s1.odistatic.net Open in urlscan Pro
185.8.141.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
Submission: On November 14 via api (November 14th 2019, 11:54:43 am UTC) from US

Summary HTTP 21 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 21 HTTP transactions. The main IP is 185.8.141.21, located in Spain and belongs to COLT, GB. The main domain is s1.odistatic.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 17th 2019. Valid for: 3 months.

This is the only time s1.odistatic.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	185.8.141.21 185.8.141.21	8220 (COLT) (COLT)
2 4	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:4001:825::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
21	4

15 185.8.141.21 (Spain)

ASN8220 (COLT, GB)
PTR: s1.odistatic.net

s1.odistatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::9d (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	odistatic.net s1.odistatic.net	151 KB
4	doubleclick.net 2 redirects stats.g.doubleclick.net	17 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	google.de www.google.de	218 B
2	google.com 2 redirects www.google.com	363 B
21	5

	Domain	Requested by
15	s1.odistatic.net	s1.odistatic.net
4	stats.g.doubleclick.net	2 redirects s1.odistatic.net
2	www.google-analytics.com	s1.odistatic.net
2	www.google.de	s1.odistatic.net
2	www.google.com	2 redirects
21	5

This site contains links to these domains. Also see Links.

Domain
www.edreams.com
hotels.edreams.com

Subject Issuer	Validity	Valid
odistatic.net Let's Encrypt Authority X3	`2019-09-17` - `2019-12-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
Frame ID: B342C15432304FDDB6EE29EDDDA59AE2
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

21
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

186 kB
Transfer

302 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.edreams.com/

Search URL Search Domain Scan URL

URL: https://www.edreams.com/flights/
Title: Flights

Search URL Search Domain Scan URL

URL: https://www.edreams.com/flight-hotel/
Title: Flight + Hotel

Search URL Search Domain Scan URL

URL: http://hotels.edreams.com/?selected_currency=EUR&lang=en;aid=350435
Title: Compare hotels

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=554853623&utmhn=s1.odistatic.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=eDreams%20internal%20server%20error&utmhid=446990048&utmr=-&utmp=%2FL_en%2FC_GB%2F404.html%3Floc%3D%2Fimages%2Fcrm%2F2019%2F8%2Fflash%2Fflash-en-hero%26from%3D&utmht=1573732467498&utmac=UA-41469069-1&utmcc=__utma%3D192900340.471347500.1573732467.1573732467.1573732467.1%3B%2B__utmz%3D192900340.1573732467.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1077215901&utmredir=3&utmu=qhAAAAAAAAAAAAAAAgAAAAAE~ HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41469069-1&cid=471347500.1573732467&jid=1077215901&_v=5.7.2dc&z=554853623 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41469069-1&cid=471347500.1573732467&jid=1077215901&_v=5.7.2dc&z=554853623&slf_rd=1&random=710504194

Request Chain 18

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-70860845-1&cid=471347500.1573732467&jid=2027947574&gjid=662051132&_gid=1114190795.1573732468&_u=ISBCgEABB~&z=1999442257 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70860845-1&cid=471347500.1573732467&jid=2027947574&_v=j79&z=1999442257 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70860845-1&cid=471347500.1573732467&jid=2027947574&_v=j79&z=1999442257&slf_rd=1&random=3899143443

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found Primary Request flash-en-hero Show response
s1.odistatic.net/images/crm/2019/8/flash/ 6 KB
2 KB 193ms
43ms Document
text/html 185.8.141.21
COLT

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.8.141.21 , Spain, ASN8220 (COLT, GB),

Reverse DNS

s1.odistatic.net

Software

nginx /

Resource Hash

c7bf40df5e3dcc26909185999003bc39caba736f3dc47b53eb23ac93e11bdd92

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: s1.odistatic.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 11:54:27 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1573
Connection: keep-alive
Vary: Accept-Encoding
ETag: "5d5c0822-189f"
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests;
X-Content-Security-Policy: upgrade-insecure-requests;
Strict-Transport-Security: max-age=60;
Content-Encoding: gzip

GET
H/1.1 200
OK main.css
s1.odistatic.net/content/static/error_pages/resources/styles/edreams/ 7 KB
2 KB 38ms
37ms Stylesheet
text/css 185.8.141.21
COLT

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.odistatic.net/content/static/error_pages/resources/styles/edreams/main.css

Requested by

Host: s1.odistatic.net
URL: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.8.141.21 , Spain, ASN8220 (COLT, GB),

Reverse DNS

s1.odistatic.net

Software

nginx /

Resource Hash

e033c5d8d40e4fa83d18f6484a00b17d8056056ae73fb407946dc8e8bb817156

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 14 Nov 2019 11:54:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Content-Length: 1817
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 21 Nov 2018 13:04:11 GMT
Server: nginx
ETag: "5bf557cb-1b9c"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=60;
Content-Type: text/css
Cache-Control: max-age=86400
Content-Security-Policy: upgrade-insecure-requests;
Accept-Ranges: bytes
Expires: Fri, 15 Nov 2019 11:54:27 GMT

GET
H/1.1 200
OK jquery-3.2.1.min.js Show response
s1.odistatic.net/content/static/error_pages/resources/scripts/ 85 KB
33 KB 76ms
37ms Script
application/javascript 185.8.141.21
COLT

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.odistatic.net/content/static/error_pages/resources/scripts/jquery-3.2.1.min.js

Requested by

Host: s1.odistatic.net
URL: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.8.141.21 , Spain, ASN8220 (COLT, GB),

Reverse DNS

s1.odistatic.net

Software

nginx /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 14 Nov 2019 11:54:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: upgrade-insecure-requests;
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 21 Nov 2018 13:04:11 GMT
Server: nginx
ETag: "5bf557cb-15283"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=60;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Content-Security-Policy: upgrade-insecure-requests;
Accept-Ranges: bytes
Expires: Fri, 15 Nov 2019 11:54:26 GMT

GET
H/1.1 200
OK variables.js Show response
s1.odistatic.net/content/static/error_pages/resources/scripts/ 4 KB
2 KB 98ms
39ms Script
application/javascript 185.8.141.21
COLT

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.odistatic.net/content/static/error_pages/resources/scripts/variables.js

Requested by

Host: s1.odistatic.net
URL: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.8.141.21 , Spain, ASN8220 (COLT, GB),

Reverse DNS

s1.odistatic.net

Software

nginx /

Resource Hash

9e6bfd46f7a9d7b1e89fd0b32495bb04591f72757503fc1cd1cc36740182a2a6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 14 Nov 2019 11:54:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Content-Length: 1130
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 21 Nov 2018 13:04:11 GMT
Server: nginx
ETag: "5bf557cb-faa"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=60;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Content-Security-Policy: upgrade-insecure-requests;
Accept-Ranges: bytes
Expires: Fri, 15 Nov 2019 11:54:26 GMT

GET
H/1.1 200
OK functions.js Show response
s1.odistatic.net/content/static/error_pages/resources/scripts/ 1 KB
1 KB 94ms
35ms Script
application/javascript 185.8.141.21
COLT

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.odistatic.net/content/static/error_pages/resources/scripts/functions.js

Requested by

Host: s1.odistatic.net
URL: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.8.141.21 , Spain, ASN8220 (COLT, GB),

Reverse DNS

s1.odistatic.net

Software

nginx /

Resource Hash

ff40cf22208e5a7a7e516ae7785bb051704e38ca2dfedde84e3cc8f1b814c806

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 14 Nov 2019 11:54:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Content-Length: 698
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 21 Nov 2018 13:04:11 GMT
Server: nginx
ETag: "5bf557cb-5d3"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=60;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Content-Security-Policy: upgrade-insecure-requests;
Accept-Ranges: bytes
Expires: Fri, 15 Nov 2019 11:54:27 GMT

GET
H/1.1 200
OK UA_tracking.js Show response
s1.odistatic.net/content/static/error_pages/resources/scripts/ 2 KB
2 KB 96ms
37ms Script
application/javascript 185.8.141.21
COLT

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.odistatic.net/content/static/error_pages/resources/scripts/UA_tracking.js

Requested by

Host: s1.odistatic.net
URL: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.8.141.21 , Spain, ASN8220 (COLT, GB),

Reverse DNS

s1.odistatic.net

Software

nginx /

Resource Hash

f144a18d42857c5f466293667d9e3dc6b67a09a6e29fa29bb530fd5d3dbe8272

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 14 Nov 2019 11:54:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Content-Length: 979
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 21 Nov 2018 13:04:11 GMT
Server: nginx
ETag: "5bf557cb-94e"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=60;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Content-Security-Policy: upgrade-insecure-requests;
Accept-Ranges: bytes
Expires: Fri, 15 Nov 2019 11:54:27 GMT

GET
H/1.1 200
OK classic_tracking.js Show response
s1.odistatic.net/content/static/error_pages/resources/scripts/ 2 KB
2 KB 101ms
42ms Script
application/javascript 185.8.141.21
COLT

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.odistatic.net/content/static/error_pages/resources/scripts/classic_tracking.js

Requested by

Host: s1.odistatic.net
URL: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.8.141.21 , Spain, ASN8220 (COLT, GB),

Reverse DNS

s1.odistatic.net

Software

nginx /

Resource Hash

8ab37125c48b2688a06cc7b9fc6aedf9911b4d6cc254f6865c6d71dd2326ad74

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 14 Nov 2019 11:54:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Content-Length: 983
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 21 Nov 2018 13:04:11 GMT
Server: nginx
ETag: "5bf557cb-9f6"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=60;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Content-Security-Policy: upgrade-insecure-requests;
Accept-Ranges: bytes
Expires: Fri, 15 Nov 2019 11:54:27 GMT

GET
H/1.1 200
OK marketing_channel.js Show response
s1.odistatic.net/content/static/error_pages/resources/scripts/ 2 KB
1 KB 100ms
41ms Script
application/javascript 185.8.141.21
COLT

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.odistatic.net/content/static/error_pages/resources/scripts/marketing_channel.js

Requested by

Host: s1.odistatic.net
URL: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.8.141.21 , Spain, ASN8220 (COLT, GB),

Reverse DNS

s1.odistatic.net

Software

nginx /

Resource Hash

0275ff356822aba63c32f5d7077ae9b7bf5bcc79711c3d9000eb077d56219547

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 14 Nov 2019 11:54:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Content-Length: 832
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 21 Nov 2018 13:04:11 GMT
Server: nginx
ETag: "5bf557cb-9c3"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=60;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Content-Security-Policy: upgrade-insecure-requests;
Accept-Ranges: bytes
Expires: Fri, 15 Nov 2019 11:54:27 GMT

GET
H/1.1 200
OK header_logo.png
s1.odistatic.net/content/static/error_pages/resources/images/edreams/ 2 KB
3 KB 84ms
37ms Image
image/png 185.8.141.21
COLT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.odistatic.net/content/static/error_pages/resources/images/edreams/header_logo.png

Requested by

Host: s1.odistatic.net
URL: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.8.141.21 , Spain, ASN8220 (COLT, GB),

Reverse DNS

s1.odistatic.net

Software

nginx /

Resource Hash

f316fa24e88583419b337302856b5036d79b84faa7303729e618ea12e5f23d45

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 14 Nov 2019 11:54:27 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Nov 2018 13:04:11 GMT
Server: nginx
ETag: "5bf557cb-9fb"
Strict-Transport-Security: max-age=60;
Content-Type: image/png
Expires: Fri, 15 Nov 2019 11:54:27 GMT
Cache-Control: max-age=86400
Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2555
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: upgrade-insecure-requests;

GET
H/1.1 200
OK background_1920x1080.jpg
s1.odistatic.net/content/static/error_pages/resources/images/edreams/ 90 KB
91 KB 93ms
40ms Image
image/jpeg 185.8.141.21
COLT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.odistatic.net/content/static/error_pages/resources/images/edreams/background_1920x1080.jpg

Requested by

Host: s1.odistatic.net
URL: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.8.141.21 , Spain, ASN8220 (COLT, GB),

Reverse DNS

s1.odistatic.net

Software

nginx /

Resource Hash

3c41b708ea94f5e15e16efd864ac064149d4eeb6e725f4ab5b36d2b8f8165d1c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 14 Nov 2019 11:54:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Nov 2018 13:04:11 GMT
Server: nginx
ETag: "5bf557cb-16886"
Strict-Transport-Security: max-age=60;
Content-Type: image/jpeg
Expires: Fri, 15 Nov 2019 11:54:26 GMT
Cache-Control: max-age=86400
Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 92294
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: upgrade-insecure-requests;

GET
H/1.1 200
OK footer_logo.png
s1.odistatic.net/content/static/error_pages/resources/images/edreams/ 3 KB
4 KB 90ms
37ms Image
image/png 185.8.141.21
COLT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.odistatic.net/content/static/error_pages/resources/images/edreams/footer_logo.png

Requested by

Host: s1.odistatic.net
URL: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.8.141.21 , Spain, ASN8220 (COLT, GB),

Reverse DNS

s1.odistatic.net

Software

nginx /

Resource Hash

8df728d166d3497aba8009ffad973caf04b1f511636f67bb613ca4d4835acba0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 14 Nov 2019 11:54:27 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Nov 2018 13:04:11 GMT
Server: nginx
ETag: "5bf557cb-cab"
Strict-Transport-Security: max-age=60;
Content-Type: image/png
Expires: Fri, 15 Nov 2019 11:54:27 GMT
Cache-Control: max-age=86400
Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3243
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: upgrade-insecure-requests;

GET
H/1.1 200
OK footer-iata.png
s1.odistatic.net/content/static/error_pages/resources/images/edreams/ 2 KB
2 KB 95ms
40ms Image
image/png 185.8.141.21
COLT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.odistatic.net/content/static/error_pages/resources/images/edreams/footer-iata.png

Requested by

Host: s1.odistatic.net
URL: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.8.141.21 , Spain, ASN8220 (COLT, GB),

Reverse DNS

s1.odistatic.net

Software

nginx /

Resource Hash

a4822c6328ea8825f4b0dc1fc2080762b3088d8387955f288442b209da2be338

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 14 Nov 2019 11:54:27 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Nov 2018 13:04:11 GMT
Server: nginx
ETag: "5bf557cb-6b4"
Strict-Transport-Security: max-age=60;
Content-Type: image/png
Expires: Fri, 15 Nov 2019 11:54:27 GMT
Cache-Control: max-age=86400
Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1716
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: upgrade-insecure-requests;

GET
H/1.1 200
OK footer-thawte.png
s1.odistatic.net/content/static/error_pages/resources/images/edreams/ 4 KB
4 KB 84ms
38ms Image
image/png 185.8.141.21
COLT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.odistatic.net/content/static/error_pages/resources/images/edreams/footer-thawte.png

Requested by

Host: s1.odistatic.net
URL: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.8.141.21 , Spain, ASN8220 (COLT, GB),

Reverse DNS

s1.odistatic.net

Software

nginx /

Resource Hash

ae4ade8fa981026f8b0eadac227f001af2afddc980ac41404af0121434c26aee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 14 Nov 2019 11:54:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Nov 2018 13:04:11 GMT
Server: nginx
ETag: "5bf557cb-f1f"
Strict-Transport-Security: max-age=60;
Content-Type: image/png
Expires: Fri, 15 Nov 2019 11:54:26 GMT
Cache-Control: max-age=86400
Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3871
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: upgrade-insecure-requests;

GET
H/1.1 200
OK footer-tuv.png
s1.odistatic.net/content/static/error_pages/resources/images/edreams/ 1 KB
2 KB 94ms
36ms Image
image/png 185.8.141.21
COLT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.odistatic.net/content/static/error_pages/resources/images/edreams/footer-tuv.png

Requested by

Host: s1.odistatic.net
URL: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.8.141.21 , Spain, ASN8220 (COLT, GB),

Reverse DNS

s1.odistatic.net

Software

nginx /

Resource Hash

1c4e7d0d9adf9087dd7994d1930ab21ed3ff173b6a73e7734708b301a0cf3b9b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 14 Nov 2019 11:54:27 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Nov 2018 13:04:11 GMT
Server: nginx
ETag: "5bf557cb-59d"
Strict-Transport-Security: max-age=60;
Content-Type: image/png
Expires: Fri, 15 Nov 2019 11:54:27 GMT
Cache-Control: max-age=86400
Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1437
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: upgrade-insecure-requests;

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 14ms
14ms Script
text/javascript 2a00:1450:400c:c00::9d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: s1.odistatic.net
URL: https://s1.odistatic.net/content/static/error_pages/resources/scripts/classic_tracking.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 2844
date: Thu, 14 Nov 2019 11:07:03 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17093
expires: Thu, 14 Nov 2019 13:07:03 GMT

GET
H/1.1 404
Not Found marketing-channel.min.js
s1.odistatic.net/marketing-channel/client/v1/ 0
0 42ms
42ms Script
text/html 185.8.141.21
COLT

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.odistatic.net/marketing-channel/client/v1/marketing-channel.min.js

Requested by

Host: s1.odistatic.net
URL: https://s1.odistatic.net/content/static/error_pages/resources/scripts/marketing_channel.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.8.141.21 , Spain, ASN8220 (COLT, GB),

Reverse DNS

s1.odistatic.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 14 Nov 2019 11:54:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=60;
Content-Type: text/html;charset=utf-8
Content-Security-Policy: upgrade-insecure-requests;
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 442
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: upgrade-insecure-requests;

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=554853623&utmhn=s1.odistatic.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=eDr...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41469069-1&cid=471347500.1573732467&jid=1077215901&_v=5.7.2dc&z=554853623
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41469069-1&cid=471347500.1573732467&jid=1077215901&_v=5.7.2dc&z=554853623&slf_rd=1&random=710504194

42 B
109 B

33ms
32ms

Image
image/gif

2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41469069-1&cid=471347500.1573732467&jid=1077215901&_v=5.7.2dc&z=554853623&slf_rd=1&random=710504194

Requested by

Host: s1.odistatic.net
URL: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Nov 2019 11:54:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Nov 2019 11:54:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41469069-1&cid=471347500.1573732467&jid=1077215901&_v=5.7.2dc&z=554853623&slf_rd=1&random=710504194
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: s1.odistatic.net
URL: https://s1.odistatic.net/content/static/error_pages/resources/scripts/UA_tracking.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4850
date: Thu, 14 Nov 2019 10:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Thu, 14 Nov 2019 12:33:37 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=446990048&t=pageview&_s=1&dl=https%3A%2F%2Fs1.odistatic.net%2Fimages%2Fcrm%2F2019%2F8%2Fflash%2Fflash-en-hero&dp=%2Ferror404%2Fimages%2Fcrm%2F2019%2F8%2Fflash%2Fflash-en-hero%2F&ul=en-us&de=UTF-8&dt=eDreams%20internal%20server%20error&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=192900340.471347500.1573732467.1573732467.1573732467.1&_utmz=192900340.1573732467.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1573732467536&_u=ISBCgEABB~&jid=2027947574&gjid=662051132&cid=471347500.1573732467&tid=UA-70860845-1&_gid=1114190795.1573732468&cd9=D&cd8=en_GB&z=470066509

Requested by

Host: s1.odistatic.net
URL: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Nov 2019 16:51:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 154957
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-70860845-1&cid=471347500.1573732467&jid=2027947574&gjid=662051132&_gid=1114190795.1573732468&_u=ISBCgEABB~&z=1999442257
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70860845-1&cid=471347500.1573732467&jid=2027947574&_v=j79&z=1999442257
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70860845-1&cid=471347500.1573732467&jid=2027947574&_v=j79&z=1999442257&slf_rd=1&random=3899143443

42 B
109 B

33ms
33ms

Image
image/gif

2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70860845-1&cid=471347500.1573732467&jid=2027947574&_v=j79&z=1999442257&slf_rd=1&random=3899143443

Requested by

Host: s1.odistatic.net
URL: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Nov 2019 11:54:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Nov 2019 11:54:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70860845-1&cid=471347500.1573732467&jid=2027947574&_v=j79&z=1999442257&slf_rd=1&random=3899143443
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
stats.g.doubleclick.net/ 35 B
126 B 14ms
14ms Image
image/gif 2a00:1450:400c:c00::9d
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=2&utmn=1972197451&utmhn=s1.odistatic.net&utmt=event&utme=14(470*50*90*40*0*0*310*310)(479*58*92*43*0*0*319*319)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=eDreams%20internal%20server%20error&utmhid=446990048&utmr=-&utmp=%2FL_en%2FC_GB%2F404.html%3Floc%3D%2Fimages%2Fcrm%2F2019%2F8%2Fflash%2Fflash-en-hero%26from%3D&utmht=1573732467624&utmac=UA-41469069-1&utmcc=__utma%3D192900340.471347500.1573732467.1573732467.1573732467.1%3B%2B__utmz%3D192900340.1573732467.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qhAAAAAAAAAAAAAAAgAAAAAE~

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://s1.odistatic.net/images/crm/2019/8/flash/flash-en-hero
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Nov 2019 21:46:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50868
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.odistatic.net/	1970-01-19 05:08:54	Name: __utmb Value: 192900340.2.9.1573732467
.odistatic.net/	1970-01-19 05:08:52	Name: _gat Value: 1
.odistatic.net/	1970-01-19 05:10:18	Name: _gid Value: GA1.2.1114190795.1573732468
.odistatic.net/	1970-01-19 05:08:53	Name: __utmt Value: 1
.odistatic.net/	1970-01-19 09:31:40	Name: __utmz Value: 192900340.1573732467.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.odistatic.net/	1969-12-31 23:59:59	Name: __utmc Value: 192900340
.odistatic.net/	1970-01-19 22:40:04	Name: _ga Value: GA1.2.471347500.1573732467
.odistatic.net/	1970-01-19 22:40:04	Name: __utma Value: 192900340.471347500.1573732467.1573732467.1573732467.1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://s1.odistatic.net/content/static/error_pages/resources/scripts/marketing_channel.js(Line 88) Message: Error loading marketing_channel script. Ignore this if you are in localhost.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=60;
X-Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

s1.odistatic.net
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
185.8.141.21
2a00:1450:4001:808::200e
2a00:1450:4001:825::2003
2a00:1450:4001:825::2004
2a00:1450:400c:c00::9d
0275ff356822aba63c32f5d7077ae9b7bf5bcc79711c3d9000eb077d56219547
1c4e7d0d9adf9087dd7994d1930ab21ed3ff173b6a73e7734708b301a0cf3b9b
3c41b708ea94f5e15e16efd864ac064149d4eeb6e725f4ab5b36d2b8f8165d1c
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8ab37125c48b2688a06cc7b9fc6aedf9911b4d6cc254f6865c6d71dd2326ad74
8df728d166d3497aba8009ffad973caf04b1f511636f67bb613ca4d4835acba0
9e6bfd46f7a9d7b1e89fd0b32495bb04591f72757503fc1cd1cc36740182a2a6
a4822c6328ea8825f4b0dc1fc2080762b3088d8387955f288442b209da2be338
ae4ade8fa981026f8b0eadac227f001af2afddc980ac41404af0121434c26aee
c7bf40df5e3dcc26909185999003bc39caba736f3dc47b53eb23ac93e11bdd92
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e033c5d8d40e4fa83d18f6484a00b17d8056056ae73fb407946dc8e8bb817156
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f144a18d42857c5f466293667d9e3dc6b67a09a6e29fa29bb530fd5d3dbe8272
f316fa24e88583419b337302856b5036d79b84faa7303729e618ea12e5f23d45
ff40cf22208e5a7a7e516ae7785bb051704e38ca2dfedde84e3cc8f1b814c806

s1.odistatic.net Open in urlscan Pro 185.8.141.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

4 IPs

3 Countries

186 kBTransfer

302 kBSize

8 Cookies

4 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

8 Cookies

1 Console Messages

Security Headers

Indicators

s1.odistatic.net Open in urlscan Pro
185.8.141.21 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

186 kB
Transfer

302 kB
Size

8
Cookies

21 HTTP transactions
0 data transactions