 Aug 2019 22:04:32 GMT

GET
H/1.1 200
OK marketing-channel.min.js Show response
www.edreams.net/marketing-channel/client/v1/ 1 KB
1 KB 18ms
7ms Script
application/javascript 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/marketing-channel/client/v1/marketing-channel.min.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

51274403f9a13ed148a01253ab10c853b9d8e3c59d95da472724ecd63f52e8d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: br
X-Content-Type-Options: nosniff
X-Content-Security-Policy: upgrade-insecure-requests;
Odigeo-Module-Info: marketing-channel-service:1.1.14
Odigeo-Trace-Id: 1fe8726e-e23f-4937-8227-5ec11296146f
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 515
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 18 Jul 2019 08:18:59 GMT
Server: Akamai Resource Optimizer
Date: Thu, 19 Sep 2019 16:51:32 GMT
Strict-Transport-Security: max-age=60;
Content-Type: application/javascript;charset=UTF-8
Cache-Control: max-age=604800, max-age=86400
Expires: Fri, 19 Jul 2019 08:18:58 GMT

GET
H2 200 eDreams_logo_negative.svg
a1.odistatic.net/images/onefront/bluestone/ED/ 9 KB
3 KB 24ms
6ms Image
image/svg+xml 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.odistatic.net/images/onefront/bluestone/ED/eDreams_logo_negative.svg

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b92baf8529002dbf84d96b5a5557e8bf0520c07db8ac0e184440cfc8efc3ca72

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/css/none_ed_desktop.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: upgrade-insecure-requests;
status: 200
strict-transport-security: max-age=60;
content-length: 3245
x-xss-protection: 1; mode=block
last-modified: Mon, 19 Nov 2018 09:19:42 GMT
server: nginx
date: Thu, 19 Sep 2019 16:51:33 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
etag: "5bf2802e-25eb"
accept-ranges: bytes
expires: Thu, 19 Sep 2019 04:46:30 GMT

GET
H/1.1 200
OK odf-icons-ea64937e2d0c051af4f190d933564020.woff2
www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/fonts/odf/ 25 KB
26 KB 44ms
44ms Font
text/plain 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/fonts/odf/odf-icons-ea64937e2d0c051af4f190d933564020.woff2

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

4a6ad277e5b5e33256be16fc8422be54c5885b3e40a66147e6efdc8e98027ba1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/css/none_ed_desktop.css
Origin: https://www.edreams.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 26 Oct 1985 07:15:00 GMT
ETag: "62d8-1c5fb7cebc500"
Strict-Transport-Security: max-age=60;
Date: Thu, 19 Sep 2019 16:51:33 GMT
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 25418
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: upgrade-insecure-requests;

GET
H/1.1 200
OK edreams-BS.woff
www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/fonts/ 34 KB
35 KB 8ms
7ms Font
application/font-woff 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/fonts/edreams-BS.woff

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

fbb4e29eb9b2df1615c014083c0d98499151a9e3f9e3c3962dbe71a88063ed13

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/css/none_ed_desktop.css
Origin: https://www.edreams.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests;
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Sep 2019 12:36:22 GMT
ETag: "89c4-592bef7c6dd80"
Strict-Transport-Security: max-age=60;
Content-Type: application/font-woff
Expires: Thu, 17 Sep 2020 03:17:39 GMT
Cache-Control: max-age=31536000
Date: Thu, 19 Sep 2019 16:51:33 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35268
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: upgrade-insecure-requests;

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 62 KB
23 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PFVFDV2&cid=1353815095.1568911893

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0eff857d6c3c3e017f87d5dd4cf504115e699816f70f147d0a5144aef6fefd3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 23027
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:33 GMT

GET
H/1.1 200
OK static-background.jpg
www.edreams.net/images/onefront/bluestone/ED/ 761 B
2 KB 84ms
84ms Image
image/jpeg 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edreams.net/images/onefront/bluestone/ED/static-background.jpg

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

1e199a8457bc3e73211b33c49e1dabacda1a3bb70f14b5010365d4d2703fb6e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/css/none_ed_desktop.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests;
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jul 2018 15:35:37 GMT
ETag: "5b59ea49-2f9"
Strict-Transport-Security: max-age=60;
Content-Type: image/jpeg
Expires: Fri, 20 Sep 2019 16:51:33 GMT
Cache-Control: max-age=86400
Date: Thu, 19 Sep 2019 16:51:33 GMT
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 761
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: upgrade-insecure-requests;

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300%7COpen+Sans:400%7COpen+Sans:600%7COpen+Sans:700
Origin: https://www.edreams.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 22 Aug 2019 16:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 2422076
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 9180
x-xss-protection: 0
expires: Fri, 21 Aug 2020 16:03:37 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300%7COpen+Sans:400%7COpen+Sans:600%7COpen+Sans:700
Origin: https://www.edreams.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 21:41:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1365009
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 9132
x-xss-protection: 0
expires: Wed, 02 Sep 2020 21:41:24 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300%7COpen+Sans:400%7COpen+Sans:600%7COpen+Sans:700
Origin: https://www.edreams.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 27 Aug 2019 22:46:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 1965876
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 9016
x-xss-protection: 0
expires: Wed, 26 Aug 2020 22:46:57 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300%7COpen+Sans:400%7COpen+Sans:600%7COpen+Sans:700
Origin: https://www.edreams.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 12:30:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 1743688
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 9080
x-xss-protection: 0
expires: Sat, 29 Aug 2020 12:30:05 GMT

GET
H/1.1 200
OK /
edreamsodigeo.commander1.com/dc3/ 43 B
657 B 54ms
14ms Image
image/gif 52.47.65.151
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edreamsodigeo.commander1.com/dc3/?chn=DIRECT_ACCESS&src=&type=C&limit=10&rand=0.24002469073179467
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.65.151 Paris, France, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-47-65-151.eu-west-3.compute.amazonaws.com
Software: web /
Resource Hash: 546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: private
Date: Thu, 19 Sep 2019 16:51:33 GMT
Content-Encoding: gzip
Server: web
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=486000, pre-check=486000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/gif
Expires: Wed, 18 Dec 19 18:51:33 +0100

GET
H/1.1

200
OK

dms
engage.commander1.com/
Redirect Chain

https://engage.commander1.com/dms?tc_s=3107&tc_type=dms&id=5334006470&rand=0.2961432302446787|||DEB&data_env_work=prod&data_env_market=US&data_env_language=en&data_env_site_type=d&data_env_brand_co...
https://engage.commander1.com/dms?tc_firsttime=1&tc_s=3107&tc_type=dms&id=5334006470&rand=0.2961432302446787%7C%7C%7CDEB&data_env_work=prod&data_env_market=US&data_env_language=en&data_env_site_typ...

43 B
695 B

17ms
17ms

Image
image/gif

95.131.143.205
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://engage.commander1.com/dms?tc_firsttime=1&tc_s=3107&tc_type=dms&id=5334006470&rand=0.2961432302446787%7C%7C%7CDEB&data_env_work=prod&data_env_market=US&data_env_language=en&data_env_site_type=d&data_env_brand_code=E&data_env_brand=edreams&data_env_currency_code=USD&data_user_sso_login=logged_out&data_user_prime_subscription=non_subscriber&data_user_prime_eligibility=non-eligible&data_flight_strategy_hub_smarthub_results=false&data_flight_strategy_hub_smarthub_selection=false&data_env_site_name=eDO_sampled_head&data_url=https%3A%2F%2Fwww.edreams.net%2F&END=

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.131.143.205 , France, ASN47841 (OXALIDE, FR),

Reverse DNS

Software

web /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: private
Date: Thu, 19 Sep 2019 16:51:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: web
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Cache-Control: private, max-age=486000, pre-check=486000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=60
Expires: Wed, 18 Dec 2019 16:51:33 GMT

Redirect headers

Date: Thu, 19 Sep 2019 16:51:33 GMT
Vary: Accept
Server: web
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Type: text/plain; charset=utf-8
Location: /dms?tc_firsttime=1&tc_s=3107&tc_type=dms&id=5334006470&rand=0.2961432302446787%7C%7C%7CDEB&data_env_work=prod&data_env_market=US&data_env_language=en&data_env_site_type=d&data_env_brand_code=E&data_env_brand=edreams&data_env_currency_code=USD&data_user_sso_login=logged_out&data_user_prime_subscription=non_subscriber&data_user_prime_eligibility=non-eligible&data_flight_strategy_hub_smarthub_results=false&data_flight_strategy_hub_smarthub_selection=false&data_env_site_name=eDO_sampled_head&data_url=https%3A%2F%2Fwww.edreams.net%2F&END=
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 575

GET
H/1.1 200
OK /
edreamsodigeo.commander1.com/dc3/ 43 B
657 B 45ms
14ms Image
image/gif 52.47.65.151
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edreamsodigeo.commander1.com/dc3/?chn=DIRECT_ACCESS&src=&type=C&limit=10&rand=0.9453902376107082
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.65.151 Paris, France, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-47-65-151.eu-west-3.compute.amazonaws.com
Software: web /
Resource Hash: 546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: private
Date: Thu, 19 Sep 2019 16:51:33 GMT
Content-Encoding: gzip
Server: web
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=486000, pre-check=486000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/gif
Expires: Wed, 18 Dec 19 18:51:33 +0100

PUT
H/1.1 200
OK track Show response
www.edreams.net/marketing-channel/v1/ 118 B
2 KB 54ms
53ms XHR
application/json 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/marketing-channel/v1/track

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/marketing-channel/client/v1/marketing-channel.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

e71fdd93ee7708e5b6dad4d7fc0796f3a0b96948be1f89d1ed4b9e9d48292207

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Odigeo-Request-Method: track
Odigeo-Module-Info: marketing-channel-client:1.1.2
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

Content-Security-Policy: upgrade-insecure-requests;
X-Content-Type-Options: nosniff
Date: Thu, 19 Sep 2019 16:51:33 GMT
Strict-Transport-Security: max-age=60;
Access-Control-Allow-Methods: OPTIONS, PUT
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.edreams.net
Odigeo-Module-Info: marketing-channel-service:1.1.15
Access-Control-Allow-Credentials: true
Odigeo-Trace-Id: 218ace30-c945-4f76-afcf-a78377010f43, 218ace30-c945-4f76-afcf-a78377010f43
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-type, Accept, Odigeo-Module-Info, Odigeo-Request-Method
Content-Length: 118
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: upgrade-insecure-requests;

GET
H/1.1 200
OK desktop.config.js Show response
www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/apps/ 4 KB
2 KB 7ms
7ms Script
application/javascript 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/apps/desktop.config.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/thirdParty/require/require.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

6b321a6342f6bd0528b6ca7010825db4c8fba83af265ab376d71e6dd14a56a38

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: br
X-Content-Type-Options: nosniff
X-Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1530
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 18 Sep 2019 02:41:50 GMT
Server: Akamai Resource Optimizer
Date: Thu, 19 Sep 2019 16:51:33 GMT
Strict-Transport-Security: max-age=60;
Content-Type: application/javascript
Cache-Control: max-age=31536000
ETag: "f2a-592bf206d5c00"
Accept-Ranges: bytes
Expires: Thu, 17 Sep 2020 02:41:10 GMT

GET
H/1.1 200
OK es6polyfills.js Show response
www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/ 39 KB
13 KB 7ms
7ms Script
application/javascript 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/es6polyfills.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/thirdParty/require/require.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c82fdd51a2dfd2ba78c8968ae6aefb51d5ed832233edbbc1bb6e5f783366c364

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: br
X-Content-Type-Options: nosniff
X-Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12519
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 18 Sep 2019 02:38:14 GMT
Server: Akamai Resource Optimizer
Date: Thu, 19 Sep 2019 16:51:33 GMT
Strict-Transport-Security: max-age=60;
Content-Type: application/javascript
Cache-Control: max-age=31536000
ETag: "9b8c-592bf206d5c00"
Accept-Ranges: bytes
Expires: Thu, 17 Sep 2020 02:38:07 GMT

GET
H/1.1 200
OK commonThirdParty.43fa088276bbb6521b90059da3fa1ac6.js Show response
www.edreams.net/frontend-home/static-content/versioned/ 156 KB
49 KB 23ms
23ms Script
application/javascript 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/static-content/versioned/commonThirdParty.43fa088276bbb6521b90059da3fa1ac6.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/thirdParty/require/require.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

67c15b7d7c17906580af8de7c55c34f23237af237b200855520bab24c9479212

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: br
X-Content-Type-Options: nosniff
X-Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 50010
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 13 Sep 2019 02:43:23 GMT
Server: Akamai Resource Optimizer
Date: Thu, 19 Sep 2019 16:51:33 GMT
Strict-Transport-Security: max-age=60;
Content-Type: application/javascript
Cache-Control: max-age=31536000
ETag: "27127-5925b00ffda00"
Accept-Ranges: bytes
Expires: Sat, 12 Sep 2020 02:43:22 GMT

GET
H/1.1 200
OK desktop.odigeo.all.js Show response
www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/ 403 KB
110 KB 24ms
23ms Script
application/javascript 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.odigeo.all.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/thirdParty/require/require.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

3db985ebaffe9ce901573f2e734e1ed8e2c7bf6d4fa2a668f28f735bf7f40c29

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: br
X-Content-Type-Options: nosniff
X-Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 111986
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 18 Sep 2019 02:38:39 GMT
Server: Akamai Resource Optimizer
Date: Thu, 19 Sep 2019 16:51:33 GMT
Strict-Transport-Security: max-age=60;
Content-Type: application/javascript
Cache-Control: max-age=31536000
ETag: "64b56-592bf206d5c00"
Accept-Ranges: bytes
Expires: Thu, 17 Sep 2020 02:38:36 GMT

GET
H/1.1 200
OK index.jsp Show response
www.edreams.net/frontend-home/setup.js/ 25 KB
11 KB 79ms
78ms Script
text/javascript 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/setup.js/index.jsp?noext=1

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/thirdParty/require/require.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

9fa14cc38768a0c67da61efeef17a103e9763dc25996401b18adc989b466874b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 19 Sep 2019 16:51:33 GMT
Strict-Transport-Security: max-age=60;
Content-Type: text/javascript;charset=UTF-8
Expires: Fri, 23 Feb 1979 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Odigeo-Trace-Id: 9d23eeea-1ab4-4675-a065-dc72752e5265
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 8045
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: upgrade-insecure-requests;

GET
H/1.1 200
OK tv4.min.616474ed3f393ff5367e4acdbaad50d8.js Show response
www.edreams.net/frontend-home/static-content/versioned/ 27 KB
7 KB 7ms
7ms Script
application/javascript 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/static-content/versioned/tv4.min.616474ed3f393ff5367e4acdbaad50d8.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/thirdParty/require/require.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

658a71079e57546f20062c45d81f4a73cb9b7d82936d20abf4b1af4dbfabc6ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: br
X-Content-Type-Options: nosniff
X-Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 6991
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 31 Jan 2019 20:19:46 GMT
Server: Akamai Resource Optimizer
Date: Thu, 19 Sep 2019 16:51:33 GMT
Strict-Transport-Security: max-age=60;
Content-Type: application/javascript
Cache-Control: max-age=31536000
ETag: "6d0a-580470a378f80"
Accept-Ranges: bytes
Expires: Fri, 31 Jan 2020 20:13:37 GMT

GET
H/1.1 200
OK desktop.flights.bundle.js Show response
www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/ 658 KB
153 KB 9ms
9ms Script
application/javascript 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.flights.bundle.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/thirdParty/require/require.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

f2ead1c762902239b3b57ab4074fb353f814bc22dedc053d0bee5de8a1ec8367

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: br
X-Content-Type-Options: nosniff
X-Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 156510
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 18 Sep 2019 02:38:50 GMT
Server: Akamai Resource Optimizer
Date: Thu, 19 Sep 2019 16:51:33 GMT
Strict-Transport-Security: max-age=60;
Content-Type: application/javascript
Cache-Control: max-age=31536000
ETag: "a461b-592bf206d5c00"
Accept-Ranges: bytes
Expires: Thu, 17 Sep 2020 02:38:45 GMT

GET
H/1.1 200
OK ads.js Show response
www.edreams.net/frontend-home/setup.js/ 132 B
1 KB 372ms
371ms Script
text/javascript 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/setup.js/ads.js?

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.flights.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

59ee0add280c793654bd7f82e73b341d98949d83b1cce07f74e11b8585ff51a7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests;
Strict-Transport-Security: max-age=60;
X-Content-Type-Options: nosniff
X-Content-Security-Policy: upgrade-insecure-requests;
Odigeo-Trace-Id: 6f2f535c-76f1-43ba-b0cf-3cfe14a1f091
Connection: keep-alive
Content-Length: 132
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 17 Sep 2019 12:48:14 GMT
Date: Thu, 19 Sep 2019 16:51:33 GMT
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
ETag: W/"132-1568724494000"
Accept-Ranges: bytes
Expires: Fri, 23 Feb 1979 00:00:00 GMT

GET _6e3fa1bbd409db2
www.booking.com/ Frame F1F0 0
0

GET search
rentacar.edreams.net/ Frame 958B 0
0

GET
H2 200 / Show response
www.edreams.net/travel/ Frame B96B 441 KB
91 KB 164ms
164ms Document
text/html 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/travel/?preload=true

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.odigeo.all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

b651844ff6295c26bdcfd136969973335fb53daf548d3644ddb3bd0280e4a6e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.edreams.net
:scheme: https
:path: /travel/?preload=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://www.edreams.net/
accept-encoding: gzip, deflate, br
cookie: HOME1JSESSIONID=V4Ocly7vFN4a9q3YwaYLVozz.bcn1-app-home-263p23; locale=en_US; tduid=-; userDevice=159e9a79-02ee-4f65-bd9b-c9fd854bed57; TestTokenSpace=1#320-2#91551638150-3#11208-4#68793-5#946500-6#131545-7#61913-8#13081712930-9#30329878297-10#4966351805-11#22214095429-12#29920207189-13#20587430041-14#86471079273-15#33370246704-16#48432047501-17#51504451364-18#53013646936-19#96538890549-20#55892103078-21#45530139570-22#55777774875|19-09-2019.18:51; viI=eJztVf2LVUUYPuOdGZ9ybcWk7AO6cWzdZTvnzpxz5ny4P8Sybhq7y4brtpE/rHf3zu5e9+492713d/0IyxKMEqQPkBQyFOwTlagEKaNaEiwqVFAwIjIqCjNIKJSoc9vV1kj/guaH88687/s8884D530lIfPIQCkuVnQxZw3FI9rS2dISx5b2AZLJF3N6rb2m/AvRP3cf33QnIQZpXbqit/v4JePJt40FhGyqqSHFuHfZB1Pfmgayg8DYA+NTkHdBPsesGKkQtAepMlI7kdqP1CRSR5A6BToIuhi0CXQNaAxaBh0HXQ+6EfRx0C2gT4FuA30WdDvoDtAXQXeD7gV9DXQf6Jug74AeAj0M+hHox6BHQT8DPQZ6EvQ06FegZ0C/A/0R9BzoedDfQC+C/glGwQBWA1YLdiPYzWC3g90BVgdWD9YIJsBcsACsCewesC6wHrBVYKvBcmCDYMNgMdgY2ATYBrDHwDaDPQn2NNg2sOfBtoPtBNsFtgfsZbDXwfaDvQV2EOww2Ptgk2BHwD4B+wLsBNhJsNNgX4OdAfsB7Cewc2C/gv0OdhHcAE+BzwafA14LvgB8Ifht4GnwReCLwRvBBbgLHoI3gTeDt4AvA28D7wTvBu8BXwW+GrwffAh8GDwGL4NPgG8AfxT8CfAt4FvBt4E/B/4C+E7wlwyjlhzdtfuZbxg5S6XpOsJyzEgqJX03lEpYrimlI0LLM/0wiFxLmZHnKyEs35SuVJ6yAtOXkXStMHGIUAbSiVxhRaYrXCcKg9CJAksK04t831UyFMqS0nQcR3oiUp4TWdIxnShyhCMCGSZH13SECgPPFcKTlvTM0PcCKYLICVxLKtN13UA4nh8Iz5K+6YVeUrYXKJEkB6ZKqvY8JV0/iYamckV160eub8nIjHzlhmEklBdZjjCVCiNHClcEoeVI01N/p0cqSGRwkmhQXV4YqEdkZIkqREa2DJcoOZeQL/8X7OqCEZMsIu99ePj4CevC5j/2vrqqjrSOleJRnenI5kr5bxeSQ9/vm3MLeeOswcolw+qPR+w4lx/UsT2eL+eTvjWYL2p7rKxL2UFdrNjdya65umvT64ypRWYZ/CEDE/mSLuhyud24PqfH8/165bpRXTHq2hPOzBRnZiqQ0xXdX4lLmaWX85raDR6XpxD110B0dt2bHckX1k1jrovLD+hSOZ90WGN++5rseDZTyBYHM12VUr44mCTUjl2qdwpXMRqvwd59ZXKCn3cZP33Pw8ZGI7V21NhYMhbNEOtKIvufh01rZMw3jLUl44ZqiXa1RLu1ODYyMzhaMdDS2XF/98rWFQl53dXJZ2owk6Fa2uyKkepobqkYs6WwpWerhKrh6lT/evB/sPGW5Ss6O1orxtzAs4XtBk7y5/kRuUA64vX5QiGbUbZI13dk+/PFSlweakrfl0y7QjpxpDu70g+mpeiVXq9qSDePjhZ0j+5ry1cyyg1s10/Xty1f2dF+d7qQH9bpZbp/OG5ItwyVkjmZueK2dFd2IFvKT8OIVJGOskHSChytLW/AV1ZfLuqz+qOBXKi8Pp1TB4n0PDvwbSki2z1w6tix/VvpTeSVc5y0TpJktHZ3TaarVherg3ZiYsLWuZLOjpTtoj7fQGalpiKJKSfm1sbEc1eqOpBTdSkSigNkZCaAVLJ9BV2Z6foLxKsDxA==; TS01cc6943=015135c8601e098fc073635f6a0e1e76d1da989f9edf1395526c282c6258ba67193021adc763cb25f0565f56116af7684273007b53; TS01a388cb=015135c8601e098fc073635f6a0e1e76d1da989f9edf1395526c282c6258ba67193021adc763cb25f0565f56116af7684273007b53; AKA_A2=A; _ga=GA1.2.1353815095.1568911893; _gid=GA1.2.1729622271.1568911893; tc_cj_v2=%5Ecl_%5Dny%5B%5D%5D_mmZZZZZZKOPRSKKRSMJPSZZZ%5D; mktportal=; ens_abcSplit=groupb; BIGipServerODIGEO-URI-SPLIT-HTTP=!K3q/I2Cbbgbq93Bf6yO4pmpLrHoM2Zv6yV4tvp7XqlyQcE0ZLzZK/4CKyqTGwirlTQC3VTmnpZWrCIU=; mktTrack_v2=utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); BIGipServerODIGEO-MARKETING-CHANNEL-SERVICE-HTTP=!f8a/tmbO6z2H3Dtf6yO4pmpLrHoM2YmeceNRVlynKP9h/r9Uo/a2zX4VVlNgg+mh7IYagJLwIXdwQQE=; mktTrack=utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); HOME1=!l5719RajFL5nfSRf6yO4pmpLrHoM2eTzWDM5/W4HggY/N3Tg7heAZPj0USDG0uZaiSbCOmTJgLZqCmk=; TS7b7d2a5a027=0890b26ffeab20002cc974c49d2c1f1f5a225a22358c1fcc043e0ca03ac56f93778138eb6478e2e908abf8b6ba113000ce7719db6cc9e387804976c5ce089db3ebc987018d0d35b197859ac44b7a6c449e70435ed5aee96d785115e40234275d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/

Response headers

status: 200
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Fri, 23 Feb 1979 00:00:00 GMT
odigeo-trace-id: b9606d1b-6cce-4f82-9f2d-6547bc18d298
content-type: text/html;charset=UTF-8
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
x-content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=60;
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 19 Sep 2019 16:51:33 GMT
set-cookie: OF1JSESSIONID=sMTAuMi4xNjAuMTU0OjYzNDE2~I960BVuk-M5uWbcQfyGG3hVF.9478fe308bd9; Path=/; Secure; HttpOnly locale=en_US; Domain=.edreams.net; Expires=Sat, 19-Oct-2019 16:51:33 GMT; Path=/; Secure; HttpOnly tduid=-; Domain=.edreams.net; Expires=Sat, 19-Oct-2019 16:51:33 GMT; Path=/ userDevice=159e9a79-02ee-4f65-bd9b-c9fd854bed57; Expires=Sun, 16-Sep-2029 16:51:33 GMT; Path=/; Secure; HttpOnly TestTokenSpace=1#320-2#91551638150-3#11208-4#68793-5#946500-6#131545-7#61913-8#13081712930-9#30329878297-10#4966351805-11#22214095429-12#29920207189-13#20587430041-14#86471079273-15#33370246704-16#48432047501-17#51504451364-18#53013646936-19#96538890549-20#55892103078-21#45530139570-22#55777774875|19-09-2019.18:51; Expires=Sat, 19-Oct-2019 16:51:33 GMT; Path=/; Secure; HttpOnly viI=eJztVf2LVUUYPuOdGZ9ybcWk7AO6cWzdZTvnzpxz5ny4P8Sybhq7y4brtpE/rHf3zu5e9+492713d/0IyxKMEqQPkBQyFOwTlagEKaNaEiwqVFAwIjIqCjNIKJSoc9vV1kj/guaH88687/s8884D530lIfPIQCkuVnQxZw3FI9rS2dISx5b2AZLJF3N6rb2m/AvRP3cf33QnIQZpXbqit/v4JePJt40FhGyqqSHFuHfZB1Pfmgayg8DYA+NTkHdBPsesGKkQtAepMlI7kdqP1CRSR5A6BToIuhi0CXQNaAxaBh0HXQ+6EfRx0C2gT4FuA30WdDvoDtAXQXeD7gV9DXQf6Jug74AeAj0M+hHox6BHQT8DPQZ6EvQ06FegZ0C/A/0R9BzoedDfQC+C/glGwQBWA1YLdiPYzWC3g90BVgdWD9YIJsBcsACsCewesC6wHrBVYKvBcmCDYMNgMdgY2ATYBrDHwDaDPQn2NNg2sOfBtoPtBNsFtgfsZbDXwfaDvQV2EOww2Ptgk2BHwD4B+wLsBNhJsNNgX4OdAfsB7Cewc2C/gv0OdhHcAE+BzwafA14LvgB8Ifht4GnwReCLwRvBBbgLHoI3gTeDt4AvA28D7wTvBu8BXwW+GrwffAh8GDwGL4NPgG8AfxT8CfAt4FvBt4E/B/4C+E7wlwyjlhzdtfuZbxg5S6XpOsJyzEgqJX03lEpYrimlI0LLM/0wiFxLmZHnKyEs35SuVJ6yAtOXkXStMHGIUAbSiVxhRaYrXCcKg9CJAksK04t831UyFMqS0nQcR3oiUp4TWdIxnShyhCMCGSZH13SECgPPFcKTlvTM0PcCKYLICVxLKtN13UA4nh8Iz5K+6YVeUrYXKJEkB6ZKqvY8JV0/iYamckV160eub8nIjHzlhmEklBdZjjCVCiNHClcEoeVI01N/p0cqSGRwkmhQXV4YqEdkZIkqREa2DJcoOZeQL/8X7OqCEZMsIu99ePj4CevC5j/2vrqqjrSOleJRnenI5kr5bxeSQ9/vm3MLeeOswcolw+qPR+w4lx/UsT2eL+eTvjWYL2p7rKxL2UFdrNjdya65umvT64ypRWYZ/CEDE/mSLuhyud24PqfH8/165bpRXTHq2hPOzBRnZiqQ0xXdX4lLmaWX85raDR6XpxD110B0dt2bHckX1k1jrovLD+hSOZ90WGN++5rseDZTyBYHM12VUr44mCTUjl2qdwpXMRqvwd59ZXKCn3cZP33Pw8ZGI7V21NhYMhbNEOtKIvufh01rZMw3jLUl44ZqiXa1RLu1ODYyMzhaMdDS2XF/98rWFQl53dXJZ2owk6Fa2uyKkepobqkYs6WwpWerhKrh6lT/evB/sPGW5Ss6O1orxtzAs4XtBk7y5/kRuUA64vX5QiGbUbZI13dk+/PFSlweakrfl0y7QjpxpDu70g+mpeiVXq9qSDePjhZ0j+5ry1cyyg1s10/Xty1f2dF+d7qQH9bpZbp/OG5ItwyVkjmZueK2dFd2IFvKT8OIVJGOskHSChytLW/AV1ZfLuqz+qOBXKi8Pp1TB4n0PDvwbSki2z1w6tix/VvpTeSVc5y0TpJktHZ3TaarVherg3ZiYsLWuZLOjpTtoj7fQGalpiKJKSfm1sbEc1eqOpBTdSkSigNkZCaAVLJ9BV2Z6foLxKsDxA==; Expires=Thu, 19-Sep-2019 17:21:33 GMT; Path=/; Secure; HttpOnly mktportal=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure ONE1=!CCJdsSbjf2EY6bpf6yO4pmpLrHoM2cOmPP1sS0QvKcATeXkdrmH0M+XG9mu7rMHkgLEffzYB60wSN4A=; expires=Thu, 19-Sep-2019 17:21:33 GMT; path=/; Httponly TS01cc6943=015135c8601e098fc073635f6a0e1e76d1da989f9edf1395526c282c6258ba67193021adc763cb25f0565f56116af7684273007b53; Path=/ TS01a388cb=015135c8601e098fc073635f6a0e1e76d1da989f9edf1395526c282c6258ba67193021adc763cb25f0565f56116af7684273007b53; path=/; domain=.edreams.net TS7b7d2a5a027=0890b26ffeab20008e3a2c9b35a05b59eacdeb2c9423021f0c956de7c42531dbe9f4b61ec1a8061b08c5b23ddd1130008a2cd7dc293773f9804976c5ce089db3ebc987018d0d35b197859ac44b7a6c449e70435ed5aee96d785115e40234275d;Path=/
link: <https://cdn.tagcommander.com>;rel="preconnect",<https://www.google-analytics.com>;rel="preconnect",<https://fonts.googleapis.com>;rel="preconnect"

GET
H/1.1 200
OK tagman Show response
www.edreams.net/frontend-home/service/flow/ 2 KB
4 KB 98ms
97ms XHR
application/json 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/service/flow/tagman?page=home&funnel=

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.odigeo.all.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

5ed3c2b454cebbef9327fc8900db5fab145cfaffda4971396626082b13a783bf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.edreams.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Content-Security-Policy: upgrade-insecure-requests;
X-Content-Type-Options: nosniff
Date: Thu, 19 Sep 2019 16:51:33 GMT
Strict-Transport-Security: max-age=60;
Content-Type: application/json;charset=UTF-8
Expires: Fri, 23 Feb 1979 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Odigeo-Trace-Id: 4f4c6c33-e4c8-47f1-a078-2cc27587f329
Connection: keep-alive
Content-Length: 1721
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: upgrade-insecure-requests;

GET
H/1.1 200
OK topDestinations Show response
www.edreams.net/frontend-home/service/inspirational/ 3 KB
6 KB 139ms
139ms XHR
application/json 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/service/inspirational/topDestinations

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.odigeo.all.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

5bfb92d878fa3391c7eb8a6d57d7cc5c3fab47d4e9fb6d4e323dd3559d467d68

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.edreams.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Content-Security-Policy: upgrade-insecure-requests;
X-Content-Type-Options: nosniff
Date: Thu, 19 Sep 2019 16:51:33 GMT
Strict-Transport-Security: max-age=60;
Content-Type: application/json;charset=UTF-8
Expires: Fri, 23 Feb 1979 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Odigeo-Trace-Id: 2530a47c-f271-450c-869b-b77ba61d619b
Connection: keep-alive
Content-Length: 3216
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: upgrade-insecure-requests;

GET
H2 200 setServerSide Show response
www.edreams.net/frontend-home/service/tracking/cookies/ 0
2 KB 82ms
82ms XHR
text/plain 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/service/tracking/cookies/setServerSide

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.odigeo.all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.edreams.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:33 GMT
strict-transport-security: max-age=60;
status: 200
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: 29e437c7-795b-41e0-8756-aa32099d211a
content-length: 0
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 customDimensions Show response
www.edreams.net/frontend-home/service/tracking/ua/ 1 KB
4 KB 85ms
84ms XHR
application/json 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/service/tracking/ua/customDimensions

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.odigeo.all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

c7116047b309870f0e3c35c3ceac470162707f6775b02391b109a2c30094937a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.edreams.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:33 GMT
strict-transport-security: max-age=60;
content-type: application/json;charset=UTF-8
status: 200
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: c4ad669e-a802-4bef-a1f1-8f197cec1f8a
content-length: 1491
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 14ms
14ms Script
text/javascript 2a00:1450:400c:c09::9b
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.flights.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1182
date: Thu, 19 Sep 2019 16:31:51 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17093
expires: Thu, 19 Sep 2019 18:31:51 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 802
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1296
x-xss-protection: 0
expires: Thu, 19 Sep 2019 17:38:11 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 40 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?_=1568911893227

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.odigeo.all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6ca19d70def89831ee636a9a0ff20430686597eacf06f0d6253b5babc5f72e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "283 / 995 of 1000 / last-modified: 1568909619"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 12708
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:33 GMT

POST
H2 200 isloggedin Show response
www.edreams.net/frontend-home/service/users/ 79 B
2 KB 51ms
51ms XHR
application/json 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/service/users/isloggedin

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.odigeo.all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

fc4dc527bddbf2611e2126a6efd8ac01d2234a4e9aaa80f2d277c5e76405419a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.edreams.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:33 GMT
strict-transport-security: max-age=60;
content-type: application/json;charset=UTF-8
status: 200
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: 8dfc1ae8-ba72-4fb6-a3f6-4a4855dfa541
content-length: 79
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 getWidgetTemplates Show response
www.edreams.net/frontend-home/service/templates/ 3 KB
5 KB 79ms
79ms XHR
application/json 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/service/templates/getWidgetTemplates?widgetname=country_links

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.odigeo.all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

8c08498116374827ae20e6227e2f08dd632cdc627b48edb0053759d72bd52676

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.edreams.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:33 GMT
strict-transport-security: max-age=60;
content-type: application/json;charset=UTF-8
status: 200
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: 8df56dad-f966-4908-8fec-a1628aa155ed
content-length: 3231
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 getWidgetTemplates Show response
www.edreams.net/frontend-home/service/templates/ 917 B
3 KB 339ms
339ms XHR
application/json 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/service/templates/getWidgetTemplates?widgetname=membership_login_feedback

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.odigeo.all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

493bcc13c7944539bfc2aca1eb8edad8525d6cd33a0bc85884360866992b12da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.edreams.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:33 GMT
strict-transport-security: max-age=60;
content-type: application/json;charset=UTF-8
status: 200
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: a6001234-8db3-4ace-83a6-1572a90dbc32
content-length: 917
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 loader.gif
www.edreams.net/images/onefront/bluestone/ED/ 4 KB
4 KB 66ms
64ms Image
image/gif 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edreams.net/images/onefront/bluestone/ED/loader.gif

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.flights.bundle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

4fde86bd4adcb3224368d4889e782fb0fc97f0cd34d57a26541f8d385dda3367

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/css/none_ed_desktop.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2015 16:36:23 GMT
etag: "54f5e307-eb4"
strict-transport-security: max-age=60;
content-type: image/gif
status: 200
expires: Fri, 20 Sep 2019 14:24:43 GMT
cache-control: max-age=86400
date: Thu, 19 Sep 2019 16:51:33 GMT
accept-ranges: bytes
content-length: 3764
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 SSO-signed-in.png
www.edreams.net/images/onefront/bluestone/ED/ 2 KB
2 KB 66ms
64ms Image
image/png 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edreams.net/images/onefront/bluestone/ED/SSO-signed-in.png

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.flights.bundle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

3598f1e90632bb6e49f7a664dd17e092b4647210892519b2b5531e0c52199325

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/css/none_ed_desktop.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Mon, 22 May 2017 07:50:44 GMT
etag: "59229854-607"
strict-transport-security: max-age=60;
content-type: image/png
status: 200
expires: Fri, 20 Sep 2019 05:06:09 GMT
cache-control: max-age=86400
date: Thu, 19 Sep 2019 16:51:33 GMT
accept-ranges: bytes
content-length: 1543
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 car-hb-oo.jpg
www.edreams.net/content/img/OF/offers/02-herobanners/ 203 KB
203 KB 28ms
25ms Image
image/jpeg 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edreams.net/content/img/OF/offers/02-herobanners/car-hb-oo.jpg

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.flights.bundle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

7dd35995c63c6de656648ecd034c7352592a4faa13618be020590f470e621c6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 01 Mar 2019 13:11:49 GMT
etag: "5c792f95-32a43"
strict-transport-security: max-age=60;
content-type: image/jpeg
status: 200
expires: Fri, 20 Sep 2019 02:49:08 GMT
cache-control: max-age=86400
date: Thu, 19 Sep 2019 16:51:33 GMT
accept-ranges: bytes
content-length: 207427
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 right-arrow-carrousel.png
www.edreams.net/images/onefront/bluestone/ED/ 308 B
1003 B 108ms
106ms Image
image/png 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edreams.net/images/onefront/bluestone/ED/right-arrow-carrousel.png

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.flights.bundle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

ae3588ae3b29d98bf2d4079e7c265a306808ea88cf07cb2af935a6df2ba73982

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/css/none_ed_desktop.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Mon, 29 Dec 2014 10:31:18 GMT
etag: "54a12d76-134"
strict-transport-security: max-age=60;
content-type: image/png
status: 200
expires: Fri, 20 Sep 2019 16:51:33 GMT
cache-control: max-age=86400
date: Thu, 19 Sep 2019 16:51:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-length: 308
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 left-arrow-carrousel.png
www.edreams.net/images/onefront/bluestone/ED/ 310 B
1004 B 112ms
111ms Image
image/png 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edreams.net/images/onefront/bluestone/ED/left-arrow-carrousel.png

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.flights.bundle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

f279d2a520ca47d5b7421e4b2a9c19998c5cda1aa2a792de785176a61ce191ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/css/none_ed_desktop.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Mon, 29 Dec 2014 10:31:18 GMT
etag: "54a12d76-136"
strict-transport-security: max-age=60;
content-type: image/png
status: 200
expires: Fri, 20 Sep 2019 16:51:33 GMT
cache-control: max-age=86400
date: Thu, 19 Sep 2019 16:51:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-length: 310
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 ed_POD-min.jpg
www.edreams.net/content/img/OF/offers/campaigns/2019/08/app-flight-tracker/ 16 KB
16 KB 37ms
34ms Image
image/jpeg 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edreams.net/content/img/OF/offers/campaigns/2019/08/app-flight-tracker/ed_POD-min.jpg

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.flights.bundle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

b2a2200d60826893b4945a85c36b642e8c2e1ce7278dbbed1c0eccbd180afd57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 23 Aug 2019 11:59:36 GMT
etag: "5d5fd528-3e62"
strict-transport-security: max-age=60;
content-type: image/jpeg
status: 200
expires: Fri, 20 Sep 2019 10:21:09 GMT
cache-control: max-age=86400
date: Thu, 19 Sep 2019 16:51:33 GMT
accept-ranges: bytes
content-length: 15970
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 ED_pod_Paris_nopict_360x150jan18.jpg
www.edreams.net/content/img/OF/offers/edreams_fr/promo_block/ 38 KB
38 KB 38ms
36ms Image
image/jpeg 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edreams.net/content/img/OF/offers/edreams_fr/promo_block/ED_pod_Paris_nopict_360x150jan18.jpg

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.flights.bundle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

4f4683f987482a1bdeac191f3c978b58c1257d001cbb235b15158d0cadf05353

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Mon, 15 Jan 2018 11:21:51 GMT
etag: "5a5c8ecf-96e5"
strict-transport-security: max-age=60;
content-type: image/jpeg
status: 200
expires: Fri, 20 Sep 2019 03:46:28 GMT
cache-control: max-age=86400
date: Thu, 19 Sep 2019 16:51:33 GMT
accept-ranges: bytes
content-length: 38629
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 dp-pod-min.jpg
www.edreams.net/content/img/OF/offers/03-pods/no-picto/ 16 KB
16 KB 64ms
62ms Image
image/jpeg 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edreams.net/content/img/OF/offers/03-pods/no-picto/dp-pod-min.jpg

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.flights.bundle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

17edafefd752ded2c2c9c8ab74ca7e5d78640da69f942ab7cb66bf13c85d4724

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 16 May 2019 11:58:50 GMT
etag: "5cdd507a-3f48"
strict-transport-security: max-age=60;
content-type: image/jpeg
status: 200
expires: Fri, 20 Sep 2019 11:47:58 GMT
cache-control: max-age=86400
date: Thu, 19 Sep 2019 16:51:33 GMT
accept-ranges: bytes
content-length: 16200
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 car-pod-oo.jpg
www.edreams.net/content/img/OF/offers/03-pods/no-picto/ 63 KB
64 KB 49ms
47ms Image
image/jpeg 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edreams.net/content/img/OF/offers/03-pods/no-picto/car-pod-oo.jpg

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.flights.bundle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

fc41ec4f4a6b9a4f1f623912cdd765475058db075529adebd9d8792b03e82ffa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 01 Mar 2019 13:13:04 GMT
etag: "5c792fe0-fc6b"
strict-transport-security: max-age=60;
content-type: image/jpeg
status: 200
expires: Fri, 20 Sep 2019 05:23:57 GMT
cache-control: max-age=86400
date: Thu, 19 Sep 2019 16:51:33 GMT
accept-ranges: bytes
content-length: 64619
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 static-background.jpg
www.edreams.net/images/onefront/bluestone/ED/ 761 B
1 KB 106ms
104ms Image
image/jpeg 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edreams.net/images/onefront/bluestone/ED/static-background.jpg

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.flights.bundle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

1e199a8457bc3e73211b33c49e1dabacda1a3bb70f14b5010365d4d2703fb6e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/css/none_ed_desktop.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 26 Jul 2018 15:35:37 GMT
etag: "5b59ea49-2f9"
strict-transport-security: max-age=60;
content-type: image/jpeg
status: 200
expires: Fri, 20 Sep 2019 16:51:33 GMT
cache-control: max-age=86400
date: Thu, 19 Sep 2019 16:51:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-length: 761
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 icon-genesys-chat.png
www.edreams.net/images/onefront/bluestone/ED/ 803 B
1 KB 182ms
180ms Image
image/png 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edreams.net/images/onefront/bluestone/ED/icon-genesys-chat.png

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.flights.bundle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

9c7b6d3e135a95553ba24d40c6cec68ae3b43a8b4cbf2b7366fe3ed7a8114758

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/css/none_ed_desktop.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Mon, 01 Aug 2016 15:20:57 GMT
etag: "579f68d9-323"
strict-transport-security: max-age=60;
content-type: image/png
status: 200
expires: Fri, 20 Sep 2019 16:51:33 GMT
cache-control: max-age=86400
date: Thu, 19 Sep 2019 16:51:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-length: 803
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

POST
H2 204 LOAD_FRAMEWORK_STARTED Show response
www.edreams.net/frontend-home/service/metrics/stopMetric/ 0
2 KB 53ms
53ms XHR
text/plain 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/service/metrics/stopMetric/LOAD_FRAMEWORK_STARTED

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.odigeo.all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.edreams.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:33 GMT
strict-transport-security: max-age=60;
status: 204
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: d726f3e9-adb2-43b3-a259-df8fd02ad391
content-length: 0
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

POST
H2 204 HOME_CONTINUANCE Show response
www.edreams.net/frontend-home/service/metrics/counterMetric/ 0
2 KB 92ms
91ms XHR
text/plain 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/service/metrics/counterMetric/HOME_CONTINUANCE

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.odigeo.all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.edreams.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/json

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:33 GMT
strict-transport-security: max-age=60;
status: 204
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: 6a6b47c7-4e3a-414a-a016-cf6900475f43
content-length: 0
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

POST
H2 200 home Show response
www.edreams.net/frontend-home/service/trackingsystem/trackPageView/ 0
2 KB 54ms
54ms XHR
text/plain 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/service/trackingsystem/trackPageView/home

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.odigeo.all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.edreams.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:33 GMT
strict-transport-security: max-age=60;
status: 200
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: a73ffffb-017e-431b-a225-6082108404d2
content-length: 0
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 homepage Show response
www.edreams.net/frontend-home/service/tms/datalayer/ 2 KB
4 KB 85ms
85ms XHR
application/json 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/service/tms/datalayer/homepage?product=

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.odigeo.all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

a3f3ef728df4301a1d4645b66ac3834b5e2cd20c84295eca3a526c8986057eda

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.edreams.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:33 GMT
strict-transport-security: max-age=60;
content-type: application/json;charset=UTF-8
status: 200
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: 39beb9a3-4fbc-41b6-88bc-5b779c7ffa05
content-length: 2299
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

POST
H2 204 LOAD_HOME_DESKTOP Show response
www.edreams.net/frontend-home/service/metrics/stopMetric/ 0
2 KB 163ms
163ms XHR
text/plain 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/service/metrics/stopMetric/LOAD_HOME_DESKTOP

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.odigeo.all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.edreams.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:33 GMT
strict-transport-security: max-age=60;
status: 204
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: 92676c2a-f789-4990-ab43-ea8fbf8cd08d
content-length: 0
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 getListOfWidgetsTemplates Show response
www.edreams.net/frontend-home/service/templates/ 2 KB
4 KB 93ms
93ms XHR
application/json 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/service/templates/getListOfWidgetsTemplates?widgetsnames=membership_popup_home,membership_login_bubble

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.odigeo.all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

3eddec05a384ac38cbd16a925706573fb3a0b77d343871c2b63df8127e6b24da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.edreams.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:33 GMT
strict-transport-security: max-age=60;
content-type: application/json;charset=UTF-8
status: 200
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: a5af9389-bd1c-4219-a722-44f730afca4b
content-length: 2100
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/edreams/prod/ 65 KB
20 KB 63ms
14ms Script
application/javascript 3.121.16.187
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/edreams/prod/Bootstrap.js
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.odigeo.all.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.121.16.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-121-16-187.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a8627709e2201ed630277b7e8ae7e8f2383c5cc8a7a806a3fef6ad352edadb36

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:33 GMT
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 11:08:40 GMT
server: nginx
etag: W/"5d821038-105b8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=300

GET search
rentacar.edreams.net/ Frame 958B 0
0

POST
H2 200 __utm.gif Show response
stats.g.doubleclick.net/p/ 35 B
147 B 15ms
14ms XHR
image/gif 2a00:1450:400c:c09::9b
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/p/__utm.gif

Requested by

Host: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/dc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: https://www.edreams.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set affiliatewidget.html
www.booking.com/ Frame F1F0
Redirect Chain

https://www.booking.com/_6e3fa1bbd409db2?lang=en-us&target_aid=343806&label=edr-link-usen-sb-conf-pc-of;aff_hostname=https://hotels.edreams.net&utm_source=(direct)&utm_campaign=(direct)&utm_medium=...
https://www.booking.com/affiliatewidget.html?aid=308918;product=sb&target_aid=343806&aff_hostname=https://hotels.edreams.net&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893&lang=en-us&l...

0
0

200ms
177ms

Document
text/html

5.57.17.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/affiliatewidget.html?aid=308918;product=sb&target_aid=343806&aff_hostname=https://hotels.edreams.net&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893&lang=en-us&label=edr-link-usen-sb-conf-pc-of&utm_medium=(none)&utm_source=(direct)&utm_campaign=(direct)

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.flights.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.57.17.220 Amsterdam, Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

www.booking.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.booking.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.edreams.net/
Accept-Encoding: gzip, deflate, br
Cookie: bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3XkbW%2BRPRPgGm46m8cW0MF9pXChTyRwc4b%2FbD2%2B6IAuz7NulD%2B%2FRJNsX2wDp%2F5L65d%2FmyYs9j46NDYeQ93rD3HmmAK2HyfKeLGGH4rXV%2FCifK2zf%2Fh%2FRjmopbxlUx60ydlWPKYEVUvHJ4hrG72n24uA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/

Response headers

Server: nginx
Date: Thu, 19 Sep 2019 16:51:34 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 25211
Cache-Control: private
Vary: User-Agent, Accept-Encoding
Content-Encoding: br
Set-Cookie: bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbof7CEiNviT%2BaOIlyaOjnLq9YePOhJavPjeRg4M3LnP%2FeoVbfJm7ttEah5Ocq%2FDewItV%2Fig8mhrZAEWe9HnGgVTCzWcJxrFdw02VdrwiIv6BB3OiekcupgG%2B7Jy%2Fb1%2Brmo%2FYKSASYHe3eZSctAwt7xRuV06bwsEDf; domain=.booking.com; path=/; expires=Tue, 17-Sep-2024 16:51:33 GMT; Secure; HTTPOnly
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Redirect headers

Server: nginx
Date: Thu, 19 Sep 2019 16:51:33 GMT
Transfer-Encoding: chunked
Location: https://www.booking.com/affiliatewidget.html?aid=308918;product=sb&target_aid=343806&aff_hostname=https://hotels.edreams.net&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893&lang=en-us&label=edr-link-usen-sb-conf-pc-of&utm_medium=(none)&utm_source=(direct)&utm_campaign=(direct)
Set-Cookie: bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3XkbW%2BRPRPgGm46m8cW0MF9pXChTyRwc4b%2FbD2%2B6IAuz7NulD%2B%2FRJNsX2wDp%2F5L65d%2FmyYs9j46NDYeQ93rD3HmmAK2HyfKeLGGH4rXV%2FCifK2zf%2Fh%2FRjmopbxlUx60ydlWPKYEVUvHJ4hrG72n24uA; domain=.booking.com; path=/; expires=Tue, 17-Sep-2024 16:51:33 GMT; Secure; HTTPOnly
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Recruiting: Like HTTP headers? Come write ours: https://careers.booking.com
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set search Show response
rentacar.edreams.net/ Frame 958B 19 KB
6 KB 157ms
68ms Document
text/html 213.168.247.34
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.flights.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 213.168.247.34 , Ireland, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: e963d8e27d9cc79430932b357dc9ab7b905876ac567c0fef51df756a62fe959b

Request headers

Host: rentacar.edreams.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-site
Referer: https://www.edreams.net/
Accept-Encoding: gzip, deflate, br
Cookie: locale=en_US; tduid=-; TS01a388cb=015135c8601e098fc073635f6a0e1e76d1da989f9edf1395526c282c6258ba67193021adc763cb25f0565f56116af7684273007b53; AKA_A2=A; _ga=GA1.2.1353815095.1568911893; _gid=GA1.2.1729622271.1568911893; tc_cj_v2=%5Ecl_%5Dny%5B%5D%5D_mmZZZZZZKOPRSKKRSMJPSZZZ%5D; mktportal=; ens_abcSplit=groupb; mktTrack_v2=utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mktTrack=utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=155442927.1353815095.1568911893.1568911894.1568911894.1; __utmc=155442927; __utmz=155442927.1568911894.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=155442927.1.10.1568911894
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/

Response headers

Date: Thu, 19 Sep 2019 16:51:33 GMT
Server: Apache-Coyote/1.1
Cache-Control: max-age=259200
Play-Detected-UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Play-Detected-Device: desktop; Source: Application
Content-Type: text/html;charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: PLAY_FLASH=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ PLAY_ERRORS=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ PLAY_SESSION="bdcad39ec1fac54faa9b47b7d6970dcdbe72b7d5-MICROSITE_NAME=edreams"; Version=1; Path=/ PLAY_LANG=en_us; Path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/thirdParty/require/require.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

673d563c4b63e5937b724b1e5506158f1dcd38a75836507a9750360735e71e75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ROC/c1JrXg15qpwjk2I9fQ==
status: 200
content-length: 1779
etag: "37ff8775ddaef6eb0b9a7db9ce24a3d1"
x-fb-debug: V0aYqd2ubKORVsickvwLiIU86mrxanS+e78EpFdJhHL4I030+frGcfyaMzlL0U/91WT46IqFgowlHHd5UdtDbw==
x-fb-trip-id: 420120009
x-fb-content-md5: f604c088561f3b6e7b808a525dba45d4
x-frame-options: DENY
date: Thu, 19 Sep 2019 16:51:33 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Sep 2019 16:56:20 GMT

GET
H2 200 client:platform.js Show response
apis.google.com/js/ 44 KB
17 KB 54ms
32ms Script
application/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client:platform.js?onload=initAuth

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/thirdParty/require/require.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

4299c8ee187f7450cfd00d375bc1f2221453ec1dd8bf1ef5a26c6a7040a2ed91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-1VrWTbNNz2NYqFAuNKeldg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "26c2b8692ca088506265aded39a9b368"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Thu, 19 Sep 2019 16:51:33 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 775 B
573 B 18ms
18ms Script
text/javascript 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=grecaptchaloaded&render=explicit

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/thirdParty/require/require.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

59eaab77612c739f041489e2f97fc09384b0c005026d6b0f86a1901c8fc81b5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 472
x-xss-protection: 1; mode=block
expires: Thu, 19 Sep 2019 16:51:33 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.edreams.net

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?_=1568911893227

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Sep 2019 16:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.edreams.net

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?_=1568911893227

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Sep 2019 16:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019091201.js Show response
securepubads.g.doubleclick.net/gpt/ 157 KB
58 KB 59ms
39ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?_=1568911893227

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

511c23178d504d371d22fb6899174f448db32523e9cacd2860306a2b3b8cc1f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Sep 2019 13:06:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 58953
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:33 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
120 B 13ms
13ms Other
image/gif 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: https://www.edreams.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-70983429-1&cid=1353815095.1568911893&jid=1409511717&gjid=334252273&_gid=1729622271.1568911893&_u=aHBGgEILR~&z=630179524
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70983429-1&cid=1353815095.1568911893&jid=1409511717&_v=j79&z=630179524
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70983429-1&cid=1353815095.1568911893&jid=1409511717&_v=j79&z=630179524&slf_rd=1&random=4105879351

42 B
109 B

37ms
36ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70983429-1&cid=1353815095.1568911893&jid=1409511717&_v=j79&z=630179524&slf_rd=1&random=4105879351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70983429-1&cid=1353815095.1568911893&jid=1409511717&_v=j79&z=630179524&slf_rd=1&random=4105879351
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 client Show response
smartlock.google.com/ 48 KB
15 KB 85ms
63ms Script
application/javascript 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://smartlock.google.com/client?noext

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/thirdParty/require/require.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

d07dd88a71f1c7c43e6e8baea729192ebf7fea74113f7aff30d49640be76fa01

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A4q8b9Y5kHzXuWo+lknheQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdentityYoloWebClientEndpoint/cspreport;worker-src 'self', script-src 'nonce-A4q8b9Y5kHzXuWo+lknheQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com;report-uri /_/IdentityYoloWebClientEndpoint/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-A4q8b9Y5kHzXuWo+lknheQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdentityYoloWebClientEndpoint/cspreport;worker-src 'self', script-src 'nonce-A4q8b9Y5kHzXuWo+lknheQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com;report-uri /_/IdentityYoloWebClientEndpoint/cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
date: Thu, 19 Sep 2019 16:51:33 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/javascript; charset=utf-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 195 KB
58 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=9745ccf45a0041d010004a3efeb3da81&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

a18c8339981e9054213d0896cd5c944ea4c0f8f158903e4fb89c488514c0a02f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
Origin: https://www.edreams.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ENxkklbErVyzkGWWZiKJzw==
status: 200
content-length: 59187
etag: "558c2de220d8e17126bc1d2d4a387fc3"
x-fb-debug: +nwMm7dUaAVf6tnjKOZuIw+XvUA0VOvVQzr6OqEU10XFuYvIJxOJ67QKVZVSovaPEsOeQBMXQbJ4pXSmWJaRMA==
x-fb-trip-id: 420120009
x-fb-content-md5: 09a70d516c32fbf8483163778578e02b
x-frame-options: DENY
date: Thu, 19 Sep 2019 16:51:33 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Fri, 18 Sep 2020 15:23:16 GMT

GET
H2 200 / Show response
www.edreams.net/frontend-home/service/countrylinks/ 7 KB
9 KB 92ms
92ms XHR
application/json 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/frontend-home/service/countrylinks/

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.odigeo.all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

fabf7fd7371fd00878c7be3175e61a4946760456fc7c43af1516efe7ed65183f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.edreams.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:33 GMT
strict-transport-security: max-age=60;
content-type: application/json;charset=UTF-8
status: 200
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: 9bc5c06a-9c78-4905-9495-a72cf6462012
content-length: 6880
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H/1.1 200
OK ktag.js Show response
resources.xg4ken.com/js/v2/ 12 KB
5 KB 145ms
31ms Script
text/plain 54.77.224.225
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N3AA6-3EB

Requested by

Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_21.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.224.225 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-77-224-225.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

145314ffa1a129829485018fb66f32ae7c89751f67882d190feb1d38c9b24276

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Sep 2019 12:40:19 GMT
Server: nginx
ETag: "5d8225b3-10a9"
Content-Type: text/plain
Cache-Control: max-age=86400, public
Connection: keep-alive
Content-Length: 4265
X-XSS-Protection: 1; mode=block
Expires: Fri, 20 Sep 2019 16:51:33 GMT

GET
H/1.1

200
OK

radar.js Show response
radar.cedexis.com/1560296207/
Redirect Chain

https://radar.cedexis.com/1/19692/radar.js
https://radar.cedexis.com/1560296207/radar.js

44 KB
19 KB

29ms
28ms

Script
application/javascript

45.54.49.5
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.5 West Hollywood, United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 5.49.54.45.ptr.anycast.net
Software: nginx /
Resource Hash: ad75c3e38d15aa92e244081acb1d4e1cd9617dd748bcd4ac35fbb47439b43b5c

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jun 2019 23:40:32 GMT
Server: nginx
ETag: W/"5d003bf0-ae6e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1209600, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 03 Oct 2019 16:51:33 GMT

Redirect headers

Date: Thu, 19 Sep 2019 16:51:33 GMT
Server: nginx
Vary: User-Agent,DNT
Content-Type: text/html
Location: /1560296207/radar.js
Cache-Control: max-age=600
Connection: keep-alive
Content-Length: 154
Expires: Thu, 19 Sep 2019 17:01:33 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 27ms
9ms Script
application/x-javascript 23.43.115.95
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_21.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.115.95 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-43-115-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Fri, 20 Sep 2019 16:51:33 GMT

GET
H2

200

/ Show response
loadeu.exelator.com/load/
Redirect Chain

https://loadeu.exelator.com/load/?p=807&c=20211&g=140&pname=homepage&device=D&dd=&orig=&dest=&rd=&fclass=&npax=&nadults=&nchildren=&ninfants=&geodep=&geodest=&orgweekday=&retweekday=&ins=&fccardtyp...
https://loadeu.exelator.com/load/?p=807&c=20211&g=140&pname=homepage&device=D&dd=&orig=&dest=&rd=&fclass=&npax=&nadults=&nchildren=&ninfants=&geodep=&geodest=&orgweekday=&retweekday=&ins=&fccardtyp...

1 KB
2 KB

141ms
140ms

Script
application/x-javascript

147.75.102.200
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://loadeu.exelator.com/load/?p=807&c=20211&g=140&pname=homepage&device=D&dd=&orig=&dest=&rd=&fclass=&npax=&nadults=&nchildren=&ninfants=&geodep=&geodest=&orgweekday=&retweekday=&ins=&fccardtype=&chindate=&choutdate=&nguests=&stars=&hotcity=&hotcntry=&ch=no&in=no&citydest=&resa=no&nnight=&domain=www.edreams.net&gd=&fcprice=&prime_member=non_subscriber&source=undefined&medium=undefined&pax_number=&xl8blockcheck=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.200 Central, Hong Kong, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
Software: nginx/1.14.0 / Undertow/1
Resource Hash: ab9ffc32a7425ac95ded6904cc864ba7facb3a71154fb4f16d6b62527ab18d0c

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:33 GMT
server: nginx/1.14.0
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status: 200
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/x-javascript;charset=UTF-8

Redirect headers

date: Thu, 19 Sep 2019 16:51:33 GMT
server: nginx/1.14.0
x-powered-by: Undertow/1
status: 302
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadeu.exelator.com/load/?p=807&c=20211&g=140&pname=homepage&device=D&dd=&orig=&dest=&rd=&fclass=&npax=&nadults=&nchildren=&ninfants=&geodep=&geodest=&orgweekday=&retweekday=&ins=&fccardtype=&chindate=&choutdate=&nguests=&stars=&hotcity=&hotcntry=&ch=no&in=no&citydest=&resa=no&nnight=&domain=www.edreams.net&gd=&fcprice=&prime_member=non_subscriber&source=undefined&medium=undefined&pax_number=&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 27 KB
10 KB 29ms
14ms Script
text/javascript 95.100.78.156
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bkrtx.com/js/bk-coretag.js
Requested by: Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_21.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.78.156 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-78-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5cc280e965102224e1c7c0bd1df536c524c3a6fc9762205f4d7f7b345382c724

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Aug 2019 15:56:57 GMT
Server: Apache
ETag: "31600f9-6afc-590a29f6f4dd4"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9603
Expires: Thu, 26 Sep 2019 16:51:33 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 47ms
45ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_21.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:33 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref: Ref A: EEC66EEDCB8A40D0AA8292B84A444F15 Ref B: VIEEDGE0921 Ref C: 2019-09-19T16:51:33Z
status: 200
etag: "09c5197968d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7148

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 24 KB
9 KB 15ms
15ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_21.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f871ea640b390fb63955568f537fe736c5fd9d12600eaff29990183ed3d17712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 9149
x-xss-protection: 0
server: cafe
etag: 5022999136154715131
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Sep 2019 16:51:33 GMT

GET
H2 200 edreams-us Show response
us-sonar.sociomantic.com/js/2010-07-01/adpan/ 33 KB
10 KB 674ms
107ms Script
application/javascript 192.99.16.222
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://us-sonar.sociomantic.com/js/2010-07-01/adpan/edreams-us
Requested by: Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_21.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.99.16.222 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: us-129.sociomantic.net
Software: nginx /
Resource Hash: a54ee4d2cf778c78cbb5be147d44a533ed4d2bf0c091a128b0b142a8455687dc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
last-modified: Mon, 04 Mar 2019 17:05:43 GMT
server: nginx
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
status: 200
cache-control: must-revalidate
content-type: application/javascript; charset=utf-8

GET
H2 200 hp Show response
pixel.sojern.com/partner/7LO71hBqOrJIDIBy/ 2 KB
928 B 48ms
33ms Script
application/javascript 107.178.244.119
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sojern.com/partner/7LO71hBqOrJIDIBy/hp?
Requested by: Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_21.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.244.119 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: b1839558aae96345a13bff71697e3d20a57540807831713fd1dc72939a0f1085

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:33 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
status: 200
content-type: application/javascript
alt-svc: clear
content-length: 656
via: 1.1 google

GET
H/1.1 200
OK boxever-1.3.6.min.js Show response
d1mj578wat5n4o.cloudfront.net/ 26 KB
8 KB 23ms
7ms Script
application/x-javascript 143.204.208.9
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mj578wat5n4o.cloudfront.net/boxever-1.3.6.min.js
Requested by: Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_21.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.9 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-208-9.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15e160d07818c467c57823f03e776f1a8e7094203b6c5737bd65dd8b143fec99

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:49:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2019 12:16:38 GMT
Server: AmazonS3
Age: 3537
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: IWqJUm0GIP4kdnqqBZ4c3COSbvsDgb5OKkOakYD__Uehl8Mb3BS8uA==

GET
H2 200 6587.js Show response
www.dwin1.com/ 12 KB
7 KB 46ms
6ms Script
application/javascript 2600:9000:2057:9c00:f:8ce2:fb80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/6587.js
Requested by: Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_21.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:9c00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5191e8e13c75cf2a63ad3af7989e7502f80189597e00878aabc517c3dedd1aa8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: aSgF5kjmqehlAHTXPgX2haPctRWpGQcf
content-encoding: gzip
age: 2691
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 17 Sep 2019 13:22:38 GMT
server: AmazonS3
date: Thu, 19 Sep 2019 16:06:43 GMT
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
cache-control: max-age=3600,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: coxVhr5-_GptQd_yFRBOb0C3WrBtnIK9E4iu2cGCOxLyT99fvyTQ6w==

GET
H/1.1 200
OK ld.js Show response
static.criteo.net/js/ld/ 29 KB
10 KB 60ms
21ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: d4cd0793770cdc3a88d0960bb1655ea2fab4b6f828bdb6a31f90bce008a9ed01

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:33 GMT
content-encoding: gzip
last-modified: Tue, 30 Jul 2019 16:15:10 GMT
server: nginx
etag: W/"5d406d0e-75ed"
transfer-encoding: chunked
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 20 Sep 2019 16:51:33 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/13552/ 38 KB
11 KB 27ms
6ms Script
application/javascript 93.184.220.113
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/13552/cc.js?ns=_cc13552
Requested by: Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_21.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.113 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AF) /
Resource Hash: 2c4d560aa68323b541369e648ebefec089f3378a01815f6ff66b0b66a267dce9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:33 GMT
content-encoding: gzip
last-modified: Thu, 12 Sep 2019 00:05:00 GMT
server: ECS (fcn/41AF)
etag: "5d798bac-9913+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=86400
content-length: 11309
expires: Fri, 20 Sep 2019 16:51:33 GMT

GET
H2

200

ps Show response
tag.yieldoptimizer.com/ps/
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=s&p=1471&pg=homepage&tp=&cr=US&ln=en&si=EUS&bd=US&ue=&umf=&utf=&sd=&ed=&na=&nc=&ni=&anm=&aoc=&adc=&aft=&htf=&acc=&hcy=&hcr=&hnm=&hbd=&hnr=&atf=&ptf=&cu=USD&cf=
https://tag.yieldoptimizer.com/ps/ps?tc=578557633&t=s&p=1471&pg=homepage&tp=&cr=US&ln=en&si=EUS&bd=US&ue=&umf=&utf=&sd=&ed=&na=&nc=&ni=&anm=&aoc=&adc=&aft=&htf=&acc=&hcy=&hcr=&hnm=&hbd=&hnr=&atf=&p...

1 KB
2 KB

14ms
14ms

Script
text/javascript

35.186.212.60
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.yieldoptimizer.com/ps/ps?tc=578557633&t=s&p=1471&pg=homepage&tp=&cr=US&ln=en&si=EUS&bd=US&ue=&umf=&utf=&sd=&ed=&na=&nc=&ni=&anm=&aoc=&adc=&aft=&htf=&acc=&hcy=&hcr=&hnm=&hbd=&hnr=&atf=&ptf=&cu=USD&cf=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.212.60 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 495a57cd801b61e44a38415c0627c8ae596ac457eb67ce565e7adeb94705df7d

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:33 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
status: 200
cache-control: no-cache
content-type: text/javascript;charset=ISO-8859-1
alt-svc: clear
content-length: 1281
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:33 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/ps?tc=578557633&t=s&p=1471&pg=homepage&tp=&cr=US&ln=en&si=EUS&bd=US&ue=&umf=&utf=&sd=&ed=&na=&nc=&ni=&anm=&aoc=&adc=&aft=&htf=&acc=&hcy=&hcr=&hnm=&hbd=&hnr=&atf=&ptf=&cu=USD&cf=
cache-control: no-cache
alt-svc: clear
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ta.js Show response
ads.travelaudience.com/js/ 74 KB
19 KB 29ms
15ms Script
application/javascript 35.190.0.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.travelaudience.com/js/ta.js
Requested by: Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_21.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.0.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.15.12 /
Resource Hash: 8bcd059c1569b7e7de8c0fcd53e12bbaf62a3d089ad3be9bccc645e0370435a0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Thu, 19 Sep 2019 16:51:33 GMT
content-encoding: gzip
last-modified: Mon, 16 Sep 2019 14:11:06 GMT
server: nginx/1.15.12
etag: W/"5d7f97fa-12735"
vary: Accept-Encoding, Origin
content-type: application/javascript
status: 200
cache-control: max-age=86400, public
alt-svc: clear
via: 1.1 google
expires: Fri, 20 Sep 2019 16:51:33 GMT

GET
H/1.1 200
OK dms
engage.commander1.com/ 43 B
695 B 16ms
16ms Image
image/gif 95.131.143.205
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://engage.commander1.com/dms?tc_s=3107&tc_type=dms&id=6047918942&chunk=1/2&rand=0.46942185173007056|||DEB&data_env_work=prod&data_env_market=US&data_env_language=en&data_env_site_type=d&data_env_brand_code=E&data_env_brand=edreams&data_env_currency_code=USD&data_user_sso_login=logged_out&data_user_prime_subscription=non_subscriber&data_user_prime_eligibility=non-eligible&data_flight_strategy_hub_smarthub_results=false&data_flight_strategy_hub_smarthub_selection=false&data_env_template=homepage&data_page_category=onefront&data_page_url=https%3A%2F%2Fwww.edreams.net%2F&data_page_name=homepage&data_mkt_utm_source_cookie=no_GA&data_mkt_utm_medium_cookie=no_GA&data_mkt_portal=EDR_US&data_in_test_dimensionsFC=FC-1%3A1%2FFC-2%3A1%2FFC-3%3A2%2FFC-4%3A1%2FFC-5%3A2%2FFC-6%3A1%2FFC-7%3A2&data_in_test_dimensionsFI=FI-1%3A1%2FFI-2%3A2%2FFI-3%3A2%2FFI-4%3A1%2FFI-5%3A2%2FFI-6%3A1%2FFI-7%3A1&data_in_test_dimensionsFR=FR2-1%3A2%2FFR2-2%3A1%2FFR2-3%3A1%2FFR2-4%3A2%2FFR2-5%3A2%2FFR2-6%3A1%2FFR2-7%3A1%2FFR1-1%3A1%2FFR1-2%3A1%2FFR1-3%3A1%2FFR1-4%3A2%2FFR1-5%3A1%2FFR1-6%3A4%2FFR1-7%3A1&data_in_test_dimensionsOF=OF1-4%3A1%2FOF1-3%3A1%2FOF1-6%3A2%2FOF1-5%3A1%2FOF1-7%3A2%2FOF1-2%3A2%2FOF1-1%3A1&data_in_test_dimensionsPL=PL3-1%3A2%2FPL3-4%3A1%2FPL3-5%3A2%2FPL3-2%3A1%2FPL3-3%3A1%2FPL3-6%3A1%2FPL3-7%3A4%2FPL2-1%3A1%2FPL2-2%3A1%2FPL2-5%3A1%2FPL6-1%3A1%2FPL2-6%3A1%2FPL6-2%3A1%2FPL2-3%3A1%2FPL2-4%3A2%2FPL6-5%3A2%2FPL6-6%3A1%2FPL2-7%3A1%2FPL6-3%3A1%2FPL6-4%3A2%2FPL6-7%3A1%2FPL1-2%3A1%2FPL1-3%3A1%2FPL1-1%3A1%2FPL1-6%3A1%2FPL5-2%3A1%2FPL1-7%3A1%2FPL5-3%3A2%2FPL1-4%3A1%2FPL1-5%3A1%2FPL5-1%3A1%2FPL5-6%3A1%2FPL5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.131.143.205 , France, ASN47841 (OXALIDE, FR),

Reverse DNS

Software

web /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: private
Date: Thu, 19 Sep 2019 16:51:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: web
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Cache-Control: private, max-age=486000, pre-check=486000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=60
Expires: Wed, 18 Dec 2019 16:51:33 GMT

GET
H/1.1 200
OK dms
engage.commander1.com/ 43 B
695 B 26ms
16ms Image
image/gif 95.131.143.205
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://engage.commander1.com/dms?tc_s=3107&tc_type=dms&id=6047918942&chunk=2/2&rand=0.8558583102955906|||-7%3A1%2FPL5-4%3A1%2FPL5-5%3A1%2FPL4-3%3A1%2FPL4-4%3A1%2FPL4-1%3A1%2FPL4-2%3A3%2FPL4-7%3A2%2FPL4-5%3A2%2FPL4-6%3A2&data_in_test_dimensionsPR=PR-2%3A1%2FPR-1%3A1%2FPR-7%3A1%2FPR-4%3A2%2FPR-3%3A1%2FPR-6%3A1%2FPR-5%3A2&data_in_test_dimensionsUX=UX2-4%3A2%2FUX2-5%3A1%2FUX2-2%3A1%2FUX2-3%3A1%2FUX2-1%3A1%2FUX2-6%3A2%2FUX2-7%3A4%2FUX3-3%3A2%2FUX3-4%3A1%2FUX3-1%3A2%2FUX3-2%3A1%2FUX3-7%3A1%2FUX3-5%3A1%2FUX3-6%3A1%2FUX1-5%3A1%2FUX1-6%3A1%2FUX1-3%3A2%2FUX1-4%3A1%2FUX1-1%3A1%2FUX1-2%3A2%2FUX1-7%3A2&data_in_test_dimensionsX1=X16-7%3A2%2FX16-6%3A1%2FX16-5%3A1%2FX16-4%3A1%2FX16-3%3A2%2FX16-2%3A1%2FX16-1%3A2%2FX17-7%3A2%2FX17-6%3A1%2FX17-5%3A1%2FX17-4%3A1%2FX17-3%3A1%2FX17-2%3A2%2FX17-1%3A1%2FX18-7%3A2%2FX18-6%3A1%2FX18-5%3A1%2FX18-4%3A2%2FX18-3%3A2%2FX18-2%3A1%2FX18-1%3A2%2FX19-7%3A1%2FX19-6%3A1%2FX19-5%3A1%2FX19-4%3A3%2FX19-3%3A1%2FX19-2%3A2%2FX19-1%3A1&data_in_test_dimensionsX2=X20-7%3A2%2FX20-6%3A1%2FX20-5%3A2%2FX20-4%3A1%2FX20-3%3A1%2FX20-2%3A3%2FX20-1%3A1%2FX21-7%3A1%2FX21-6%3A1%2FX21-5%3A1%2FX21-4%3A1%2FX21-3%3A1%2FX21-2%3A1%2FX21-1%3A1%2FX22-7%3A2%2FX22-6%3A1%2FX22-5%3A3%2FX22-4%3A1%2FX22-3%3A1%2FX22-2%3A2%2FX22-1%3A1&data_in_usabilla_button_active=true&data_ext_ga_client_id=1353815095.1568911893&data_env_site_name=eDO_sampled&data_url=https%3A%2F%2Fwww.edreams.net%2F&data_kenshoo_tkn_2=0e7d414f-c0fd-4da9-992d-4baf3e87c5c9&data_kenshoo_tkn_url=0e7d414f-c0fd-4da9-992d-4baf3e87c5c9&END

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.131.143.205 , France, ASN47841 (OXALIDE, FR),

Reverse DNS

Software

web /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: private
Date: Thu, 19 Sep 2019 16:51:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: web
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Cache-Control: private, max-age=486000, pre-check=486000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=60
Expires: Wed, 18 Dec 2019 16:51:33 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1566858990656/ 264 KB
92 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1566858990656/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=grecaptchaloaded&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 07:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Aug 2019 23:45:00 GMT
server: sffe
age: 1761211
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 94196
x-xss-protection: 0
expires: Sat, 29 Aug 2020 07:38:02 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/ 286 KB
99 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js?onload=initAuth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92737ecd7ec13cf570d10d5ab6185d41e1f62cd5db53d3e86acf95a53dea80f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 22 Aug 2019 23:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Aug 2019 22:51:13 GMT
server: sffe
age: 2395724
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 101154
x-xss-protection: 0
expires: Fri, 21 Aug 2020 23:22:49 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/ 71 B
162 B 11ms
11ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js?onload=initAuth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

586a4abfe9225dbb5521b32799d3b346da9e997452fec205a0812a360dd470ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 22 Aug 2019 23:25:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Aug 2019 22:51:13 GMT
server: sffe
age: 2395566
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 71
x-xss-protection: 0
expires: Fri, 21 Aug 2020 23:25:27 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
3 KB 351ms
351ms XHR
text/plain 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2209877060768027&correlator=318890009455368&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21062724&vrg=2019091201&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190919&iu_parts=4121%2Cus_sites%2Cedreams.net.en%2Chome%2Cof&enc_prev_ius=%2F0%2F1%2F2%2F3%2F3%2F4&prev_iu_szs=728x90%7C970x90%7C970x250&prev_scp=ad_group%3Dad_opt%26pos%3Dtop&eri=4&cust_params=site%3DA%26isWL%3Dfalse%26mktPortal%3DEDR_US&cookie_enabled=1&cdm=www.edreams.net&bc=31&abxe=1&lmt=1568911893&dt=1568911893793&dlt=1568911892889&idt=862&frm=20&biw=1585&bih=1200&oid=3&adxs=429&adys=604&adks=3345222294&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.edreams.net%2F&loc=https%3A%2F%2Fwww.edreams.net%2F&dssz=97&icsg=4502511390031884&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x135&msz=728x90&ga_vid=1353815095.1568911893&ga_sid=1568911894&ga_hid=989021978&ga_fc=true&fws=4&ohw=1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

765b061f3960455c0b1c0d390796b607fae93b963cbfcf6abc9458d429c77893

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 2962
x-xss-protection: 0
google-lineitem-id: 5152109234
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138285081692
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.edreams.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019091201.js Show response
securepubads.g.doubleclick.net/gpt/ 62 KB
24 KB 38ms
38ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

7c92ffc225aed56f82019862b155c8d84902352620250d029bbf653a3d7eab61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Sep 2019 13:06:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 24116
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:33 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 0
0 27ms
6ms Other
text/html 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
6 KB 561ms
560ms XHR
text/plain 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2209877060768027&correlator=318890009455368&output=ldjh&callback=googletag.impl.pubads.callbackProxy2&impl=fifs&adsid=NT&json_a=1&eid=21062724&vrg=2019091201&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190919&iu_parts=4121%2Cus_sites%2Cedreams.net.en%2Chome%2Ctab1%2Cof&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&prev_scp=ad_group%3Dad_opt%26pos%3Dmpu1&eri=4&cust_params=site%3DA%26isWL%3Dfalse%26mktPortal%3DEDR_US&cookie_enabled=1&cdm=www.edreams.net&bc=31&abxe=1&lmt=1568911893&dt=1568911893812&dlt=1568911892889&idt=862&frm=20&biw=1585&bih=1200&oid=3&adxs=1023&adys=917&adks=83232624&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.edreams.net%2F&loc=https%3A%2F%2Fwww.edreams.net%2F&dssz=98&icsg=4502511390031884&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x250&msz=300x250&ga_vid=1353815095.1568911893&ga_sid=1568911894&ga_hid=989021978&ga_fc=true&fws=4&ohw=1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

1c97807080ad625da11b9712e3e11812fe93f19aec1fcdf3838bd61cb9ee0680

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 6005
x-xss-protection: 0
google-lineitem-id: 5164744290
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138287140360
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.edreams.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 774ms
774ms XHR
text/plain 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2209877060768027&correlator=318890009455368&output=ldjh&callback=googletag.impl.pubads.callbackProxy3&impl=fifs&adsid=NT&json_a=1&eid=21062724&vrg=2019091201&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190919&iu_parts=4121%2Cus_sites%2Cedreams.net.en%2Chome%2Ctab1%2Cof&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&prev_scp=ad_group%3Dad_opt%26pos%3Dmpu2&eri=4&cust_params=site%3DA%26isWL%3Dfalse%26mktPortal%3DEDR_US&cookie_enabled=1&cdm=www.edreams.net&bc=31&abxe=1&lmt=1568911893&dt=1568911893826&dlt=1568911892889&idt=862&frm=20&biw=1585&bih=1200&oid=3&adxs=1023&adys=1187&adks=3705237551&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.edreams.net%2F&loc=https%3A%2F%2Fwww.edreams.net%2F&dssz=98&icsg=4502511390031884&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x250&msz=300x250&ga_vid=1353815095.1568911893&ga_sid=1568911894&ga_hid=989021978&ga_fc=true&fws=4&ohw=1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

28c6ed57f5173ca89f759f5b83d488998f10055e9d11260f8afbc1401c2416ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 2630
x-xss-protection: 0
google-lineitem-id: 5101327822
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138274269376
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.edreams.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 11 KB
4 KB 1093ms
1093ms XHR
text/plain 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2209877060768027&correlator=318890009455368&output=ldjh&callback=googletag.impl.pubads.callbackProxy4&impl=fifs&adsid=NT&json_a=1&eid=21062724&vrg=2019091201&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190919&iu_parts=4121%2Cus_sites%2Cedreams.net.en%2Chome%2Cof&enc_prev_ius=%2F0%2F1%2F2%2F3%2F3%2F4&prev_iu_szs=300x250&prev_scp=ad_group%3Dad_opt%26pos%3Dmpu3&eri=4&cust_params=site%3DA%26isWL%3Dfalse%26mktPortal%3DEDR_US&cookie_enabled=1&cdm=www.edreams.net&bc=31&abxe=1&lmt=1568911893&dt=1568911893839&dlt=1568911892889&idt=862&frm=20&biw=1585&bih=1200&oid=3&adxs=623&adys=1467&adks=2905555048&ucis=7&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.edreams.net%2F&loc=https%3A%2F%2Fwww.edreams.net%2F&dssz=98&icsg=4502511390031884&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x310&msz=300x250&ga_vid=1353815095.1568911893&ga_sid=1568911894&ga_hid=989021978&ga_fc=true&fws=4&ohw=1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

3c02514af0569aee3de9eff8ad53bcd90e496548ca259b38242367c6553a9308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 4215
x-xss-protection: 0
google-lineitem-id: 129315315
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 105278407035
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.edreams.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
6 KB 1258ms
1258ms XHR
text/plain 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2209877060768027&correlator=318890009455368&output=ldjh&callback=googletag.impl.pubads.callbackProxy5&impl=fifs&adsid=NT&json_a=1&eid=21062724&vrg=2019091201&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190919&iu_parts=4121%2Cus_sites%2Cedreams.net.en%2Chome%2Cof&enc_prev_ius=%2F0%2F1%2F2%2F3%2F3%2F4&prev_iu_szs=300x250&prev_scp=ad_group%3Dad_opt%26pos%3Dmpu4&eri=4&cust_params=site%3DA%26isWL%3Dfalse%26mktPortal%3DEDR_US&cookie_enabled=1&cdm=www.edreams.net&bc=31&abxe=1&lmt=1568911893&dt=1568911893851&dlt=1568911892889&idt=862&frm=20&biw=1585&bih=1200&oid=3&adxs=793&adys=1467&adks=2905555049&ucis=9&ifi=9&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.edreams.net%2F&loc=https%3A%2F%2Fwww.edreams.net%2F&dssz=98&icsg=4502511390031884&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x310&msz=300x250&ga_vid=1353815095.1568911893&ga_sid=1568911894&ga_hid=989021978&ga_fc=true&fws=4&ohw=1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

d5be4cf6ffaec8f2356332a047a8c2ee70e45aaa227cd7f0eb057b0090ba3d9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 6008
x-xss-protection: 0
google-lineitem-id: 129315315
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 98726236635
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.edreams.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
6 KB 1499ms
1498ms XHR
text/plain 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2209877060768027&correlator=318890009455368&output=ldjh&callback=googletag.impl.pubads.callbackProxy6&impl=fifs&adsid=NT&json_a=1&eid=21062724&vrg=2019091201&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190919&iu_parts=4121%2Cus_sites%2Cedreams.net.en%2Chome%2Cof&enc_prev_ius=%2F0%2F1%2F2%2F3%2F3%2F4&prev_iu_szs=300x250&prev_scp=ad_group%3Dad_opt%26pos%3Dmpu5&eri=4&cust_params=site%3DA%26isWL%3Dfalse%26mktPortal%3DEDR_US&cookie_enabled=1&cdm=www.edreams.net&bc=31&abxe=1&lmt=1568911893&dt=1568911893862&dlt=1568911892889&idt=862&frm=20&biw=1585&bih=1200&oid=3&adxs=963&adys=1467&adks=2905555050&ucis=b&ifi=11&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.edreams.net%2F&loc=https%3A%2F%2Fwww.edreams.net%2F&dssz=98&icsg=4502511390031884&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x310&msz=300x250&ga_vid=1353815095.1568911893&ga_sid=1568911894&ga_hid=989021978&ga_fc=true&fws=4&ohw=1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

fb6df1c246270c556d1d195a4f4a6950417344c1d084511e7808d5c34b312849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 6111
x-xss-protection: 0
google-lineitem-id: 4761491906
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138275638769
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.edreams.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/edreams/prod/ 2 KB
1 KB 18ms
18ms Script
text/javascript 3.121.16.187
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/edreams/prod/serverComponent.php?r=541573338.9156252&ClientID=2220&PageID=https%3A%2F%2Fwww.edreams.net%2F%3Fesc_device%3DD%26esc_page_name%3Dhomepage%26esc_page_type%3Dhomepage%26esc_mkt_portal%3D
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/edreams/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.121.16.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-121-16-187.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e2fb26a42cb45b97403acc74aab159e36f4b669716ab6f2f7f5390640bb4103e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:33 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: no-cache, no-store
expires: Thu, 19 Sep 2019 16:51:32 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=12293607&c4=&c5=&c6=&c15=&cs_ucfr=0&ns__t=1568911893876&ns_c=UTF-8&cv=3.1&c8=Cheap%20flights%2C%20hotels%20and%20vacation%20packages%20-%20eDreams%20USA&c...
https://sb.scorecardresearch.com/b2?c1=2&c2=12293607&c4=&c5=&c6=&c15=&cs_ucfr=0&ns__t=1568911893876&ns_c=UTF-8&cv=3.1&c8=Cheap%20flights%2C%20hotels%20and%20vacation%20packages%20-%20eDreams%20USA&...

0
248 B

6ms
6ms

Image
text/plain

23.43.115.95
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=12293607&c4=&c5=&c6=&c15=&cs_ucfr=0&ns__t=1568911893876&ns_c=UTF-8&cv=3.1&c8=Cheap%20flights%2C%20hotels%20and%20vacation%20packages%20-%20eDreams%20USA&c7=https%3A%2F%2Fwww.edreams.net%2F&c9=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.115.95 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-43-115-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:33 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=12293607&c4=&c5=&c6=&c15=&cs_ucfr=0&ns__t=1568911893876&ns_c=UTF-8&cv=3.1&c8=Cheap%20flights%2C%20hotels%20and%20vacation%20packages%20-%20eDreams%20USA&c7=https%3A%2F%2Fwww.edreams.net%2F&c9=
Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:33 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 319B 0
0 6ms
5ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=9745ccf45a0041d010004a3efeb3da81&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.edreams.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Thu, 17 Sep 2020 18:50:45 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: EALGFz33U94GwfLtcCBcRw8eyWFUItAOCx5RlNYW8QHvN5G36ENw/UgFzfMX2AtHN/Iic90iiNO3YX2Usuy8oA==
content-length: 11820
x-fb-trip-id: 420120009
date: Thu, 19 Sep 2019 16:51:33 GMT

GET
H/1.1 200
OK 41246
stags.bluekai.com/site/ Frame 1A2F 0
0 192ms
173ms Document
text/html 104.111.241.32
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/41246?ret=html&phint=v1%3DEUS&phint=v2%3DD&phint=v3%3D&phint=v4%3D&phint=v5%3D&phint=v6%3D&phint=v7%3D&phint=v8%3D&phint=v9%3D&phint=v10%3D&phint=s1%3D&phint=s2%3D&phint=s3%3D&phint=s4%3D&phint=s5%3D&phint=s6%3D&phint=s7%3D&phint=s8%3D&phint=s9%3D&phint=__bk_t%3DCheap%20flights%2C%20hotels%20and%20vacation%20packages%20-%20eDreams%20USA&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.edreams.net%2F&phint=__bk_v%3D3.1.3&limit=10&r=12495373
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.241.32 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-241-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.edreams.net/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: 9edc
Date: Thu, 19 Sep 2019 16:51:34 GMT
Connection: keep-alive
X-N: S

GET
H2 200 flags.png
www.edreams.net/images/onefront/flags/ 9 KB
9 KB 7ms
7ms Image
image/png 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edreams.net/images/onefront/flags/flags.png

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

8b08004f4418bb32b55ecc631542ad9c05ed18d1b3e72bf8219fd7c67f7652d0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/css/none_ed_desktop.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Tue, 02 Oct 2018 16:50:30 GMT
etag: "5bb3a1d6-2463"
strict-transport-security: max-age=60;
content-type: image/png
status: 200
expires: Fri, 20 Sep 2019 01:26:36 GMT
cache-control: max-age=86400
date: Thu, 19 Sep 2019 16:51:33 GMT
accept-ranges: bytes
content-length: 9315
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 mem8YaGs126MiZpBA-UFVp0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v17/ 5 KB
5 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVp0bf8pkAp6a.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

590cb8ea8c43c72f65a41e54b2f5e3a98aead88cbe4d47991753993250725602

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300%7COpen+Sans:400%7COpen+Sans:600%7COpen+Sans:700
Origin: https://www.edreams.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 25 Aug 2019 05:42:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:48 GMT
server: sffe
age: 2200134
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 4644
x-xss-protection: 0
expires: Mon, 24 Aug 2020 05:42:39 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v17/ 5 KB
6 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300%7COpen+Sans:400%7COpen+Sans:600%7COpen+Sans:700
Origin: https://www.edreams.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 21:40:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:48 GMT
server: sffe
age: 1365035
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 5608
x-xss-protection: 0
expires: Wed, 02 Sep 2020 21:40:58 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1043395192/ 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043395192/?random=1568911893909&cv=9&fst=1568911893909&num=1&value=0&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=pagetype%3Dhomepage%3Bpackagetype%3D%3Btravelstartdate%3D%3Btravelenddate%3D%3Borigincity%3D%3Bdestcity%3D%3Borigincountry%3D%3Bdestcountry%3D%3Bnbrpax%3D%3Bnbradt%3D%3Bnbrchd%3D%3Bflighttype%3D%3Bairline%3D%20%3Bbookingvalue%3D0.0&frm=0&url=https%3A%2F%2Fwww.edreams.net%2F&tiba=Cheap%20flights%2C%20hotels%20and%20vacation%20packages%20-%20eDreams%20USA&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

eb2fa1373a3dd5a6a167085954f366016b06a9ba4cb85804bed803a0e9510358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/845638204/ 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845638204/?random=1568911893913&cv=9&fst=1568911893913&num=1&value=0&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=flight_originid%3D%3Bflight_destid%3D%3Bflight_startdate%3D%3Bflight_enddate%3D%3Bflight_pagetype%3Dhomepage%3Bflight_totalvalue%3D%3Borigincountry%3D%3Bdestcountry%3D%3Bnbrpax%3D%3Bnbradt%3D%3Bnbrchd%3D%3Bbookingvalue%3D%3Bflighttype%3D%3Bdevice%3DD%3Bduration%3D%3Boffertype%3D%3Btravel_destid%3D%3Btravel_originid%3D%3Btravel_pagetype%3Dhomepage%3Btravel_startdate%3D%3Btravel_enddate%3D%3Btravel_totalvalue%3D&frm=0&url=https%3A%2F%2Fwww.edreams.net%2F&tiba=Cheap%20flights%2C%20hotels%20and%20vacation%20packages%20-%20eDreams%20USA&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

827b8c727923f4f8e42407a3ebe4f75c4080cdeeeb98a94c6d2a0154e403f489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 1097
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
102 B 14ms
14ms Other
image/gif 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: https://www.edreams.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=13552/rand=913285742/pv=y/genp=Brand%3AEUS/genp=Device%3AD/sm=Page_Name%3Ahomepage/seg=Flight_Type%3A/seg=Flight_Price%3A/seg=Flight_Class%3A/seg=Flight_number%3A/seg=Fli... Frame BCF3
Redirect Chain

https://bcp.crwdcntrl.net/5/c=13552/rand=913285742/pv=y/genp=Brand%3AEUS/genp=Device%3AD/sm=Page_Name%3Ahomepage/seg=Flight_Type%3A/seg=Flight_Price%3A/seg=Flight_Class%3A/seg=Flight_number%3A/seg=...
https://bcp.crwdcntrl.net/5/ct=y/c=13552/rand=913285742/pv=y/genp=Brand%3AEUS/genp=Device%3AD/sm=Page_Name%3Ahomepage/seg=Flight_Type%3A/seg=Flight_Price%3A/seg=Flight_Class%3A/seg=Flight_number%3A...

0
0

68ms
64ms

Document
text/html

54.76.84.205
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=13552/rand=913285742/pv=y/genp=Brand%3AEUS/genp=Device%3AD/sm=Page_Name%3Ahomepage/seg=Flight_Type%3A/seg=Flight_Price%3A/seg=Flight_Class%3A/seg=Flight_number%3A/seg=Flight_airlines%3A/seg=Departure_Date%3A/seg=Departure_CountryName%3A/seg=Arrival_CountryName%3A/seg=Departure_CityCode%3A/seg=Arrival_CityCode%3A/seg=Return_Date%3A/seg=Nb_Pax%3A/seg=Nb_Adults%3A/seg=Nb_Children%3A/seg=Nb_Babies%3A/seg=Departure_Airport%3A/seg=Arrival_Airport%3A/seg=Nb_SearchToTravelDate%3A0/seg=Baggage%3A/seg=Total_basketAmount%3A/seg=Length_trip%3A/seg=Dep_weekday%3A/seg=Arr_weekday%3A/seg=Hotel_CityName%3A/seg=Hotel_Name%3A/seg=Hotel_Duration%3A/seg=Hotel_Adults%3A/seg=Hotel_Children%3A/seg=Hotel_Infants%3A/seg=Prime%3Afalse/seg=Paiement_Type%3A/int=%23OpR%2385796%23Total%20Site%20Traffic%20%3A%20www.edreams.net/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/13552/cc.js?ns=_cc13552
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.84.205 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-76-84-205.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: bcp.crwdcntrl.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.edreams.net/
Accept-Encoding: gzip, deflate, br
Cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Thu, 19 Sep 2019 16:51:34 GMT
Expires: 0
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Mon, 15-Jun-2020 16:06:00 GMT;SameSite=None _cc_id=2efbade835a89954253295401f34793;Path=/;Domain=crwdcntrl.net;Expires=Mon, 15-Jun-2020 16:06:00 GMT;SameSite=None _cc_cc="ACZ4nGOQN0pNS0pMSbUwNk20sLQ0NTEyNTYCUgaGacYm5pbGDEAQ27xJjAEOtLfd2SPL%2BCGT4T8jI8PWr3Ph7B1r%2F8jA2BNXI9gTkNj9SOxeJPYWJHNO7UfS%2BwVh18bGDgUY%2B%2F8qhJq5H%2F%2FB2Yf2%2FoSrP74CoebfRgR70wOEmbd%2FIvTuQFK%2FYBOCPR%2BJvQFJzQQkc9Yhia9BYq9GYq9CYk9cPA%2BudyKS%2BX1I7G4kdhcSu3U9gr0eKUzakdRcWDyHBca%2B%2FPwO3K7DSOIPpvYwwtjTT6jDmPuXH4Urv3TqERuM%2FfGzJYwJAME01D0%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Mon, 15-Jun-2020 16:06:00 GMT;Max-Age=23328000;SameSite=None _cc_aud="ABR4nGNgYGCIbd4kxgADzAzsistBDHajUxDqJJAEAFaeBIA%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Mon, 15-Jun-2020 16:06:00 GMT;Max-Age=23328000;SameSite=None
Vary: Accept-Encoding
X-Server: 10.45.7.180
Content-Length: 613
Connection: keep-alive

Redirect headers

Cache-Control: no-cache
Date: Thu, 19 Sep 2019 16:51:34 GMT
Expires: 0
Location: https://bcp.crwdcntrl.net/5/ct=y/c=13552/rand=913285742/pv=y/genp=Brand%3AEUS/genp=Device%3AD/sm=Page_Name%3Ahomepage/seg=Flight_Type%3A/seg=Flight_Price%3A/seg=Flight_Class%3A/seg=Flight_number%3A/seg=Flight_airlines%3A/seg=Departure_Date%3A/seg=Departure_CountryName%3A/seg=Arrival_CountryName%3A/seg=Departure_CityCode%3A/seg=Arrival_CityCode%3A/seg=Return_Date%3A/seg=Nb_Pax%3A/seg=Nb_Adults%3A/seg=Nb_Children%3A/seg=Nb_Babies%3A/seg=Departure_Airport%3A/seg=Arrival_Airport%3A/seg=Nb_SearchToTravelDate%3A0/seg=Baggage%3A/seg=Total_basketAmount%3A/seg=Length_trip%3A/seg=Dep_weekday%3A/seg=Arr_weekday%3A/seg=Hotel_CityName%3A/seg=Hotel_Name%3A/seg=Hotel_Duration%3A/seg=Hotel_Adults%3A/seg=Hotel_Children%3A/seg=Hotel_Infants%3A/seg=Prime%3Afalse/seg=Paiement_Type%3A/int=%23OpR%2385796%23Total%20Site%20Traffic%20%3A%20www.edreams.net/rt=ifr
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None
X-Server: 10.45.19.29
Content-Length: 0
Connection: keep-alive

GET
H2 200 uuid.ashx Show response
ads.travelaudience.com/ 316 B
654 B 42ms
41ms Script
application/javascript 35.190.0.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.travelaudience.com/uuid.ashx?callback=_callbacks_._0k0qxmt3k
Requested by: Host: ads.travelaudience.com
URL: https://ads.travelaudience.com/js/ta.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.0.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.15.12 /
Resource Hash: 122ad679b011179e2df8d382f7f189472dfb779e71431021bfc8a3621c390b06

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-engine-version: v2.16.0
server: nginx/1.15.12
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
status: 200
x-host: tde-deliveryengine-production-b579d99db-b98kz
content-type: application/javascript
alt-svc: clear
via: 1.1 google

GET
H2 204 0
bat.bing.com/action/ 0
135 B 60ms
59ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4056418&Ver=2&mid=e9f79acb-2d6e-61b1-5799-1b3594bb73ec&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Cheap%20flights,%20hotels%20and%20vacation%20packages%20-%20eDreams%20USA&p=https%3A%2F%2Fwww.edreams.net%2F&r=&lt=789&evt=pageLoad&msclkid=N&rn=928195
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Thu, 19 Sep 2019 16:51:33 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 72591159E71043479B97D49C188C9693 Ref B: VIEEDGE0921 Ref C: 2019-09-19T16:51:33Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK boxever-cross-domain.html
api.boxever.com/v1.2/ Frame B651 0
0 158ms
45ms Document
text/html 54.72.14.87
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.boxever.com/v1.2/boxever-cross-domain.html?client_key=grY1NOtKhm4xhDV9rsny82DvKa1iYFBN&parent_url=https%3A%2F%2Fwww.edreams.net%2F
Requested by: Host: d1mj578wat5n4o.cloudfront.net
URL: https://d1mj578wat5n4o.cloudfront.net/boxever-1.3.6.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.14.87 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-72-14-87.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: api.boxever.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.edreams.net/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/

Response headers

Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 25526
Connection: keep-alive

GET
H2 200 iframe
accounts.google.com/o/oauth2/ Frame FDB0 0
0 70ms
47ms Document
text/html 2a00:1450:4001:815::200d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5Riz9DLWieTDuqv5zgER4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.edreams.net/
accept-encoding: gzip, deflate, br
cookie: NID=188=n_ugCNFb5PxXUIIqzIAYt73ZSVGDzfmQmY7PPx-KHFo_shfltDxnN9s0yzNg05Ym1glVVpX4cfT_v09VPM3DD7boUCt-xgQaF8cPQFt_kKd8HnqlTCJ_tUSAcmsKGn_5yctW7q6kIGIP8O4k1I_2M1KvcMT5ppoGLRo23tvCezI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 19 Sep 2019 16:51:34 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-5Riz9DLWieTDuqv5zgER4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2

200

AdX
pixel.sojern.com/idSync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sojern__adx_open_bidder_seat&google_hm=EJu4xItrNhZuietSb4HOqw&google_cm&google_sc&sjrn_id=0if7pRKoVLjXCDde7nayC9p0LwjbOhFfSZlcDIA41aB7ZzriGH5hlIj2fbAhNj2i
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=0if7pRKoVLjXCDde7nayC9p0LwjbOhFfSZlcDIA41aB7ZzriGH5hlIj2fbAhNj2i&google_gid=CAESEAOZGe_AFpLlCLAD_cg5THQ&google_cver=1

42 B
299 B

18ms
13ms

Image
image/gif

107.178.244.119
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=0if7pRKoVLjXCDde7nayC9p0LwjbOhFfSZlcDIA41aB7ZzriGH5hlIj2fbAhNj2i&google_gid=CAESEAOZGe_AFpLlCLAD_cg5THQ&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.244.119 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
via: 1.1 google
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
status: 200
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:34 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=0if7pRKoVLjXCDde7nayC9p0LwjbOhFfSZlcDIA41aB7ZzriGH5hlIj2fbAhNj2i&google_gid=CAESEAOZGe_AFpLlCLAD_cg5THQ&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 389
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idSync/
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idSync/apn?sjrn_cid=0if7pRKoVLjXCDde7nayC9p0LwjbOhFfSZlcDIA41aB7ZzriGH5hlIj2fbAhNj2i&adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2FidSync%2Fapn%3Fsjrn_cid%3D0if7pRKoVLjXCDde7nayC9p0LwjbOhFfSZlcDIA41aB7ZzriGH5hlIj2fbAhNj2i%26adnxs_uid%3D%24UID
https://pixel.sojern.com/idSync/apn?sjrn_cid=0if7pRKoVLjXCDde7nayC9p0LwjbOhFfSZlcDIA41aB7ZzriGH5hlIj2fbAhNj2i&adnxs_uid=3545610488982451073

42 B
281 B

53ms
46ms

Image
image/gif

107.178.244.119
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/apn?sjrn_cid=0if7pRKoVLjXCDde7nayC9p0LwjbOhFfSZlcDIA41aB7ZzriGH5hlIj2fbAhNj2i&adnxs_uid=3545610488982451073
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.244.119 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
via: 1.1 google
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
status: 200
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:36 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.101:80
AN-X-Request-Uuid: 470ad597-ceb9-4f9b-826e-fa71c129fba1
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel.sojern.com/idSync/apn?sjrn_cid=0if7pRKoVLjXCDde7nayC9p0LwjbOhFfSZlcDIA41aB7ZzriGH5hlIj2fbAhNj2i&adnxs_uid=3545610488982451073
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

tapidSync
pixel.sojern.com/
Redirect Chain

https://tapestry.tapad.com/tapestry/1?ta_partner_did=wBmyI5k_ef-g5QMtEeXDy25PkCCOwcswrErLtghXoyD141q1oILcB1wtXr10ZCR3&ta_partner_id=996&ta_redirect=https://pixel.sojern.com/tapidSync?exchangeProfil...
https://pixel.sojern.com/tapidSync?exchangeProfileId=bcc7e9f1-dafd-11e9-9aa1-7ec577aabb52

42 B
192 B

17ms
13ms

Image
image/gif

107.178.244.119
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/tapidSync?exchangeProfileId=bcc7e9f1-dafd-11e9-9aa1-7ec577aabb52
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.244.119 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
via: 1.1 google
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
status: 200
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

date: Thu, 19 Sep 2019 16:51:34 GMT
via: 1.1 google
server: Jetty(8.1.13.v20130916)
status: 302
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.sojern.com/tapidSync?exchangeProfileId=bcc7e9f1-dafd-11e9-9aa1-7ec577aabb52
alt-svc: clear
content-length: 0

GET
H2 200 request
smartlock.google.com/iframe/ Frame 0014 0
0 139ms
139ms Document
text/html 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://smartlock.google.com/iframe/request?client=https%3A%2F%2Fwww.edreams.net&id=f476233671ea76059f9024be70211f77fc70e6201b4b0b81dfad980b51ccebda&renderMode=navPopout&preloadRequest=%7B%22type%22%3A%22retrieve%22%2C%22options%22%3A%7B%22supportedAuthMethods%22%3A%5B%22https%3A%2F%2Faccounts.google.com%22%5D%2C%22supportedIdTokenProviders%22%3A%5B%7B%22uri%22%3A%22https%3A%2F%2Faccounts.google.com%22%2C%22clientId%22%3A%221044856101094-nefh1ut749dm808159t2aqt7vtl7836k.apps.googleusercontent.com%22%7D%5D%7D%7D&features=%7B%22feature%22%3A%5B%22DISPLAY_RP_TOS%22%5D%7D

Requested by

Host: smartlock.google.com
URL: https://smartlock.google.com/client?noext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9A9KvoEfCmVnNnKPcVqWAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdentityYoloWebClientEndpoint/cspreport;worker-src 'self' script-src 'nonce-9A9KvoEfCmVnNnKPcVqWAw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com;report-uri /_/IdentityYoloWebClientEndpoint/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: smartlock.google.com
:scheme: https
:path: /iframe/request?client=https%3A%2F%2Fwww.edreams.net&id=f476233671ea76059f9024be70211f77fc70e6201b4b0b81dfad980b51ccebda&renderMode=navPopout&preloadRequest=%7B%22type%22%3A%22retrieve%22%2C%22options%22%3A%7B%22supportedAuthMethods%22%3A%5B%22https%3A%2F%2Faccounts.google.com%22%5D%2C%22supportedIdTokenProviders%22%3A%5B%7B%22uri%22%3A%22https%3A%2F%2Faccounts.google.com%22%2C%22clientId%22%3A%221044856101094-nefh1ut749dm808159t2aqt7vtl7836k.apps.googleusercontent.com%22%7D%5D%7D%7D&features=%7B%22feature%22%3A%5B%22DISPLAY_RP_TOS%22%5D%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.edreams.net/
accept-encoding: gzip, deflate, br
cookie: NID=188=n_ugCNFb5PxXUIIqzIAYt73ZSVGDzfmQmY7PPx-KHFo_shfltDxnN9s0yzNg05Ym1glVVpX4cfT_v09VPM3DD7boUCt-xgQaF8cPQFt_kKd8HnqlTCJ_tUSAcmsKGn_5yctW7q6kIGIP8O4k1I_2M1KvcMT5ppoGLRo23tvCezI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 19 Sep 2019 16:51:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-9A9KvoEfCmVnNnKPcVqWAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdentityYoloWebClientEndpoint/cspreport;worker-src 'self' script-src 'nonce-9A9KvoEfCmVnNnKPcVqWAw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com;report-uri /_/IdentityYoloWebClientEndpoint/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 app-desktop.js Show response
ajaxgeo.cartrawler.com/webapp-abe-latest/ Frame 958B 2 MB
457 KB 56ms
13ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Requested by: Host: rentacar.edreams.net
URL: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B3) /
Resource Hash: 78b25aa6f2db6599bd79f2a521451cc421d393c718a9601d0d2f9f88a5381741

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:58 GMT
server: ECS (fcn/40B3)
status: 200
etag: "1a6611-592e8e655bd80-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 467776

GET
H2 200 app-desktop.css
ajaxgeo.cartrawler.com/webapp-abe-latest/ Frame 958B 915 KB
119 KB 48ms
6ms Stylesheet
text/css 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.css
Requested by: Host: rentacar.edreams.net
URL: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DE) /
Resource Hash: f6b5ad0f862185a7ccd2627e3d97e4bf07bbe3726a65cced69642afe700c9754

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:35:12 GMT
server: ECS (fcn/40DE)
status: 200
etag: "e4d11-592e8dc70c800-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: text/css
content-length: 122004

GET
H2

200

LAL.d Show response
js.sddan.com/
Redirect Chain

https://js.sddan.com/LAL.d?pa=22351&si=1&su=1&u=https%3A%2F%2Fwww.edreams.net%2F&r=
https://js.sddan.com/LAL.d?pa=22351&si=1&su=1&u=https%3A%2F%2Fwww.edreams.net%2F&r=&bounce=1

10 KB
4 KB

18ms
18ms

Script
text/javascript

212.129.3.112
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sddan.com/LAL.d?pa=22351&si=1&su=1&u=https%3A%2F%2Fwww.edreams.net%2F&r=&bounce=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.129.3.112 Paris, France, ASN12876 (AS12876, FR),

Reverse DNS

212-129-3-112.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

def9c2fbb0d6222b5dc5ee683895c43c99cadb5ee2046ff94fdca18187c6d7b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
server: nginx/1.11.3
status: 200
strict-transport-security: max-age=15724800; includeSubDomains; preload
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type: text/javascript
x-xss-protection: 0
expires: Tue, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:34 GMT
server: nginx/1.11.3
status: 307
location: https://js.sddan.com/LAL.d?pa=22351&si=1&su=1&u=https%3A%2F%2Fwww.edreams.net%2F&r=&bounce=1
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-length: 0
x-xss-protection: 0
expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=8016&v=5.3.1&p0=e%3Dexd%26site_type%3Dd%26ci%3D&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh%26si%3D0%26ui_primesubscriber%3D0&p3=e%3Ddis&adce=1&lwid=75a464eb-c334-4d79...
https://widget.us.criteo.com/event?a=8016&v=5.3.1&p0=e%3Dexd%26site_type%3Dd%26ci%3D&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh%26si%3D0%26ui_primesubscriber%3D0&p3=e%3Ddis&adce=1&lwid=75a464eb-c334-4d79...

1017 B
1 KB

352ms
140ms

Script
application/x-javascript

74.119.119.150
Criteo Corp.

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.us.criteo.com/event?a=8016&v=5.3.1&p0=e%3Dexd%26site_type%3Dd%26ci%3D&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh%26si%3D0%26ui_primesubscriber%3D0&p3=e%3Ddis&adce=1&lwid=75a464eb-c334-4d79-8e9a-e6dc01215b1e&tld=edreams.net&dtycbr=79134
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.119.119.150 , United States, ASN19750 (AS-CRITEO - Criteo Corp., US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 21422b215322656b899e3cbc012e69c469a65964f2b39d5c2b6c29e14d06bf16

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
content-type: application/x-javascript
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
timing-allow-origin: *
content-length: 743
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:33 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
location: https://widget.us.criteo.com/event?a=8016&v=5.3.1&p0=e%3Dexd%26site_type%3Dd%26ci%3D&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh%26si%3D0%26ui_primesubscriber%3D0&p3=e%3Ddis&adce=1&lwid=75a464eb-c334-4d79-8e9a-e6dc01215b1e&tld=edreams.net&dtycbr=79134
cache-control: no-cache
timing-allow-origin: *
content-length: 0
expires: 0

GET
H/1.1 200
Ok providers.json Show response
i2-ghfbxuaxdsxweicdfadwssvgyfwqgb.init.cedexis-radar.net/i2/1/19692/j1/20/117/1568911894/0/0/ 3 KB
1 KB 103ms
45ms XHR
application/json 104.225.98.131
NetActuate

General

Check archive.org

Show headers Download Go to

Full URL: https://i2-ghfbxuaxdsxweicdfadwssvgyfwqgb.init.cedexis-radar.net/i2/1/19692/j1/20/117/1568911894/0/0/providers.json?imagesok=1&n=1&p=1&r=1&t=1
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.225.98.131 West Hollywood, United States, ASN36236 (NETACTUATE - NetActuate, Inc, US),
Reverse DNS: 131.98.225.104.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 13c41eef95f8aa31bd23f6f4492f021317486c1f543117492af2e8df3a32612b

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:34 GMT
Content-Encoding: gzip
Server: nginx/1.10.3
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1

GET
H2 200 none_ed_desktop.css
www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/css/ Frame B96B 2 MB
227 KB 9ms
8ms Stylesheet
text/css 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/css/none_ed_desktop.css

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/?preload=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

c45cd2979bd5c1773cba3b0091143319a7fd4a130bfb7a399f7a4fd0c58e691e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/travel/?preload=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: upgrade-insecure-requests;
status: 200
odigeo-trace-id: 7ce28c8c-db11-4f0a-8456-7a802768a603
strict-transport-security: max-age=60;
content-length: 231946
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 13 Sep 2019 06:31:48 GMT
date: Thu, 19 Sep 2019 16:51:34 GMT
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate, public, max-age=86400
etag: W/"1659389-1568356308000"
accept-ranges: bytes
expires: Thu, 31 Oct 2019 17:12:46 GMT

GET
H2 200 custom1.262.0.css
cars.cartrawler.com/resource/edreams/assets/css/ Frame 958B 118 KB
19 KB 24ms
13ms Stylesheet
text/css 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cars.cartrawler.com/resource/edreams/assets/css/custom1.262.0.css
Requested by: Host: rentacar.edreams.net
URL: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A3) /
Resource Hash: 51a007eca6e0d8a6269a371a757f6312ab0ba17f3873b33632e61dcc92fd35e9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:01:12 GMT
server: ECS (fcn/41A3)
etag: "1568901672000-1186922119"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19105

GET
H2 200 europcar.svg
ct-supplierimage.imgix.net/svg/ Frame 958B 3 KB
2 KB 30ms
4ms Image
image/svg+xml 2a04:4e42:1b::720
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/svg/europcar.svg

Requested by

Host: rentacar.edreams.net
URL: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix /

Resource Hash

b43b954382eb2bb4077f3acb15b7f3fd75a096c8d6583e03547f2cf16580686e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29697
x-cache: HIT, HIT
status: 200
x-imgix-id: ba7f4ebb05e4ff01e34ada58a893d1f6e251e0ff
content-length: 1447
x-served-by: cache-lax8641-LAX, cache-hhn4078-HHN
last-modified: Tue, 10 Sep 2019 15:43:32 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 avis.svg
ct-supplierimage.imgix.net/svg/ Frame 958B 2 KB
953 B 30ms
5ms Image
image/svg+xml 2a04:4e42:1b::720
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/svg/avis.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix /

Resource Hash

983b7f9596bff7ce49be7e3b3b5bfaea22cf411c9af7e28dadc3a588bf1a02d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399298
x-cache: HIT, HIT
status: 200
x-imgix-id: fd4c3914bfcf935e79fdb8f25c6de3da6988dc6b
content-length: 848
x-served-by: cache-lax8630-LAX, cache-hhn4078-HHN
last-modified: Tue, 10 Sep 2019 15:43:32 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 sixt.svg
ct-supplierimage.imgix.net/svg/ Frame 958B 1 KB
826 B 30ms
6ms Image
image/svg+xml 2a04:4e42:1b::720
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/svg/sixt.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix /

Resource Hash

a0d204548c6dd034ea4b7297d8dbf003f57f420fbcccc56e12282fd650539312

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389422
x-cache: HIT, HIT
status: 200
x-imgix-id: 45e30a141233e83715bec2e98c73d2eed9828b2b
content-length: 722
x-served-by: cache-lax8637-LAX, cache-hhn4078-HHN
last-modified: Tue, 10 Sep 2019 15:43:32 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 enterprise.svg
ct-supplierimage.imgix.net/svg/ Frame 958B 7 KB
3 KB 30ms
6ms Image
image/svg+xml 2a04:4e42:1b::720
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/svg/enterprise.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix /

Resource Hash

7994b1a075e71a7b3e50eecfeb9dbe0edf169dbaf2580047e2a0ded61fdd99ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456771
x-cache: HIT, HIT
status: 200
x-imgix-id: df90b99669548b36ad3b33c9a7e452055fe753e1
content-length: 3068
x-served-by: cache-lax8644-LAX, cache-hhn4078-HHN
last-modified: Tue, 03 Sep 2019 10:55:30 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 budget.svg
ct-supplierimage.imgix.net/svg/ Frame 958B 4 KB
2 KB 29ms
5ms Image
image/svg+xml 2a04:4e42:1b::720
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/svg/budget.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix /

Resource Hash

dfd0aab2493521f15031ef7357b56566e189671e2048726ab1dcf6e55cd43345

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389421
x-cache: HIT, HIT
status: 200
x-imgix-id: 5c9de1267e9c5d74144b2b03e2582f27e44f2281
content-length: 1617
x-served-by: cache-lax8632-LAX, cache-hhn4078-HHN
last-modified: Tue, 10 Sep 2019 15:43:32 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 hertz.svg
ct-supplierimage.imgix.net/svg/ Frame 958B 4 KB
2 KB 28ms
5ms Image
image/svg+xml 2a04:4e42:1b::720
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/svg/hertz.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix /

Resource Hash

8bfbde2b9c289e6c23ce6b12713931b60e323ec64e55df957705d6f6095b6e7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139007
x-cache: HIT, HIT
status: 200
x-imgix-id: 6278041392d30fa477d59958e4b36d7dd2991669
content-length: 1842
x-served-by: cache-lax8645-LAX, cache-hhn4078-HHN
last-modified: Tue, 10 Sep 2019 11:49:26 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 alamo.svg
ct-supplierimage.imgix.net/svg/ Frame 958B 3 KB
1 KB 9ms
6ms Image
image/svg+xml 2a04:4e42:1b::720
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/svg/alamo.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix /

Resource Hash

2fcd6123d26acd26f612d1c3c1d72e37de3ba6fc3402410d7e274defdaba4729

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391463
x-cache: HIT, HIT
status: 200
x-imgix-id: 6bd7decc27e10b60681967b5e0fc5340f3df2ef4
content-length: 1284
x-served-by: cache-lax8635-LAX, cache-hhn4078-HHN
last-modified: Tue, 10 Sep 2019 15:43:32 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 thrifty.svg
ct-supplierimage.imgix.net/svg/ Frame 958B 6 KB
2 KB 9ms
6ms Image
image/svg+xml 2a04:4e42:1b::720
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/svg/thrifty.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix /

Resource Hash

5ef16f00d90eb8fa9058959863a2e17a267980ddbc16699e1cb664cf91353348

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192077
x-cache: HIT, HIT
status: 200
x-imgix-id: 44af3c1599fc419750540332bb69638688a0c8a5
content-length: 2149
x-served-by: cache-lax8627-LAX, cache-hhn4078-HHN
last-modified: Tue, 10 Sep 2019 15:43:32 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 national.svg
ct-supplierimage.imgix.net/svg/ Frame 958B 6 KB
3 KB 10ms
6ms Image
image/svg+xml 2a04:4e42:1b::720
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/svg/national.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix /

Resource Hash

43df60c837d6d71d71b0fca2ff1ad1d317895508ffbe4cab8ab8b3302131b24d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518787
x-cache: HIT, HIT
status: 200
x-imgix-id: c4c57d3062595a64ac0bc1e2afec6a3a1acc6499
content-length: 2830
x-served-by: cache-lax8646-LAX, cache-hhn4078-HHN
last-modified: Tue, 10 Sep 2019 08:11:42 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 firefly.svg
ct-supplierimage.imgix.net/svg/ Frame 958B 14 KB
6 KB 10ms
7ms Image
image/svg+xml 2a04:4e42:1b::720
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/svg/firefly.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix /

Resource Hash

ad93ad02056a2a6557668c51453d74ed599c8d59bd61be6833e6e3140471ccfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10482
x-cache: HIT, HIT
status: 200
x-imgix-id: e1b0ba1ee3f87421c169d8f3dfc645102b258e78
content-length: 5661
x-served-by: cache-lax8621-LAX, cache-hhn4078-HHN
last-modified: Tue, 10 Sep 2019 15:43:32 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 keddy.svg
ct-supplierimage.imgix.net/svg/ Frame 958B 4 KB
2 KB 10ms
7ms Image
image/svg+xml 2a04:4e42:1b::720
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/svg/keddy.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix /

Resource Hash

ca8293649c3f85d0c8e1e9f60653f4c969f4619b6ba7b0f3c001825a554ee504

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 516459
x-cache: HIT, HIT
status: 200
x-imgix-id: 58d0ad3b9fbb073f83e2a7faf1e05f10aaa45260
content-length: 2152
x-served-by: cache-lax8636-LAX, cache-hhn4078-HHN
last-modified: Tue, 10 Sep 2019 11:49:26 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 dollar.svg
ct-supplierimage.imgix.net/svg/ Frame 958B 14 KB
4 KB 12ms
9ms Image
image/svg+xml 2a04:4e42:1b::720
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct-supplierimage.imgix.net/svg/dollar.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix /

Resource Hash

ce3e7c40fd43440e6bdeaa91615adc2d1d8de0aa237baf27d3ae31dcd3bba378

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309082
x-cache: HIT, HIT
status: 200
x-imgix-id: 50bddbaadce9f87a64c42896de0d6c63652aff2b
content-length: 4501
x-served-by: cache-lax8630-LAX, cache-hhn4078-HHN
last-modified: Tue, 10 Sep 2019 15:43:32 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 custom.js Show response
cars.cartrawler.com/resource/edreams/assets/js/ Frame 958B 4 KB
2 KB 20ms
13ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cars.cartrawler.com/resource/edreams/assets/js/custom.js?v=1.262.0
Requested by: Host: rentacar.edreams.net
URL: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40F9) /
Resource Hash: ce5e95503a864e0d17fd27693b89ebc3d643425a1aa6e63f6400f5a484e25455

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 13:44:40 GMT
server: ECS (fcn/40F9)
etag: "1568900680000--820200252-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1643

GET
H2 200 d51db4f23c26de64335ab46ea5068e05.js Show response
nexus.ensighten.com/edreams/prod/code/ 214 KB
21 KB 20ms
14ms Script
application/javascript 3.121.16.187
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/edreams/prod/code/d51db4f23c26de64335ab46ea5068e05.js?conditionId0=466245
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/edreams/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.121.16.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-121-16-187.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d8c7a9f8bfe1b2de0f5ac63c90c6bb4d0ae94cba6af51ea2a2903735d7ecc1dd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
last-modified: Thu, 11 Jul 2019 16:03:45 GMT
server: nginx
etag: W/"5d275de1-3578f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000

GET
H2

200

cmap
tag.yieldoptimizer.com/ps/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yo&google_hm=MzAxMTg3NTIwODk5MQ&google_sc&google_cm
https://tag.yieldoptimizer.com/ps/cmap?t=i&n=20&x=&google_gid=CAESENVk7ZjjF67DOPX2NxQWmlI&google_cver=1

43 B
299 B

54ms
46ms

Image
image/gif

35.186.212.60
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/cmap?t=i&n=20&x=&google_gid=CAESENVk7ZjjF67DOPX2NxQWmlI&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.212.60 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:33 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
status: 200
cache-control: no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:34 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tag.yieldoptimizer.com/ps/cmap?t=i&n=20&x=&google_gid=CAESENVk7ZjjF67DOPX2NxQWmlI&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1044284962/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1044284962/?value=0&label=6Rz1CJr54wQQooz68QM&guid=ON&script=0
https://www.google.com/pagead/1p-user-list/1044284962/?value=0&label=6Rz1CJr54wQQooz68QM&guid=ON&script=0&is_vtc=1&random=3580298449
https://www.google.de/pagead/1p-user-list/1044284962/?value=0&label=6Rz1CJr54wQQooz68QM&guid=ON&script=0&is_vtc=1&random=3580298449&ipr=y&ezwbk=1

42 B
110 B

57ms
57ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1044284962/?value=0&label=6Rz1CJr54wQQooz68QM&guid=ON&script=0&is_vtc=1&random=3580298449&ipr=y&ezwbk=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1044284962/?value=0&label=6Rz1CJr54wQQooz68QM&guid=ON&script=0&is_vtc=1&random=3580298449&ipr=y&ezwbk=1
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK setuid
secure.adnxs.com/ 43 B
982 B 82ms
44ms Image
image/gif 185.33.223.215
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=6&code=3011875208991

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.215 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

315.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:36 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 315.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.113:80
AN-X-Request-Uuid: d3d96baf-2794-4178-8514-fae2ca367857
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 aasync
tag.adaraanalytics.com/ps/ 0
338 B 80ms
42ms Image
text/plain 35.241.54.161
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.adaraanalytics.com/ps/aasync?ckid=MzAxMTg3NTIwODk5MXwxNTY4OTExODkzODk4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.241.54.161 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 161.54.241.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:33 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
status: 200
cache-control: no-cache
alt-svc: clear
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=179&external_user_id=3011875208991
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=179&external_user_id=3011875208991&C=1

43 B
868 B

27ms
27ms

Image
image/gif

2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=179&external_user_id=3011875208991&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:34 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 19 Sep 2019 16:51:34 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:34 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=179&external_user_id=3011875208991&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 277
Expires: Thu, 19 Sep 2019 16:51:34 GMT

GET
H2

200

ps
tag.yieldoptimizer.com/ps/
Redirect Chain

https://sd.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID}
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3343543312964968204

43 B
303 B

16ms
15ms

Image
image/gif

35.186.212.60
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3343543312964968204
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.212.60 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:33 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
status: 200
cache-control: no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3343543312964968204
Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:33 GMT
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server: Apache-Coyote/1.1
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3011875208991
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3011875208991

42 B
776 B

74ms
73ms

Image
image/gif

3.248.160.221
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3011875208991
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.160.221 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-248-160-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v042-0e8a48632.edge-irl1.demdex.com 5.59.0.20190904135845 4ms (+1ms)
Pragma: no-cache
X-TID: 3QGWvahMRbI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
X-TID: R2aXFC+nQeo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3011875208991
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

ps
tag.yieldoptimizer.com/ps/
Redirect Chain

https://i.liadm.com/s/37065?bidder_id=106904&bidder_uuid=3011875208991
https://i.liadm.com/s/37065?bidder_id=106904&bidder_uuid=3011875208991&_li_chk=true&previous_uuid=67932758bc7f47b9b9e75b6d040acc26
https://tag.yieldoptimizer.com/ps/ps?t=i&p=3776

43 B
186 B

15ms
14ms

Image
image/gif

35.186.212.60
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=i&p=3776
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.212.60 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:34 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
status: 200
cache-control: no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://tag.yieldoptimizer.com/ps/ps?t=i&p=3776
Date: Thu, 19 Sep 2019 16:51:34 GMT
Connection: keep-alive
Content-Length: 0

GET
H2

451

sync
pippio.com/api/
Redirect Chain

https://idsync.rlcdn.com/367258.gif?partner_uid=3011875208991
https://idsync.rlcdn.com/1000.gif?memo=CJq1FhIYChQIARDYKBoNMzAxMTg3NTIwODk5MRAAGg0IluSO7AUSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=e7435d23243e7c3bddd97eed8afed79018652e3f5a9ad51a529d38eb9d98cd59791426b5417dce21&_=2

0
75 B

129ms
114ms

Image
text/plain

107.178.254.65
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?pid=5324&it=1&iv=e7435d23243e7c3bddd97eed8afed79018652e3f5a9ad51a529d38eb9d98cd59791426b5417dce21&_=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.254.65 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 451
date: Thu, 19 Sep 2019 16:51:34 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Thu, 19 Sep 2019 16:51:34 GMT
via: 1.1 google
status: 307
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pippio.com/api/sync?pid=5324&it=1&iv=e7435d23243e7c3bddd97eed8afed79018652e3f5a9ad51a529d38eb9d98cd59791426b5417dce21&_=2
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/1043395192/ 42 B
115 B 56ms
55ms Image
image/gif 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1043395192/?random=1568911893909&cv=9&fst=1568908800000&num=1&value=0&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=pagetype%3Dhomepage%3Bpackagetype%3D%3Btravelstartdate%3D%3Btravelenddate%3D%3Borigincity%3D%3Bdestcity%3D%3Borigincountry%3D%3Bdestcountry%3D%3Bnbrpax%3D%3Bnbradt%3D%3Bnbrchd%3D%3Bflighttype%3D%3Bairline%3D%20%3Bbookingvalue%3D0.0&frm=0&url=https%3A%2F%2Fwww.edreams.net%2F&tiba=Cheap%20flights%2C%20hotels%20and%20vacation%20packages%20-%20eDreams%20USA&async=1&fmt=3&is_vtc=1&random=1621166711&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1043395192/ 42 B
110 B 22ms
22ms Image
image/gif 2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1043395192/?random=1568911893909&cv=9&fst=1568908800000&num=1&value=0&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=pagetype%3Dhomepage%3Bpackagetype%3D%3Btravelstartdate%3D%3Btravelenddate%3D%3Borigincity%3D%3Bdestcity%3D%3Borigincountry%3D%3Bdestcountry%3D%3Bnbrpax%3D%3Bnbradt%3D%3Bnbrchd%3D%3Bflighttype%3D%3Bairline%3D%20%3Bbookingvalue%3D0.0&frm=0&url=https%3A%2F%2Fwww.edreams.net%2F&tiba=Cheap%20flights%2C%20hotels%20and%20vacation%20packages%20-%20eDreams%20USA&async=1&fmt=3&is_vtc=1&random=1621166711&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/845638204/ 42 B
115 B 47ms
47ms Image
image/gif 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/845638204/?random=1568911893913&cv=9&fst=1568908800000&num=1&value=0&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=flight_originid%3D%3Bflight_destid%3D%3Bflight_startdate%3D%3Bflight_enddate%3D%3Bflight_pagetype%3Dhomepage%3Bflight_totalvalue%3D%3Borigincountry%3D%3Bdestcountry%3D%3Bnbrpax%3D%3Bnbradt%3D%3Bnbrchd%3D%3Bbookingvalue%3D%3Bflighttype%3D%3Bdevice%3DD%3Bduration%3D%3Boffertype%3D%3Btravel_destid%3D%3Btravel_originid%3D%3Btravel_pagetype%3Dhomepage%3Btravel_startdate%3D%3Btravel_enddate%3D%3Btravel_totalvalue%3D&frm=0&url=https%3A%2F%2Fwww.edreams.net%2F&tiba=Cheap%20flights%2C%20hotels%20and%20vacation%20packages%20-%20eDreams%20USA&async=1&fmt=3&is_vtc=1&random=2557335309&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/845638204/ 42 B
110 B 22ms
21ms Image
image/gif 2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/845638204/?random=1568911893913&cv=9&fst=1568908800000&num=1&value=0&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=flight_originid%3D%3Bflight_destid%3D%3Bflight_startdate%3D%3Bflight_enddate%3D%3Bflight_pagetype%3Dhomepage%3Bflight_totalvalue%3D%3Borigincountry%3D%3Bdestcountry%3D%3Bnbrpax%3D%3Bnbradt%3D%3Bnbrchd%3D%3Bbookingvalue%3D%3Bflighttype%3D%3Bdevice%3DD%3Bduration%3D%3Boffertype%3D%3Btravel_destid%3D%3Btravel_originid%3D%3Btravel_pagetype%3Dhomepage%3Btravel_startdate%3D%3Btravel_enddate%3D%3Btravel_totalvalue%3D&frm=0&url=https%3A%2F%2Fwww.edreams.net%2F&tiba=Cheap%20flights%2C%20hotels%20and%20vacation%20packages%20-%20eDreams%20USA&async=1&fmt=3&is_vtc=1&random=2557335309&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uuid.ashx Show response
ads.travelaudience.com/ 226 B
293 B 15ms
14ms Script
application/javascript 35.190.0.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.travelaudience.com/uuid.ashx?callback=_callbacks_._1k0qxmt6i
Requested by: Host: ads.travelaudience.com
URL: https://ads.travelaudience.com/js/ta.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.0.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.15.12 /
Resource Hash: 2185f84715c2fff5891a72109f85c61b476b80054f3e6322eab6dc47652ca2e7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-engine-version: v2.16.0
server: nginx/1.15.12
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
status: 200
x-host: tde-deliveryengine-production-b579d99db-gzx9t
content-type: application/javascript
alt-svc: clear
via: 1.1 google

GET
H2 200 icon_no_results_2x.png
www.edreams.net/images/onefront/bluestone/ED/ Frame B96B 10 KB
10 KB 12ms
6ms Image
image/png 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edreams.net/images/onefront/bluestone/ED/icon_no_results_2x.png

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/?preload=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

5b819aa69f3bbea98492b9b664f9a96ded1e8b911ee396ec00c721f487bf1075

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/travel/?preload=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Tue, 18 Jul 2017 14:50:31 GMT
etag: "596e2037-2685"
strict-transport-security: max-age=60;
content-type: image/png
status: 200
expires: Fri, 20 Sep 2019 11:52:10 GMT
cache-control: max-age=86400
date: Thu, 19 Sep 2019 16:51:34 GMT
accept-ranges: bytes
content-length: 9861
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 css
fonts.googleapis.com/ Frame B96B 9 KB
794 B 20ms
14ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/?preload=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

373a0505368dab061278aa0b7243dc58fc165a25f8b0286d57f8835d06ab6e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/travel/?preload=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 19 Sep 2019 16:51:34 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Thu, 19 Sep 2019 16:51:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:34 GMT

GET
H2 200 require.min.js Show response
www.edreams.net/travel/static-content/thirdParty/require/ Frame B96B 15 KB
6 KB 48ms
43ms Script
application/javascript 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/travel/static-content/thirdParty/require/require.min.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/?preload=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c06763b08c40d53093a43aa90af8568937b7cbbbaa4413638e79ac3d9b0197ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/travel/?preload=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: upgrade-insecure-requests;
status: 200
vary: Accept-Encoding
content-length: 5524
x-xss-protection: 1; mode=block
last-modified: Sun, 15 Sep 2019 17:00:26 GMT
server: Akamai Resource Optimizer
date: Thu, 19 Sep 2019 16:51:34 GMT
strict-transport-security: max-age=60;
content-type: application/javascript
cache-control: max-age=86400
etag: "3ad4-592583b58b580"
accept-ranges: bytes
expires: Sat, 14 Sep 2019 13:30:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 958B 9 KB
748 B 49ms
45ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

373a0505368dab061278aa0b7243dc58fc165a25f8b0286d57f8835d06ab6e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 19 Sep 2019 16:51:34 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Thu, 19 Sep 2019 16:51:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:34 GMT

GET
H2

200

google_match.ashx
ads.travelaudience.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_cm&google_hm=Cjz59KyiTLyokG_tOcfLow2
https://ads.travelaudience.com/google_match.ashx?google_gid=CAESEFUd2_QKKZ2I5y7UTX2EJCY&google_cver=1

35 B
160 B

53ms
53ms

Image
image/gif

35.190.0.66
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.travelaudience.com/google_match.ashx?google_gid=CAESEFUd2_QKKZ2I5y7UTX2EJCY&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.0.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.15.12 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-engine-version: v2.16.0
server: nginx/1.15.12
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
status: 200
x-host: tde-deliveryengine-production-b579d99db-ss6pn
content-type: image/gif
alt-svc: clear
via: 1.1 google

Redirect headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:34 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.travelaudience.com/google_match.ashx?google_gid=CAESEFUd2_QKKZ2I5y7UTX2EJCY&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 302
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content m
ad.yieldlab.net/ 0
495 B 61ms
43ms Image
text/plain 2.16.122.151
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dm_id=57205&ext_id=0A3CF9F4ACA24CBCA8906FED39C7CBA3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.16.122.151 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-122-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:34 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Application-Context: application
Expires: Wed, 18 Sep 2019 16:51:34 GMT

GET
H/1.1 204
No Content m
ad.yieldlab.net/ 0
495 B 95ms
16ms Image
text/plain 2.16.122.151
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=57203&ext_id=0A3CF9F4ACA24CBCA8906FED39C7CBA3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.16.122.151 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-122-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:34 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Application-Context: application
Expires: Wed, 18 Sep 2019 16:51:34 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ 0
239 B 164ms
10ms Image
image/gif 69.173.144.165
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=96478&nid=3792&put=0A3CF9F4ACA24CBCA8906FED39C7CBA3&expires=60
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

GET
H/1.1 200
OK Pug
image2.pubmatic.com/AdServer/ 42 B
839 B 114ms
13ms Image
image/gif 185.64.189.110
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMxNTcmdGw9MTI5NjAw&piggybackCookie=0A3CF9F4ACA24CBCA8906FED39C7CBA3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:34 GMT
X-lat: Pug22060:0:310
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H2

200

match
ice.360yield.com/ul_cb/
Redirect Chain

https://ice.360yield.com/match?publisher_dsp_id=229&external_user_id=0A3CF9F4ACA24CBCA8906FED39C7CBA3&dsp_callback=1
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=229&external_user_id=0A3CF9F4ACA24CBCA8906FED39C7CBA3&dsp_callback=1

43 B
560 B

9ms
8ms

Image
image/gif

52.59.139.190
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ice.360yield.com/ul_cb/match?publisher_dsp_id=229&external_user_id=0A3CF9F4ACA24CBCA8906FED39C7CBA3&dsp_callback=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.139.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-59-139-190.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 19 Sep 2019 16:51:34 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Thu, 19 Sep 2019 16:51:34 GMT
content-type: text/plain
content-length: 0
location: https://ice.360yield.com:443/ul_cb/match?publisher_dsp_id=229&external_user_id=0A3CF9F4ACA24CBCA8906FED39C7CBA3&dsp_callback=1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

tpui
ih.adscale.de/adscale-ih/
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=66&tpuid=0A3CF9F4ACA24CBCA8906FED39C7CBA3
https://ih.adscale.de/adscale-ih/tpui?tpid=66&tpuid=0A3CF9F4ACA24CBCA8906FED39C7CBA3&nut&uu=324e5e5e5ef3460ca683e7eb586779f4

49 B
590 B

18ms
18ms

Image
image/gif

2.18.234.72
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=66&tpuid=0A3CF9F4ACA24CBCA8906FED39C7CBA3&nut&uu=324e5e5e5ef3460ca683e7eb586779f4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.72 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-72.deploy.static.akamaitechnologies.com
Software: Apache-Coyote/1.1 /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:34 GMT
Server: Apache-Coyote/1.1
P3P: CP=NOI PSA OUR
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
Expires: Thu, 19 Sep 2019 16:51:34 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:34 GMT
Server: Apache-Coyote/1.1
Location: https://ih.adscale.de/adscale-ih/tpui?tpid=66&tpuid=0A3CF9F4ACA24CBCA8906FED39C7CBA3&nut&uu=324e5e5e5ef3460ca683e7eb586779f4
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 19 Sep 2019 16:51:34 GMT

GET
H/1.1 200
OK setuid
ib.adnxs.com/ 43 B
766 B 60ms
56ms Image
image/gif 185.33.223.203
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=533&code=setuid%28%270A3CF9F4ACA24CBCA8906FED39C7CBA3%27%29

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:36 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.101:80
AN-X-Request-Uuid: 29bcc6bf-47da-447f-a038-66730900d778
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 receive
pixel.tapad.com/idsync/ex/ 95 B
353 B 74ms
15ms Image
image/png 35.227.248.159
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.tapad.com/idsync/ex/receive?partner_id=3132&gdpr=1&gdpr_consent=&partner_device_id=0A3CF9F4ACA24CBCA8906FED39C7CBA3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.227.248.159 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 159.248.227.35.bc.googleusercontent.com
Software: Jetty(8.1.13.v20130916) /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
via: 1.1 google
server: Jetty(8.1.13.v20130916)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
status: 200
content-type: image/png
alt-svc: clear
content-length: 95

GET
H/1.1 200
OK impact.js Show response
radar.cedexis.com/releases/1560296207/ 7 KB
4 KB 18ms
17ms Script
application/javascript 45.54.49.5
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/releases/1560296207/impact.js
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.5 West Hollywood, United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 5.49.54.45.ptr.anycast.net
Software: nginx /
Resource Hash: 512871f6b301d3e48722684bd2f4ebad74c9d4e9a29dd88f5ff989b745aacbcc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jun 2019 23:40:31 GMT
Server: nginx
ETag: W/"5d003bef-1c22"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1209600, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 03 Oct 2019 16:51:34 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 04B0 0
0 6ms
6ms Document
text/html 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-35/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.edreams.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 3491
date: Thu, 19 Sep 2019 16:03:56 GMT
expires: Fri, 18 Sep 2020 16:03:56 GMT
last-modified: Fri, 21 Jun 2019 14:35:26 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2858
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
29 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

41ad8ff7e5205f7360535566ad386abb370abb9b92af19005a7ded4a803faf28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568805556061895"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29138
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:34 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
123 B 15ms
13ms Image
image/gif 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&r=728x90%7C970x90%7C970x250&w=970&h=250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 958B 86 KB
25 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:819::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KMPLVMJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f02734541fed335400dbebaa01b72029350e8cb714613ebcdbbab1cd396aa52

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: br
last-modified: Thu, 19 Sep 2019 15:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 25018
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:34 GMT

GET
H2 200 hotjar-1293377.js Show response
static.hotjar.com/c/ Frame 958B 4 KB
2 KB 155ms
55ms Script
application/javascript 147.75.204.174
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1293377.js?sv=6

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.204.174 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-2

Software

openresty /

Resource Hash

76a053b9ac4e215845c531644127c100ebee54156ea7fb0e74e50573a656d7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
section-io-tag: hotjar
age: 8
status: 200
section-io-cache: Hit
vary: Accept-Encoding
content-length: 1786
server: openresty
cache-control: max-age=60
x-frame-options: SAMEORIGIN
etag: W/e0cee3612f20f362cbfdadfe815673de
access-control-max-age: 600
section-io-origin-status: 304
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.081
section-io-id: e20c570862599eb89313c02a8ee35e87
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK seg
secure.adnxs.com/ 43 B
1 KB 18ms
18ms Image
image/gif 185.33.223.215
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=3149906:22351&t=2&redir=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.215 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

315.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:36 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 315.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.180:80
AN-X-Request-Uuid: 3007d360-ca91-44da-a064-b51d8ca5a0c3
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ 43 B
1 KB 30ms
15ms Image
image/gif 185.33.223.215
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=18061918&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.215 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

315.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:36 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 315.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.234:80
AN-X-Request-Uuid: ed0ca7a8-a4d5-4f08-a4f8-787dcfd94f00
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/23518/ Frame 4127 2 KB
1 KB 8ms
8ms Script
application/x-javascript 205.234.175.175
CacheNetworks

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/23518/adRecover.js
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 20a5b2aab4e1eeddff7640083905f106c50304c8285232d59d984265aa1efb1b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 31536000.000
x-cf1: 27741:fC.fra2:cf:cacheN.fra2-01:H
status: 200
content-length: 825
x-cf-tsc: 1562615643
x-cf2: H
last-modified: Wed, 13 Feb 2019 13:10:20 GMT
server: CFS 0215
x-cff: B
vary: Accept-Encoding
content-type: application/x-javascript
x-cfhash: "af21d626c03681d3040d6145b0fa34aa"
cf4age: 2585
accept-ranges: bytes

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 4127 0
152 B 18ms
17ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuL8dw6nE9x1MJHr2v_22bvpXbudGIzsiOEBAHiB8Ymp-mAUK7n7t8V-GefHrnpT5JdIQIsfzP6e3f2O2m5BLtOo7stInzg6NmnHR7-UJoGnKabJmqCjvcPokJqck9LM0UBkPf3yQngICYNi7lE25-RC7Xh5iHOXVd8IFRqB1_4P7-aRp225-PWYlPevkDSU8BaY7_wfdlv4Z24-Ueag_hs2X04AF_0pgkSQIPEts4iWZReBGQdlY9aApuh2D8wB7Flk9XwruR3gqeYkeQjQJcgnxZbFsEcGns7N9TaKg&sai=AMfl-YRvDFjHWpBmcARQjvRIr1CqvvYJo7GkIKIts_h3DDu7ZI8bJNGtBbl-LogXJLESQ646ozt7GytbrGPDaife-uQW6SDoPxNW5_gTMmBq&sig=Cg0ArKJSzDkz5f4gsM-PEAE&adurl=

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Sep 2019 16:51:34 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:34 GMT

GET
H2 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20190917/r20110914/client/ Frame 4127 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190917/r20110914/client/window_focus.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d31b12baad65082a7d404da9971cc9fed871e35f29a5893f815f468f1050491f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 14:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1044
x-xss-protection: 0
server: cafe
etag: 16885093947315342629
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Oct 2019 14:01:37 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4127 78 KB
29 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

96d487a0c7dd457eb22a400e8861a2edc90596164a67684fbe4715713e9fad7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568805556061895"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29649
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:34 GMT

GET
H2 200 2904681957066469962
tpc.googlesyndication.com/simgad/ Frame 4127 76 KB
76 KB 7ms
7ms Image
image/gif 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2904681957066469962

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d524bf80717ecd8cd3b0716578a3ee6946423842382bf4159c25b52569737bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 11:55:35 GMT
x-content-type-options: nosniff
age: 276959
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 77591
x-xss-protection: 0
last-modified: Mon, 09 Sep 2019 10:07:55 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Sep 2020 11:55:35 GMT

GET
H2 200 edreams-BS.woff
www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/fonts/ Frame B96B 34 KB
35 KB 75ms
75ms Font
text/plain 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/fonts/edreams-BS.woff

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/?preload=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

fbb4e29eb9b2df1615c014083c0d98499151a9e3f9e3c3962dbe71a88063ed13

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/css/none_ed_desktop.css
Origin: https://www.edreams.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: upgrade-insecure-requests;
status: 200
odigeo-trace-id: 2e400d31-aae6-460c-a9ac-90f5799f9f2b
strict-transport-security: max-age=60;
content-length: 35438
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 13 Sep 2019 06:31:50 GMT
date: Thu, 19 Sep 2019 16:51:34 GMT
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, public, max-age=86400
etag: W/"35268-1568356310000"
accept-ranges: bytes
expires: Fri, 01 Nov 2019 04:51:34 GMT

GET
H2 200 view Show response
us-sonar.sociomantic.com/js/2010-07-01/action/ 203 B
751 B 94ms
94ms Script
application/javascript 192.99.16.222
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://us-sonar.sociomantic.com/js/2010-07-01/action/view?aid=edreams-us&v=adv2.09&rid=r022261233040643913
Requested by: Host: us-sonar.sociomantic.com
URL: https://us-sonar.sociomantic.com/js/2010-07-01/adpan/edreams-us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.99.16.222 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: us-129.sociomantic.net
Software: nginx /
Resource Hash: ca89257cddc2fa8beb3f2739cf712fd47c1b0478c4ac7d695767ef74bbdd5249

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 16:51:34 GMT
server: nginx
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type: application/javascript; charset=utf-8

GET
H2 200 8f41050881ff370f3cf0-316.chunk.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ Frame 958B 465 B
411 B 7ms
6ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/8f41050881ff370f3cf0-316.chunk.js
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40D9) /
Resource Hash: c8138183da776e0e6775deb19f7cdfb61d8d99a353385d303bdba7bd000f3d7b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/40D9)
status: 200
etag: "1d1-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 340

GET
H2 200 428b53ceb8814918852a-429.chunk.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ Frame 958B 1 KB
678 B 6ms
6ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/428b53ceb8814918852a-429.chunk.js
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AC) /
Resource Hash: f04d1c4a61f3d01e30cc73a305b67563bc269feda7720ab73f4b83ffb1bd0340

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/41AC)
status: 200
etag: "482-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 583

GET
H2 200 39e25115c2eacfc4a410-338.chunk.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ Frame 958B 783 B
480 B 6ms
6ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/39e25115c2eacfc4a410-338.chunk.js
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4191) /
Resource Hash: 9f0042333e72201835816252c24e7cb0192eb8297aa36c182c151f8fbf7732bd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/4191)
status: 200
etag: "30f-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 409

GET
H2 200 8a0df773ce8ecf5945c5-320.chunk.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ Frame 958B 500 B
404 B 7ms
6ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/8a0df773ce8ecf5945c5-320.chunk.js
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A2) /
Resource Hash: 2ff351eaa8a493c86b3ff278595eff356c8db06cf1b2e0db1ab97261e23482b8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/41A2)
status: 200
etag: "1f4-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 333

GET
H2 200 8b73303bde862134d677-13.chunk.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ Frame 958B 5 KB
2 KB 6ms
6ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/8b73303bde862134d677-13.chunk.js
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40AD) /
Resource Hash: 8de9ded2f9d484b44c0773a40ea6f8cc35e497f7b418230ac3e5b68d91ce7a7a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/40AD)
status: 200
etag: "1533-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 1521

GET
H/1.1 201
Created create.json Show response
api.boxever.com/v1.2/event/ 148 B
280 B 61ms
61ms Script
application/javascript 54.72.14.87
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.boxever.com/v1.2/event/create.json?client_key=grY1NOtKhm4xhDV9rsny82DvKa1iYFBN&boxever_version=1.3.6&message=%7B%22type%22%3A%22VIEW%22%2C%22page%22%3A%22homepage%22%2C%22browser_id%22%3A%22aaec91f6-6e1e-4277-a3e7-b5fe0be56b44%22%2C%22pos%22%3A%22edreams.us%22%2C%22channel%22%3A%22WEB%22%2C%22language%22%3A%22EN%22%2C%22currency%22%3A%22USD%22%2C%22marketing_channel%22%3A%22Other%22%2C%22utm_source_cookie%22%3A%22no_GA%22%2C%22utm_medium_cookie%22%3A%22no_GA%22%7D&callback=jsonp31856440408106312
Requested by: Host: d1mj578wat5n4o.cloudfront.net
URL: https://d1mj578wat5n4o.cloudfront.net/boxever-1.3.6.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.14.87 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-72-14-87.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bee7149fb8777c898758b393da8e90baaa203ba0a959e7e1c66d1d6f5b8ce0ef

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 148
Content-Type: application/javascript

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/23518/ Frame DAD9 2 KB
1 KB 7ms
7ms Script
application/x-javascript 205.234.175.175
CacheNetworks

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/23518/adRecover.js
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 20a5b2aab4e1eeddff7640083905f106c50304c8285232d59d984265aa1efb1b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 31536000.000
x-cf1: 27741:fC.fra2:cf:cacheN.fra2-01:H
status: 200
content-length: 825
x-cf-tsc: 1562615643
x-cf2: H
last-modified: Wed, 13 Feb 2019 13:10:20 GMT
server: CFS 0215
x-cff: B
vary: Accept-Encoding
content-type: application/x-javascript
x-cfhash: "af21d626c03681d3040d6145b0fa34aa"
cf4age: 2585
accept-ranges: bytes

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame DAD9 0
129 B 17ms
16ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYYcORTVbchmsBv38UJjH56QlEoj_jut8azbuxaIfq_V10LrxbmumBjn7QhexSCKgi4Q_Bu6tfrHq5Oco6nF_GMshdrE4y-QeGxSdgFy_1vZTPUODUF6Yg7s6iKZqYMhOibxUwMPHOGwKVUMrpxtrTy2yFB8ym-MTPj8qQz05P_KPPACnQ_RPEKxJkayb_0yZCSoD_PkK54BglDFfZLDL_VaBSJeBG4HLeuxYpTN2NfhNUQ2THYqO5-uaC5UkIE4YqcengqWu0Sohow64WX0DKSb1CjUG8EApT1Xnl&sai=AMfl-YTqrHZKbuK9P9_8AqnQM-t8keISyULW5F8cLcKWnbabz3UBQbHAh_xNaTOMoisD_O4ucsy_GOdVwot3Sx7VsWDHoKwmNuhbFyg-xwboTQ&sig=Cg0ArKJSzA1T03fHmBAWEAE&urlfix=1&adurl=

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Sep 2019 16:51:34 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:34 GMT

GET
H2 200 t.js Show response
ahgele3.com/ Frame DAD9 15 KB
16 KB 96ms
51ms Script
application/javascript 143.204.214.43
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ahgele3.com/t.js?i=biv8cdpn6a49y886xor&cb=9505751568911894807
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.43 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-43.fra53.r.cloudfront.net
Software: /
Resource Hash: 6c9458c0c34ad49cf6875a98e5e66a520c6bc81af58322bef2d34899415e7d3c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 19 Sep 2019 16:51:34 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: jjWIqtV7cFLPcrAjBpcEjzv77gI7VDCGDHZSyLXjVllvoxeq3yZ0LQ==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame DAD9 78 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

96d487a0c7dd457eb22a400e8861a2edc90596164a67684fbe4715713e9fad7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568805556061895"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29649
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:34 GMT

GET
H2 200 modules.bb88fc9b50ded24ae044.js Show response
script.hotjar.com/ Frame 958B 427 KB
72 KB 94ms
59ms Script
application/javascript 147.75.204.210
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.bb88fc9b50ded24ae044.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1293377.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.204.210 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-4
Software: /
Resource Hash: 26df0bc359b85b2671eb94deaf5a3c09349094fccee3148ea5dff7e7b3ac73fd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: br
last-modified: Mon, 16 Sep 2019 09:26:15 GMT
status: 200
etag: "b057ae1f26677b8799f284bc469ffb53"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.026
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: f7216138c4378a62985aacc2785818b7
content-length: 73287

GET
DATA 200
OK truncated
/ Frame 4127 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25d3c708167dbd2cf9f90f3405f68ccb0beba9ddfe027eb4b467ceed7f291297

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK jload Show response
pixel.adsafeprotected.com/ Frame FE4C 43 KB
13 KB 14ms
14ms Script
application/javascript 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=926805&campId=300x250&pubId=51344715&chanId=90232635&placementId=5164744290&pubCreative=138287140360&pubOrder=2597097507&cb=1893840878
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: f9ea76aea275b34a02223a4f38a8b00d2abdca97fffa198b3dcedb2caf929a99

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:34 GMT
Content-Encoding: gzip
X-Server-Name: app25ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: pixel.adsafeprotected.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Server: nginx
Expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
Ok 1568911893025 Show response
rpt.cedexis.com/n1/0/1568911892530/0/0/0/0/1568911892642/1568911892643/1568911892643/1568911892643/1568911892669/1568911892648/1568911892669/1568911892885/1568911892950/1568911892889/1568911893050/... 16 B
283 B 54ms
14ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/n1/0/1568911892530/0/0/0/0/1568911892642/1568911892643/1568911892643/1568911892643/1568911892669/1568911892648/1568911892669/1568911892885/1568911892950/1568911892889/1568911893050/1568911893050/1568911893050/1568911893318/1568911893318/1568911893319/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/1568911893025
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:34 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 block.jpg
delivery.adrecover.com/ Frame 4127 631 B
886 B 7ms
7ms Image
image/jpeg 205.234.175.175
CacheNetworks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
x-cf2: H
last-modified: Fri, 22 Jul 2016 20:31:34 GMT
server: CFS 0215
cf4ttl: 31536000.000
x-cff: B
x-cfhash: "706bd34581dd47cb205c9ff4a828e7ca"
x-cf1: 27741:fC.fra2:cf:cacheN.fra2-01:H
content-type: image/jpeg
status: 200
cf4age: 0
x-cf3: M
accept-ranges: bytes
content-length: 631
x-cf-tsc: 1562369428

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ Frame B96B 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/?preload=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://www.edreams.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 21:41:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1365010
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 9132
x-xss-protection: 0
expires: Wed, 02 Sep 2020 21:41:24 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ Frame B96B 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/?preload=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://www.edreams.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 22 Aug 2019 16:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 2422077
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 9180
x-xss-protection: 0
expires: Fri, 21 Aug 2020 16:03:37 GMT

GET
H/1.1 200
OK dis.aspx
dis.us.criteo.com/dis/ Frame FDD0 0
0 293ms
100ms Document
text/html 74.119.119.150
Criteo Corp.

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.us.criteo.com/dis/dis.aspx?p=8016&cb=83119389689&ref=&sc_r=1600x1200&sc_d=24
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.119.119.150 , United States, ASN19750 (AS-CRITEO - Criteo Corp., US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Host: dis.us.criteo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.edreams.net/
Accept-Encoding: gzip, deflate, br
Cookie: uid=7ad1f069-ee46-419f-a574-4c04dffa930f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: text/html
content-encoding: gzip
expires: Mon, 26 Jul 1997 05:00:00 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
p3p: CP='CUR ADM OUR NOR STA NID'
timing-allow-origin: *
x-powered-by: ASP.NET
date: Thu, 19 Sep 2019 16:51:34 GMT
content-length: 147

GET
H2 200 box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame F7DD 0
0 57ms
15ms Document
text/html 147.75.102.227
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1293377.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.227 Central, Hong Kong, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-7
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-90f3a29ef7448451db5af955688970d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893

Response headers

status: 200
date: Thu, 19 Sep 2019 16:51:34 GMT
content-type: text/html
content-length: 787
cache-control: max-age=31536000
content-encoding: br
last-modified: Mon, 12 Aug 2019 16:41:40 GMT
etag: "5ee1a7ca3792b75767626ba3f51572aa"
section-io-origin-status: 200
section-io-origin-time-seconds: 0.052
vary: Accept-Encoding
accept-ranges: bytes
section-io-id: a77507defc09d08184774273f0a3cec1

GET
H/1.1 200
OK show.json Show response
api.boxever.com/v1.2/browser/aaec91f6-6e1e-4277-a3e7-b5fe0be56b44/ 205 B
332 B 108ms
48ms Script
application/javascript 54.72.14.87
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.boxever.com/v1.2/browser/aaec91f6-6e1e-4277-a3e7-b5fe0be56b44/show.json?client_key=grY1NOtKhm4xhDV9rsny82DvKa1iYFBN&api_token=0&callback=jsonp3909616463727799
Requested by: Host: d1mj578wat5n4o.cloudfront.net
URL: https://d1mj578wat5n4o.cloudfront.net/boxever-1.3.6.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.14.87 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-72-14-87.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 903afc9a9867f60ac5e90f83ddd345e36a27531874a8f14e51d1e1ce86a81af5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 205
Content-Type: application/javascript

GET
H2 200 usrm
us-sonar.sociomantic.com/html/2010-07-01/ Frame 1DB6 0
0 95ms
95ms Document
text/html 192.99.16.222
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://us-sonar.sociomantic.com/html/2010-07-01/usrm?aid=5622616225964312727&fpc=17368259859138071772&v=adv2.09&hs=true
Requested by: Host: us-sonar.sociomantic.com
URL: https://us-sonar.sociomantic.com/js/2010-07-01/adpan/edreams-us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.99.16.222 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: us-129.sociomantic.net
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: us-sonar.sociomantic.com
:scheme: https
:path: /html/2010-07-01/usrm?aid=5622616225964312727&fpc=17368259859138071772&v=adv2.09&hs=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.edreams.net/
accept-encoding: gzip, deflate, br
cookie: sonar=17368259859138071772; sonar-expires=1600447894; sonar_matching_us=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/

Response headers

status: 200
server: nginx
date: Thu, 19 Sep 2019 16:51:34 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
last-modified: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip

GET
DATA 200
OK truncated
/ Frame DAD9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3062745307963df328d25518b9b8910772f4ef9f3750af700cff667b5d9e76bb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK jload Show response
pixel.adsafeprotected.com/ Frame 43F9 43 KB
13 KB 19ms
18ms Script
application/javascript 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=926805&campId=300x250&pubId=46470075&chanId=90232635&placementId=5101327822&pubCreative=138274269376&pubOrder=2562606612&cb=47212742
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: 1d665fe39dfe3631fac5cdce23a94184473a75763106f14297b98420fe627bcf

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:34 GMT
Content-Encoding: gzip
X-Server-Name: app25ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: pixel.adsafeprotected.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Server: nginx
Expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 block.jpg
delivery.adrecover.com/ Frame DAD9 631 B
886 B 14ms
14ms Image
image/jpeg 205.234.175.175
CacheNetworks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/23518/adRecover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
x-cf2: H
last-modified: Fri, 22 Jul 2016 20:31:34 GMT
server: CFS 0215
cf4ttl: 31536000.000
x-cff: B
x-cfhash: "706bd34581dd47cb205c9ff4a828e7ca"
x-cf1: 27741:fC.fra2:cf:cacheN.fra2-01:H
content-type: image/jpeg
status: 200
cf4age: 0
x-cf3: M
accept-ranges: bytes
content-length: 631
x-cf-tsc: 1562369428

GET
H/1.1 200
OK main.19.8.13.js Show response
static.adsafeprotected.com/ Frame FE4C 160 KB
51 KB 15ms
15ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.13.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=926805&campId=300x250&pubId=51344715&chanId=90232635&placementId=5164744290&pubCreative=138287140360&pubOrder=2597097507&cb=1893840878
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: 2f14fc310dc9c906a78682d5834baa30ccdbb6e711582928178da64d312e7ccb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Sep 2019 18:39:39 GMT
X-Server-Name: app34ami.ami.303net.pvt
ETag: "5d81286b-c9de"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 51678
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 feedback
feedback.adrecover.com/ARWebService/ Frame 4127 0
0 67ms
28ms Image
application/json 23.97.225.52
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://feedback.adrecover.com/ARWebService/feedback?ts=1568911894938&adBlockedAA=false&packetId=00000001-995b8762-236a-4a80-922b-390566a62e34&siteId=23518&url=https%3A%2F%2Fwww.edreams.net%2F&referrer=
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-allow-methods: GET, POST

GET
H2 200 desktop.config.js Show response
www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/js/apps/ Frame B96B 7 KB
3 KB 8ms
7ms Script
text/javascript 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/js/apps/desktop.config.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/static-content/thirdParty/require/require.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

b0bfd61d242e7c7b07310bbf344c3e384bb3d406bc5abc9e9ac100f5db893e7d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/travel/?preload=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: upgrade-insecure-requests;
status: 200
odigeo-trace-id: c77d4a28-af6e-4cbf-8e30-84c9403c4440
strict-transport-security: max-age=60;
content-length: 2270
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 13 Sep 2019 06:31:52 GMT
date: Thu, 19 Sep 2019 16:51:34 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate, public, max-age=86400
etag: W/"7062-1568356312000"
accept-ranges: bytes
expires: Thu, 31 Oct 2019 17:12:47 GMT

GET
H/1.1 200 json Show response
otageo.cartrawler.com/cartrawlerota/ Frame 958B 2 KB
2 KB 313ms
167ms XHR
application/json 213.168.247.12
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://otageo.cartrawler.com/cartrawlerota/json?msg=%7B%22@Target%22:%22Production%22,%22@PrimaryLangID%22:%22en-us%22,%22POS%22:%7B%22Source%22:%5B%7B%22@ERSP_UserID%22:%22AJ%22,%22@ISOCurrency%22:%22USD%22,%22@ISOCountry%22:%22IE%22,%22RequestorID%22:%7B%22@Type%22:%2216%22,%22@ID%22:%22313364%22,%22@ID_Context%22:%22CARTRAWLER%22%7D%7D,%7B%22RequestorID%22:%7B%22@Type%22:%2216%22,%22@ID%22:%22CTABE_V5:5.121.1%22,%22@Instance%22:%22vloXW108yH6SQhmn6QZsUmi1k%2FQ%3D%22,%22@ID_Context%22:%22VERSION%22%7D%7D,%7B%22RequestorID%22:%7B%22@Type%22:%2216%22,%22@ID%22:%223%22,%22@ID_Context%22:%22BROWSERTYPE%22%7D%7D%5D%7D,%22@xmlns%22:%22http:%2F%2Fwww.cartrawler.com%2F%22,%22@Version%22:%221.000%22,%22DefaultCountry%22:%22IT%22,%22Window%22:%7B%22@name%22:%22Great%2520trips%2520start%2520with%2520great%2520prices%2520-%2520eDreams%22,%22@engine%22:%22CTABE-V5.0%22,%22@svn%22:%225.121.1%22,%22@CTMVTScenario%22:%22%22,%22@CTMVTBucket%22:%22%22,%22@CTMVTVersion%22:%22%22,%22@product%22:%22CarWeb%22,%22@region%22:%22en-us%22,%22@device%22:%22DESKTOPWEB%22,%22UserAgent%22:%22Mozilla%2F5.0+(Macintosh;+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2F537.36+(KHTML,+like+Gecko)+Chrome%2F74.0.3729.169+Safari%2F537.36%22,%22BrowserName%22:%22chrome%22,%22BrowserVersion%22:%2274%22,%22URL%22:%22https:%2F%2Frentacar.edreams.net%2Fsearch%3Fcurrency%3DUSD%26utm_source%3D(direct)%26utm_campaign%3D(direct)%26utm_medium%3D(none)%26_ga%3D2.231763935.1729622271.1568911893-1353815095.1568911893%22%7D,%22TPA_Extensions%22:%7B%22Tracking%22:%7B%7D%7D,%22Context%22:%7B%22SplittingDirective%22:%22EXB%22%7D%7D&type=CT_IpToCountryRQ

Requested by

Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.168.247.12 , Ireland, ASN15830 (TELECITY-LON, GB),

Reverse DNS

Software

Resource Hash

9e219ecbd325ed4ef17fe77001a5a42765177ff397f8310f78ace94aee71aa53

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept: application/json, text/plain, */*
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

X-CarTrawler-ParentId: 312871
X-CarTrawler-Err: 0
Content-Encoding: gzip
X-CT-CI: AJ
Transfer-Encoding: chunked
X-CarTrawler-TXID: NEO20190919175135_0545369
X-CarTrawler-C: 0
X-CT-BC: 0
X-CarTrawler-GT: 0
X-CarTrawler-ClientId: 313364
X-Frame-Options: deny
X-CT-AB: None
X-CarTrawler-BR: 0
X-CarTrawler-P: 0
X-CarTrawler-NC: 0
Date: Thu, 19 Sep 2019 16:51:34 GMT
Vary: Accept-Encoding
X-CT-AvailServerRedirect: 0
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-CarTrawler-TXID
Cache-Control: no-cache
X-CT-SI: 1
X-CT-RQ: 0
X-CarTrawler-OTA: CT_IpToCountryRQ

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/23518/ Frame 7DDB 2 KB
1 KB 7ms
7ms Script
application/x-javascript 205.234.175.175
CacheNetworks

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/23518/adRecover.js
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 20a5b2aab4e1eeddff7640083905f106c50304c8285232d59d984265aa1efb1b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 31536000.000
x-cf1: 27741:fC.fra2:cf:cacheN.fra2-01:H
status: 200
content-length: 825
x-cf-tsc: 1562615643
x-cf2: H
last-modified: Wed, 13 Feb 2019 13:10:20 GMT
server: CFS 0215
x-cff: B
vary: Accept-Encoding
content-type: application/x-javascript
x-cfhash: "af21d626c03681d3040d6145b0fa34aa"
cf4age: 2585
accept-ranges: bytes

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 7DDB 0
120 B 19ms
18ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7D5VtRAhnGQ95qFEZzRhgk7KmJ5ZFEG9K4iPibSy6eLbwqvfHpE98nXmNCmqZRundFWOdtrc2tCd84UT5ILBxAlGOgAqXm1LJYTixrHrRDtKWjmQuzdWlBPWJJ7cmD04-UQCGj81onbjfjbUp_JFFbHpQe9m0kb0LRk-ly3c5mfTnUEBETcNucj-oDm_5Xx5bjwwlxq4jDWSKzI6d9sRSBCwOixE29aouluilzG4NjEPfH-9sv9wFlgob5YCxw6rrrmr9dkgJLjubkwRO2Q3Mefxq41RRUGS-ZjA&sai=AMfl-YSCANKxqjeVk5wg0yGeYEM9vhYHRmRg15ms48zBhpn0H49rtQxgpEgciz_Awu95OA_iRasu9dhJdgTeBtYmA-UrqnPMD0mblJMvJECt&sig=Cg0ArKJSzLUbGu6FFXiOEAE&urlfix=1&adurl=

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Sep 2019 16:51:34 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7DDB 7 KB
785 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans|Source+Sans+Pro|Ubuntu

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b1472129928db47a1af4f60676e1bf99f4d639fb1324568661a1c9dfc77d4536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 19 Sep 2019 16:51:34 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Thu, 19 Sep 2019 16:51:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:34 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7DDB 78 KB
29 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

96d487a0c7dd457eb22a400e8861a2edc90596164a67684fbe4715713e9fad7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568805556061895"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29649
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:34 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C25F 40 KB
13 KB 39ms
39ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ahgele3.com
URL: https://ahgele3.com/t.js?i=biv8cdpn6a49y886xor&cb=9505751568911894807

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

6ca19d70def89831ee636a9a0ff20430686597eacf06f0d6253b5babc5f72e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "283 / 231 of 1000 / last-modified: 1568909619"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 12708
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:34 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame C25F 75 KB
22 KB 22ms
7ms Script
application/javascript 99.86.1.198
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.1.198 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-1-198.fra6.r.cloudfront.net
Software: Server /
Resource Hash: f31d00a72b38535ab0e9615410790bdd191ce7247198d172e7dcfd6913dbb70f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Sep 2019 17:15:33 GMT
content-encoding: gzip
server: Server
age: 84960
etag: cb11f28997167e6ef1527a7077c2cf8c
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: z1DnHUL1zV08xLl-wqvYjPf5L8x19HORmvWNYBYiipySZSHI7C37Mg==
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)

POST
H2 200 collect
www.google-analytics.com/ 35 B
102 B 13ms
12ms Other
image/gif 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: https://www.edreams.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-70983429-1&cid=1353815095.1568911893&jid=1281441914&gjid=1861164104&_gid=1729622271.1568911893&_u=aHBGgEILR~&z=1551525373
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70983429-1&cid=1353815095.1568911893&jid=1281441914&_v=j79&z=1551525373
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70983429-1&cid=1353815095.1568911893&jid=1281441914&_v=j79&z=1551525373&slf_rd=1&random=112362443

42 B
109 B

29ms
29ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70983429-1&cid=1353815095.1568911893&jid=1281441914&_v=j79&z=1551525373&slf_rd=1&random=112362443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70983429-1&cid=1353815095.1568911893&jid=1281441914&_v=j79&z=1551525373&slf_rd=1&random=112362443
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 feedback
feedback.adrecover.com/ARWebService/ Frame DAD9 0
0 18ms
18ms Image
application/json 23.97.225.52
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://feedback.adrecover.com/ARWebService/feedback?ts=1568911894989&adBlockedAA=false&packetId=00000001-5181a9bc-ad72-4c25-b280-4b03ee6527aa&siteId=23518&url=https%3A%2F%2Fwww.edreams.net%2F&referrer=
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-allow-methods: GET, POST

GET
H/1.1 200
OK main.19.8.13.js Show response
static.adsafeprotected.com/ Frame 43F9 160 KB
51 KB 13ms
13ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.13.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=926805&campId=300x250&pubId=46470075&chanId=90232635&placementId=5101327822&pubCreative=138274269376&pubOrder=2562606612&cb=47212742
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: 2f14fc310dc9c906a78682d5834baa30ccdbb6e711582928178da64d312e7ccb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Sep 2019 18:39:39 GMT
X-Server-Name: app34ami.ami.303net.pvt
ETag: "5d81286b-c9de"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 51678
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK sca.17.4.95.js Show response
static.adsafeprotected.com/ Frame 9D07 81 KB
20 KB 13ms
13ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.95.js
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: 149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name: app34ami.ami.303net.pvt
ETag: "5b293b6b-4fda"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 20442
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mon
pixel.adsafeprotected.com/ 43 B
309 B 21ms
21ms Image
image/gif 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=926805&campId=300x250&pubId=51344715&chanId=90232635&placementId=5164744290&pubCreative=138287140360&pubOrder=2597097507&cb=1893840878&adsafe_url=https%3A%2F%2Fwww.edreams.net%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:74f1fc8d-903f-807d-181d-563874b7689b,c:oGsXfJ,sl:outOfView,em:true,fr:true,mn:app25ami,pt:1-5-15,wc:0.0.1600.1200,ac:1023.1083.300.250,am:i,cc:1023.1083.300.250,piv:47,obst:0,th:0,reas:l,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rCxkqfv+11|121|131|132|14|15|16|17|18|19|1a1|1a21|1a22|1a3|1b*.926805|1b1|1c1|1c2|1d|1e|1f|1g,idMap:1b*,pl:,rend:1,renddet:IMG.qs,rmeas:1,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:99,oid:bd49284d-dafd-11e9-904a-00259086ca0c,v:19.8.13,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:35 GMT
X-Server-Name: app25ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 edreams_hotel.png
a3.odistatic.net/images/creas/brand/ Frame 7DDB 434 B
750 B 82ms
80ms Image
image/png 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a3.odistatic.net/images/creas/brand/edreams_hotel.png

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

15117d2aa223be7c26d374118fb5482159e1bb3889dbb6351281a6b2b6e55167

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-content-security-policy: upgrade-insecure-requests;
status: 200
strict-transport-security: max-age=60;
content-length: 434
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Jul 2017 12:46:20 GMT
server: nginx
date: Thu, 19 Sep 2019 16:51:35 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
etag: "5971f79c-1b2"
accept-ranges: bytes
expires: Fri, 20 Sep 2019 16:51:34 GMT

GET
H2

200

300x250_hotel.jpg
a2.odistatic.net/images/creas/brand/ed/uk/ Frame 7DDB
Redirect Chain

https://a2.odistatic.net/images/creas/brand/ed/uk/300x250_hotel.jpg
http://a2.odistatic.net/images/creas/brand/ed/uk/300x250_hotel.jpg

5 KB
5 KB

42ms
6ms

Image
image/jpeg

23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://a2.odistatic.net/images/creas/brand/ed/uk/300x250_hotel.jpg

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 21 Jul 2017 12:48:20 GMT
server: nginx
etag: "5971f814-1302"
strict-transport-security: max-age=60;
content-type: image/jpeg
status: 200
expires: Fri, 20 Sep 2019 13:22:07 GMT
cache-control: max-age=86400
date: Thu, 19 Sep 2019 16:51:35 GMT
accept-ranges: bytes
content-length: 4866
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2

200

edreams.png
a2.odistatic.net/images/creas/brand/ Frame 7DDB
Redirect Chain

https://a2.odistatic.net/images/creas/brand/edreams.png
http://a2.odistatic.net/images/creas/brand/edreams.png

368 B
684 B

116ms
81ms

Image
image/png

23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://a2.odistatic.net/images/creas/brand/edreams.png

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-content-security-policy: upgrade-insecure-requests;
status: 200
strict-transport-security: max-age=60;
content-length: 368
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Jul 2017 12:46:22 GMT
server: nginx
date: Thu, 19 Sep 2019 16:51:35 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
etag: "5971f79e-170"
accept-ranges: bytes
expires: Fri, 20 Sep 2019 16:51:34 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ Frame 7DDB 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans|Source+Sans+Pro|Ubuntu
Origin: https://www.edreams.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 21:41:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1365011
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 9132
x-xss-protection: 0
expires: Wed, 02 Sep 2020 21:41:24 GMT

GET
H2 200 block.jpg
delivery.adrecover.com/ Frame 7DDB 631 B
886 B 7ms
7ms Image
image/jpeg 205.234.175.175
CacheNetworks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/23518/adRecover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
x-cf2: H
last-modified: Fri, 22 Jul 2016 20:31:34 GMT
server: CFS 0215
cf4ttl: 31536000.000
x-cff: B
x-cfhash: "706bd34581dd47cb205c9ff4a828e7ca"
x-cf1: 27741:fC.fra2:cf:cacheN.fra2-01:H
content-type: image/jpeg
status: 200
cf4age: 0
x-cf3: M
accept-ranges: bytes
content-length: 631
x-cf-tsc: 1562369428

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame C25F 46 B
392 B 122ms
122ms XHR
text/javascript 99.86.1.198
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&pubid=93aec77c-f6d2-45bd-affc-a85ab5a72683&u=https%3A%2F%2Fwww.edreams.net%2F&pid=1487203671751568911895053&cb=694152132031568911895055&ws=300x250&v=7.36.01&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1541502352472-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2221671350435%2F300x250-edreams%22%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldCFRoute%22%3Atrue%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22status%22%3A%22cmp-error%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.1.198 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-1-198.fra6.r.cloudfront.net
Software: Server /
Resource Hash: cca57b23871a21b1068346fdc56305cafcda4d9d5fb2e72136500891c07e5a7a

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.edreams.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 46
x-amz-cf-id: Kg0QmzZTsm1HMZ4esqufZvVBzrq8lDtOBomC5gICpgeWUntYWrjcTQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame C25F 6 KB
3 KB 381ms
368ms XHR
application/javascript 99.86.1.198
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.1.198 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-1-198.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:36 GMT
content-encoding: gzip
last-modified: Fri, 24 Aug 2018 07:13:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
status: 200
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: public, max-age=86400
x-cache: Miss from cloudfront
x-amz-cf-id: QvJFqFvXke0R2YvgKsL1-BoJAwCRVEg6jiwlcxyhyImXiuymchMIMQ==
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)

GET
DATA 200
OK truncated
/ Frame 7DDB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d45908eaca1ef3d980cbf06d61c548b7b039b7375dc39c8afd88617d771ca2f7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK jload Show response
pixel.adsafeprotected.com/ Frame 1F03 43 KB
13 KB 17ms
17ms Script
application/javascript 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=926805&campId=300x250&pubId=11839275&chanId=86251275&placementId=129315315&pubCreative=105278407035&pubOrder=74942115&cb=1174794765
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: 06e8f88a2d8b6aed0ce85660e81cb5987e85c3a85806ce97ca632623dfa85f8b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:35 GMT
Content-Encoding: gzip
X-Server-Name: app25ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: pixel.adsafeprotected.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Server: nginx
Expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame C25F 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.edreams.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C25F 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.edreams.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019091201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C25F 157 KB
58 KB 40ms
40ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

511c23178d504d371d22fb6899174f448db32523e9cacd2860306a2b3b8cc1f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Sep 2019 13:06:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 58953
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:35 GMT

GET
H2 200 commonThirdParty.js Show response
www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/js/ Frame B96B 175 KB
68 KB 14ms
14ms Script
text/javascript 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/js/commonThirdParty.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/static-content/thirdParty/require/require.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

87b52e4851e9e96d987888d78f444caf57019c9c824c8f9bc8624dc8553e3f28

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/travel/?preload=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: upgrade-insecure-requests;
status: 200
odigeo-trace-id: 134abb76-f824-44c7-a849-ab604aa975a4
strict-transport-security: max-age=60;
content-length: 68883
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 13 Sep 2019 06:31:52 GMT
date: Thu, 19 Sep 2019 16:51:35 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate, public, max-age=86400
etag: W/"179475-1568356312000"
accept-ranges: bytes
expires: Thu, 31 Oct 2019 17:12:48 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 239ms
139ms Image
image/gif 104.244.37.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=926805&asId=74f1fc8d-903f-807d-181d-563874b7689b&tv={c:oGsXgx,pingTime:-2,time:148,type:a,im:{sf:0,pom:1,prf:{beA:59,beZ:60,mfA:137,cmA:137,inA:138,inZ:143,prA:143,prZ:153,si:158,poA:159,poZ:163,cmZ:163,mfZ:163,loA:185,loZ:186,ltA:207,ltZ:207,mdA:60,mdZ:77}},sca:{dfp:{df:4,sz:300.250,dom:div}},env:{gca:0},clog:[{piv:47,vs:o,r:l,w:300,h:250,t:98}],es:0,sc:1,ha:1,gm:1,slTimes:{i:0,o:148,n:0,pp:0,pm:0},slEvents:[{sl:o,t:98,wc:0.0.1600.1200,ac:1023.1083.300.250,am:i,cc:1023.1083.300.250,piv:47,obst:0,th:0,reas:l,bkn:{piv:[68~30],as:[68~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rCxkqfv+11|121|131|132|14|15|16|17|18|19|1a1|1a21|1a22|1a3|1b*.926805|1b1|1c1|1c2|1d|1e|1f|1g,idMap:1b*,rend:1,renddet:IMG.qs,rmeas:1,slid:[google_ads_iframe_/4121/us_sites/edreams.net.en/home/tab1/of_0,google_ads_iframe_/4121/us_sites/edreams.net.en/home/tab1/of_0__container__,adPromoBlock1,promo-blocks,home,page,flights-root],sinceFw:48,readyFired:true}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:35 GMT
X-Server-Name: dt87dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 pxl.jpg
ahgele3.com/ Frame DAD9 597 B
911 B 35ms
35ms Image
image/jpeg 143.204.214.43
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ahgele3.com/pxl.jpg?i=biv8cdpn6a49y886xor&s=2049&p=https%3A%2F%2Fwww.edreams.net%2F&h=5903101568911895087
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.43 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-43.fra53.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: image/jpeg; charset=UTF-8
status: 200
content-length: 597
x-amz-cf-id: j6bPxKx_RaLo9xzhZMvcSGwDuk1PmaZ5Pklw0Pd6SCQ_F0m2RfND2Q==

POST
H2 200 collect
www.google-analytics.com/ 35 B
102 B 15ms
13ms Other
image/gif 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: https://www.edreams.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sca.17.4.95.js Show response
static.adsafeprotected.com/ Frame FA47 81 KB
20 KB 36ms
35ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.95.js
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: 149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name: app34ami.ami.303net.pvt
ETag: "5b293b6b-4fda"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 20442
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mon
pixel.adsafeprotected.com/ 43 B
309 B 16ms
15ms Image
image/gif 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=926805&campId=300x250&pubId=46470075&chanId=90232635&placementId=5101327822&pubCreative=138274269376&pubOrder=2562606612&cb=47212742&adsafe_url=https%3A%2F%2Fwww.edreams.net%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:bcf57caa-b0d0-7df2-1efc-02af98d9f9e7,c:oGsXgT,sl:outOfView,em:true,fr:true,mn:app25ami,pt:1-5-15,wc:0.0.1600.1200,ac:1023.1353.300.250,am:i,cc:1023.1353.300.250,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rCxkqgl+11|121|131|132|14|15|16|17|18|19|1a1|1a21|1a22|1a3|1b1|1b2|1c*.926805|1c1|1c2|1d|1e|1f|1g1,idMap:1c*,pl:,rend:1,renddet:DIV.qs.sn,rmeas:1,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:118,oid:bd5117eb-dafd-11e9-bb58-00259086ca0c,v:19.8.13,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:35 GMT
X-Server-Name: app25ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK main.19.8.13.js Show response
static.adsafeprotected.com/ Frame 1F03 160 KB
51 KB 49ms
25ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.13.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=926805&campId=300x250&pubId=11839275&chanId=86251275&placementId=129315315&pubCreative=105278407035&pubOrder=74942115&cb=1174794765
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: 2f14fc310dc9c906a78682d5834baa30ccdbb6e711582928178da64d312e7ccb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Sep 2019 18:39:39 GMT
X-Server-Name: app29ami.ami.303net.pvt
ETag: "5d81286b-c9de"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 51678
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/23518/ Frame 2D63 2 KB
1 KB 7ms
7ms Script
application/x-javascript 205.234.175.175
CacheNetworks

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/23518/adRecover.js
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 20a5b2aab4e1eeddff7640083905f106c50304c8285232d59d984265aa1efb1b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 31536000.000
x-cf1: 27741:fC.fra2:cf:cacheN.fra2-01:H
status: 200
content-length: 825
x-cf-tsc: 1562615643
x-cf2: H
last-modified: Wed, 13 Feb 2019 13:10:20 GMT
server: CFS 0215
x-cff: B
vary: Accept-Encoding
content-type: application/x-javascript
x-cfhash: "af21d626c03681d3040d6145b0fa34aa"
cf4age: 2585
accept-ranges: bytes

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 2D63 0
129 B 18ms
18ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQLvsaSAdpr3c_hnXTdZEhiiXvF5FM8CRa5iYzrGQH2UqSxfPDtvqU6QyxiGJA-Rp5sQTUL-npxrZ7AwYejKE5N6lO_ydBBYeBYfMCXLuS0glC58jJiRFfoFF5dH71vIAT9MHQqNfD2xehMiczbFcbVlLJk32U-qjw3-FmXZvv421utO1mJahRC2YoSPMNXKZcZz31gHKanP4EAacrCQA8sBrgupri-Q4Tp6mRdQJdbP3eTw2cUs4bJLGsksrx4ogjc89B_Tz2SKT5YwRv_O9PW6SL66Gofhc&sai=AMfl-YTGjOAfYhndDQd72nkXZm0V5_6a6z4sp-EyJHW699S9ZRQvUdYzmvH2ueL_FgWLiNVMie6C_7NK4ujLSSk-57vVsT2SqNoH7RdneX4w&sig=Cg0ArKJSzPtJcHe4ubRiEAE&adurl=

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Sep 2019 16:51:35 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:35 GMT

GET
H2 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20190918/r20110914/client/ Frame 2D63 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190918/r20110914/client/window_focus.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d31b12baad65082a7d404da9971cc9fed871e35f29a5893f815f468f1050491f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Sep 2019 14:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1044
x-xss-protection: 0
server: cafe
etag: 16885093947315342629
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Oct 2019 14:11:02 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D63 78 KB
29 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

96d487a0c7dd457eb22a400e8861a2edc90596164a67684fbe4715713e9fad7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568805556061895"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29649
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:35 GMT

GET
H2 200 6304698582779219035
tpc.googlesyndication.com/simgad/ Frame 2D63 26 KB
26 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6304698582779219035

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

28eeef34b52e5a2070ed1796fb78808fc298148bdae86aefe34c976a788ce5c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 26 Aug 2019 16:57:20 GMT
x-content-type-options: nosniff
age: 2073255
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 26122
x-xss-protection: 0
last-modified: Fri, 22 Jul 2016 13:28:08 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Aug 2020 16:57:20 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 203ms
138ms Image
image/gif 104.244.37.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=926805&asId=bcf57caa-b0d0-7df2-1efc-02af98d9f9e7&tv={c:oGsXhg,pingTime:-2,time:141,type:a,im:{sf:0,pom:1,prf:{beA:60,beZ:61,mfA:168,cmA:168,inA:168,inZ:169,prA:169,prZ:176,si:177,poA:177,poZ:181,cmZ:181,mfZ:181,loA:189,loZ:189,ltA:200,ltZ:200,mdA:61,mdZ:75}},sca:{dfp:{df:4,sz:300.250,dom:body}},env:{gca:0},clog:[{piv:0,vs:o,r:l,w:300,h:250,t:118}],es:0,sc:1,ha:1,gm:1,slTimes:{i:0,o:141,n:0,pp:0,pm:0},slEvents:[{sl:o,t:118,wc:0.0.1600.1200,ac:1023.1353.300.250,am:i,cc:1023.1353.300.250,piv:0,obst:0,th:0,reas:l,bkn:{piv:[32~0],as:[32~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rCxkqgl+11|121|131|132|14|15|16|17|18|19|1a1|1a21|1a22|1a3|1b1|1b2|1c*.926805|1c1|1c2|1d|1e|1f|1g1,idMap:1c*,rend:1,renddet:DIV.qs.sn,rmeas:1,slid:[google_ads_iframe_/4121/us_sites/edreams.net.en/home/tab1/of_1,google_ads_iframe_/4121/us_sites/edreams.net.en/home/tab1/of_1__container__,adPromoBlock1_2,promo-blocks,home,page,flights-root],sinceFw:23,readyFired:true}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:35 GMT
X-Server-Name: dt86dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 desktop.odigeo.all.js Show response
www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/js/ Frame B96B 262 KB
86 KB 9ms
9ms Script
text/javascript 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/js/desktop.odigeo.all.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/static-content/thirdParty/require/require.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

0b2c0f2bf26cb7b9bd2b1171e0b674b840394081739661f765a19d23c610c697

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/travel/?preload=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: upgrade-insecure-requests;
status: 200
odigeo-trace-id: 95886800-7f7a-489a-8bb4-5340cdd7f405
strict-transport-security: max-age=60;
content-length: 87156
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 13 Sep 2019 06:31:52 GMT
date: Thu, 19 Sep 2019 16:51:35 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate, public, max-age=86400
etag: W/"268355-1568356312000"
accept-ranges: bytes
expires: Thu, 31 Oct 2019 17:12:48 GMT

GET
H2 200 block.jpg
delivery.adrecover.com/ Frame 2D63 631 B
886 B 7ms
7ms Image
image/jpeg 205.234.175.175
CacheNetworks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/23518/adRecover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
x-cf2: H
last-modified: Fri, 22 Jul 2016 20:31:34 GMT
server: CFS 0215
cf4ttl: 31536000.000
x-cff: B
x-cfhash: "706bd34581dd47cb205c9ff4a828e7ca"
x-cf1: 27741:fC.fra2:cf:cacheN.fra2-01:H
content-type: image/jpeg
status: 200
cf4age: 0
x-cf3: M
accept-ranges: bytes
content-length: 631
x-cf-tsc: 1562369428

GET
DATA 200
OK truncated
/ Frame 2D63 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2fd8adcc6a0803a36ed52966a24a5ba018d21acd984b2cae3ebee1e414d8322

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK jload Show response
pixel.adsafeprotected.com/ Frame 08A4 43 KB
13 KB 19ms
19ms Script
application/javascript 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=926805&campId=300x250&pubId=11839275&chanId=86251275&placementId=129315315&pubCreative=98726236635&pubOrder=74942115&cb=328941560
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: 6054b15fcd97e9e36e8db2690fd7d737a5611fcd34be161c9dfa3a904bc634be

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:35 GMT
Content-Encoding: gzip
X-Server-Name: app25ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: pixel.adsafeprotected.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Server: nginx
Expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 index.jsp Show response
www.edreams.net/travel/setup.js/ Frame B96B 46 KB
18 KB 150ms
149ms Script
text/javascript 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/travel/setup.js/index.jsp?noext=1&preload=true

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/static-content/thirdParty/require/require.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

7100c6cdb67aa2d31e4de152c56490c6ac3977938ba9b05e25949d2abce03b3f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/travel/?preload=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:35 GMT
strict-transport-security: max-age=60;
content-type: text/javascript;charset=UTF-8
status: 200
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: 64313aac-90db-46d2-b1c3-3705aee1ef21
vary: Accept-Encoding
content-length: 15580
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C25F 3 KB
2 KB 274ms
274ms XHR
text/plain 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1606055741323497&correlator=154013562063270&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21063203&vrg=2019091201&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190919&iu_parts=21671350435%2C300x250-edreams&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie=ID%3D0c6eda5388e5ee2b%3AT%3D1568911893%3AS%3DALNI_MZ18NQXBpMZihtZHO3w-zMWgJp60A&cdm=www.edreams.net&bc=31&abxe=1&lmt=1568911895&dt=1568911895194&dlt=1568911894970&idt=182&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=1023&adys=1353&adks=2202001309&ucis=aw93081sp9ok&ifi=1&ifk=3153247248&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fwww.edreams.net%2F&top=https%3A%2F%2Fwww.edreams.net%2F&dssz=9&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=2141036643.1568911895&ga_sid=1568911895&ga_hid=1319912940&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

c5b217ea6fe6eeb50571fa2724fc0dfdcefc1ec1a13d8c913c561d6c111840d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1829
x-xss-protection: 0
google-lineitem-id: 4920373360
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138257052588
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.edreams.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019091201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C25F 62 KB
24 KB 39ms
39ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

7c92ffc225aed56f82019862b155c8d84902352620250d029bbf653a3d7eab61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Sep 2019 13:06:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 24116
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:35 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame C25F 0
0 6ms
6ms Other
text/html 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK main.19.8.13.js Show response
static.adsafeprotected.com/ Frame 08A4 160 KB
51 KB 13ms
13ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.13.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=926805&campId=300x250&pubId=11839275&chanId=86251275&placementId=129315315&pubCreative=98726236635&pubOrder=74942115&cb=328941560
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: 2f14fc310dc9c906a78682d5834baa30ccdbb6e711582928178da64d312e7ccb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Sep 2019 18:39:39 GMT
X-Server-Name: app29ami.ami.303net.pvt
ETag: "5d81286b-c9de"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 51678
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK sca.17.4.95.js Show response
static.adsafeprotected.com/ Frame D8D2 81 KB
20 KB 13ms
12ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.95.js
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: 149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name: app29ami.ami.303net.pvt
ETag: "5b293b6b-4fda"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 20442
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mon
pixel.adsafeprotected.com/ 43 B
309 B 22ms
22ms Image
image/gif 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=926805&campId=300x250&pubId=11839275&chanId=86251275&placementId=129315315&pubCreative=105278407035&pubOrder=74942115&cb=1174794765&adsafe_url=https%3A%2F%2Fwww.edreams.net%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:8985f484-ea98-4b7b-2b05-5a65308f5898,c:oGsXiK,sl:outOfView,em:true,fr:true,mn:app25ami,pt:1-5-15,wc:0.0.1600.1200,ac:323.1633.300.250,am:i,cc:323.1633.300.250,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rCxkqis+11|121|131|132|14|15|16|17|18|19|1a1|1a21|1a22|1a3|1b1|1b2|1c1|1c2|1c3|1d|1e|1f|1g*.926805|1g1|1h1,idMap:1g*,pl:,rend:0,renddet:A,rmeas:0,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:102,oid:bd66c2f8-dafd-11e9-bb58-00259086ca0c,v:19.8.13,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:35 GMT
X-Server-Name: app25ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 143ms
133ms Image
image/gif 104.244.37.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=926805&asId=8985f484-ea98-4b7b-2b05-5a65308f5898&tv={c:oGsXiZ,pingTime:-2,time:117,type:a,im:{sf:0,pom:1,prf:{beA:49,beZ:50,mfA:144,cmA:144,inA:144,inZ:145,prA:145,prZ:149,si:151,poA:151,poZ:155,cmZ:155,mfZ:155,loA:164,loZ:164,ltA:166,ltZ:166,mdA:50,mdZ:111}},sca:{dfp:{df:4,sz:300.250,dom:body}},env:{gca:0},clog:[{piv:0,vs:o,r:l,w:300,h:250,t:102}],es:0,sc:1,ha:1,gm:1,slTimes:{i:0,o:117,n:0,pp:0,pm:0},slEvents:[{sl:o,t:102,wc:0.0.1600.1200,ac:323.1633.300.250,am:i,cc:323.1633.300.250,piv:0,obst:0,th:0,reas:l,bkn:{piv:[22~0],as:[22~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rCxkqis+11|121|131|132|14|15|16|17|18|19|1a1|1a21|1a22|1a3|1b1|1b2|1c1|1c2|1c3|1d|1e|1f|1g*.926805|1g1|1h1,idMap:1g*,rend:0,renddet:A,rmeas:0,slid:[google_ads_iframe_/4121/us_sites/edreams.net.en/home/home/of_1,google_ads_iframe_/4121/us_sites/edreams.net.en/home/home/of_1__container__,adBottomLine0,home,page,flights-root],sinceFw:15,readyFired:true}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:35 GMT
X-Server-Name: dt39dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK sca.17.4.95.js Show response
static.adsafeprotected.com/ Frame 58FC 81 KB
20 KB 13ms
13ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.95.js
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: 149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name: app29ami.ami.303net.pvt
ETag: "5b293b6b-4fda"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 20442
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mon
pixel.adsafeprotected.com/ 43 B
309 B 18ms
18ms Image
image/gif 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=926805&campId=300x250&pubId=11839275&chanId=86251275&placementId=129315315&pubCreative=98726236635&pubOrder=74942115&cb=328941560&adsafe_url=https%3A%2F%2Fwww.edreams.net%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:ec3308ce-bfd2-eafd-9586-cb3a74abf40a,c:oGsXjv,sl:outOfView,em:true,fr:true,mn:app25ami,pt:1-5-15,wc:0.0.1600.1200,ac:643.1633.300.250,am:i,cc:643.1633.300.250,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rCxkqjR+11|121|131|132|14|15|16|17|18|19|1a1|1a21|1a22|1a3|1b1|1b2|1c1|1c2|1c3|1d|1e|1f|1g1|1g2|1h*.926805|1h1,idMap:1h*,pl:,rend:1,renddet:IMG.qs,rmeas:1,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:63,oid:bd78276f-dafd-11e9-bb58-00259086ca0c,v:19.8.13,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:35 GMT
X-Server-Name: app25ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 8ceb2feaf6bf4624212d-shared.ranking-parser.chunk.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ Frame 958B 9 KB
3 KB 6ms
6ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/8ceb2feaf6bf4624212d-shared.ranking-parser.chunk.js
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DB) /
Resource Hash: e27a679a248f37971d2bae1a65f77482c31e3994f0262133cdbc6d17006d03cf

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/40DB)
status: 200
etag: "2462-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 3346

GET
H2 200 ec3a55bec294bce96174-shared.merchandising-block.chunk.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ Frame 958B 10 KB
4 KB 7ms
6ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ec3a55bec294bce96174-shared.merchandising-block.chunk.js
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AF) /
Resource Hash: 7315bb482db6320185a5940756fd89d56a0c755074ddfe5727a2e8281be07c7c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/41AF)
status: 200
etag: "29df-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 3685

GET
H2 200 4ee94938ca72039cf927-shared.demand-urgency.chunk.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ Frame 958B 9 KB
3 KB 7ms
7ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/4ee94938ca72039cf927-shared.demand-urgency.chunk.js
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A0) /
Resource Hash: 80e49f5482c97682429dde720292444803bec6b6bcf3314e25012f6e7bae3cca

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/41A0)
status: 200
etag: "24f9-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 3483

GET
H2 200 af10abae515285c357d7-shared.social-proofing.chunk.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ Frame 958B 28 KB
11 KB 7ms
7ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/af10abae515285c357d7-shared.social-proofing.chunk.js
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4187) /
Resource Hash: 853d9b5dab87914c15880e15fde0eb8615385b2372c3bd6eea1db538a11c1029

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/4187)
status: 200
etag: "6ebe-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 11291

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 155ms
127ms Image
image/gif 104.244.37.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=926805&asId=ec3308ce-bfd2-eafd-9586-cb3a74abf40a&tv={c:oGsXjI,pingTime:-2,time:75,type:a,im:{sf:0,pom:1,prf:{beA:23,beZ:24,mfA:77,cmA:77,inA:77,inZ:79,prA:79,prZ:83,si:85,poA:85,poZ:88,cmZ:88,mfZ:88,loA:95,loZ:96,ltA:97,ltZ:97,mdA:24,mdZ:38}},sca:{dfp:{df:4,sz:300.250,dom:div}},env:{gca:0},clog:[{piv:0,vs:o,r:l,w:300,h:250,t:62}],es:0,sc:1,ha:1,gm:1,slTimes:{i:0,o:75,n:0,pp:0,pm:0},slEvents:[{sl:o,t:62,wc:0.0.1600.1200,ac:643.1633.300.250,am:i,cc:643.1633.300.250,piv:0,obst:0,th:0,reas:l,bkn:{piv:[19~0],as:[19~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rCxkqjR+11|121|131|132|14|15|16|17|18|19|1a1|1a21|1a22|1a3|1b1|1b2|1c1|1c2|1c3|1d|1e|1f|1g1|1g2|1h*.926805|1h1,idMap:1h*,rend:1,renddet:IMG.qs,rmeas:1,slid:[google_ads_iframe_/4121/us_sites/edreams.net.en/home/home/of_2,google_ads_iframe_/4121/us_sites/edreams.net.en/home/home/of_2__container__,adBottomLine1,home,page,flights-root],sinceFw:12,readyFired:true}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:35 GMT
X-Server-Name: dt37dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 build-hash.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1//langs/ Frame 958B 75 B
128 B 6ms
6ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1//langs/build-hash.js?1568911895292
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AC) /
Resource Hash: cc152c6b0a83193b2f738123e8340581567e59a368ca39227116186bf0e143d6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/41AC)
status: 200
etag: "4b-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 72

GET
H2 200 en-us.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/langs/desktop/ Frame 958B 128 KB
36 KB 93ms
93ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/langs/desktop/en-us.js?1568907477672
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4186) /
Resource Hash: e15a97fba342c09cd358c6345e79bfb5050d5444eb7c68140703915f344f6997

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:35:02 GMT
server: ECS (fcn/4186)
status: 200
etag: "1fe9a-592e8dbd83180-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 37120

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 134ms
134ms Image
image/gif 104.244.37.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=926805&asId=74f1fc8d-903f-807d-181d-563874b7689b&tv={c:oGsXlz,pingTime:-10,time:460,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.95v220002022020220000022002222000022220202020222220222220002222022002222200002220222022222222222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002002202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022222220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNC45NXYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNC45NXZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8MTZ8fG58fDB8fG58fExpbnV4IHg4Nl82NHx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNzQuMC4zNzI5LjE2OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1568911895397||2c2e3cde0cab728ebf2b37406b441b70||675c74d5f114ba25a49fb0f4cb02f70f||0a0faec07b1161e099b2cf21b30f6c96||fb8ec899ebdafd92b791a22fa5302481||527ad1ba1f717c8f964c3b1c97580601||11eace792b56f1ea5e7296968ee092a6||d965423041f39a537f16700eb508adc8||1529428597}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:35 GMT
X-Server-Name: dt39dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/23518/ Frame C173 2 KB
1 KB 7ms
7ms Script
application/x-javascript 205.234.175.175
CacheNetworks

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/23518/adRecover.js
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 20a5b2aab4e1eeddff7640083905f106c50304c8285232d59d984265aa1efb1b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 31536000.000
x-cf1: 27741:fC.fra2:cf:cacheN.fra2-01:H
status: 200
content-length: 825
x-cf-tsc: 1562615643
x-cf2: H
last-modified: Wed, 13 Feb 2019 13:10:20 GMT
server: CFS 0215
x-cff: B
vary: Accept-Encoding
content-type: application/x-javascript
x-cfhash: "af21d626c03681d3040d6145b0fa34aa"
cf4age: 2585
accept-ranges: bytes

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame C173 0
129 B 18ms
17ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4wNBgqAk4MikgvlG5fWHpLX74ITPG_hXbsFvbTJqjSStb1s1fBPHBKFv9EvdEk3Kuy-K-edBihViKvr46jtqiW_1HLIdsmALeLxhMGrDpzEWsWxt8z2e0tzEQoIM970s8hWH1o3M5BRrnc65-EBKQotcw_l8LqgT8IWTZX-F3VvAvnXwLlje62c09NHk4rMfywMtN-LbyyBhGlOCLVq6zyq0QQYVYI8nfs53zH2ZnlrI77b0ijtgeiE_-sivIpcrpgWEQzSSv-10Gg0xZBGm_NfYEdp-fcYmG&sai=AMfl-YSpOE8nufG7pXEV-rfwFFTT6hi4NJvrMDFJHtRyoNzNHxBBpIX-iFYrzTcBJ9nuxxvMs40fqmv8QUhk3Qtotk4dhEzYuulWkVKppf3g&sig=Cg0ArKJSzDurOnFLNndaEAE&adurl=

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Sep 2019 16:51:35 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:35 GMT

GET
H2 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20190917/r20110914/client/ Frame C173 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190917/r20110914/client/window_focus.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d31b12baad65082a7d404da9971cc9fed871e35f29a5893f815f468f1050491f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 14:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1044
x-xss-protection: 0
server: cafe
etag: 16885093947315342629
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Oct 2019 14:01:37 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C173 78 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

96d487a0c7dd457eb22a400e8861a2edc90596164a67684fbe4715713e9fad7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568805556061895"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29649
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:35 GMT

GET
H2 200 3986095540164529255
tpc.googlesyndication.com/simgad/ Frame C173 75 KB
75 KB 8ms
8ms Image
image/png 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3986095540164529255

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7ce938b135538a21dd644038413bd9fd0bd39e0848b2c1aa58e608542f706ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 23 Aug 2019 04:07:38 GMT
x-content-type-options: nosniff
age: 2378637
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 76290
x-xss-protection: 0
last-modified: Mon, 15 Jul 2019 10:48:51 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Aug 2020 04:07:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 958B 182 KB
41 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:819::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KKLQKF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74478be8818972128743f6022f85d6b1b6c67864ba5d9b45e53ea7b65304b79e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: br
last-modified: Thu, 19 Sep 2019 15:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 41820
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:35 GMT

GET
H2 200 470155e26c1d83270e84-206.chunk.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ Frame 958B 1 KB
690 B 6ms
6ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/470155e26c1d83270e84-206.chunk.js
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E1) /
Resource Hash: b580326f0a945e22b1db788b82a5a45be287f7514dad35725fd5a1bafa8d6b89

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/40E1)
status: 200
etag: "4be-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 619

GET
H2 200 9828737b7f455b021ac4-components.search-cars-form.chunk.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ Frame 958B 452 B
359 B 6ms
6ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/9828737b7f455b021ac4-components.search-cars-form.chunk.js
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B4) /
Resource Hash: ecb241e2658f00c16577467c5fe139a7a815df98b8047f15ba896883f9120963

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/40B4)
status: 200
etag: "1c4-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 288

GET
H2 200 c585edfb82ae0ebe5edb-182.chunk.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ Frame 958B 1 KB
591 B 6ms
6ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/c585edfb82ae0ebe5edb-182.chunk.js
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40D9) /
Resource Hash: 31c60fd2152fe548e50b74e5951bd6433e0622a5a39c7bef02d8355b65498b74

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/40D9)
status: 200
etag: "464-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 533

GET
H2 200 28ad9ba4b2386f170b17-333.chunk.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ Frame 958B 1008 B
551 B 9ms
9ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/28ad9ba4b2386f170b17-333.chunk.js
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41D7) /
Resource Hash: c6a8bd5e21f109db2f8feb1850b79c62e951363aced5fdae5da44528eb20ed8a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/41D7)
status: 200
etag: "3f0-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 480

GET
H2 200 00a0f51aeabd37f1dfdf-343.chunk.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ Frame 958B 554 B
432 B 6ms
6ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/00a0f51aeabd37f1dfdf-343.chunk.js
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40D0) /
Resource Hash: 7399bb171c5912eabed5ca6973540e01f3a1fb1b794e1386cb7ecb5c994faf9a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/40D0)
status: 200
etag: "22a-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 362

GET
H2 200 074a230af2a6964ec4fa-374.chunk.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ Frame 958B 1 KB
652 B 7ms
6ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/074a230af2a6964ec4fa-374.chunk.js
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/419A) /
Resource Hash: 0a01d90cd429275aeadc282394f2a58da2f59fb57fada2e3c3dfe3c99e2fb475

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/419A)
status: 200
etag: "459-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 581

GET
H2 200 ee2ce52763490a2ba47d-152.chunk.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ Frame 958B 8 KB
3 KB 6ms
6ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ee2ce52763490a2ba47d-152.chunk.js
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B2) /
Resource Hash: 369ae39371ba1400f9e7f47ebfb2bed48aed4357c680f5a413aad6ca42cb1fc2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/40B2)
status: 200
etag: "2016-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 2891

GET
H2 200 61d5660093d79d244879-components.ct-time-picker-custom.chunk.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ Frame 958B 1 KB
601 B 6ms
6ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/61d5660093d79d244879-components.ct-time-picker-custom.chunk.js
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40FB) /
Resource Hash: b9412734e21b4b8795ed4a607079a04efed82b90664e207175fae08f9e89c1fa

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/40FB)
status: 200
etag: "447-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 530

GET
H2 200 dafe161c222316096add-331.chunk.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ Frame 958B 2 KB
847 B 6ms
6ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/dafe161c222316096add-331.chunk.js
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DA) /
Resource Hash: 26ce672f84f13f3d97b317f942bfcfe9d34057e26f0e65f5ec9c5c496301c162

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/40DA)
status: 200
etag: "699-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 776

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame B095 0
57 B 18ms
17ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHLvZ3IKCiAi8TyN2zZopBWDnl3X83plpSK5z4VX1RgEkVgk5y-42bf7FnSlTVydQMyZwHsjB55kyhRgY5QKOAQQUXcxK0Utk2lhIPCwmIh3XKt8WNdcflICXvAWzm1rcLkvD_F56QMVxe5N7lbCkKs2VWo-f5prmuX5v8siiXj9UZC2giuVqCtWwN13NXfZO_xuOTtOUFb6YkhLO15YeLvBSAtSykH0eO74w5-Qi0D-C-k6uHwswxm2YUoluw-7xnIdVlBfLVTF99eiM&sig=Cg0ArKJSzAEpW1VMTJ2iEAE&urlfix=1&adurl=

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Sep 2019 16:51:35 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B095 78 KB
29 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

96d487a0c7dd457eb22a400e8861a2edc90596164a67684fbe4715713e9fad7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568805556061895"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29649
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:35 GMT

GET
H/1.1 200
OK adidas_300x250.jpg
s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/ Frame B095 26 KB
26 KB 122ms
36ms Image
image/jpeg 52.218.65.140
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/adidas_300x250.jpg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.65.140 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9220e405bdd1ea5ff5743bf388356c015c8e4cd95e153984efa0e8aabb28ef8a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Last-Modified: Sun, 23 Sep 2018 17:44:28 GMT
Server: AmazonS3
x-amz-request-id: 3AA5D74DEADF80F0
ETag: "702b3e474e01427f8af949cf0c7fbd69"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 26619
x-amz-id-2: YLTj/kOfw3zf0KkfN0kNFpKFL7s+zQ9IGr+WEQSG6E2gxMGQoGGwCmgC55nA7xPiovI4y9aUbuI=

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C25F 77 KB
29 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

41ad8ff7e5205f7360535566ad386abb370abb9b92af19005a7ded4a803faf28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568805556061895"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29138
x-xss-protection: 0
expires: Thu, 19 Sep 2019 16:51:35 GMT

GET
DATA 200
OK truncated
/ Frame C173 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b09c5de5608790a4bd66acbcab4ea9b637c3cf9cc1ddce9fba78d1108a8dfc09

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK jload Show response
pixel.adsafeprotected.com/ Frame 890B 43 KB
13 KB 17ms
17ms Script
application/javascript 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=926805&campId=300x250&pubId=11839275&chanId=86251275&placementId=4761491906&pubCreative=138275638769&pubOrder=74942115&cb=1786561208
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: 03d87259b998617208dfe1957aa670b81635c0134a9125b8a2be5dd28d6cb200

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:35 GMT
Content-Encoding: gzip
X-Server-Name: app25ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: pixel.adsafeprotected.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Server: nginx
Expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 tv4.min.js Show response
www.edreams.net/travel/static-content/thirdParty/ Frame B96B 27 KB
7 KB 7ms
7ms Script
application/javascript 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/travel/static-content/thirdParty/tv4.min.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/static-content/thirdParty/require/require.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

658a71079e57546f20062c45d81f4a73cb9b7d82936d20abf4b1af4dbfabc6ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/travel/?preload=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
x-content-security-policy: upgrade-insecure-requests;
status: 200
vary: Accept-Encoding
content-length: 6991
x-xss-protection: 1; mode=block
last-modified: Mon, 26 Aug 2019 11:42:04 GMT
server: Akamai Resource Optimizer
date: Thu, 19 Sep 2019 16:51:35 GMT
strict-transport-security: max-age=60;
content-type: application/javascript
cache-control: max-age=86400
etag: "6d0a-590c37c4d0c80"
accept-ranges: bytes
expires: Tue, 27 Aug 2019 11:42:04 GMT

GET
H2 200 block.jpg
delivery.adrecover.com/ Frame C173 631 B
886 B 7ms
7ms Image
image/jpeg 205.234.175.175
CacheNetworks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/23518/adRecover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
x-cf2: H
last-modified: Fri, 22 Jul 2016 20:31:34 GMT
server: CFS 0215
cf4ttl: 31536000.000
x-cff: B
x-cfhash: "706bd34581dd47cb205c9ff4a828e7ca"
x-cf1: 27741:fC.fra2:cf:cacheN.fra2-01:H
content-type: image/jpeg
status: 200
cf4age: 0
x-cf3: M
accept-ranges: bytes
content-length: 631
x-cf-tsc: 1562369428

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 958B 24 KB
9 KB 15ms
15ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKLQKF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f871ea640b390fb63955568f537fe736c5fd9d12600eaff29990183ed3d17712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 9149
x-xss-protection: 0
server: cafe
etag: 5022999136154715131
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Sep 2019 16:51:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 958B 43 KB
17 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMPLVMJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 482
date: Thu, 19 Sep 2019 16:43:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Thu, 19 Sep 2019 18:43:33 GMT

GET
H2 200 fae4530b9d4ffeca83e3-318.chunk.js Show response
ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/ Frame 958B 686 B
434 B 6ms
6ms Script
application/javascript 192.229.133.132
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxgeo.cartrawler.com/webapp-abe-5.121.1/chunks/fae4530b9d4ffeca83e3-318.chunk.js
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.132 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DD) /
Resource Hash: be778110480962abeb0e9cc420b40c7d943ec5dcd3b0877b1a91425a5bf3ea70

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:37:56 GMT
server: ECS (fcn/40DD)
status: 200
etag: "2ae-592e8e6373900-gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: application/javascript
content-length: 364

GET
H/1.1 200
OK main.19.8.13.js Show response
static.adsafeprotected.com/ Frame 890B 160 KB
51 KB 15ms
15ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.13.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=926805&campId=300x250&pubId=11839275&chanId=86251275&placementId=4761491906&pubCreative=138275638769&pubOrder=74942115&cb=1786561208
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: 2f14fc310dc9c906a78682d5834baa30ccdbb6e711582928178da64d312e7ccb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Sep 2019 18:39:39 GMT
X-Server-Name: app29ami.ami.303net.pvt
ETag: "5d81286b-c9de"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 51678
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame B095 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8feba0c666cc945fff4e2b35602c6f5daf3527407bd7096fcc61143c50e6943e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 desktop.flights.bundle.js Show response
www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/js/ Frame B96B 1 MB
415 KB 8ms
8ms Script
text/javascript 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/js/desktop.flights.bundle.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/static-content/thirdParty/require/require.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

87089049f17d9f3745733c48ef9252543d69915a8b469e8ff29a5d8ffc0a4efd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/travel/?preload=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: upgrade-insecure-requests;
status: 200
odigeo-trace-id: 2f5f0d38-2769-41ae-979d-ae1784dfab11
strict-transport-security: max-age=60;
content-length: 423103
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 13 Sep 2019 06:31:52 GMT
date: Thu, 19 Sep 2019 16:51:35 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate, public, max-age=86400
etag: W/"1464047-1568356312000"
accept-ranges: bytes
expires: Thu, 31 Oct 2019 17:12:49 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ Frame 958B 3 KB
1 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 804
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1296
x-xss-protection: 0
expires: Thu, 19 Sep 2019 17:38:11 GMT

GET
H2 200 collect
www.google-analytics.com/r/ Frame 958B 35 B
101 B 13ms
13ms Image
image/gif 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1125918097&t=pageview&_s=1&dl=https%3A%2F%2Frentacar.edreams.net%2Fsearch%3Fcurrency%3DUSD%26utm_source%3D(direct)%26utm_campaign%3D(direct)%26utm_medium%3D(none)%26_ga%3D2.231763935.1729622271.1568911893-1353815095.1568911893&dr=https%3A%2F%2Fwww.edreams.net%2F&ul=en-us&de=UTF-8&dt=Great%20trips%20start%20with%20great%20prices%20-%20eDreams&sd=24-bit&sr=1600x1200&vp=&je=0&_u=WiBAAEAL~&jid=928479531&gjid=1811844845&cid=1353815095.1568911893&tid=UA-131185990-9&_gid=1729622271.1568911893&_r=1&gtm=2wg9b0KMPLVMJ&z=1123081172

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Sep 2019 16:51:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getinsurancecatalogue Show response
www.edreams.net/travel/service/flow/ Frame B96B 105 B
2 KB 73ms
73ms XHR
application/json 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/travel/service/flow/getinsurancecatalogue?_=1568911895138

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/js/commonThirdParty.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

ea251bdf5bdb8363a9a76a9e44c4d462a5bd11cddbfd90c68f14ca18e82134b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.edreams.net/travel/?preload=true
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/json

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:35 GMT
strict-transport-security: max-age=60;
content-type: application/json;charset=UTF-8
status: 200
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: f06f09e9-c44c-4aeb-9041-575435075653
content-length: 105
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

POST
H2 204 RENDER_FLIGHTS Show response
www.edreams.net/travel/service/metrics/stopMetric/ Frame B96B 0
2 KB 43ms
43ms XHR
text/plain 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/travel/service/metrics/stopMetric/RENDER_FLIGHTS

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/js/commonThirdParty.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.edreams.net/travel/?preload=true
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:35 GMT
strict-transport-security: max-age=60;
status: 204
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: c500920f-1c3d-48e7-b971-1cdab14668fe
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 getListOfWidgetsTemplates Show response
www.edreams.net/travel/service/templates/ Frame B96B 36 KB
38 KB 74ms
74ms XHR
application/json 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/travel/service/templates/getListOfWidgetsTemplates?widgetsnames=

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/js/commonThirdParty.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

15d761d48c311f9eb560ba7c63f50df33c2e34b4bc635ef232b7fc57252acc33

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.edreams.net/travel/?preload=true
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:35 GMT
strict-transport-security: max-age=60;
content-type: application/json;charset=UTF-8
status: 200
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: 00c46ccb-45c9-4ab2-b570-faeab6d26126
content-length: 36388
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 getWidgetTemplates Show response
www.edreams.net/travel/service/templates/ Frame B96B 3 KB
5 KB 114ms
114ms XHR
application/json 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/travel/service/templates/getWidgetTemplates?widgetname=country_links

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/js/commonThirdParty.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

b91838abadd10721295a3efd9a935725a35aa626026bf30b17b2fc9ceda596f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.edreams.net/travel/?preload=true
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:35 GMT
strict-transport-security: max-age=60;
content-type: application/json;charset=UTF-8
status: 200
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: 2fe9e767-f628-4dca-b3fd-1dacace61ccd
content-length: 3227
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 getWidgetTemplates Show response
www.edreams.net/travel/service/templates/ Frame B96B 1 KB
3 KB 74ms
73ms XHR
application/json 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/travel/service/templates/getWidgetTemplates?widgetname=membership_login_feedback

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/js/commonThirdParty.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

7955f1759fe7f14e15f6edc64598be1be7f8c74c845f5151e0defe6996018b81

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.edreams.net/travel/?preload=true
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:35 GMT
strict-transport-security: max-age=60;
content-type: application/json;charset=UTF-8
status: 200
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: 9d8a8ff5-5401-4d69-8e28-03f87b5a6ec1
content-length: 1057
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame B96B 45 KB
17 KB 14ms
14ms Script
text/javascript 2a00:1450:400c:c09::9b
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/js/desktop.flights.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/travel/?preload=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1184
date: Thu, 19 Sep 2019 16:31:51 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17093
expires: Thu, 19 Sep 2019 18:31:51 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ Frame B96B 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/js/commonThirdParty.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://www.edreams.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 27 Aug 2019 22:46:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 1965878
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 9016
x-xss-protection: 0
expires: Wed, 26 Aug 2020 22:46:57 GMT

GET
H2 200 getWidgetTemplates Show response
www.edreams.net/travel/service/templates/ Frame B96B 13 KB
16 KB 76ms
76ms XHR
application/json 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/travel/service/templates/getWidgetTemplates?widgetname=login

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/js/commonThirdParty.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

c0733ef11c9731e3a6ddf09301dd04245b6f71aa334600d4901a5b6f542066a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.edreams.net/travel/?preload=true
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:35 GMT
strict-transport-security: max-age=60;
content-type: application/json;charset=UTF-8
status: 200
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: 74743c7f-1b07-4494-8c9d-c6615c95d3af
content-length: 13723
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H/1.1 200
OK sca.17.4.95.js Show response
static.adsafeprotected.com/ Frame 7D30 81 KB
20 KB 12ms
12ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.95.js
Requested by: Host: www.edreams.net
URL: https://www.edreams.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: 149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name: app29ami.ami.303net.pvt
ETag: "5b293b6b-4fda"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 20442
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mon
pixel.adsafeprotected.com/ 43 B
309 B 17ms
17ms Image
image/gif 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=926805&campId=300x250&pubId=11839275&chanId=86251275&placementId=4761491906&pubCreative=138275638769&pubOrder=74942115&cb=1786561208&adsafe_url=https%3A%2F%2Fwww.edreams.net%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:a73ae39f-ea0f-17dc-e98a-88f740494834,c:oGsXsG,sl:outOfView,em:true,fr:true,mn:app25ami,pt:1-5-15,wc:0.0.1600.1200,ac:963.1633.300.250,am:i,cc:963.1633.300.250,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rCxkqrg+11|121|131|132|14|15|16|17|18|19|1a1|1a21|1a22|1a3|1b1|1b2|1c1|1c21|1c22|1c3|1d|1e|1f|1g1|1g2|1h1|1h2|1i*.926805|1i1,idMap:1i*,pl:,rend:1,renddet:IMG.qs,rmeas:1,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:172,oid:bdb223cd-dafd-11e9-8183-00259086ca0c,v:19.8.13,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:35 GMT
X-Server-Name: app25ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 133ms
133ms Image
image/gif 104.244.37.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=926805&asId=a73ae39f-ea0f-17dc-e98a-88f740494834&tv={c:oGsXtb,pingTime:-2,time:203,type:a,im:{sf:0,pom:1,prf:{beA:102,beZ:103,mfA:266,cmA:266,inA:266,inZ:267,prA:267,prZ:272,si:274,poA:274,poZ:277,cmZ:277,mfZ:277,loA:290,loZ:291,ltA:304,ltZ:304,mdA:103,mdZ:119}},sca:{dfp:{df:4,sz:300.250,dom:div}},env:{gca:0},clog:[{piv:0,vs:o,r:l,w:300,h:250,t:172}],es:0,sc:1,ha:1,gm:1,slTimes:{i:0,o:203,n:0,pp:0,pm:0},slEvents:[{sl:o,t:172,wc:0.0.1600.1200,ac:963.1633.300.250,am:i,cc:963.1633.300.250,piv:0,obst:0,th:0,reas:l,bkn:{piv:[38~0],as:[38~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rCxkqrg+11|121|131|132|14|15|16|17|18|19|1a1|1a21|1a22|1a3|1b1|1b2|1c1|1c21|1c22|1c3|1d|1e|1f|1g1|1g2|1h1|1h2|1i*.926805|1i1,idMap:1i*,rend:1,renddet:IMG.qs,rmeas:1,slid:[google_ads_iframe_/4121/us_sites/edreams.net.en/home/home/of_3,google_ads_iframe_/4121/us_sites/edreams.net.en/home/home/of_3__container__,adBottomLine2,home,page,flights-root],sinceFw:30,readyFired:true}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Sep 2019 16:51:35 GMT
X-Server-Name: dt39dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame B96B 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/static-content/thirdParty/require/require.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

673d563c4b63e5937b724b1e5506158f1dcd38a75836507a9750360735e71e75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/travel/?preload=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ROC/c1JrXg15qpwjk2I9fQ==
status: 200
content-length: 1779
etag: "37ff8775ddaef6eb0b9a7db9ce24a3d1"
x-fb-debug: V0aYqd2ubKORVsickvwLiIU86mrxanS+e78EpFdJhHL4I030+frGcfyaMzlL0U/91WT46IqFgowlHHd5UdtDbw==
x-fb-trip-id: 420120009
x-fb-content-md5: f604c088561f3b6e7b808a525dba45d4
x-frame-options: DENY
date: Thu, 19 Sep 2019 16:51:35 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Sep 2019 16:56:20 GMT

GET
H2 200 client:platform.js Show response
apis.google.com/js/ Frame B96B 44 KB
17 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client:platform.js?onload=initAuth

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/static-content/thirdParty/require/require.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

4299c8ee187f7450cfd00d375bc1f2221453ec1dd8bf1ef5a26c6a7040a2ed91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/travel/?preload=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-FaPa9N1JS1qEqZQOyFjtlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "26c2b8692ca088506265aded39a9b368"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Thu, 19 Sep 2019 16:51:35 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame B96B 775 B
569 B 16ms
16ms Script
text/javascript 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=grecaptchaloaded&render=explicit

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/static-content/thirdParty/require/require.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

59eaab77612c739f041489e2f97fc09384b0c005026d6b0f86a1901c8fc81b5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/travel/?preload=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 472
x-xss-protection: 1; mode=block
expires: Thu, 19 Sep 2019 16:51:35 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame B96B 195 KB
58 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=9745ccf45a0041d010004a3efeb3da81&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

a18c8339981e9054213d0896cd5c944ea4c0f8f158903e4fb89c488514c0a02f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/travel/?preload=true
Origin: https://www.edreams.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ENxkklbErVyzkGWWZiKJzw==
status: 200
content-length: 59187
etag: "558c2de220d8e17126bc1d2d4a387fc3"
x-fb-debug: +nwMm7dUaAVf6tnjKOZuIw+XvUA0VOvVQzr6OqEU10XFuYvIJxOJ67QKVZVSovaPEsOeQBMXQbJ4pXSmWJaRMA==
x-fb-trip-id: 420120009
x-fb-content-md5: 09a70d516c32fbf8483163778578e02b
x-frame-options: DENY
date: Thu, 19 Sep 2019 16:51:35 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Fri, 18 Sep 2020 15:23:16 GMT

GET
H2 200 / Show response
www.edreams.net/travel/service/countrylinks/ Frame B96B 7 KB
9 KB 76ms
76ms XHR
application/json 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edreams.net/travel/service/countrylinks/

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/js/commonThirdParty.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

47ac3f64526bfa13828de41605060f055e247090bcab8661556d2d144367c02b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.edreams.net/travel/?preload=true
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
date: Thu, 19 Sep 2019 16:51:35 GMT
strict-transport-security: max-age=60;
content-type: application/json;charset=UTF-8
status: 200
expires: Fri, 23 Feb 1979 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
odigeo-trace-id: 5f969383-e6a8-456c-a65a-2a43553fc70a
content-length: 6880
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1566858990656/ Frame B96B 264 KB
92 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1566858990656/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=grecaptchaloaded&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/travel/?preload=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 07:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Aug 2019 23:45:00 GMT
server: sffe
age: 1761213
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 94196
x-xss-protection: 0
expires: Sat, 29 Aug 2020 07:38:02 GMT

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 4276 0
0 6ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=9745ccf45a0041d010004a3efeb3da81&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.edreams.net/travel/?preload=true
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/travel/?preload=true

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Thu, 17 Sep 2020 18:50:45 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: EALGFz33U94GwfLtcCBcRw8eyWFUItAOCx5RlNYW8QHvN5G36ENw/UgFzfMX2AtHN/Iic90iiNO3YX2Usuy8oA==
content-length: 11820
x-fb-trip-id: 420120009
date: Thu, 19 Sep 2019 16:51:35 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/ Frame B96B 286 KB
99 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js?onload=initAuth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92737ecd7ec13cf570d10d5ab6185d41e1f62cd5db53d3e86acf95a53dea80f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/travel/?preload=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 22 Aug 2019 23:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Aug 2019 22:51:13 GMT
server: sffe
age: 2395726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 101154
x-xss-protection: 0
expires: Fri, 21 Aug 2020 23:22:49 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/ Frame B96B 71 B
136 B 7ms
7ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js?onload=initAuth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

586a4abfe9225dbb5521b32799d3b346da9e997452fec205a0812a360dd470ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/travel/?preload=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 22 Aug 2019 23:25:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Aug 2019 22:51:13 GMT
server: sffe
age: 2395568
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 71
x-xss-protection: 0
expires: Fri, 21 Aug 2020 23:25:27 GMT

GET
H2 200 iframe
accounts.google.com/o/oauth2/ Frame 79C4 0
0 471ms
471ms Document
text/html 2a00:1450:4001:815::200d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PrUWFducsQbLg/CHxoUAOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.edreams.net/travel/?preload=true
accept-encoding: gzip, deflate, br
cookie: NID=188=BAbTJTXxmBXEtHHysZGp27RftpLJFIneDeco1rhMuadc5puMIfX8Qtz5P57zqiSW_OF2HbcHPX0KnpuOjioRKkkmFPpc8VdVRoW-Vgi0t1WHd9yh-MdN0JHvoJdASapcQ3fh897-S2WdnWVWEXtsvHe0BJTTML-i9TESwNOTh-s
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/travel/?preload=true

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 19 Sep 2019 16:51:36 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-PrUWFducsQbLg/CHxoUAOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 flags.png
ak1.odistatic.net/images/onefront/flags/ Frame B96B 9 KB
9 KB 42ms
6ms Image
image/png 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ak1.odistatic.net/images/onefront/flags/flags.png

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

8b08004f4418bb32b55ecc631542ad9c05ed18d1b3e72bf8219fd7c67f7652d0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/travel/static-content/versioned_GU9xwdRcfn/css/none_ed_desktop.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Tue, 02 Oct 2018 16:50:30 GMT
server: nginx
etag: "5bb3a1d6-2463"
strict-transport-security: max-age=60;
content-type: image/png
status: 200
expires: Fri, 20 Sep 2019 02:49:08 GMT
cache-control: max-age=86400
date: Thu, 19 Sep 2019 16:51:36 GMT
accept-ranges: bytes
content-length: 9315
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

GET
H2 200 mem8YaGs126MiZpBA-UFVp0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v17/ Frame B96B 5 KB
5 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVp0bf8pkAp6a.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

590cb8ea8c43c72f65a41e54b2f5e3a98aead88cbe4d47991753993250725602

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://www.edreams.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 25 Aug 2019 05:42:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:48 GMT
server: sffe
age: 2200136
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 4644
x-xss-protection: 0
expires: Mon, 24 Aug 2020 05:42:39 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v17/ Frame B96B 5 KB
6 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://www.edreams.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 21:40:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:48 GMT
server: sffe
age: 1365037
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 5608
x-xss-protection: 0
expires: Wed, 02 Sep 2020 21:40:58 GMT

GET
H/1.1 200
OK r20.gif
level3.cedexis-test.com/img/17652/ 43 B
443 B 95ms
55ms Image
image/gif 67.26.139.252
Level 3 Parent

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://level3.cedexis-test.com/img/17652/r20.gif?rnd=1-1-19692-0-0-17652-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.26.139.252 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 27 Aug 2019 11:28:24 GMT
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Server: nginx
cedexis-uni: 459803
Age: 2006592
ETag: "5b7c8475-2b"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 43
Expires: Thu, 26 Sep 2019 21:57:27 GMT

GET
H/1.1 200
OK iuni4.html
level3.cedexis-test.com/img/17652/ Frame FB47 0
0 13ms
12ms Document
text/html 67.26.139.252
Level 3 Parent

General

Check archive.org

Show headers Download Go to

Full URL: https://level3.cedexis-test.com/img/17652/iuni4.html?rnd=-1-1-19692-0-0-17652-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.26.139.252 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: level3.cedexis-test.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.edreams.net/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/

Response headers

Date: Wed, 22 May 2019 08:16:31 GMT
Content-Type: text/html
Content-Length: 2011
Connection: keep-alive
Cache-Control: max-age=2629743, public
ETag: "5b7c8475-7db"
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Server: nginx
Access-Control-Allow-Origin: *
timing-allow-origin: *
Expires: Fri, 21 Jun 2019 18:45:34 GMT
cedexis-uni: 459803
Age: 10398905
Accept-Ranges: bytes

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/17652... 16 B
283 B 56ms
21ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/17652/1,2/0/54/459803/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
level3.cedexis-test.com/img/17652/ 43 B
443 B 7ms
7ms Image
image/gif 67.26.139.252
Level 3 Parent

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://level3.cedexis-test.com/img/17652/r20.gif?rnd=0-1-19692-0-0-17652-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.26.139.252 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 27 Aug 2019 11:28:24 GMT
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Server: nginx
cedexis-uni: 459803
Age: 2006592
ETag: "5b7c8475-2b"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 43
Expires: Thu, 26 Sep 2019 21:57:27 GMT

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/17652... 16 B
283 B 50ms
15ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/17652/0,2/0/7/459803/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20-100KB.png
level3.cedexis-test.com/img/17652/ 100 KB
100 KB 9ms
9ms Image
image/png 67.26.139.252
Level 3 Parent

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://level3.cedexis-test.com/img/17652/r20-100KB.png?rnd=14-1-19692-0-0-17652-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.26.139.252 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 21 Aug 2019 05:59:28 GMT
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Server: nginx
cedexis-uni: 459803
Age: 2544728
ETag: "5b7c8475-19000"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 102400
Expires: Fri, 20 Sep 2019 16:28:31 GMT

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/17652... 16 B
283 B 48ms
17ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/17652/14,2/0/55191/459803/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
p33231.cedexis-test.com/img/ 43 B
296 B 287ms
96ms Image
image/gif 3.220.155.136
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p33231.cedexis-test.com/img/r20.gif?rnd=1-1-19692-0-0-33231-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.220.155.136 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-220-155-136.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Last-Modified: Thu, 13 Jun 2019 10:40:13 GMT
Server: nginx
ETag: "5d02280d-2b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/33231... 16 B
283 B 17ms
17ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/33231/1,2/0/95/0/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
p33231.cedexis-test.com/img/ 43 B
296 B 96ms
94ms Image
image/gif 3.220.155.136
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p33231.cedexis-test.com/img/r20.gif?rnd=0-1-19692-0-0-33231-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.220.155.136 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-220-155-136.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Last-Modified: Thu, 13 Jun 2019 10:40:13 GMT
Server: nginx
ETag: "5d02280d-2b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/33231... 16 B
283 B 12ms
12ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/33231/0,2/0/94/0/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
p33245.cedexis-test.com/img/ 43 B
296 B 21ms
6ms Image
image/gif 52.59.165.192
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p33245.cedexis-test.com/img/r20.gif?rnd=1-1-19692-0-0-33245-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.59.165.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-59-165-192.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Last-Modified: Thu, 13 Jun 2019 10:40:13 GMT
Server: nginx
ETag: "5d02280d-2b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/33245... 16 B
283 B 14ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/33245/1,2/0/5/0/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
p33245.cedexis-test.com/img/ 43 B
296 B 6ms
6ms Image
image/gif 52.59.165.192
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p33245.cedexis-test.com/img/r20.gif?rnd=0-1-19692-0-0-33245-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.59.165.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-59-165-192.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Last-Modified: Thu, 13 Jun 2019 10:40:13 GMT
Server: nginx
ETag: "5d02280d-2b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/33245... 16 B
283 B 13ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/33245/0,2/0/5/0/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
hwcdnssl.cedexis-test.com/img/ 43 B
399 B 33ms
6ms Image
image/gif 205.185.216.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hwcdnssl.cedexis-test.com/img/r20.gif?rnd=1-1-19692-0-0-17000-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
ETag: "1534887029"
X-HW: 1568911896.dop018.fr8.t,1568911896.cds056.fr8.shn,1568911896.cds056.fr8.c
Content-Type: image/gif
Cache-Control: public, max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43

GET
H/1.1 200
OK iuni4.html
hwcdnssl.cedexis-test.com/img/17000/ Frame 6D8B 0
0 7ms
7ms Document
text/html 205.185.216.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://hwcdnssl.cedexis-test.com/img/17000/iuni4.html?rnd=-1-1-19692-0-0-17000-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash

Request headers

Host: hwcdnssl.cedexis-test.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.edreams.net/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
ETag: "1534887029"
Cache-Control: public, max-age=86400
Content-Length: 2011
Content-Type: text/html
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Timing-Allow-Origin: *
X-HW: 1568911896.dop018.fr8.t,1568911896.cds056.fr8.shn,1568911896.dop018.fr8.t,1568911896.cds102.fr8.c

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/17000... 16 B
283 B 13ms
12ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/17000/1,2/0/5/1568911896.dop018.fr8.t%2C1568911896.cds056.fr8.shn%2C1568911896.dop018.fr8.t%2C1568911896.cds102.fr8.c/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
hwcdnssl.cedexis-test.com/img/ 43 B
423 B 6ms
6ms Image
image/gif 205.185.216.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hwcdnssl.cedexis-test.com/img/r20.gif?rnd=0-1-19692-0-0-17000-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
ETag: "1534887029"
X-HW: 1568911896.dop018.fr8.t,1568911896.cds056.fr8.shn,1568911896.dop018.fr8.t,1568911896.cds102.fr8.c
Content-Type: image/gif
Cache-Control: public, max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/17000... 16 B
283 B 14ms
14ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/17000/0,2/0/5/1568911896.dop018.fr8.t%2C1568911896.cds056.fr8.shn%2C1568911896.dop018.fr8.t%2C1568911896.cds102.fr8.c/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20-100KB.png
hwcdnssl.cedexis-test.com/img/ 100 KB
100 KB 6ms
6ms Image
image/png 205.185.216.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hwcdnssl.cedexis-test.com/img/r20-100KB.png?rnd=14-1-19692-0-0-17000-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
ETag: "1534887029"
X-HW: 1568911896.dop018.fr8.t,1568911896.cds056.fr8.shn,1568911896.dop018.fr8.t,1568911896.cds102.fr8.c
Content-Type: image/png
Cache-Control: public, max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 102400

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/17000... 16 B
283 B 13ms
12ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/17000/14,2/0/68114/1568911896.dop018.fr8.t%2C1568911896.cds056.fr8.shn%2C1568911896.dop018.fr8.t%2C1568911896.cds102.fr8.c/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
cedexis.pc.cdn.bitgravity.com/img/ 43 B
319 B 44ms
29ms Image
image/gif 64.185.181.238
BitGravity

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cedexis.pc.cdn.bitgravity.com/img/r20.gif?rnd=1-1-19692-0-0-38635-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.185.181.238 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS: pc-b.bitgravity.com
Software: v/6.2.3/6.1.4/v13fra1-www /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version: 1.0
date: Thu, 19 Sep 2019 16:51:36 GMT
last-modified: Tue, 21 Aug 2018 21:30:29 GMT
server: v/6.2.3/6.1.4/v13fra1-www
age: 0
etag: "5b7c8475-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2629743, public
x-server: v/6.2.3/v13fra1-https
accept-ranges: bytes
timing-allow-origin: *
content-length: 43

GET
H2 200 iuni4.html
cedexis.pc.cdn.bitgravity.com/img/35/ Frame 38A0 0
0 38ms
38ms Document
text/html 64.185.181.238
BitGravity

General

Check archive.org

Show headers Download Go to

Full URL: https://cedexis.pc.cdn.bitgravity.com/img/35/iuni4.html?rnd=-1-1-19692-0-0-38635-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.185.181.238 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS: pc-b.bitgravity.com
Software: v/6.2.3/6.1.4/v13fra1-www /
Resource Hash

Request headers

:method: GET
:authority: cedexis.pc.cdn.bitgravity.com
:scheme: https
:path: /img/35/iuni4.html?rnd=-1-1-19692-0-0-38635-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.edreams.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/

Response headers

status: 200
content-type: text/html
content-length: 2011
access-control-allow-origin: *
cache-control: max-age=2629743, public
date: Thu, 19 Sep 2019 16:51:36 GMT
etag: "5b7c8474-7db"
last-modified: Tue, 21 Aug 2018 21:30:28 GMT
timing-allow-origin: *
age: 0
server: v/6.2.3/6.1.4/v13fra1-www
accept-ranges: bytes
x-version: 1.0
x-server: v/6.2.3/v13fra1-https

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/38635... 16 B
283 B 12ms
12ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/38635/1,2/0/29/v%2F6.2.3%2Fv13fra1-https/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
cedexis.pc.cdn.bitgravity.com/img/ 43 B
319 B 29ms
29ms Image
image/gif 64.185.181.238
BitGravity

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cedexis.pc.cdn.bitgravity.com/img/r20.gif?rnd=0-1-19692-0-0-38635-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.185.181.238 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS: pc-b.bitgravity.com
Software: v/6.2.3/6.1.4/v13fra1-www /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version: 1.0
date: Thu, 19 Sep 2019 16:51:36 GMT
last-modified: Tue, 21 Aug 2018 21:30:28 GMT
server: v/6.2.3/6.1.4/v13fra1-www
age: 0
etag: "5b7c8474-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2629743, public
x-server: v/6.2.3/v13fra1-https
accept-ranges: bytes
timing-allow-origin: *
content-length: 43

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/38635... 16 B
283 B 13ms
12ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/38635/0,2/0/28/v%2F6.2.3%2Fv13fra1-https/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
p41683.cedexis-test.com/img/41683/ 43 B
335 B 21ms
6ms Image
image/gif 163.171.242.27
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p41683.cedexis-test.com/img/41683/r20.gif?rnd=1-1-19692-0-0-41683-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.171.242.27 , United States, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: QTL_Cache/1.16.1.1.1.09 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Sep 2019 18:28:00 GMT
last-modified: Tue, 21 Aug 2018 21:30:28 GMT
server: QTL_Cache/1.16.1.1.1.09
age: 1117416
etag: "5b7c8474-2b"
status: 200
x-hostname: eu-de-fra1-cache-0001
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2629743, public
x-px: HIT eu-de-fra1-cache-0001
accept-ranges: bytes
timing-allow-origin: *
content-length: 43

GET
H2 200 iuni4.html
p41683.cedexis-test.com/img/41683/ Frame 2BEC 0
0 6ms
6ms Document
text/html 163.171.242.27
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to

Full URL: https://p41683.cedexis-test.com/img/41683/iuni4.html?rnd=-1-1-19692-0-0-41683-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.171.242.27 , United States, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: QTL_Cache/1.16.1.1.1.09 /
Resource Hash

Request headers

:method: GET
:authority: p41683.cedexis-test.com
:scheme: https
:path: /img/41683/iuni4.html?rnd=-1-1-19692-0-0-41683-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.edreams.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/

Response headers

status: 200
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=2629743, public
date: Fri, 06 Sep 2019 18:28:03 GMT
etag: W/"5b7c8475-7db"
last-modified: Tue, 21 Aug 2018 21:30:29 GMT
timing-allow-origin: *
age: 1117413
x-hostname: eu-de-fra1-cache-0001
x-px: HIT eu-de-fra1-cache-0001
content-encoding: gzip
server: QTL_Cache/1.16.1.1.1.09

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/41683... 16 B
283 B 14ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/41683/1,2/0/5/HIT%20eu-de-fra1-cache-0001/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
p41683.cedexis-test.com/img/41683/ 43 B
334 B 6ms
5ms Image
image/gif 163.171.242.27
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p41683.cedexis-test.com/img/41683/r20.gif?rnd=0-1-19692-0-0-41683-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.171.242.27 , United States, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: QTL_Cache/1.16.1.1.1.09 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Sep 2019 18:28:00 GMT
last-modified: Tue, 21 Aug 2018 21:30:28 GMT
server: QTL_Cache/1.16.1.1.1.09
age: 1117416
etag: "5b7c8474-2b"
status: 200
x-hostname: eu-de-fra1-cache-0001
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2629743, public
x-px: HIT eu-de-fra1-cache-0001
accept-ranges: bytes
timing-allow-origin: *
content-length: 43

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/41683... 16 B
283 B 14ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/41683/0,2/0/5/HIT%20eu-de-fra1-cache-0001/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
level3ssl.optimicdn.com/img/13070/ 43 B
286 B 81ms
60ms Image
image/gif 67.27.234.122
Level 3 Parent

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://level3ssl.optimicdn.com/img/13070/r20.gif?rnd=1-1-19692-0-0-33636-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.27.234.122 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software: Footprint Distributor V6.1.951.25 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:36 GMT
last-modified: Tue, 21 Aug 2018 21:30:29 GMT
server: Footprint Distributor V6.1.951.25
age: 1944930
etag: "5b7c8475-2b"
content-type: image/gif
status: 200
cache-control: max-age=2629743, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 03 Oct 2019 15:05:50 GMT

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/33636... 16 B
283 B 14ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/33636/1,2/0/60/0/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
level3ssl.optimicdn.com/img/13070/ 43 B
285 B 7ms
7ms Image
image/gif 67.27.234.122
Level 3 Parent

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://level3ssl.optimicdn.com/img/13070/r20.gif?rnd=0-1-19692-0-0-33636-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.27.234.122 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software: Footprint Distributor V6.1.951.25 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:36 GMT
last-modified: Tue, 21 Aug 2018 21:30:29 GMT
server: Footprint Distributor V6.1.951.25
age: 1944930
etag: "5b7c8475-2b"
content-type: image/gif
status: 200
cache-control: max-age=2629743, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 03 Oct 2019 15:05:50 GMT

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/33636... 16 B
283 B 12ms
12ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/33636/0,2/0/6/0/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:36 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
s.pinimg.com/_/_/ 43 B
171 B 41ms
22ms Image
image/gif 2a02:26f0:6c00:18a::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pinimg.com/_/_/r20.gif?rnd=1-1-19692-0-0-34022-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:18a::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn: akamai
etag: "b4491705564909da7f9eaf749dbbfbb1"
vary: Accept-Encoding, Origin
content-type: image/gif
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 43

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/34022... 16 B
283 B 13ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/34022/1,2/0/41/0/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:37 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
s.pinimg.com/_/_/ 43 B
171 B 6ms
6ms Image
image/gif 2a02:26f0:6c00:18a::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pinimg.com/_/_/r20.gif?rnd=0-1-19692-0-0-34022-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:18a::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn: akamai
etag: "b4491705564909da7f9eaf749dbbfbb1"
vary: Accept-Encoding, Origin
content-type: image/gif
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 43

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/34022... 16 B
283 B 14ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/34022/0,2/0/6/0/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:37 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
vdms-ssl.cedexis-test.com/img/16999/ 43 B
241 B 33ms
10ms Image
image/gif 152.195.34.116
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vdms-ssl.cedexis-test.com/img/16999/r20.gif?rnd=1-1-19692-0-0-16999-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.116 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frb/67C0) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:37 GMT
last-modified: Tue, 21 Aug 2018 21:30:28 GMT
server: ECAcc (frb/67C0)
etag: "5b7c8474-2b"
status: 200
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Server
cache-control: max-age=2629743, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43

GET
H2 200 iuni4.html
vdms-ssl.cedexis-test.com/img/16999/ Frame C5C6 0
0 10ms
10ms Document
text/html 152.195.34.116
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://vdms-ssl.cedexis-test.com/img/16999/iuni4.html?rnd=-1-1-19692-0-0-16999-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.116 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frb/676D) /
Resource Hash

Request headers

:method: GET
:authority: vdms-ssl.cedexis-test.com
:scheme: https
:path: /img/16999/iuni4.html?rnd=-1-1-19692-0-0-16999-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.edreams.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/

Response headers

status: 200
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: Server
cache-control: max-age=2629743, public
content-type: text/html
date: Thu, 19 Sep 2019 16:51:37 GMT
etag: "5b7c8474-7db+gzip"
last-modified: Tue, 21 Aug 2018 21:30:28 GMT
server: ECAcc (frb/676D)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
content-length: 951

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/16999... 16 B
283 B 13ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/16999/1,2/0/9/ECAcc%20(frb%2F676D)/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:37 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
vdms-ssl.cedexis-test.com/img/16999/ 43 B
91 B 7ms
7ms Image
image/gif 152.195.34.116
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vdms-ssl.cedexis-test.com/img/16999/r20.gif?rnd=0-1-19692-0-0-16999-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.116 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frb/67C0) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:37 GMT
last-modified: Tue, 21 Aug 2018 21:30:28 GMT
server: ECAcc (frb/67C0)
etag: "5b7c8474-2b"
status: 200
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Server
cache-control: max-age=2629743, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/16999... 16 B
283 B 13ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/16999/0,2/0/6/ECAcc%20(frb%2F676D)/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:37 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
fastly.cedexis-test.com/img/20367/ 43 B
651 B 21ms
5ms Image
image/gif 151.101.112.65
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastly.cedexis-test.com/img/20367/r20.gif?rnd=1-1-19692-0-0-20367-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.65 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:37 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 275274
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 43
X-Served-By: cache-dfw18651-DFW, cache-hhn4063-HHN
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Server: nginx
X-Timer: S1568911897.132826,VS0,VE0
ETag: "5b7c8475-2b"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
X-Cedexis-UNI: HHN|{"pop":"HHN","sip":"151.101.112.65","ip_ver":"v4","server_name":"cache-hhn4063"}
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 319484

GET
H/1.1 200
OK iuni4.html
fastly.cedexis-test.com/img/20367/ Frame 554B 0
0 6ms
5ms Document
text/html 151.101.112.65
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://fastly.cedexis-test.com/img/20367/iuni4.html?rnd=-1-1-19692-0-0-20367-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.65 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: fastly.cedexis-test.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.edreams.net/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Content-Type: text/html
ETag: "5b7c8474-7db"
Last-Modified: Tue, 21 Aug 2018 21:30:28 GMT
Server: nginx
Timing-Allow-Origin: *
Via: 1.1 varnish 1.1 varnish
Content-Length: 2011
Accept-Ranges: bytes
Date: Thu, 19 Sep 2019 16:51:37 GMT
Age: 1947351
Connection: keep-alive
X-Served-By: cache-dfw18642-DFW, cache-hhn4063-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 5, 1265063
X-Timer: S1568911897.141446,VS0,VE0
X-Cedexis-UNI: HHN|{"pop":"HHN","sip":"151.101.112.65","ip_ver":"v4","server_name":"cache-hhn4063"}

GET
H/1.1 200
Ok 651 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/20367... 16 B
283 B 14ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/20367/1,2/0/5/HHN%7C%7B%22pop%22%3A%22HHN%22%2C%22sip%22%3A%22151.101.112.65%22%2C%22ip_ver%22%3A%22v4%22%2C%22server_name%22%3A%22cache-hhn4063%22%7D/0/4583/0/0/0/0/1/1/6/16/16/21/21/21/651
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:37 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
fastly.cedexis-test.com/img/20367/ 43 B
651 B 6ms
5ms Image
image/gif 151.101.112.65
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastly.cedexis-test.com/img/20367/r20.gif?rnd=0-1-19692-0-0-20367-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.65 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:37 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 275274
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 43
X-Served-By: cache-dfw18651-DFW, cache-hhn4063-HHN
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Server: nginx
X-Timer: S1568911897.166316,VS0,VE0
ETag: "5b7c8475-2b"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
X-Cedexis-UNI: HHN|{"pop":"HHN","sip":"151.101.112.65","ip_ver":"v4","server_name":"cache-hhn4063"}
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 319485

GET
H/1.1 200
Ok 651 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/20367... 16 B
283 B 21ms
20ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/20367/0,2/0/5/HHN%7C%7B%22pop%22%3A%22HHN%22%2C%22sip%22%3A%22151.101.112.65%22%2C%22ip_ver%22%3A%22v4%22%2C%22server_name%22%3A%22cache-hhn4063%22%7D/0/4633/0/0/0/0/0/0/0/0/0/5/6/6/651
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:37 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
limelight-ssl.cedexis-test.com/img/17003/ 43 B
449 B 63ms
20ms Image
image/gif 178.79.226.1
Limelight Networks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://limelight-ssl.cedexis-test.com/img/17003/r20.gif?rnd=1-1-19692-0-0-17003-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.79.226.1 , Italy, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS: https-178-79-226-1.vie.llnw.net
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:37 GMT
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Server: nginx
Age: 1613958
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43
Expires: Tue, 01 Oct 2019 11:01:22 GMT

GET
H/1.1 200
OK iuni4.html
limelight-ssl.cedexis-test.com/img/17003/ Frame 5FEB 0
0 20ms
20ms Document
text/html 178.79.226.1
Limelight Networks

General

Check archive.org

Show headers Download Go to

Full URL: https://limelight-ssl.cedexis-test.com/img/17003/iuni4.html?rnd=-1-1-19692-0-0-17003-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.79.226.1 , Italy, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS: https-178-79-226-1.vie.llnw.net
Software: nginx /
Resource Hash

Request headers

Host: limelight-ssl.cedexis-test.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.edreams.net/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.edreams.net/

Response headers

Date: Thu, 19 Sep 2019 16:51:37 GMT
Content-Type: text/html
Content-Length: 2011
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=2629743, public
Server: nginx
Age: 2308162
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Expires: Mon, 23 Sep 2019 10:11:18 GMT
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,OPTIONS

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/17003... 16 B
283 B 12ms
12ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/17003/1,2/0/19/HIT%20from%20cds879.lon.llnw.net%20s%3A0%2C%20HIT%20from%20cds4.vie.llnw.net%20s%3A0%2C%20HIT%20from%20sw.cds3.vie.llnw.net/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:37 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
limelight-ssl.cedexis-test.com/img/17003/ 43 B
449 B 20ms
20ms Image
image/gif 178.79.226.1
Limelight Networks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://limelight-ssl.cedexis-test.com/img/17003/r20.gif?rnd=0-1-19692-0-0-17003-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.79.226.1 , Italy, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS: https-178-79-226-1.vie.llnw.net
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:37 GMT
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Server: nginx
Age: 1613958
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43
Expires: Tue, 01 Oct 2019 11:01:22 GMT

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/17003... 16 B
283 B 13ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/17003/0,2/0/19/HIT%20from%20cds879.lon.llnw.net%20s%3A0%2C%20HIT%20from%20cds4.vie.llnw.net%20s%3A0%2C%20HIT%20from%20sw.cds3.vie.llnw.net/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:37 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
img-cedexis.mncdn.com/img/33756/ 43 B
332 B 52ms
5ms Image
image/gif 31.3.2.126
NETSA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-cedexis.mncdn.com/img/33756/r20.gif?rnd=1-1-19692-0-0-33756-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.126 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software: MNCDN-2149 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:37 GMT
last-modified: Tue, 21 Aug 2018 21:30:29 GMT
server: MNCDN-2149
x-edge-location: DE-372
etag: "5b7c8475-2b"
x-cache-status: Edge : HIT,
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
x-mserver: 2200
expires: Wed, 18 Dec 2019 16:51:37 GMT

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/33756... 16 B
283 B 13ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/33756/1,2/0/5/0/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:37 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
img-cedexis.mncdn.com/img/33756/ 43 B
331 B 5ms
5ms Image
image/gif 31.3.2.126
NETSA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-cedexis.mncdn.com/img/33756/r20.gif?rnd=0-1-19692-0-0-33756-81050627-_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.126 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software: MNCDN-2149 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 16:51:37 GMT
last-modified: Tue, 21 Aug 2018 21:30:29 GMT
server: MNCDN-2149
x-edge-location: DE-372
etag: "5b7c8475-2b"
x-cache-status: Edge : HIT,
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
x-mserver: 2200
expires: Wed, 18 Dec 2019 16:51:37 GMT

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/33756... 16 B
283 B 12ms
12ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHUiBggBEOyZASiD-NImMJbkjuwFOJbkjuwFQNiMryRKEAgDEDUY7MIBIAAo7oOAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmFtcy5odi5wcm9kggEQCAMQNRjswgEgACjug4CgBIgBkJm18wGQAQCYAQA/0/0/33756/0,2/0/5/0/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1560296207/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 16:51:37 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 hotel-HB-02.jpg
www.edreams.net/content/img/OF/offers/02-herobanners/ 248 KB
249 KB 8ms
8ms Image
image/jpeg 23.8.0.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edreams.net/content/img/OF/offers/02-herobanners/hotel-HB-02.jpg

Requested by

Host: www.edreams.net
URL: https://www.edreams.net/frontend-home/static-content/versioned_P2feLb3bBY/js/desktop.odigeo.all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.8.0.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-8-0-125.deploy.static.akamaitechnologies.com

Software

Resource Hash

0e9b08dab9bf0017db2a8d7e98c1f022fddf6f58663f069daa01b9c27cfd112c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.edreams.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 10 Apr 2019 10:15:31 GMT
etag: "5cadc243-3e16c"
strict-transport-security: max-age=60;
content-type: image/jpeg
status: 200
expires: Fri, 20 Sep 2019 02:49:14 GMT
cache-control: max-age=86400
date: Thu, 19 Sep 2019 16:51:39 GMT
accept-ranges: bytes
content-length: 254316
x-xss-protection: 1; mode=block
x-content-security-policy: upgrade-insecure-requests;

POST
H/1.1 200
OK / Show response
tag.cartrawler.com/ Frame 958B 69 B
544 B 128ms
128ms Fetch
application/json 54.243.231.206
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.cartrawler.com/
Requested by: Host: ajaxgeo.cartrawler.com
URL: https://ajaxgeo.cartrawler.com/webapp-abe-latest/app-desktop.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.231.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-243-231-206.compute-1.amazonaws.com
Software: Play! Framework;1.3.1;prod /
Resource Hash: b8b18401c3b3c3bc7f2cd2c87113978f3d7404b47abef603486c3b5767add507

Request headers

Sec-Fetch-Mode: cors
Referer: https://rentacar.edreams.net/search?currency=USD&utm_source=(direct)&utm_campaign=(direct)&utm_medium=(none)&_ga=2.231763935.1729622271.1568911893-1353815095.1568911893
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Thu, 19 Sep 2019 16:51:40 GMT
Via: 1.1 vegur
Server: Play! Framework;1.3.1;prod
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 69

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.booking.com
URL: https://www.booking.com/_6e3fa1bbd409db2?lang=en-us&target_aid=343806&label=edr-link-usen-sb-conf-pc-of;aff_hostname=https://hotels.edreams.net

Domain: rentacar.edreams.net
URL: https://rentacar.edreams.net/search

Domain: rentacar.edreams.net
URL: https://rentacar.edreams.net/search?currency=USD

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.edreams.net/	1969-12-31 23:59:59	Name: TS7b7d2a5a027 Value: 0890b26ffeab20000eb031e0b2c88640235a2ca5bcaa25d525721487bc6fd3e64719a4c62d344d2e0881706295113000614519a15c854eca804976c5ce089db3ebc987018d0d35b197859ac44b7a6c449e70435ed5aee96d785115e40234275d
.edreams.net/	1970-01-19 04:31:43	Name: mktTrack Value: utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
www.edreams.net/	1970-01-19 03:48:33	Name: BIGipServerODIGEO-MARKETING-CHANNEL-SERVICE-HTTP Value: !f8a/tmbO6z2H3Dtf6yO4pmpLrHoM2YmeceNRVlynKP9h/r9Uo/a2zX4VVlNgg+mh7IYagJLwIXdwQQE=
www.edreams.net/	1970-01-19 03:48:33	Name: BIGipServerODIGEO-URI-SPLIT-HTTP Value: !K3q/I2Cbbgbq93Bf6yO4pmpLrHoM2Zv6yV4tvp7XqlyQcE0ZLzZK/4CKyqTGwirlTQC3VTmnpZWrCIU=
.edreams.net/	1970-01-20 06:05:19	Name: ens_abcSplit Value: groupb
.edreams.net/	1970-01-19 12:34:07	Name: tc_cj_v2 Value: %5Ecl_%5Dny%5B%5D%5D_mmZZZZZZKOPRSKKRSMJPSZZZ%5D
.edreams.net/	1970-01-19 03:49:58	Name: _gid Value: GA1.2.1729622271.1568911893
.edreams.net/	1969-12-31 23:59:59	Name: mktportal Value:
.edreams.net/	1970-01-19 03:48:35	Name: AKA_A2 Value: A
www.edreams.net/	1969-12-31 23:59:59	Name: TS01cc6943 Value: 015135c8601e098fc073635f6a0e1e76d1da989f9edf1395526c282c6258ba67193021adc763cb25f0565f56116af7684273007b53
www.edreams.net/	1970-01-19 04:31:43	Name: TestTokenSpace Value: 1#320-2#91551638150-3#11208-4#68793-5#946500-6#131545-7#61913-8#13081712930-9#30329878297-10#4966351805-11#22214095429-12#29920207189-13#20587430041-14#86471079273-15#33370246704-16#48432047501-17#51504451364-18#53013646936-19#96538890549-20#55892103078-21#45530139570-22#55777774875\|19-09-2019.18:51
.edreams.net/	1970-01-19 21:19:43	Name: _ga Value: GA1.2.1353815095.1568911893
.edreams.net/	1969-12-31 23:59:59	Name: TS01a388cb Value: 015135c8601e098fc073635f6a0e1e76d1da989f9edf1395526c282c6258ba67193021adc763cb25f0565f56116af7684273007b53
www.edreams.net/	1970-01-22 19:24:31	Name: userDevice Value: 159e9a79-02ee-4f65-bd9b-c9fd854bed57
www.edreams.net/	1970-01-19 03:48:33	Name: viI Value: eJztVf2LVUUYPuOdGZ9ybcWk7AO6cWzdZTvnzpxz5ny4P8Sybhq7y4brtpE/rHf3zu5e9+492713d/0IyxKMEqQPkBQyFOwTlagEKaNaEiwqVFAwIjIqCjNIKJSoc9vV1kj/guaH88687/s8884D530lIfPIQCkuVnQxZw3FI9rS2dISx5b2AZLJF3N6rb2m/AvRP3cf33QnIQZpXbqit/v4JePJt40FhGyqqSHFuHfZB1Pfmgayg8DYA+NTkHdBPsesGKkQtAepMlI7kdqP1CRSR5A6BToIuhi0CXQNaAxaBh0HXQ+6EfRx0C2gT4FuA30WdDvoDtAXQXeD7gV9DXQf6Jug74AeAj0M+hHox6BHQT8DPQZ6EvQ06FegZ0C/A/0R9BzoedDfQC+C/glGwQBWA1YLdiPYzWC3g90BVgdWD9YIJsBcsACsCewesC6wHrBVYKvBcmCDYMNgMdgY2ATYBrDHwDaDPQn2NNg2sOfBtoPtBNsFtgfsZbDXwfaDvQV2EOww2Ptgk2BHwD4B+wLsBNhJsNNgX4OdAfsB7Cewc2C/gv0OdhHcAE+BzwafA14LvgB8Ifht4GnwReCLwRvBBbgLHoI3gTeDt4AvA28D7wTvBu8BXwW+GrwffAh8GDwGL4NPgG8AfxT8CfAt4FvBt4E/B/4C+E7wlwyjlhzdtfuZbxg5S6XpOsJyzEgqJX03lEpYrimlI0LLM/0wiFxLmZHnKyEs35SuVJ6yAtOXkXStMHGIUAbSiVxhRaYrXCcKg9CJAksK04t831UyFMqS0nQcR3oiUp4TWdIxnShyhCMCGSZH13SECgPPFcKTlvTM0PcCKYLICVxLKtN13UA4nh8Iz5K+6YVeUrYXKJEkB6ZKqvY8JV0/iYamckV160eub8nIjHzlhmEklBdZjjCVCiNHClcEoeVI01N/p0cqSGRwkmhQXV4YqEdkZIkqREa2DJcoOZeQL/8X7OqCEZMsIu99ePj4CevC5j/2vrqqjrSOleJRnenI5kr5bxeSQ9/vm3MLeeOswcolw+qPR+w4lx/UsT2eL+eTvjWYL2p7rKxL2UFdrNjdya65umvT64ypRWYZ/CEDE/mSLuhyud24PqfH8/165bpRXTHq2hPOzBRnZiqQ0xXdX4lLmaWX85raDR6XpxD110B0dt2bHckX1k1jrovLD+hSOZ90WGN++5rseDZTyBYHM12VUr44mCTUjl2qdwpXMRqvwd59ZXKCn3cZP33Pw8ZGI7V21NhYMhbNEOtKIvufh01rZMw3jLUl44ZqiXa1RLu1ODYyMzhaMdDS2XF/98rWFQl53dXJZ2owk6Fa2uyKkepobqkYs6WwpWerhKrh6lT/evB/sPGW5Ss6O1orxtzAs4XtBk7y5/kRuUA64vX5QiGbUbZI13dk+/PFSlweakrfl0y7QjpxpDu70g+mpeiVXq9qSDePjhZ0j+5ry1cyyg1s10/Xty1f2dF+d7qQH9bpZbp/OG5ItwyVkjmZueK2dFd2IFvKT8OIVJGOskHSChytLW/AV1ZfLuqz+qOBXKi8Pp1TB4n0PDvwbSki2z1w6tix/VvpTeSVc5y0TpJktHZ3TaarVherg3ZiYsLWuZLOjpTtoj7fQGalpiKJKSfm1sbEc1eqOpBTdSkSigNkZCaAVLJ9BV2Z6foLxKsDxA==
.edreams.net/	1970-01-19 04:31:43	Name: mktTrack_v2 Value: utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.edreams.net/	1970-01-19 04:31:43	Name: tduid Value: -
.edreams.net/	1970-01-19 04:31:43	Name: locale Value: en_US
www.edreams.net/	1970-01-19 03:48:33	Name: HOME1 Value: !yF861hXqSLLOzfdf6yO4pmpLrHoM2eNG/bqFujNcVawEild7R0CxwOOYq62qZzyMxuA0K1HHr4yS4aU=
www.edreams.net/	1969-12-31 23:59:59	Name: HOME1JSESSIONID Value: V4Ocly7vFN4a9q3YwaYLVozz.bcn1-app-home-263p23

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.edreams.net/marketing-channel/client/v1/marketing-channel.min.js(Line 1) Message: Cookie Set: utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
console-api	log	URL: https://www.edreams.net/frontend-home/setup.js/index.jsp?noext=1(Line 273) Message: _____ ____ _____ _____ _____ ______ ____ \| __ \ / __ \\| __ \_ _/ ____\| ____/ __ \ ___\| \| \| \|_ __ ___ __ _ _ __ ___ ___ \| \| \| \| \| \| \|\| \|\| \| __\| \|__ \| \| \| \| / _ \ \| \| \| '__/ _ \/ _` \| '_ ` _ \/ __\| \| \| \| \| \| \| \|\| \|\| \| \|_ \| __\|\| \| \| \| \| __/ \|__\| \| \| \| __/ (_\| \| \| \| \| \| \__ \ \| \|__\| \| \|__\| \|\| \|\| \|__\| \| \|___\| \|__\| \| \___\|_____/\|_\| \___\|\__,_\|_\| \|_\| \|_\|___/ \____/\|_____/_____\_____\|______\____/ Visit http://www.edreamsodigeo.com/careers/ to learn about our current job openings.
console-api	log	URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_20.js(Line 11) Message: TagCommander - Container call - Head container (20)
console-api	log	URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_20.js(Line 11) Message: tc_vars:
console-api	log	URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_20.js(Line 11) Message: [object Object]
console-api	log	URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_20.js(Line 11) Message: TagCommander - Container call - Body container (21)
console-api	log	URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_20.js(Line 11) Message: tc_vars:
console-api	log	URL: https://cdn.tagcommander.com/4250/tc_eDreamsODIGEO_20.js(Line 11) Message: [object Object]
console-api	log	URL: https://radar.cedexis.com/releases/1560296207/impact.js(Line 12) Message: CDN metadata: {}
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.4.95.js(Line 32) Message: a: 0.0029296875ms
console-api	log	URL: https://www.edreams.net/travel/setup.js/index.jsp?noext=1&preload=true(Line 1114) Message: _____ ____ _____ _____ _____ ______ ____ \| __ \ / __ \\| __ \_ _/ ____\| ____/ __ \ ___\| \| \| \|_ __ ___ __ _ _ __ ___ ___ \| \| \| \| \| \| \|\| \|\| \| __\| \|__ \| \| \| \| / _ \ \| \| \| '__/ _ \/ _` \| '_ ` _ \/ __\| \| \| \| \| \| \| \|\| \|\| \| \|_ \| __\|\| \| \| \| \| __/ \|__\| \| \| \| __/ (_\| \| \| \| \| \| \__ \ \| \|__\| \| \|__\| \|\| \|\| \|__\| \| \|___\| \|__\| \| \___\|_____/\|_\| \___\|\__,_\|_\| \|_\| \|_\|___/ \____/\|_____/_____\_____\|______\____/ Visit http://www.edreamsodigeo.com/careers/ to learn about our current job openings.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.odistatic.net
a2.odistatic.net
a3.odistatic.net
accounts.google.com
ad.yieldlab.net
ads.travelaudience.com
adservice.google.com
adservice.google.de
ahgele3.com
ajaxgeo.cartrawler.com
ak1.odistatic.net
api.boxever.com
apis.google.com
bat.bing.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
cars.cartrawler.com
cdn.tagcommander.com
cedexis.pc.cdn.bitgravity.com
cm.g.doubleclick.net
connect.facebook.net
ct-supplierimage.imgix.net
d1mj578wat5n4o.cloudfront.net
delivery.adrecover.com
dis.us.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
edreamsodigeo.commander1.com
engage.commander1.com
fastly.cedexis-test.com
feedback.adrecover.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hwcdnssl.cedexis-test.com
i.liadm.com
i2-ghfbxuaxdsxweicdfadwssvgyfwqgb.init.cedexis-radar.net
ib.adnxs.com
ice.360yield.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
img-cedexis.mncdn.com
js.sddan.com
level3.cedexis-test.com
level3ssl.optimicdn.com
limelight-ssl.cedexis-test.com
loadeu.exelator.com
nexus.ensighten.com
otageo.cartrawler.com
p33231.cedexis-test.com
p33245.cedexis-test.com
p41683.cedexis-test.com
pagead2.googlesyndication.com
pippio.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.sojern.com
pixel.tapad.com
radar.cedexis.com
rentacar.edreams.net
resources.xg4ken.com
rpt.cedexis.com
s.pinimg.com
s3-eu-west-1.amazonaws.com
sb.scorecardresearch.com
script.hotjar.com
sd.turn.com
secure.adnxs.com
securepubads.g.doubleclick.net
smartlock.google.com
sslwidget.criteo.com
stags.bluekai.com
static.adsafeprotected.com
static.criteo.net
static.hotjar.com
staticxx.facebook.com
stats.g.doubleclick.net
tag.adaraanalytics.com
tag.cartrawler.com
tag.yieldoptimizer.com
tags.bkrtx.com
tags.crwdcntrl.net
tapestry.tapad.com
tpc.googlesyndication.com
us-sonar.sociomantic.com
vars.hotjar.com
vdms-ssl.cedexis-test.com
widget.us.criteo.com
www.booking.com
www.dwin1.com
www.edreams.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
rentacar.edreams.net
www.booking.com
104.111.241.32
104.225.98.131
104.244.37.20
107.178.244.119
107.178.254.65
143.204.208.9
143.204.214.43
147.75.102.200
147.75.102.227
147.75.204.174
147.75.204.210
151.101.112.65
152.195.34.116
163.171.242.27
172.217.16.162
172.217.21.194
178.250.0.130
178.250.2.151
178.79.226.1
185.33.223.203
185.33.223.215
185.64.189.110
192.229.133.132
192.229.233.55
192.99.16.222
199.166.0.26
199.166.0.32
2.16.122.151
2.18.234.21
2.18.234.72
205.185.216.42
205.234.175.175
212.129.3.112
213.168.247.12
213.168.247.34
216.58.206.2
23.43.115.95
23.8.0.125
23.97.225.52
2600:9000:2057:9c00:f:8ce2:fb80:93a1
2607:f740:e619::1
2620:1ec:c11::200
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:815::200d
2a00:1450:4001:815::200e
2a00:1450:4001:818::200e
2a00:1450:4001:819::2008
2a00:1450:4001:819::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:81f::200a
2a00:1450:4001:821::2002
2a00:1450:4001:824::2003
2a00:1450:4001:825::2003
2a00:1450:400c:c09::9b
2a02:26f0:6c00:18a::1931
2a03:2880:f02d:12:face:b00c:0:3
2a04:4e42:1b::720
3.121.16.187
3.220.155.136
3.248.160.221
31.3.2.126
35.186.212.60
35.190.0.66
35.190.72.21
35.227.248.159
35.241.54.161
45.54.49.5
46.228.164.27
5.57.17.220
52.201.39.30
52.218.65.140
52.47.65.151
52.59.139.190
52.59.165.192
54.243.231.206
54.72.14.87
54.76.84.205
54.77.224.225
64.185.181.238
67.26.139.252
67.27.234.122
69.173.144.165
74.119.119.150
93.184.220.113
95.100.78.156
95.131.143.205
99.86.1.198
03d87259b998617208dfe1957aa670b81635c0134a9125b8a2be5dd28d6cb200
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06e8f88a2d8b6aed0ce85660e81cb5987e85c3a85806ce97ca632623dfa85f8b
0a01d90cd429275aeadc282394f2a58da2f59fb57fada2e3c3dfe3c99e2fb475
0b2c0f2bf26cb7b9bd2b1171e0b674b840394081739661f765a19d23c610c697
0e9b08dab9bf0017db2a8d7e98c1f022fddf6f58663f069daa01b9c27cfd112c
0f02734541fed335400dbebaa01b72029350e8cb714613ebcdbbab1cd396aa52
122ad679b011179e2df8d382f7f189472dfb779e71431021bfc8a3621c390b06
13c41eef95f8aa31bd23f6f4492f021317486c1f543117492af2e8df3a32612b
145314ffa1a129829485018fb66f32ae7c89751f67882d190feb1d38c9b24276
149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc
15117d2aa223be7c26d374118fb5482159e1bb3889dbb6351281a6b2b6e55167
15d761d48c311f9eb560ba7c63f50df33c2e34b4bc635ef232b7fc57252acc33
15e160d07818c467c57823f03e776f1a8e7094203b6c5737bd65dd8b143fec99
17edafefd752ded2c2c9c8ab74ca7e5d78640da69f942ab7cb66bf13c85d4724
1c97807080ad625da11b9712e3e11812fe93f19aec1fcdf3838bd61cb9ee0680
1d665fe39dfe3631fac5cdce23a94184473a75763106f14297b98420fe627bcf
1e199a8457bc3e73211b33c49e1dabacda1a3bb70f14b5010365d4d2703fb6e3
20a5b2aab4e1eeddff7640083905f106c50304c8285232d59d984265aa1efb1b
21422b215322656b899e3cbc012e69c469a65964f2b39d5c2b6c29e14d06bf16
2185f84715c2fff5891a72109f85c61b476b80054f3e6322eab6dc47652ca2e7
25d3c708167dbd2cf9f90f3405f68ccb0beba9ddfe027eb4b467ceed7f291297
26ce672f84f13f3d97b317f942bfcfe9d34057e26f0e65f5ec9c5c496301c162
26df0bc359b85b2671eb94deaf5a3c09349094fccee3148ea5dff7e7b3ac73fd
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7
28c6ed57f5173ca89f759f5b83d488998f10055e9d11260f8afbc1401c2416ec
28eeef34b52e5a2070ed1796fb78808fc298148bdae86aefe34c976a788ce5c0
2a9e694ab4ade82ca3a99c9e19248f23406288d8a027d0c7324072dbb38bf82d
2c4d560aa68323b541369e648ebefec089f3378a01815f6ff66b0b66a267dce9
2f14fc310dc9c906a78682d5834baa30ccdbb6e711582928178da64d312e7ccb
2fcd6123d26acd26f612d1c3c1d72e37de3ba6fc3402410d7e274defdaba4729
2ff351eaa8a493c86b3ff278595eff356c8db06cf1b2e0db1ab97261e23482b8
3062745307963df328d25518b9b8910772f4ef9f3750af700cff667b5d9e76bb
31c60fd2152fe548e50b74e5951bd6433e0622a5a39c7bef02d8355b65498b74
3598f1e90632bb6e49f7a664dd17e092b4647210892519b2b5531e0c52199325
369ae39371ba1400f9e7f47ebfb2bed48aed4357c680f5a413aad6ca42cb1fc2
373a0505368dab061278aa0b7243dc58fc165a25f8b0286d57f8835d06ab6e27
3c02514af0569aee3de9eff8ad53bcd90e496548ca259b38242367c6553a9308
3db985ebaffe9ce901573f2e734e1ed8e2c7bf6d4fa2a668f28f735bf7f40c29
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eddec05a384ac38cbd16a925706573fb3a0b77d343871c2b63df8127e6b24da
41ad8ff7e5205f7360535566ad386abb370abb9b92af19005a7ded4a803faf28
4299c8ee187f7450cfd00d375bc1f2221453ec1dd8bf1ef5a26c6a7040a2ed91
43df60c837d6d71d71b0fca2ff1ad1d317895508ffbe4cab8ab8b3302131b24d
47ac3f64526bfa13828de41605060f055e247090bcab8661556d2d144367c02b
493bcc13c7944539bfc2aca1eb8edad8525d6cd33a0bc85884360866992b12da
495a57cd801b61e44a38415c0627c8ae596ac457eb67ce565e7adeb94705df7d
4a6ad277e5b5e33256be16fc8422be54c5885b3e40a66147e6efdc8e98027ba1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f4683f987482a1bdeac191f3c978b58c1257d001cbb235b15158d0cadf05353
4fdbf6f968dfff523244bc09be83a99a9b9629b7acd2a81486c1b6ba2822e1c4
4fde86bd4adcb3224368d4889e782fb0fc97f0cd34d57a26541f8d385dda3367
511c23178d504d371d22fb6899174f448db32523e9cacd2860306a2b3b8cc1f5
51274403f9a13ed148a01253ab10c853b9d8e3c59d95da472724ecd63f52e8d8
512871f6b301d3e48722684bd2f4ebad74c9d4e9a29dd88f5ff989b745aacbcc
5191e8e13c75cf2a63ad3af7989e7502f80189597e00878aabc517c3dedd1aa8
51a007eca6e0d8a6269a371a757f6312ab0ba17f3873b33632e61dcc92fd35e9
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
586a4abfe9225dbb5521b32799d3b346da9e997452fec205a0812a360dd470ab
590cb8ea8c43c72f65a41e54b2f5e3a98aead88cbe4d47991753993250725602
59eaab77612c739f041489e2f97fc09384b0c005026d6b0f86a1901c8fc81b5b
59ee0add280c793654bd7f82e73b341d98949d83b1cce07f74e11b8585ff51a7
5b819aa69f3bbea98492b9b664f9a96ded1e8b911ee396ec00c721f487bf1075
5bfb92d878fa3391c7eb8a6d57d7cc5c3fab47d4e9fb6d4e323dd3559d467d68
5cc280e965102224e1c7c0bd1df536c524c3a6fc9762205f4d7f7b345382c724
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5ed3c2b454cebbef9327fc8900db5fab145cfaffda4971396626082b13a783bf
5ef16f00d90eb8fa9058959863a2e17a267980ddbc16699e1cb664cf91353348
6054b15fcd97e9e36e8db2690fd7d737a5611fcd34be161c9dfa3a904bc634be
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
658a71079e57546f20062c45d81f4a73cb9b7d82936d20abf4b1af4dbfabc6ab
673d563c4b63e5937b724b1e5506158f1dcd38a75836507a9750360735e71e75
67c15b7d7c17906580af8de7c55c34f23237af237b200855520bab24c9479212
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b321a6342f6bd0528b6ca7010825db4c8fba83af265ab376d71e6dd14a56a38
6c9458c0c34ad49cf6875a98e5e66a520c6bc81af58322bef2d34899415e7d3c
6ca19d70def89831ee636a9a0ff20430686597eacf06f0d6253b5babc5f72e9f
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e
7100c6cdb67aa2d31e4de152c56490c6ac3977938ba9b05e25949d2abce03b3f
7315bb482db6320185a5940756fd89d56a0c755074ddfe5727a2e8281be07c7c
7399bb171c5912eabed5ca6973540e01f3a1fb1b794e1386cb7ecb5c994faf9a
74478be8818972128743f6022f85d6b1b6c67864ba5d9b45e53ea7b65304b79e
765b061f3960455c0b1c0d390796b607fae93b963cbfcf6abc9458d429c77893
76a053b9ac4e215845c531644127c100ebee54156ea7fb0e74e50573a656d7fe
78b25aa6f2db6599bd79f2a521451cc421d393c718a9601d0d2f9f88a5381741
7955f1759fe7f14e15f6edc64598be1be7f8c74c845f5151e0defe6996018b81
7994b1a075e71a7b3e50eecfeb9dbe0edf169dbaf2580047e2a0ded61fdd99ac
7c92ffc225aed56f82019862b155c8d84902352620250d029bbf653a3d7eab61
7ce938b135538a21dd644038413bd9fd0bd39e0848b2c1aa58e608542f706ff3
7dd35995c63c6de656648ecd034c7352592a4faa13618be020590f470e621c6a
80e49f5482c97682429dde720292444803bec6b6bcf3314e25012f6e7bae3cca
827b8c727923f4f8e42407a3ebe4f75c4080cdeeeb98a94c6d2a0154e403f489
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853d9b5dab87914c15880e15fde0eb8615385b2372c3bd6eea1db538a11c1029
87089049f17d9f3745733c48ef9252543d69915a8b469e8ff29a5d8ffc0a4efd
87b52e4851e9e96d987888d78f444caf57019c9c824c8f9bc8624dc8553e3f28
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4
8b08004f4418bb32b55ecc631542ad9c05ed18d1b3e72bf8219fd7c67f7652d0
8bcd059c1569b7e7de8c0fcd53e12bbaf62a3d089ad3be9bccc645e0370435a0
8bfbde2b9c289e6c23ce6b12713931b60e323ec64e55df957705d6f6095b6e7f
8c08498116374827ae20e6227e2f08dd632cdc627b48edb0053759d72bd52676
8de9ded2f9d484b44c0773a40ea6f8cc35e497f7b418230ac3e5b68d91ce7a7a
8feba0c666cc945fff4e2b35602c6f5daf3527407bd7096fcc61143c50e6943e
903afc9a9867f60ac5e90f83ddd345e36a27531874a8f14e51d1e1ce86a81af5
9220e405bdd1ea5ff5743bf388356c015c8e4cd95e153984efa0e8aabb28ef8a
92737ecd7ec13cf570d10d5ab6185d41e1f62cd5db53d3e86acf95a53dea80f1
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
935bd9f10ea137ce18fcbd9c6d0c5a62ac2a3b67274d691b3a628a799a3c7d94
936b7a9418086fb3601bb615b9396fe1c5934cfbdb0d3a79009700b4fbd94666
96d487a0c7dd457eb22a400e8861a2edc90596164a67684fbe4715713e9fad7d
983b7f9596bff7ce49be7e3b3b5bfaea22cf411c9af7e28dadc3a588bf1a02d9
9c7b6d3e135a95553ba24d40c6cec68ae3b43a8b4cbf2b7366fe3ed7a8114758
9e219ecbd325ed4ef17fe77001a5a42765177ff397f8310f78ace94aee71aa53
9f0042333e72201835816252c24e7cb0192eb8297aa36c182c151f8fbf7732bd
9fa14cc38768a0c67da61efeef17a103e9763dc25996401b18adc989b466874b
a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8
a0d204548c6dd034ea4b7297d8dbf003f57f420fbcccc56e12282fd650539312
a18c8339981e9054213d0896cd5c944ea4c0f8f158903e4fb89c488514c0a02f
a2fd8adcc6a0803a36ed52966a24a5ba018d21acd984b2cae3ebee1e414d8322
a3f3ef728df4301a1d4645b66ac3834b5e2cd20c84295eca3a526c8986057eda
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a54ee4d2cf778c78cbb5be147d44a533ed4d2bf0c091a128b0b142a8455687dc
a8627709e2201ed630277b7e8ae7e8f2383c5cc8a7a806a3fef6ad352edadb36
ab9ffc32a7425ac95ded6904cc864ba7facb3a71154fb4f16d6b62527ab18d0c
ad75c3e38d15aa92e244081acb1d4e1cd9617dd748bcd4ac35fbb47439b43b5c
ad93ad02056a2a6557668c51453d74ed599c8d59bd61be6833e6e3140471ccfa
ae3588ae3b29d98bf2d4079e7c265a306808ea88cf07cb2af935a6df2ba73982
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
b09c5de5608790a4bd66acbcab4ea9b637c3cf9cc1ddce9fba78d1108a8dfc09
b0bfd61d242e7c7b07310bbf344c3e384bb3d406bc5abc9e9ac100f5db893e7d
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1472129928db47a1af4f60676e1bf99f4d639fb1324568661a1c9dfc77d4536
b1839558aae96345a13bff71697e3d20a57540807831713fd1dc72939a0f1085
b2a2200d60826893b4945a85c36b642e8c2e1ce7278dbbed1c0eccbd180afd57
b43b954382eb2bb4077f3acb15b7f3fd75a096c8d6583e03547f2cf16580686e
b580326f0a945e22b1db788b82a5a45be287f7514dad35725fd5a1bafa8d6b89
b651844ff6295c26bdcfd136969973335fb53daf548d3644ddb3bd0280e4a6e1
b8b18401c3b3c3bc7f2cd2c87113978f3d7404b47abef603486c3b5767add507
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b91838abadd10721295a3efd9a935725a35aa626026bf30b17b2fc9ceda596f9
b92baf8529002dbf84d96b5a5557e8bf0520c07db8ac0e184440cfc8efc3ca72
b9412734e21b4b8795ed4a607079a04efed82b90664e207175fae08f9e89c1fa
bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865
be778110480962abeb0e9cc420b40c7d943ec5dcd3b0877b1a91425a5bf3ea70
be897d9b74578e78aa254f0e2787081b66c0cb71a5b806470514740253cd1103
bee7149fb8777c898758b393da8e90baaa203ba0a959e7e1c66d1d6f5b8ce0ef
c06763b08c40d53093a43aa90af8568937b7cbbbaa4413638e79ac3d9b0197ba
c0733ef11c9731e3a6ddf09301dd04245b6f71aa334600d4901a5b6f542066a5
c45cd2979bd5c1773cba3b0091143319a7fd4a130bfb7a399f7a4fd0c58e691e
c5b217ea6fe6eeb50571fa2724fc0dfdcefc1ec1a13d8c913c561d6c111840d5
c6a8bd5e21f109db2f8feb1850b79c62e951363aced5fdae5da44528eb20ed8a
c7116047b309870f0e3c35c3ceac470162707f6775b02391b109a2c30094937a
c8138183da776e0e6775deb19f7cdfb61d8d99a353385d303bdba7bd000f3d7b
c82fdd51a2dfd2ba78c8968ae6aefb51d5ed832233edbbc1bb6e5f783366c364
ca8293649c3f85d0c8e1e9f60653f4c969f4619b6ba7b0f3c001825a554ee504
ca89257cddc2fa8beb3f2739cf712fd47c1b0478c4ac7d695767ef74bbdd5249
cc152c6b0a83193b2f738123e8340581567e59a368ca39227116186bf0e143d6
cca57b23871a21b1068346fdc56305cafcda4d9d5fb2e72136500891c07e5a7a
ce3e7c40fd43440e6bdeaa91615adc2d1d8de0aa237baf27d3ae31dcd3bba378
ce5e95503a864e0d17fd27693b89ebc3d643425a1aa6e63f6400f5a484e25455
d07dd88a71f1c7c43e6e8baea729192ebf7fea74113f7aff30d49640be76fa01
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d31b12baad65082a7d404da9971cc9fed871e35f29a5893f815f468f1050491f
d45908eaca1ef3d980cbf06d61c548b7b039b7375dc39c8afd88617d771ca2f7
d4cd0793770cdc3a88d0960bb1655ea2fab4b6f828bdb6a31f90bce008a9ed01
d524bf80717ecd8cd3b0716578a3ee6946423842382bf4159c25b52569737bd6
d5be4cf6ffaec8f2356332a047a8c2ee70e45aaa227cd7f0eb057b0090ba3d9a
d8c7a9f8bfe1b2de0f5ac63c90c6bb4d0ae94cba6af51ea2a2903735d7ecc1dd
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
def9c2fbb0d6222b5dc5ee683895c43c99cadb5ee2046ff94fdca18187c6d7b1
dfd0aab2493521f15031ef7357b56566e189671e2048726ab1dcf6e55cd43345
e0eff857d6c3c3e017f87d5dd4cf504115e699816f70f147d0a5144aef6fefd3
e15a97fba342c09cd358c6345e79bfb5050d5444eb7c68140703915f344f6997
e27a679a248f37971d2bae1a65f77482c31e3994f0262133cdbc6d17006d03cf
e2fb26a42cb45b97403acc74aab159e36f4b669716ab6f2f7f5390640bb4103e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71fdd93ee7708e5b6dad4d7fc0796f3a0b96948be1f89d1ed4b9e9d48292207
e963d8e27d9cc79430932b357dc9ab7b905876ac567c0fef51df756a62fe959b
ea251bdf5bdb8363a9a76a9e44c4d462a5bd11cddbfd90c68f14ca18e82134b7
eb2fa1373a3dd5a6a167085954f366016b06a9ba4cb85804bed803a0e9510358
ecb241e2658f00c16577467c5fe139a7a815df98b8047f15ba896883f9120963
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04d1c4a61f3d01e30cc73a305b67563bc269feda7720ab73f4b83ffb1bd0340
f279d2a520ca47d5b7421e4b2a9c19998c5cda1aa2a792de785176a61ce191ff
f2ead1c762902239b3b57ab4074fb353f814bc22dedc053d0bee5de8a1ec8367
f31d00a72b38535ab0e9615410790bdd191ce7247198d172e7dcfd6913dbb70f
f6b5ad0f862185a7ccd2627e3d97e4bf07bbe3726a65cced69642afe700c9754
f871ea640b390fb63955568f537fe736c5fd9d12600eaff29990183ed3d17712
f9ea76aea275b34a02223a4f38a8b00d2abdca97fffa198b3dcedb2caf929a99
fabf7fd7371fd00878c7be3175e61a4946760456fc7c43af1516efe7ed65183f
fb6df1c246270c556d1d195a4f4a6950417344c1d084511e7808d5c34b312849
fbb4e29eb9b2df1615c014083c0d98499151a9e3f9e3c3962dbe71a88063ed13
fc41ec4f4a6b9a4f1f623912cdd765475058db075529adebd9d8792b03e82ffa
fc4dc527bddbf2611e2126a6efd8ac01d2234a4e9aaa80f2d277c5e76405419a

www.edreams.net Open in urlscan Pro 23.8.0.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

383 Requests

99 %HTTPS

22 %IPv6

64 Domains

100 Subdomains

85 IPs

12 Countries

5463 kBTransfer

17384 kBSize

20 Cookies

66 Outgoing links

Page URL History

Redirected requests

383 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.edreams.net Open in urlscan Pro
23.8.0.125 Public Scan

Screenshot
Live screenshot

Full Image

383
Requests

99 %
HTTPS

22 %
IPv6

64
Domains

100
Subdomains

85
IPs

12
Countries

5463 kB
Transfer

17384 kB
Size

20
Cookies

383 HTTP transactions
6 data transactions